[system-administrators-guide: 2/2] Merge branch 'master' of ssh://git.fedorahosted.org/git/docs/system-administrators-guide
by stephenw
commit ac355c11727fe70d4bc43184ad33133f124fb330
Merge: 7d7283a 6331af2
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Wed Jul 10 10:30:24 2013 +0200
Merge branch 'master' of ssh://git.fedorahosted.org/git/docs/system-administrators-guide
Conflicts:
en-US/Configuring_NTP_using_the_Chrony_suite.xml
---
10 years, 10 months
- 1
- 0
[system-administrators-guide: 1/2] Typos, markup improvements, remove some white space
by stephenw
commit 7d7283a430f769847ff76e9db781013c355e2fae
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Wed Jul 10 10:26:58 2013 +0200
Typos, markup improvements, remove some white space
en-US/Configuring_NTP_using_the_Chrony_suite.xml | 97 +++++++++++-----------
1 files changed, 47 insertions(+), 50 deletions(-)
---
diff --git a/en-US/Configuring_NTP_using_the_Chrony_suite.xml b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
index 0b5f552..41736ec 100644
--- a/en-US/Configuring_NTP_using_the_Chrony_suite.xml
+++ b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
@@ -24,8 +24,7 @@ There is a choice between the daemons <systemitem class="daemon">ntpd</systemite
<section id="sect-differences_between_ntpd_and_chronyd">
<title>Differences Between ntpd and chronyd</title>
<para>
- One of the main differences between <systemitem class="daemon">ntpd</systemitem> and <systemitem class="daemon">chronyd</systemitem> is in the
- algorithms used to control the computer's clock. Things <systemitem class="daemon">chronyd</systemitem> can do better than <systemitem class="daemon">ntpd</systemitem> are:
+ One of the main differences between <systemitem class="daemon">ntpd</systemitem> and <systemitem class="daemon">chronyd</systemitem> is in the algorithms used to control the computer's clock. Things <systemitem class="daemon">chronyd</systemitem> can do better than <systemitem class="daemon">ntpd</systemitem> are:
</para>
<itemizedlist>
<listitem>
@@ -40,7 +39,7 @@ There is a choice between the daemons <systemitem class="daemon">ntpd</systemite
</listitem>
<listitem>
<para>
- <systemitem class="daemon">chronyd</systemitem> can usually synchronise the clock faster and with better time accuracy.
+ <systemitem class="daemon">chronyd</systemitem> can usually synchronise the clock faster and with better time accuracy.
</para>
</listitem>
<listitem>
@@ -104,7 +103,7 @@ Things <systemitem class="daemon">ntpd</systemitem> can do that <systemitem clas
</listitem>
<listitem>
<para>
- The <systemitem class="protocol">NTP</systemitem> daemon (<systemitem class="daemon">ntpd</systemitem>) should be considered for systems which are normally kept permanently on. Systems which are required to use broadcast or multicast IP, or to perform authentication of packets with the Autokey protocol, should consider using <systemitem class="daemon">ntpd</systemitem>. <application>Chrony</application> only supports symmetric key authentication, such as the use of <systemitem class="protocol">MD5</systemitem>, <systemitem class="protocol">SHA1</systemitem>, and <systemitem class="protocol">SHA256</systemitem> hash functions, whereas <systemitem class="daemon">ntpd</systemitem> supports the Autokey authentication protocol which can make use of the PKI system. Autokey is described in <citetitle pubwork="webpage">RFC5906</citetitle>.
+ The <systemitem class="protocol">NTP</systemitem> daemon (<systemitem class="daemon">ntpd</systemitem>) should be considered for systems which are normally kept permanently on. Systems which are required to use broadcast or multicast IP, or to perform authentication of packets with the <systemitem class="protocol">Autokey</systemitem> protocol, should consider using <systemitem class="daemon">ntpd</systemitem>. <application>Chrony</application> only supports symmetric key authentication using a message authentication code (MAC) with MD5, SHA1 or stronger hash functions, whereas <systemitem class="daemon">ntpd</systemitem> also supports the <systemitem class="protocol">Autokey</systemitem> authentication protocol which can make use of the PKI system. <systemitem class="protocol">Autokey</systemitem> is described in <citetitle pubwork="webpage">RFC5906</citetitle>.
</para>
</listitem>
</itemizedlist>
@@ -164,7 +163,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<listitem>
<screen>allow 2001:db8::/32</screen>
<para>
- Use this form to specify an IPv6 address to be allowed access.
+ Use this form to specify an <systemitem class="protocol">IPv6</systemitem> address to be allowed access.
</para>
</listitem>
</orderedlist>
@@ -176,7 +175,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<term>cmdallow</term>
<listitem>
<para>
- This is similar to the <command>allow</command> directive (see section allow), except that it allows control access (rather than <systemitem class="protocol">NTP</systemitem> client access) to a particular subnet or host. (By <quote>control access</quote> is meant that <application>chronyc</application> can be run on those hosts and successfully connect to <systemitem class="daemon">chronyd</systemitem> on this computer.) The syntax is identical. There is also a <command>cmddeny</command> all directive with similar behaviour to the <command>cmdallow</command> all directive. </para>
+ This is similar to the <command>allow</command> directive (see section <command>allow</command>), except that it allows control access (rather than <systemitem class="protocol">NTP</systemitem> client access) to a particular subnet or host. (By <quote>control access</quote> is meant that <application>chronyc</application> can be run on those hosts and successfully connect to <systemitem class="daemon">chronyd</systemitem> on this computer.) The syntax is identical. There is also a <command>cmddeny</command> all directive with similar behavior to the <command>cmdallow</command> all directive.</para>
</listitem>
</varlistentry>
@@ -184,7 +183,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<term>dumpdir</term>
<listitem>
<para>
- Path to the directory to save the measurement history across restarts of <systemitem class="daemon">chronyd</systemitem> (assuming no changes are made to the system clock behaviour whilst it is not running). If this capability is to be used (via the <command>dumponexit</command> command in the configuration file, or the <command>dump</command> command in chronyc), the <command>dumpdir</command> command should be used to define the directory where the measurement histories are saved. </para>
+ Path to the directory to save the measurement history across restarts of <systemitem class="daemon">chronyd</systemitem> (assuming no changes are made to the system clock behavior whilst it is not running). If this capability is to be used (via the <command>dumponexit</command> command in the configuration file, or the <command>dump</command> command in <application>chronyc</application>), the <command>dumpdir</command> command should be used to define the directory where the measurement histories are saved.</para>
</listitem>
</varlistentry>
@@ -192,7 +191,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<term>dumponexit</term>
<listitem>
<para>
- If this command is present, it indicates that <systemitem class="daemon">chronyd</systemitem> should save the measurement history for each of its time sources recorded whenever the program exits. (See the <command>dumpdir</command> command above)</para>
+ If this command is present, it indicates that <systemitem class="daemon">chronyd</systemitem> should save the measurement history for each of its time sources recorded whenever the program exits. (See the <command>dumpdir</command> command above).</para>
</listitem>
</varlistentry>
@@ -204,7 +203,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<para>
An example of the command is:
<screen>local stratum 10</screen>
-A large value of 10 indicates that the clock is so many hops away from a reference clock that its time is fairly unreliable. Put another way, if the computer ever has access to another computer which is ultimately synchronized to a reference clock, it will almost certainly be at a stratum less than 10. Therefore, the choice of a high value like 10 for the <command>local</command> command prevents the machine’s own time from ever being confused with real time, were it ever to leak out to clients that have visibility of real servers. </para>
+A large value of 10 indicates that the clock is so many hops away from a reference clock that its time is fairly unreliable. Put another way, if the computer ever has access to another computer which is ultimately synchronized to a reference clock, it will almost certainly be at a stratum less than 10. Therefore, the choice of a high value like 10 for the <command>local</command> command prevents the machine’s own time from ever being confused with real time, were it ever to leak out to clients that have visibility of real servers.</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -249,7 +248,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>refclocks</term>
<listitem>
<para>
- This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
+ This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -257,7 +256,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>tempcomp</term>
<listitem>
<para>
- This option logs the temperature measurements and system rate compensations to a file called <filename>tempcomp.log</filename>.
