From owner-freebsd-questions@FreeBSD.ORG  Tue Apr 21 18:29:22 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0235C106564A
	for <freebsd-questions@freebsd.org>;
	Tue, 21 Apr 2009 18:29:22 +0000 (UTC) (envelope-from cswiger@mac.com)
Received: from asmtpout014.mac.com (asmtpout014.mac.com [17.148.16.89])
	by mx1.freebsd.org (Postfix) with ESMTP id DE5208FC1F
	for <freebsd-questions@freebsd.org>;
	Tue, 21 Apr 2009 18:29:21 +0000 (UTC) (envelope-from cswiger@mac.com)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Received: from cswiger1.apple.com ([17.227.140.124])
	by asmtp014.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01
	(built Dec
	16 2008; 32bit)) with ESMTPSA id <0KIG002IPRCUKH80@asmtp014.mac.com> for
	freebsd-questions@freebsd.org; Tue, 21 Apr 2009 11:29:20 -0700 (PDT)
Message-id: <344D9702-C894-4E54-B256-43FAB17903F1@mac.com>
From: Chuck Swiger <cswiger@mac.com>
To: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net>
In-reply-to: <200904212023.14365.mel.flynn+fbsd.questions@mailing.thruhere.net>
Date: Tue, 21 Apr 2009 11:29:18 -0700
References: <200904211106.01965.mel.flynn+fbsd.questions@mailing.thruhere.net>
	<200904211643.32448.mel.flynn+fbsd.questions@mailing.thruhere.net>
	<20090421183133.4e0c414f@gumby.homeunix.com>
	<200904212023.14365.mel.flynn+fbsd.questions@mailing.thruhere.net>
X-Mailer: Apple Mail (2.930.3)
Cc: "freebsd-questions@freebsd.org Questions -" <freebsd-questions@freebsd.org>
Subject: Re: Preventing ntpd from adjusting time (backwards)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2009 18:29:22 -0000

On Apr 21, 2009, at 11:23 AM, Mel Flynn wrote:
> Now I'm also wondering how ntpd handles securelevel 2.

"man init" suggests that stepping the clock by more than a second is  
disallowed:

    2     Highly secure mode - same as secure mode, plus disks may not  
be
          opened for writing (except by mount(2)) whether mounted or  
not.
          This level precludes tampering with file systems by unmounting
          them, but also inhibits running newfs(8) while the system is  
multi-
          user.

          In addition, kernel time changes are restricted to less than  
or
          equal to one second.  Attempts to change the time by more  
than this
          will log the message ``Time adjustment clamped to +1 second''.

Regards,
-- 
-Chuck