Date: Fri, 8 Jul 2022 07:24:35 -0700 From: John Kennedy <warlock@phouka.net> To: Ronald Klop <ronald-lists@klop.ws> Cc: freebsd-arm@freebsd.org Subject: Re: RPI4 + ntpdate + unbound Message-ID: <Ysg%2BI7ssulF%2B8PE3@phouka1.phouka.net> In-Reply-To: <c0b58858-5bb2-4bbd-deae-5ac3679a140b@klop.ws> References: <Yr/DPWc9Y%2Brp0J78@phouka1.phouka.net> <YsVaNqwNAdlEoHdj@server.rulingia.com> <c0b58858-5bb2-4bbd-deae-5ac3679a140b@klop.ws>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 07, 2022 at 12:56:05PM +0200, Ronald Klop wrote: > Based on this idea I created a /etc/rc.d/fakertc script. It saves the datetime on shutdown and restores it early on boot. > > Not polished yet. But it works on my RPI4 14-CURRENT. > With this script the time does not go backwards in the logs anymore. And it should provide a more reasonable time for validating certificates in DNSSEC/ipsec or similar processes before ntpdate kicks in. None of these is perfect, but it does stop the clock from rolling backwards and doesn't require a network. It should solve the issue with DNSSEC (since even days shouldn't matter for cert validity with enough servers). I'm not sure if ntpd will be happy (does the --force-step-once work if you boot up, don't have a network for a chunk of time, then regain network?).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Ysg%2BI7ssulF%2B8PE3>