+ This option logs the temperature measurements and system rate compensations to a file called <filename>tempcomp.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -265,7 +264,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>refclocks</term>
<listitem>
<para>
- This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
+ This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -274,7 +273,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>refclocks</term>
<listitem>
<para>
- This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
+ This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -314,7 +313,7 @@ An example of the use of this directive is:
<para>
An example of the use of this directive is:
<screen>makestep 1000 10</screen>
-This would step the system clock if the adjustment is larger than 1000 seconds, but only in the first ten clock updates.
+This would step the system clock if the adjustment is larger than 1000 seconds, but only in the first ten clock updates.
</para>
</listitem>
</varlistentry>
@@ -326,7 +325,7 @@ This would step the system clock if the adjustment is larger than 1000 seconds,
<para>
An example of the use of this directive is:
<screen>maxchange 1000 1 2</screen>
-After the first clock update, <systemitem class="daemon">chronyd</systemitem> will check the offset on every clock update, it will ignore two adjustments larger than 1000 seconds and exit on another one.
+After the first clock update, <systemitem class="daemon">chronyd</systemitem> will check the offset on every clock update, it will ignore two adjustments larger than 1000 seconds and exit on another one.
</para>
</listitem>
</varlistentry>
@@ -354,7 +353,7 @@ It should be noted that this is not the only means of protection against using u
<term>noclientlog</term>
<listitem>
<para>
-This directive, which takes no arguments, specifies that client accesses are not to be logged. Normally they are logged, allowing statistics to be reported using the clients command in <application>chronyc</application>.
+This directive, which takes no arguments, specifies that client accesses are not to be logged. Normally they are logged, allowing statistics to be reported using the clients command in <application>chronyc</application>.
</para>
</listitem>
</varlistentry>
@@ -362,7 +361,7 @@ This directive, which takes no arguments, specifies that client accesses are not
<term>reselectdist</term>
<listitem>
<para>
- When <systemitem class="daemon">chronyd</systemitem> selects synchronisation source from available sources, it will prefer the one with minimum synchronization distance. However, to avoid frequent reselecting when there are sources with similar distance, a fixed distance is added to the distance for sources that are currently not selected. This can be set with the <option>reselectdist</option> option. By default, the distance is 100 microseconds.</para>
+ When <systemitem class="daemon">chronyd</systemitem> selects synchronization source from available sources, it will prefer the one with minimum synchronization distance. However, to avoid frequent reselecting when there are sources with similar distance, a fixed distance is added to the distance for sources that are currently not selected. This can be set with the <option>reselectdist</option> option. By default, the distance is 100 microseconds.</para>
<para>
The format of the syntax is:
<screen>reselectdist <replaceable>dist-in-seconds</replaceable></screen>
@@ -374,11 +373,11 @@ The format of the syntax is:
<term>stratumweight</term>
<listitem>
<para>
- The <command>stratumweight</command> directive sets how much distance should be added per stratum to the synchronisation distance when <systemitem class="daemon">chronyd</systemitem> selects the synchronisation source from available sources.</para>
+ The <command>stratumweight</command> directive sets how much distance should be added per stratum to the synchronisation distance when <systemitem class="daemon">chronyd</systemitem> selects the synchronization source from available sources.</para>
<para>
The format of the syntax is:
<screen>stratumweight <replaceable>dist-in-seconds</replaceable></screen>
-By default, <replaceable>dist-in-seconds</replaceable> is 1 second. This usually means that sources with lower stratum will be preferred to sources with higher stratum even when their distance is significantly worse. Setting <command>stratumweight</command> to 0 makes <systemitem class="daemon">chronyd</systemitem> ignore stratum when selecting the source.
+By default, <replaceable>dist-in-seconds</replaceable> is 1 second. This usually means that sources with lower stratum will be preferred to sources with higher stratum even when their distance is significantly worse. Setting <command>stratumweight</command> to 0 makes <systemitem class="daemon">chronyd</systemitem> ignore stratum when selecting the source.
</para>
</listitem>
</varlistentry>
@@ -393,9 +392,7 @@ The format of the syntax is:
<screen>rtcfile /var/lib/chrony/rtc</screen>
-<systemitem class="daemon">chronyd</systemitem> saves information in this file when it exits and when the writertc command is issued in <application>chronyc</application>. The information saved is the RTC’s error at some epoch, that epoch (in seconds since January 1 1970), and the rate at which the RTC gains or loses time.
-
-Not all real-time clocks are supported as their code system-specific.
+<systemitem class="daemon">chronyd</systemitem> saves information in this file when it exits and when the <command>writertc</command> command is issued in <application>chronyc</application>. The information saved is the RTC’s error at some epoch, that epoch (in seconds since January 1 1970), and the rate at which the RTC gains or loses time. Not all real-time clocks are supported as their code is system-specific. Note that if this directive is used then real-time clock should not be manually adjusted as this would interfere with <application>chrony</application>'s need to measure the rate at which the real-time clock drifts if it was adjusted at random intervals.
