Date: Thu, 25 Aug 2016 00:36:40 -0700 From: Cy Schubert <Cy.Schubert@komquats.com> To: Andreas Ott <andreas@naund.org> Cc: Cy Schubert <Cy.Schubert@komquats.com>, Ian Lepore <ian@freebsd.org>, Kevin Oberman <rkoberman@gmail.com>, Randy Bush <randy@psg.com>, FreeBSD Stable <freebsd-stable@freebsd.org>, Cy Schubert <cy@freebsd.org>, pfg@freebsd.org, Xin Li <delphij@delphij.net> Subject: Re: leapsecond file Message-ID: <201608250736.u7P7ae58001565@slippy.cwsent.com> In-Reply-To: Message from Andreas Ott <andreas@naund.org> of "Thu, 25 Aug 2016 00:16:24 -0700." <20160825001624.H1223@naund.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20160825001624.H1223@naund.org>, Andreas Ott writes:
> Hi,
>
> On Wed, Aug 24, 2016 at 06:55:37PM -0700, Cy Schubert wrote:
> > The file was obtained from USNO. Except for a $FreeBSD$ and a minor
> > spelling fix that was brought forward from r298087, the file was not
> > altered in any way. One of the problems is that the minor spelling fix
> > invalidated the secure hash at the end of the file, ntpd ignores the file.
> > r298087 needs to be reverted. (cc'd pfg@) I'll revert r298087.
>
> If I read the hash instructions towards the bottom of the file, you should
> be good to fix typos or add $FreeBSD$ in a comment line, the only lines
> that are hashed are the data and time stamps. Syslog shows that during the
> last week the hash was considered OK on the file in 10.3-p7 with
> $FreeBSD: releng/10.3/etc/ntp/leap-seconds 295461 2016-02-10 07:16:17Z cy $
> .
>
> 2016 Aug 18 18:26:07 [ntp.notice] mon leapsecond file ('/var/db/ntpd.leap-sec
> onds.list'): good hash signature
> 2016 Aug 18 18:26:07 [ntp.notice] mon leapsecond file ('/var/db/ntpd.leap-sec
> onds.list'): loaded, expire=2016-06-01T00:00:00Z last=2015-07-01T00:00:00Z of
> s=36
> 2016 Aug 18 18:26:07 [ntp.err] mon leapsecond file ('/var/db/ntpd.leap-second
> s.list'): expired less than 79 days ago
> 2016 Aug 18 18:26:07 [console.info] mon Aug 18 18:26:07 mon ntpd[584]: leapse
> cond file ('/var/db/ntpd.leap-seconds.list'): expired less than 79 days ago
The updated rc.d/ntpd will fix this.
>
> > I'll revert pfg's spelling fixup which I had brought forward and I'll need
> > to remove $FreeBSD$ as well, validating the hash again. Additional code
> > will need to be added to rc.d/ntpd to replace the copy in /var/db if
> > $FreeBSD$ exists.
>
> Please check the hash instructions, I don't think it's needed to remove that.
IMO it's better to use the virgin leap-seconds file anyway to avoid any
confusion as to its authenticity.
--
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX: <cy@FreeBSD.org> Web: http://www.FreeBSD.org
The need of the many outweighs the greed of the few.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608250736.u7P7ae58001565>