source: networking/netprogs/ntp.xml@ 39159bf

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 39159bf was 39159bf, checked in by Fernando de Oliveira <fernando@…>, 9 years ago

Reword ntp.conf 'Security session' explanation.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@15248 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 12.2 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY ntp-download-http "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-&ntp-version;.tar.gz">
8 <!ENTITY ntp-download-ftp "&gentoo-ftp-repo;/ntp-&ntp-version;.tar.gz">
9 <!ENTITY ntp-md5sum "6972a626be6150db8cfbd0b63d8719e7">
10 <!ENTITY ntp-size "6.5 MB">
11 <!ENTITY ntp-buildsize "59 MB">
12 <!ENTITY ntp-time "0.7 SBU">
13]>
14
15<sect1 id="ntp" xreflabel="ntp-&ntp-version;">
16 <?dbhtml filename="ntp.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>ntp-&ntp-version;</title>
24
25 <indexterm zone="ntp">
26 <primary sortas="a-ntp">ntp</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to ntp</title>
31
32 <para>The <application>ntp</application> package contains a
33 client and server to keep the time synchronized between various computers over
34 a network. This package is the official reference implementation of the
35 NTP protocol.</para>
36
37 &lfs76_checked;
38
39 <bridgehead renderas="sect3">Package Information</bridgehead>
40 <itemizedlist spacing="compact">
41 <listitem>
42 <para>Download (HTTP): <ulink url="&ntp-download-http;"/></para>
43 </listitem>
44 <listitem>
45 <para>Download (FTP): <ulink url="&ntp-download-ftp;"/></para>
46 </listitem>
47 <listitem>
48 <para>Download MD5 sum: &ntp-md5sum;</para>
49 </listitem>
50 <listitem>
51 <para>Download size: &ntp-size;</para>
52 </listitem>
53 <listitem>
54 <para>Estimated disk space required: &ntp-buildsize;</para>
55 </listitem>
56 <listitem>
57 <para>Estimated build time: &ntp-time;</para>
58 </listitem>
59 </itemizedlist>
60
61 <bridgehead renderas="sect3">ntp Dependencies</bridgehead>
62
63 <bridgehead renderas="sect4">Optional</bridgehead>
64 <para role="optional">
65 <xref linkend="libcap-pam"/>,
66 <xref linkend="openssl"/>, and
67 <ulink url="http://www.thrysoee.dk/editline/">libedit</ulink>
68 </para>
69
70 <para condition="html" role="usernotes">User Notes:
71 <ulink url="&blfs-wiki;/ntp"/></para>
72
73 </sect2>
74
75 <sect2 role="installation">
76 <title>Installation of ntp</title>
77
78 <para>
79 There should be a dedicated user and group to take control
80 of the <command>ntpd</command> daemon after it is
81 started. Issue the following commands as the
82 <systemitem class="username">root</systemitem> user:
83 </para>
84
85<screen role="root"><userinput>groupadd -g 87 ntp &amp;&amp;
86useradd -c "Network Time Protocol" -d /var/lib/ntp -u 87 \
87 -g ntp -s /bin/false ntp</userinput></screen>
88
89 <para>Install <application>ntp</application> by running
90 the following commands:</para>
91
92<screen><userinput>./configure --prefix=/usr \
93 --bindir=/usr/sbin \
94 --sysconfdir=/etc \
95 --enable-linuxcaps \
96 --with-lineeditlibs=readline \
97 --docdir=/usr/share/doc/ntp-&ntp-version; &amp;&amp;
98make</userinput></screen>
99
100 <para>To test the results, issue: <command>make check</command>.</para>
101
102 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
103
104<screen role="root"><userinput>make install &amp;&amp;
105install -v -o ntp -g ntp -d /var/lib/ntp</userinput></screen>
106
107 </sect2>
108
109 <sect2 role="commands">
110 <title>Command Explanations</title>
111
112 <para><parameter>--bindir=/usr/sbin</parameter>: This parameter places
113 the administrative programs in <filename
114 class="directory">/usr/sbin</filename>.</para>
115
116 <para><parameter>--enable-linuxcaps</parameter>: ntpd is run as user
117 ntp, so use Linux capabilities for non-root clock control.</para>
118
119 <para><option>--with-lineeditlibs=readline</option>: This option enables
120 <application>Readline</application> support for <command>ntpdc</command>
121 and <command>ntpq</command> programs. If omitted,