</para>
</listitem>
</varlistentry>
@@ -513,7 +510,7 @@ chronyc> <command>password HEX:A6CFC50C9C93AB6E5A19754C246242FC5471BCDF</command
<para>
To install <application>chrony</application>, run the following command as root:
<screen>~]# <command>yum install chrony -y</command></screen>
- The default installation directory is <filename>/usr/local/sbin/</filename>
+ The default installation directory is <filename>/usr/local/sbin/</filename>.
</para>
</section>
@@ -562,7 +559,7 @@ chronyd.service - NTP client/server
<title>Checking chrony Tracking</title>
<para>
- To check chrony tracking, issue the following command:
+ To check <application>chrony</application> tracking, issue the following command:
<screen>~]$ <command>chronyc tracking</command>
Reference ID : 1.2.3.4 (a.b.c)
Stratum : 3
@@ -585,7 +582,7 @@ Leap status : Normal
<term>Reference ID</term>
<listitem>
<para>
- This is the refid and name (or IP address) if available, of the server to which the computer is currently synchronised. If this is 127.127.1.1 it means the computer is not synchronised to any external source and that you have the ‘local’ mode operating (via the local command in chronyc (see section local), or the <command>local</command> directive in the ‘/etc/chrony.conf’ file (see section local)). </para>
+ This is the reference ID and name (or IP address) if available, of the server to which the computer is currently synchronized. If this is <systemitem class="ipaddress">127.127.1.1</systemitem> it means the computer is not synchronized to any external source and that you have the <quote>local</quote> mode operating (via the local command in <application>chronyc</application>, or the <command>local</command> directive in the <filename>/etc/chrony.conf</filename> file (see section <command>local</command>)).</para>
</listitem>
</varlistentry>
@@ -593,7 +590,7 @@ Leap status : Normal
<term>Stratum</term>
<listitem>
<para>
- The stratum indicates how many hops away from a computer with an attached reference clock we are. Such a computer is a stratum-1 computer, so the computer in the example is two hops away (i.e. a.b.c is a stratum-2 and is synchronised from a stratum-1).</para>
+ The stratum indicates how many hops away from a computer with an attached reference clock we are. Such a computer is a stratum-1 computer, so the computer in the example is two hops away (that is to say, a.b.c is a stratum-2 and is synchronized from a stratum-1).</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -607,7 +604,7 @@ Leap status : Normal
<term>System time</term>
<listitem>
<para>
- In normal operation, <systemitem class="daemon">chronyd</systemitem> never steps the system clock, because any jump in the timescale can have adverse consequences for certain application programs. Instead, any error in the system clock is corrected by slightly speeding up or slowing down the system clock until the error has been removed, and then returning to the system clock’s normal speed. A consequence of this is that there will be a period when the system clock (as read by other programs using the gettimeofday() system call, or by the date command in the shell) will be different from chronyd's estimate of the current true time (which it reports to <systemitem class="protocol">NTP</systemitem> clients when it is operating in server mode). The value reported on this line is the difference due to this effect.</para>
+ In normal operation, <systemitem class="daemon">chronyd</systemitem> never steps the system clock, because any jump in the timescale can have adverse consequences for certain application programs. Instead, any error in the system clock is corrected by slightly speeding up or slowing down the system clock until the error has been removed, and then returning to the system clock’s normal speed. A consequence of this is that there will be a period when the system clock (as read by other programs using the <function>gettimeofday()</function> system call, or by the date command in the shell) will be different from <systemitem class="daemon">chronyd</systemitem>'s estimate of the current true time (which it reports to <systemitem class="protocol">NTP</systemitem> clients when it is operating in server mode). The value reported on this line is the difference due to this effect.</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -628,16 +625,16 @@ Leap status : Normal
<term>Frequency</term>
<listitem>
<para>
- The ‘frequency’ is the rate by which the system’s clock would be would be wrong if <systemitem class="daemon">chronyd</systemitem> was not correcting it. It is expressed in ppm (parts per million). For example, a value of 1ppm would mean that when the system’s clock thinks it has advanced 1 second, it has actually advanced by 1.000001 seconds relative to true time. </para>
+ The <quote>frequency</quote> is the rate by which the system’s clock would be would be wrong if <systemitem class="daemon">chronyd</systemitem> was not correcting it. It is expressed in ppm (parts per million). For example, a value of 1ppm would mean that when the system’s clock thinks it has advanced 1 second, it has actually advanced by 1.000001 seconds relative to true time.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Residual freq</term>
<listitem>
<para>
- This shows the ‘residual frequency’ for the currently selected reference source. This reflects any difference between what the measurements from the reference source indicate the frequency should be and the frequency currently being used.
+ This shows the <quote>residual frequency</quote> for the currently selected reference source. This reflects any difference between what the measurements from the reference source indicate the frequency should be and the frequency currently being used.
- The reason this is not always zero is that a smoothing procedure is applied to the frequency. Each time a measurement from the reference source is obtained and a new residual frequency computed, the estimated accuracy of this residual is compared with the estimated accuracy (see ‘skew’ next) of the existing frequency value. A weighted average is computed for the new frequency, with weights depending on these accuracies. If the measurements from the reference source follow a consistent trend, the residual will be driven to zero over time.
+ The reason this is not always zero is that a smoothing procedure is applied to the frequency. Each time a measurement from the reference source is obtained and a new residual frequency computed, the estimated accuracy of this residual is compared with the estimated accuracy (see <option>skew</option> next) of the existing frequency value. A weighted average is computed for the new frequency, with weights depending on these accuracies. If the measurements from the reference source follow a consistent trend, the residual will be driven to zero over time.
</para>
</listitem>
</varlistentry>
@@ -645,14 +642,14 @@ Leap status : Normal
<term>Skew</term>
<listitem>
<para>
- This is the estimated error bound on the frequency. </para>
+ This is the estimated error bound on the frequency.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Root delay</term>
<listitem>
<para>
- This is the total of the network path delays to the stratum-1 computer from which the computer is ultimately synchronised.
+ This is the total of the network path delays to the stratum-1 computer from which the computer is ultimately synchronized.
In certain extreme situations, this value can be negative. (This can arise in a symmetric peer arrangement where the computers’ frequencies are not tracking each other and the network delay is very short relative to the turn-around time at each computer.)
</para>
@@ -662,14 +659,14 @@ Leap status : Normal
<term>Root dispersion</term>
<listitem>
<para>
-This is the total dispersion accumulated through all the computers back to the stratum-1 computer from which the computer is ultimately synchronised. Dispersion is due to system clock resolution, statistical measurement variations etc. </para>
+This is the total dispersion accumulated through all the computers back to the stratum-1 computer from which the computer is ultimately synchronized. Dispersion is due to system clock resolution, statistical measurement variations etc.</para>
</listitem>
</varlistentry>
<varlistentry>
<term> Leap status</term>
<listitem>
<para>
- This is the leap status, which can be Normal, Insert second, Delete second or Not synchronised.
