Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 04 Feb 2005 13:41:39 -0800
From:      "Kevin Oberman" <oberman@es.net>
To:        Scott Robbins <scottro@nyc.rr.com>
Cc:        freebsd-stable@freebsd.org
Subject:   Re: Adjusting time on a secured FreeBSD machine. 
Message-ID:  <20050204214140.273335D07@ptavv.es.net>
In-Reply-To: Your message of "Fri, 04 Feb 2005 16:29:03 EST." <20050204212903.GA2610@uws1.starlofashions.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
> Date: Fri, 4 Feb 2005 16:29:03 -0500
> From: Scott Robbins <scottro@nyc.rr.com>
> Sender: owner-freebsd-stable@freebsd.org
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Fri, Feb 04, 2005 at 01:18:26PM -0800, Stan wrote:
> > Hmmm.  My rc.conf has ntpd_enable-"YES", but not ntpdate_enable="YES".
> > Thanks!
> 
> They do conflict with each other, I'm not sure what will happen if you
> have both in rc.conf.  Hopefully ntpdate will run first, then ntpd.  If
> ntpd is running then you will get an error message running ntpdate.
> 
> On an unsecured box (the one that I mentioned, where ntpd choked because
> the BIOS clock was too far off, I simply stopped ntpd, ran ntpdate and
> then restarted ntpd.

They do not conflict if you use the flags in defaults/rc.conf.

ntpdate -b sets the time ONCE and is run before ntpd starts, the '-b'
option will cause it to to set the time absolutely no matter hao far off
the clock is at the time. This is exactly how ntpdate is intended to be
used.

That said, ntpdate is considered obsolete by the ntp folks and may
disappear at some time in the future. Their recommendation is to use
ntpd with the '-g' flag to force an unconditional clock set and to use
the 'iburst' option on your servers in /etc/ntp.conf. I find this works
well, but some have complained that it takes too long.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman@es.net			Phone: +1 510 486-8634

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050204214140.273335D07>