122 <application>libedit</application> will be used if installed, otherwise no
123 readline capabilites will be compiled.</para>
124
125 </sect2>
126
127 <sect2 role="configuration">
128 <title>Configuring ntp</title>
129
130 <sect3 id="ntp-config">
131 <title>Config Files</title>
132
133 <para><filename>/etc/ntp.conf</filename></para>
134
135 <indexterm zone="ntp ntp-config">
136 <primary sortas="e-etc-ntp.conf">/etc/ntp.conf</primary>
137 </indexterm>
138
139 </sect3>
140
141 <sect3>
142 <title>Configuration Information</title>
143
144 <para>The following configuration file defines various ntp servers
145 with open access from different continents. It also creates a
146 drift file where <command>ntpd</command> stores the frequency
147 offset and a pid file to store the <command>ntpd</command> process
148 ID. Since the documentation included with the package is sparse,
149 visit the ntp website at <ulink url="http://www.ntp.org/"/> and
150 <ulink url="http://www.pool.ntp.org/"/> for more information.</para>
151
152<screen role="root"><userinput>cat &gt; /etc/ntp.conf &lt;&lt; "EOF"
153<literal># Asia
154server 0.asia.pool.ntp.org
155
156# Australia
157server 0.oceania.pool.ntp.org
158
159# Europe
160server 0.europe.pool.ntp.org
161
162# North America
163server 0.north-america.pool.ntp.org
164
165# South America
166server 2.south-america.pool.ntp.org
167
168driftfile /var/lib/ntp/ntp.drift
169pidfile /var/run/ntpd.pid</literal>
170EOF</userinput></screen>
171
172 <para>
173 You may wish to add a <quote>Security session</quote>. For
174 explanations, see
175 <ulink url="http://www.eecis.udel.edu/~mills/ntp/html/accopt.html#restrict"/>.
176 </para>
177
178<screen role="root"><userinput>cat &gt;&gt; /etc/ntp.conf &lt;&lt; "EOF"
179<literal># Security session
180restrict default limited kod nomodify notrap nopeer noquery
181restrict -6 default limited kod nomodify notrap nopeer noquery
182
183restrict 127.0.0.1
184restrict ::1</literal>
185EOF</userinput></screen>
186
187 </sect3>
188
189 <sect3 id="ntp-init">
190 <title>Synchronizing the Time</title>
191
192 <para>There are two options. Option one is to run <command>ntpd</command>
193 continuously and allow it to synchronize the time in a gradual manner. The
194 other option is to run <command>ntpd</command> periodically (using cron)
195 and update the time each time <command>ntpd</command> is scheduled.</para>
196
197 <para>If you choose Option one, then install the
198 <filename>/etc/rc.d/init.d/ntp</filename>
199 init script included in the
200 <xref linkend="bootscripts"/> package.</para>
201
202 <indexterm zone="ntp ntp-init">
203 <primary sortas="f-ntp">ntp</primary>
204 </indexterm>
205
206<screen role="root"><userinput>make install-ntpd</userinput></screen>
207
208 <para>If you prefer to run <command>ntpd</command> periodically, add the
209 following command to <systemitem class="username">root</systemitem>'s
210 <filename>crontab</filename>:</para>
211
212<screen><literal>ntpd -q</literal></screen>
213
214 <para>Execute the following command if you would like to set the
215 hardware clock to the current system time at shutdown and reboot:</para>
216
217<screen role="root"><userinput>ln -v -sf ../init.d/setclock /etc/rc.d/rc0.d/K46setclock &amp;&amp;
218ln -v -sf ../init.d/setclock /etc/rc.d/rc6.d/K46setclock</userinput></screen>
219
220 <para>The other way around is already set up by LFS.</para>
221
222 </sect3>
223
224 </sect2>
225
226 <sect2 role="content">
227 <title>Contents</title>
228
229 <segmentedlist>
230 <segtitle>Installed Programs</segtitle>
231 <segtitle>Installed Libraries</segtitle>
232 <segtitle>Installed Directories</segtitle>
233
234 <seglistitem>
235 <seg>calc_tickadj, ntp-keygen, ntp-wait, ntpd, ntpdate, ntpdc, ntpq,
236 ntptime, ntptrace, sntp and tickadj</seg>
237 <seg>None</seg>
238 <seg>/usr/share/ntp,
239 /usr/share/doc/ntp-4.2.8 and
240 /var/lib/ntp</seg>
241 </seglistitem>
242 </segmentedlist>
243
244 <variablelist>
245 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