+ This is the leap status, which can be Normal, Insert second, Delete second or Not synchronized.
</para>
</listitem>
</varlistentry>
@@ -681,7 +678,7 @@ This is the total dispersion accumulated through all the computers back to the s
<para>
The sources command displays information about the current time sources that <systemitem class="daemon">chronyd</systemitem> is accessing.
-The optional argument -v can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
+The optional argument -v can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
<screen>~]$ <command>chronyc sources</command>
210 Number of sources = 3
MS Name/IP address Stratum Poll Reach LastRx Last sample
@@ -697,7 +694,7 @@ The columns are as follows:
<term>M</term>
<listitem>
<para>
-This indicates the mode of the source. ^ means a server, = means a peer and # indicates a locally connected reference clock.
+This indicates the mode of the source. <literal>^</literal> means a server, <literal>=</literal> means a peer and <literal>#</literal> indicates a locally connected reference clock.
</para>
</listitem>
</varlistentry>
@@ -705,15 +702,15 @@ This indicates the mode of the source. ^ means a server, = means a peer and # in
<term>S</term>
<listitem>
<para>
-This column indicates the state of the sources. * indicates the source to which <systemitem class="daemon">chronyd</systemitem> is current synchronised. + indicates other acceptable sources. ? indicates sources to which connectivity has been lost. x indicates a clock which <systemitem class="daemon">chronyd</systemitem> thinks is is a falseticker (i.e. its time is inconsistent with a majority of other sources). ~ indicates a source whose time appears to have too much variability. The ~ condition is also shown at start-up, until at least 3 samples have been gathered from it.
- </para>
+This column indicates the state of the sources. <quote>*</quote> indicates the source to which <systemitem class="daemon">chronyd</systemitem> is currently synchronized. <quote>+</quote> indicates acceptable sources which are combined with the selected source. <quote>-</quote> indicates acceptable sources which are excluded by the combining algorithm. <quote>?</quote> indicates sources to which connectivity has been lost or whose packets do not pass all tests. <quote>x</quote> indicates a clock which <systemitem class="daemon">chronyd</systemitem> thinks is is a falseticker (that is to say, its time is inconsistent with a majority of other sources). <quote>~</quote> indicates a source whose time appears to have too much
+ variability. The <quote>?</quote> condition is also shown at start-up, until at least 3 samples have been gathered from it.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Name/IP address</term>
<listitem>
<para>
-This shows the name or the IP address of the source, or refid for reference clocks.
+This shows the name or the IP address of the source, or reference ID for reference clocks.
</para>
</listitem>
</varlistentry>
@@ -721,7 +718,7 @@ This shows the name or the IP address of the source, or refid for reference cloc
<term>Stratum</term>
<listitem>
<para>
-This shows the stratum of the source, as reported in its most recently received sample. Stratum 1 indicates a computer with a locally attached reference clock. A computer that is synchronised to a stratum 1 computer is at stratum 2. A computer that is synchronised to a stratum 2 computer is at stratum 3, and so on.
+This shows the stratum of the source, as reported in its most recently received sample. Stratum 1 indicates a computer with a locally attached reference clock. A computer that is synchronized to a stratum 1 computer is at stratum 2. A computer that is synchronized to a stratum 2 computer is at stratum 3, and so on.
</para>
</listitem>
</varlistentry>
@@ -747,7 +744,7 @@ This shows the stratum of the source, as reported in its most recently received
<term>LastRx</term>
<listitem>
<para>
- This column shows how long ago the last sample was received from the source. This is normally in seconds. The letters m, h, d or y indicate minutes, hours, days or years. A value of 10 years indicates there were no samples received from this source yet.
+ This column shows how long ago the last sample was received from the source. This is normally in seconds. The letters <literal>m</literal>, <literal>h</literal>, <literal>d</literal> or <literal>y</literal> indicate minutes, hours, days or years. A value of 10 years indicates there were no samples received from this source yet.
</para>
</listitem>
</varlistentry>
@@ -769,7 +766,7 @@ This shows the stratum of the source, as reported in its most recently received
<para>
The <command>sourcestats</command> command displays information about the drift rate and offset estimation process for each of the sources currently being examined by <systemitem class="daemon">chronyd</systemitem>.
-The optional argument <option>-v</option> can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
+The optional argument <option>-v</option> can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
<screen>~]$ <command>chronyc sourcestats</command>
@@ -786,7 +783,7 @@ The columns are as follows:
<term>Name/IP address</term>
<listitem>
<para>
-This is the name or IP address of the <systemitem class="protocol">NTP</systemitem> server (or peer) or refid of the refclock to which the rest of the line relates.
+This is the name or IP address of the <systemitem class="protocol">NTP</systemitem> server (or peer) or reference ID of the reference clock to which the rest of the line relates.
</para>
</listitem>
</varlistentry>
@@ -818,7 +815,7 @@ This is the number of runs of residuals having the same sign following the last
<term>Frequency</term>
<listitem>
<para>
- This is the estimated residual frequency for the server, in parts per million. In this case, the computer’s clock is estimated to be running 1 part in 10**9 slow relative to the server.
+ This is the estimated residual frequency for the server, in parts per million. In this case, the computer’s clock is estimated to be running 1 part in <inlineequation><mathphrase>10<superscript>9</superscript></mathphrase></inlineequation> slow relative to the server.
</para>
</listitem>
</varlistentry>
@@ -955,7 +952,7 @@ commandkey 24
local stratum 10
initstepslew 20 master
allow 192.0.2.123</screen>
-Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of the master, and <systemitem class="systemname">master</systemitem> is the host name of the master. These clinet will resynchronize the master if it restarts.
+Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of the master, and <systemitem class="systemname">master</systemitem> is the host name of the master. These client will resynchronize the master if it restarts.
</para>
<para>
@@ -969,8 +966,8 @@ Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of t
<title>Using chronyc</title>
-<section id="sect-Using_chronyc_chronyc_to_control_cronyd">
- <title>Using chronyc to Control cronyd</title>
+<section id="sect-Using_chronyc_chronyc_to_control_chronyd">
+ <title>Using chronyc to Control chronyd</title>
<para>
To make changes using the command line utility <application>chronyc</application> in interactive mode, enter the following command as root:
<screen>~]# <command>chronyc</command></screen>
@@ -978,7 +975,7 @@ Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of t
</para>
<para>
The <application>chronyc</application> command prompt will be displayed as follows:</para>
- <screen>/chronyc></screen>
+ <screen>chronyc></screen>
<para>
You can type <command>help</command> to list all of the commands.
