ntp config tech note
Adrian Chadd
adrian at creative.net.au
Fri May 21 02:33:19 UTC 2004
On Thu, May 20, 2004, C. Jon Larsen wrote:
>
>
> On Thu, 20 May 2004, Jared Mauch wrote:
>
> >
> >
> > I've found it useful on older machines (PCs with cheap clocks and
> > oscilators) to cron ntpdate once an hour to prevent the clock from
> > getting too far off by itself. I've found the daemon doesn't do good enough
> > of a job to sync on it's own...
>
> Isn't that a lot safer anyway than running a daemon (ntpd) as root ? I do
> this on my systems (run ntpdate from cron), even though the xntpd
> docs IIRC specifically advised against this hack. One less
> vulnerability waiting to be exploited ... is the way I see it.
Kind of. ntpdate just sets the time. ntpd will actually notice your clock
running fast/slow and slowly step your kernel time to deal with your
bad clock frequency.
man ntpd. Its quite fascinating.
RE the "ntpd as root" thing, is there a capability in some UNIXen
which lets you fudge with the kernel time/timecounter frequency without
being root? I think thats all it really needs root privilege for.
Adrian
--
Adrian Chadd I'm only a fanboy if
<adrian at creative.net.au> I emailed Wesley Crusher.
More information about the NANOG
mailing list