246 <?dbfo list-presentation="list"?>
247 <?dbhtml list-presentation="table"?>
248
249 <varlistentry id="calc_tickadj">
250 <term><command>calc_tickadj</command></term>
251 <listitem>
252 <para>calculates optimal value for tick given ntp drift file.</para>
253 <indexterm zone="ntp calc_tickadj">
254 <primary sortas="b-calc_tickadj">calc_tickadj</primary>
255 </indexterm>
256 </listitem>
257 </varlistentry>
258
259 <varlistentry id="ntp-keygen">
260 <term><command>ntp-keygen</command></term>
261 <listitem>
262 <para>generates cryptographic data files used by the NTPv4 authentication
263 and identification schemes.</para>
264 <indexterm zone="ntp ntp-keygen">
265 <primary sortas="b-ntp-keygen">ntp-keygen</primary>
266 </indexterm>
267 </listitem>
268 </varlistentry>
269
270 <varlistentry id="ntp-wait">
271 <term><command>ntp-wait</command></term>
272 <listitem>
273 <para>is useful at boot time, to delay the boot sequence until
274 <command>ntpd</command> has set the time.</para>
275 <indexterm zone="ntp ntp-wait">
276 <primary sortas="b-ntp-wait">ntp-wait</primary>
277 </indexterm>
278 </listitem>
279 </varlistentry>
280
281 <varlistentry id="ntpd">
282 <term><command>ntpd</command></term>
283 <listitem>
284 <para>is a ntp daemon that runs in the background and keeps
285 the date and time synchronized based on response from configured
286 ntp servers. It also functions as a ntp server.</para>
287 <indexterm zone="ntp ntpd">
288 <primary sortas="b-ntpd">ntpd</primary>
289 </indexterm>
290 </listitem>
291 </varlistentry>
292
293 <varlistentry id="ntpdate">
294 <term><command>ntpdate</command></term>
295 <listitem>
296 <para>is a client program that sets the date and time based on
297 the response from an ntp server. This command is deprecated.</para>
298 <indexterm zone="ntp ntpdate">
299 <primary sortas="b-ntpdate">ntpdate</primary>
300 </indexterm>
301 </listitem>
302 </varlistentry>
303
304 <varlistentry id="ntpdc">
305 <term><command>ntpdc</command></term>
306 <listitem>
307 <para>is used to query the ntp daemon about its current state
308 and to request changes in that state.</para>
309 <indexterm zone="ntp ntpdc">
310 <primary sortas="b-ntpdc">ntpdc</primary>
311 </indexterm>
312 </listitem>
313 </varlistentry>
314
315 <varlistentry id="ntpq">
316 <term><command>ntpq</command></term>
317 <listitem>
318 <para>is an utility program used to monitor <command>ntpd</command>
319 operations and determine performance.</para>
320 <indexterm zone="ntp ntpq">
321 <primary sortas="b-ntpq">ntpq</primary>
322 </indexterm>
323 </listitem>
324 </varlistentry>
325
326 <varlistentry id="ntptime">
327 <term><command>ntptime</command></term>
328 <listitem>
329 <para>reads and displays time-related kernel variables.</para>
330 <indexterm zone="ntp ntptime">
331 <primary sortas="b-ntptime">ntptime</primary>
332 </indexterm>
333 </listitem>
334 </varlistentry>
335
336 <varlistentry id="ntptrace">
337 <term><command>ntptrace</command></term>
338 <listitem>
339 <para>traces a chain of ntp servers back to the primary source.</para>
340 <indexterm zone="ntp ntptrace">
341 <primary sortas="b-ntptrace">ntptrace</primary>
342 </indexterm>
343 </listitem>
344 </varlistentry>
345
346 <varlistentry id="sntp">
347 <term><command>sntp</command></term>
348 <listitem>
349 <para>is a Simple Network Time Protocol (SNTP) client.</para>
350 <indexterm zone="ntp sntp">
351 <primary sortas="b-sntp">sntp</primary>
352 </indexterm>
353 </listitem>
354 </varlistentry>
355
356 <varlistentry id="tickadj">
357 <term><command>tickadj</command></term>
358 <listitem>
359 <para>reads, and optionally modifies, several timekeeping-related
360 variables in older kernels that do not have support for precision
361 timekeeping.</para>
362 <indexterm zone="ntp tickadj">
363 <primary sortas="b-tickadj">tickadj</primary>
364 </indexterm>
365 </listitem>
366 </varlistentry>
367
368 </variablelist>
369
370 </sect2>
371
372</sect1>
Note: See TracBrowser for help on using the repository browser.