</para>
@@ -1012,7 +1009,7 @@ From the remote systems, the system administrator can issue commands after first
</para>
<para>
- The password or hash associated with the command key for a remote system is best obtained by <systemitem class="protocol">SSH</systemitem>. That is to say, an <systemitem class="protocol">SSH</systemitem> connection should be established to the remote machine and the ID of the command key from <filename>/etc/chrony.conf</filename> and the command key in <filename>/etc/chrony.keys</filename> memorised or stored securly for the duration of the session.
+ The password or hash associated with the command key for a remote system is best obtained by <systemitem class="protocol">SSH</systemitem>. That is to say, an <systemitem class="protocol">SSH</systemitem> connection should be established to the remote machine and the ID of the command key from <filename>/etc/chrony.conf</filename> and the command key in <filename>/etc/chrony.keys</filename> memorized or stored securely for the duration of the session.
</para>
</section>
@@ -1061,7 +1058,7 @@ From the remote systems, the system administrator can issue commands after first
</listitem>
<listitem>
<para>
- <filename>/usr/share/doc/chrony*/chrony.txt</filename> — User guide for the <application>chrony</application> suite.
+ <filename>/usr/share/doc/chrony*/chrony.txt</filename> — User guide for the <application>chrony</application> suite.
</para>
</listitem>
</itemizedlist>
10 years, 10 months
- 1
- 0
[system-administrators-guide] (2 commits) ...Merge branch 'master' of ssh://git.fedorahosted.org/git/docs/system-administrators-guide
by stephenw
Summary of changes:
7d7283a... Typos, markup improvements, remove some white space
ac355c1... Merge branch 'master' of ssh://git.fedorahosted.org/git/doc
10 years, 10 months
- 1
- 0
[system-administrators-guide] Typos, markup improvements, remove some white space
by stephenw
commit 6331af258496b29cd57cd5a6ae780e92554ac7f8
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Wed Jul 10 09:43:29 2013 +0200
Typos, markup improvements, remove some white space
en-US/Configuring_NTP_using_the_Chrony_suite.xml | 97 +++++++++++-----------
1 files changed, 47 insertions(+), 50 deletions(-)
---
diff --git a/en-US/Configuring_NTP_using_the_Chrony_suite.xml b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
index 0b5f552..8602da4 100644
--- a/en-US/Configuring_NTP_using_the_Chrony_suite.xml
+++ b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
@@ -24,8 +24,7 @@ There is a choice between the daemons <systemitem class="daemon">ntpd</systemite
<section id="sect-differences_between_ntpd_and_chronyd">
<title>Differences Between ntpd and chronyd</title>
<para>
- One of the main differences between <systemitem class="daemon">ntpd</systemitem> and <systemitem class="daemon">chronyd</systemitem> is in the
- algorithms used to control the computer's clock. Things <systemitem class="daemon">chronyd</systemitem> can do better than <systemitem class="daemon">ntpd</systemitem> are:
+ One of the main differences between <systemitem class="daemon">ntpd</systemitem> and <systemitem class="daemon">chronyd</systemitem> is in the algorithms used to control the computer's clock. Things <systemitem class="daemon">chronyd</systemitem> can do better than <systemitem class="daemon">ntpd</systemitem> are:
</para>
<itemizedlist>
<listitem>
@@ -40,7 +39,7 @@ There is a choice between the daemons <systemitem class="daemon">ntpd</systemite
</listitem>
<listitem>
<para>
- <systemitem class="daemon">chronyd</systemitem> can usually synchronise the clock faster and with better time accuracy.
+ <systemitem class="daemon">chronyd</systemitem> can usually synchronise the clock faster and with better time accuracy.
</para>
</listitem>
<listitem>
@@ -104,7 +103,7 @@ Things <systemitem class="daemon">ntpd</systemitem> can do that <systemitem clas
</listitem>
<listitem>
<para>
- The <systemitem class="protocol">NTP</systemitem> daemon (<systemitem class="daemon">ntpd</systemitem>) should be considered for systems which are normally kept permanently on. Systems which are required to use broadcast or multicast IP, or to perform authentication of packets with the Autokey protocol, should consider using <systemitem class="daemon">ntpd</systemitem>. <application>Chrony</application> only supports symmetric key authentication, such as the use of <systemitem class="protocol">MD5</systemitem>, <systemitem class="protocol">SHA1</systemitem>, and <systemitem class="protocol">SHA256</systemitem> hash functions, whereas <systemitem class="daemon">ntpd</systemitem> supports the Autokey authentication protocol which can make use of the PKI system. Autokey is described in <citetitle pubwork="webpage">RFC5906</citetitle>.
+ The <systemitem class="protocol">NTP</systemitem> daemon (<systemitem class="daemon">ntpd</systemitem>) should be considered for systems which are normally kept permanently on. Systems which are required to use broadcast or multicast IP, or to perform authentication of packets with the <systemitem class="protocol">Autokey</systemitem> protocol, should consider using <systemitem class="daemon">ntpd</systemitem>. <application>Chrony</application> only supports symmetric key authentication using a message authentication code (MAC) with MD5, SHA1 or stronger hash functions, whereas <systemitem class="daemon">ntpd</systemitem> also supports the <systemitem class="protocol">Autokey</systemitem> authentication protocol which can make use of the PKI system. <systemitem class="protocol">Autokey</systemitem> is described in <citetitle pubwork="webpage">RFC5906</citetitle>.
</para>
</listitem>
</itemizedlist>
@@ -164,7 +163,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<listitem>
<screen>allow 2001:db8::/32</screen>
<para>
- Use this form to specify an IPv6 address to be allowed access.
+ Use this form to specify an <systemitem class="protocol">IPv6</systemitem> address to be allowed access.
