timedatex replacing systemd-timedated for NTP packages

[Chris Murphy]

On Tue, Nov 25, 2014 at 10:51 AM, Florian Weimer <fweimer at redhat.com> wrote:

> Some networks have bad NTP service in the sense that they hand out incorrect
> time (not just off by a few seconds, but days or months, enough to skew
> certificate validity).

I'm not sure what we're supposed to do about such sabotage on the
network, that seems distinctly a local issue. We should do the best we
can right now, while providing a manual switch for the user to alter
the default.

It used to be the case that we used these servers:
0.fedora.pool.ntp.org
1.fedora.pool.ntp.org
2.fedora.pool.ntp.org
3.fedora.pool.ntp.org

Chrony isn't installed or running on Fedora 21 Server, so at least on
server I have no idea at the moment were the ntp pool is specified.


> Your proposed solution would make GNOME unusable on
> such networks.  Other bad things might happen there, but just pretending
> that everything this phenomenon does not exist and that we know better than
> the user what the correct system time should be in all cases seems very
> unhelpful.

Time is a basic requirement, it's correct for Fedora installs to point
to a Fedora Project ntp pool by default for Server and Workstation
products; for cloud they may have different (?) requirements. I expect
"manual time" setting to be exist, and it'd be synonymous with ntp
off.


> Now if Fedora offered a high-availability cryptographic time service (we
> actually do, sort of), things might be different—but not much, because then
> we'd be having a discussion about phoning home instead.

The pool still exists. Are we not supposed to use them?

[root at f21s ~]# nslookup 0.fedora.pool.ntp.org
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: 0.fedora.pool.ntp.org
Address: 69.28.67.44
Name: 0.fedora.pool.ntp.org
Address: 209.118.204.201
Name: 0.fedora.pool.ntp.org
Address: 204.2.134.164
Name: 0.fedora.pool.ntp.org
Address: 204.2.134.163


-- 
Chris Murphy