</para>
</listitem>
</orderedlist>
@@ -176,7 +175,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<term>cmdallow</term>
<listitem>
<para>
- This is similar to the <command>allow</command> directive (see section allow), except that it allows control access (rather than <systemitem class="protocol">NTP</systemitem> client access) to a particular subnet or host. (By <quote>control access</quote> is meant that <application>chronyc</application> can be run on those hosts and successfully connect to <systemitem class="daemon">chronyd</systemitem> on this computer.) The syntax is identical. There is also a <command>cmddeny</command> all directive with similar behaviour to the <command>cmdallow</command> all directive. </para>
+ This is similar to the <command>allow</command> directive (see section <command>allow</command>), except that it allows control access (rather than <systemitem class="protocol">NTP</systemitem> client access) to a particular subnet or host. (By <quote>control access</quote> is meant that <application>chronyc</application> can be run on those hosts and successfully connect to <systemitem class="daemon">chronyd</systemitem> on this computer.) The syntax is identical. There is also a <command>cmddeny</command> all directive with similar behavior to the <command>cmdallow</command> all directive.</para>
</listitem>
</varlistentry>
@@ -184,7 +183,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<term>dumpdir</term>
<listitem>
<para>
- Path to the directory to save the measurement history across restarts of <systemitem class="daemon">chronyd</systemitem> (assuming no changes are made to the system clock behaviour whilst it is not running). If this capability is to be used (via the <command>dumponexit</command> command in the configuration file, or the <command>dump</command> command in chronyc), the <command>dumpdir</command> command should be used to define the directory where the measurement histories are saved. </para>
+ Path to the directory to save the measurement history across restarts of <systemitem class="daemon">chronyd</systemitem> (assuming no changes are made to the system clock behavior whilst it is not running). If this capability is to be used (via the <command>dumponexit</command> command in the configuration file, or the <command>dump</command> command in <application>chronyc</application>), the <command>dumpdir</command> command should be used to define the directory where the measurement histories are saved.</para>
</listitem>
</varlistentry>
@@ -192,7 +191,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<term>dumponexit</term>
<listitem>
<para>
- If this command is present, it indicates that <systemitem class="daemon">chronyd</systemitem> should save the measurement history for each of its time sources recorded whenever the program exits. (See the <command>dumpdir</command> command above)</para>
+ If this command is present, it indicates that <systemitem class="daemon">chronyd</systemitem> should save the measurement history for each of its time sources recorded whenever the program exits. (See the <command>dumpdir</command> command above).</para>
</listitem>
</varlistentry>
@@ -204,7 +203,7 @@ Optionally specify a host, subnet, or network from which to allow <systemitem cl
<para>
An example of the command is:
<screen>local stratum 10</screen>
-A large value of 10 indicates that the clock is so many hops away from a reference clock that its time is fairly unreliable. Put another way, if the computer ever has access to another computer which is ultimately synchronized to a reference clock, it will almost certainly be at a stratum less than 10. Therefore, the choice of a high value like 10 for the <command>local</command> command prevents the machine’s own time from ever being confused with real time, were it ever to leak out to clients that have visibility of real servers. </para>
+A large value of 10 indicates that the clock is so many hops away from a reference clock that its time is fairly unreliable. Put another way, if the computer ever has access to another computer which is ultimately synchronized to a reference clock, it will almost certainly be at a stratum less than 10. Therefore, the choice of a high value like 10 for the <command>local</command> command prevents the machine’s own time from ever being confused with real time, were it ever to leak out to clients that have visibility of real servers.</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -249,7 +248,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>refclocks</term>
<listitem>
<para>
- This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
+ This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -257,7 +256,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>tempcomp</term>
<listitem>
<para>
- This option logs the temperature measurements and system rate compensations to a file called <filename>tempcomp.log</filename>.
+ This option logs the temperature measurements and system rate compensations to a file called <filename>tempcomp.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -265,7 +264,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>refclocks</term>
<listitem>
<para>
- This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
+ This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -274,7 +273,7 @@ A large value of 10 indicates that the clock is so many hops away from a referen
<term>refclocks</term>
<listitem>
<para>
- This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
+ This option logs the raw and filtered reference clock measurements to a file called <filename>refclocks.log</filename>.
</para>
</listitem>
</varlistentry>
@@ -314,7 +313,7 @@ An example of the use of this directive is:
<para>
An example of the use of this directive is:
<screen>makestep 1000 10</screen>
-This would step the system clock if the adjustment is larger than 1000 seconds, but only in the first ten clock updates.
+This would step the system clock if the adjustment is larger than 1000 seconds, but only in the first ten clock updates.
</para>
</listitem>
</varlistentry>
@@ -326,7 +325,7 @@ This would step the system clock if the adjustment is larger than 1000 seconds,
<para>
An example of the use of this directive is:
<screen>maxchange 1000 1 2</screen>
-After the first clock update, <systemitem class="daemon">chronyd</systemitem> will check the offset on every clock update, it will ignore two adjustments larger than 1000 seconds and exit on another one.
+After the first clock update, <systemitem class="daemon">chronyd</systemitem> will check the offset on every clock update, it will ignore two adjustments larger than 1000 seconds and exit on another one.
</para>
</listitem>
</varlistentry>
@@ -354,7 +353,7 @@ It should be noted that this is not the only means of protection against using u
<term>noclientlog</term>
<listitem>
<para>
-This directive, which takes no arguments, specifies that client accesses are not to be logged. Normally they are logged, allowing statistics to be reported using the clients command in <application>chronyc</application>.
+This directive, which takes no arguments, specifies that client accesses are not to be logged. Normally they are logged, allowing statistics to be reported using the clients command in <application>chronyc</application>.
</para>
</listitem>
</varlistentry>
@@ -362,7 +361,7 @@ This directive, which takes no arguments, specifies that client accesses are not
<term>reselectdist</term>
<listitem>
<para>
- When <systemitem class="daemon">chronyd</systemitem> selects synchronisation source from available sources, it will prefer the one with minimum synchronization distance. However, to avoid frequent reselecting when there are sources with similar distance, a fixed distance is added to the distance for sources that are currently not selected. This can be set with the <option>reselectdist</option> option. By default, the distance is 100 microseconds.</para>
+ When <systemitem class="daemon">chronyd</systemitem> selects synchronization source from available sources, it will prefer the one with minimum synchronization distance. However, to avoid frequent reselecting when there are sources with similar distance, a fixed distance is added to the distance for sources that are currently not selected. This can be set with the <option>reselectdist</option> option. By default, the distance is 100 microseconds.</para>
<para>
The format of the syntax is:
<screen>reselectdist <replaceable>dist-in-seconds</replaceable></screen>
@@ -374,11 +373,11 @@ The format of the syntax is:
<term>stratumweight</term>
<listitem>
<para>
- The <command>stratumweight</command> directive sets how much distance should be added per stratum to the synchronisation distance when <systemitem class="daemon">chronyd</systemitem> selects the synchronisation source from available sources.</para>
+ The <command>stratumweight</command> directive sets how much distance should be added per stratum to the synchronisation distance when <systemitem class="daemon">chronyd</systemitem> selects the synchronization source from available sources.</para>
<para>
The format of the syntax is:
<screen>stratumweight <replaceable>dist-in-seconds</replaceable></screen>
-By default, <replaceable>dist-in-seconds</replaceable> is 1 second. This usually means that sources with lower stratum will be preferred to sources with higher stratum even when their distance is significantly worse. Setting <command>stratumweight</command> to 0 makes <systemitem class="daemon">chronyd</systemitem> ignore stratum when selecting the source.
+By default, <replaceable>dist-in-seconds</replaceable> is 1 second. This usually means that sources with lower stratum will be preferred to sources with higher stratum even when their distance is significantly worse. Setting <command>stratumweight</command> to 0 makes <systemitem class="daemon">chronyd</systemitem> ignore stratum when selecting the source.
</para>
</listitem>
</varlistentry>
@@ -393,9 +392,7 @@ The format of the syntax is:
<screen>rtcfile /var/lib/chrony/rtc</screen>
-<systemitem class="daemon">chronyd</systemitem> saves information in this file when it exits and when the writertc command is issued in <application>chronyc</application>. The information saved is the RTC’s error at some epoch, that epoch (in seconds since January 1 1970), and the rate at which the RTC gains or loses time.
-
-Not all real-time clocks are supported as their code system-specific.
+<systemitem class="daemon">chronyd</systemitem> saves information in this file when it exits and when the <command>writertc</command> command is issued in <application>chronyc</application>. The information saved is the RTC’s error at some epoch, that epoch (in seconds since January 1 1970), and the rate at which the RTC gains or loses time. Not all real-time clocks are supported as their code is system-specific. Note that if this directive is used then real-time clock should not be manually adjusted as this would interfere with <application>chrony</application>'s need to measure the rate at which the real-time clock drifts if it was adjusted at random intervals.
</para>
</listitem>
</varlistentry>
@@ -513,7 +510,7 @@ chronyc> <command>password HEX:A6CFC50C9C93AB6E5A19754C246242FC5471BCDF</command
<para>
To install <application>chrony</application>, run the following command as root:
<screen>~]# <command>yum install chrony -y</command></screen>
- The default installation directory is <filename>/usr/local/sbin/</filename>
+ The default installation directory is <filename>/usr/local/sbin/</filename>.
</para>
</section>
@@ -562,7 +559,7 @@ chronyd.service - NTP client/server
<title>Checking chrony Tracking</title>
<para>
- To check chrony tracking, issue the following command:
+ To check <application>chrony</application> tracking, issue the following command:
<screen>~]$ <command>chronyc tracking</command>
Reference ID : 1.2.3.4 (a.b.c)
Stratum : 3
@@ -585,7 +582,7 @@ Leap status : Normal
<term>Reference ID</term>
<listitem>
<para>
- This is the refid and name (or IP address) if available, of the server to which the computer is currently synchronised. If this is 127.127.1.1 it means the computer is not synchronised to any external source and that you have the ‘local’ mode operating (via the local command in chronyc (see section local), or the <command>local</command> directive in the ‘/etc/chrony.conf’ file (see section local)). </para>
+ This is the reference ID and name (or IP address) if available, of the server to which the computer is currently synchronized. If this is <systemitem class="ipaddress">>127.127.1.1</systemitem it means the computer is not synchronized to any external source and that you have the <quote>local</quote> mode operating (via the local command in <application>chronyc</application>, or the <command>local</command> directive in the <filename>/etc/chrony.conf</filename> file (see section <command>local</command>)).</para>
</listitem>
</varlistentry>
@@ -593,7 +590,7 @@ Leap status : Normal
<term>Stratum</term>
<listitem>
<para>
- The stratum indicates how many hops away from a computer with an attached reference clock we are. Such a computer is a stratum-1 computer, so the computer in the example is two hops away (i.e. a.b.c is a stratum-2 and is synchronised from a stratum-1).</para>
+ The stratum indicates how many hops away from a computer with an attached reference clock we are. Such a computer is a stratum-1 computer, so the computer in the example is two hops away (that is to say, a.b.c is a stratum-2 and is synchronized from a stratum-1).</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -607,7 +604,7 @@ Leap status : Normal
<term>System time</term>
<listitem>
<para>
- In normal operation, <systemitem class="daemon">chronyd</systemitem> never steps the system clock, because any jump in the timescale can have adverse consequences for certain application programs. Instead, any error in the system clock is corrected by slightly speeding up or slowing down the system clock until the error has been removed, and then returning to the system clock’s normal speed. A consequence of this is that there will be a period when the system clock (as read by other programs using the gettimeofday() system call, or by the date command in the shell) will be different from chronyd's estimate of the current true time (which it reports to <systemitem class="protocol">NTP</systemitem> clients when it is operating in server mode). The value reported on this line is the difference due to this effect.</para>
+ In normal operation, <systemitem class="daemon">chronyd</systemitem> never steps the system clock, because any jump in the timescale can have adverse consequences for certain application programs. Instead, any error in the system clock is corrected by slightly speeding up or slowing down the system clock until the error has been removed, and then returning to the system clock’s normal speed. A consequence of this is that there will be a period when the system clock (as read by other programs using the <function>gettimeofday()</function> system call, or by the date command in the shell) will be different from <systemitem class="daemon">chronyd</systemitem>'s estimate of the current true time (which it reports to <systemitem class="protocol">NTP</systemitem> clients when it is operating in server mode). The value reported on this line is the difference due to this effect.</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -628,16 +625,16 @@ Leap status : Normal
<term>Frequency</term>
<listitem>
<para>
- The ‘frequency’ is the rate by which the system’s clock would be would be wrong if <systemitem class="daemon">chronyd</systemitem> was not correcting it. It is expressed in ppm (parts per million). For example, a value of 1ppm would mean that when the system’s clock thinks it has advanced 1 second, it has actually advanced by 1.000001 seconds relative to true time. </para>
+ The <quote>frequency</quote> is the rate by which the system’s clock would be would be wrong if <systemitem class="daemon">chronyd</systemitem> was not correcting it. It is expressed in ppm (parts per million). For example, a value of 1ppm would mean that when the system’s clock thinks it has advanced 1 second, it has actually advanced by 1.000001 seconds relative to true time.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Residual freq</term>
<listitem>
<para>
- This shows the ‘residual frequency’ for the currently selected reference source. This reflects any difference between what the measurements from the reference source indicate the frequency should be and the frequency currently being used.
+ This shows the <quote>residual frequency</quote> for the currently selected reference source. This reflects any difference between what the measurements from the reference source indicate the frequency should be and the frequency currently being used.
- The reason this is not always zero is that a smoothing procedure is applied to the frequency. Each time a measurement from the reference source is obtained and a new residual frequency computed, the estimated accuracy of this residual is compared with the estimated accuracy (see ‘skew’ next) of the existing frequency value. A weighted average is computed for the new frequency, with weights depending on these accuracies. If the measurements from the reference source follow a consistent trend, the residual will be driven to zero over time.
+ The reason this is not always zero is that a smoothing procedure is applied to the frequency. Each time a measurement from the reference source is obtained and a new residual frequency computed, the estimated accuracy of this residual is compared with the estimated accuracy (see <option>skew</option> next) of the existing frequency value. A weighted average is computed for the new frequency, with weights depending on these accuracies. If the measurements from the reference source follow a consistent trend, the residual will be driven to zero over time.
</para>
</listitem>
</varlistentry>
@@ -645,14 +642,14 @@ Leap status : Normal
<term>Skew</term>
<listitem>
<para>
- This is the estimated error bound on the frequency. </para>
+ This is the estimated error bound on the frequency.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Root delay</term>
<listitem>
<para>
- This is the total of the network path delays to the stratum-1 computer from which the computer is ultimately synchronised.
+ This is the total of the network path delays to the stratum-1 computer from which the computer is ultimately synchronized.
In certain extreme situations, this value can be negative. (This can arise in a symmetric peer arrangement where the computers’ frequencies are not tracking each other and the network delay is very short relative to the turn-around time at each computer.)
</para>
@@ -662,14 +659,14 @@ Leap status : Normal
<term>Root dispersion</term>
<listitem>
<para>
-This is the total dispersion accumulated through all the computers back to the stratum-1 computer from which the computer is ultimately synchronised. Dispersion is due to system clock resolution, statistical measurement variations etc. </para>
+This is the total dispersion accumulated through all the computers back to the stratum-1 computer from which the computer is ultimately synchronized. Dispersion is due to system clock resolution, statistical measurement variations etc.</para>
</listitem>
</varlistentry>
<varlistentry>
<term> Leap status</term>
<listitem>
<para>
- This is the leap status, which can be Normal, Insert second, Delete second or Not synchronised.
+ This is the leap status, which can be Normal, Insert second, Delete second or Not synchronized.
</para>
</listitem>
</varlistentry>
@@ -681,7 +678,7 @@ This is the total dispersion accumulated through all the computers back to the s
<para>
The sources command displays information about the current time sources that <systemitem class="daemon">chronyd</systemitem> is accessing.
-The optional argument -v can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
+The optional argument -v can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
<screen>~]$ <command>chronyc sources</command>
210 Number of sources = 3
MS Name/IP address Stratum Poll Reach LastRx Last sample
@@ -697,7 +694,7 @@ The columns are as follows:
<term>M</term>
<listitem>
<para>
-This indicates the mode of the source. ^ means a server, = means a peer and # indicates a locally connected reference clock.
+This indicates the mode of the source. <literal>^</literal> means a server, <literal>=</literal> means a peer and <literal>#</literal> indicates a locally connected reference clock.
</para>
</listitem>
</varlistentry>
@@ -705,15 +702,15 @@ This indicates the mode of the source. ^ means a server, = means a peer and # in
<term>S</term>
<listitem>
<para>
-This column indicates the state of the sources. * indicates the source to which <systemitem class="daemon">chronyd</systemitem> is current synchronised. + indicates other acceptable sources. ? indicates sources to which connectivity has been lost. x indicates a clock which <systemitem class="daemon">chronyd</systemitem> thinks is is a falseticker (i.e. its time is inconsistent with a majority of other sources). ~ indicates a source whose time appears to have too much variability. The ~ condition is also shown at start-up, until at least 3 samples have been gathered from it.
- </para>
+This column indicates the state of the sources. <quote>*</quote> indicates the source to which <systemitem class="daemon">chronyd</systemitem> is currently synchronized. <quote>+</quote> indicates acceptable sources which are combined with the selected source. <quote>-</quote> indicates acceptable sources which are excluded by the combining algorithm. <quote>?</quote> indicates sources to which connectivity has been lost or whose packets do not pass all tests. <quote>x</quote> indicates a clock which <systemitem class="daemon">chronyd</systemitem> thinks is is a falseticker (that is to say, its time is inconsistent with a majority of other sources). <quote>~</quote> indicates a source whose time appears to have too much
+ variability. The <quote>?</quote> condition is also shown at start-up, until at least 3 samples have been gathered from it.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Name/IP address</term>
<listitem>
<para>
-This shows the name or the IP address of the source, or refid for reference clocks.
+This shows the name or the IP address of the source, or reference ID for reference clocks.
</para>
</listitem>
</varlistentry>
@@ -721,7 +718,7 @@ This shows the name or the IP address of the source, or refid for reference cloc
<term>Stratum</term>
<listitem>
<para>
-This shows the stratum of the source, as reported in its most recently received sample. Stratum 1 indicates a computer with a locally attached reference clock. A computer that is synchronised to a stratum 1 computer is at stratum 2. A computer that is synchronised to a stratum 2 computer is at stratum 3, and so on.
+This shows the stratum of the source, as reported in its most recently received sample. Stratum 1 indicates a computer with a locally attached reference clock. A computer that is synchronized to a stratum 1 computer is at stratum 2. A computer that is synchronized to a stratum 2 computer is at stratum 3, and so on.
</para>
</listitem>
</varlistentry>
@@ -747,7 +744,7 @@ This shows the stratum of the source, as reported in its most recently received
<term>LastRx</term>
<listitem>
<para>
- This column shows how long ago the last sample was received from the source. This is normally in seconds. The letters m, h, d or y indicate minutes, hours, days or years. A value of 10 years indicates there were no samples received from this source yet.
+ This column shows how long ago the last sample was received from the source. This is normally in seconds. The letters <literal>m</literal>, <literal>h</literal>, <literal>d</literal> or <literal>y</literal> indicate minutes, hours, days or years. A value of 10 years indicates there were no samples received from this source yet.
</para>
</listitem>
</varlistentry>
@@ -769,7 +766,7 @@ This shows the stratum of the source, as reported in its most recently received
<para>
The <command>sourcestats</command> command displays information about the drift rate and offset estimation process for each of the sources currently being examined by <systemitem class="daemon">chronyd</systemitem>.
-The optional argument <option>-v</option> can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
+The optional argument <option>-v</option> can be specified, meaning verbose. In this case, extra caption lines are shown as a reminder of the meanings of the columns.
<screen>~]$ <command>chronyc sourcestats</command>
@@ -786,7 +783,7 @@ The columns are as follows:
<term>Name/IP address</term>
<listitem>
<para>
-This is the name or IP address of the <systemitem class="protocol">NTP</systemitem> server (or peer) or refid of the refclock to which the rest of the line relates.
+This is the name or IP address of the <systemitem class="protocol">NTP</systemitem> server (or peer) or reference ID of the reference clock to which the rest of the line relates.
</para>
</listitem>
</varlistentry>
@@ -818,7 +815,7 @@ This is the number of runs of residuals having the same sign following the last
<term>Frequency</term>
<listitem>
<para>
- This is the estimated residual frequency for the server, in parts per million. In this case, the computer’s clock is estimated to be running 1 part in 10**9 slow relative to the server.
+ This is the estimated residual frequency for the server, in parts per million. In this case, the computer’s clock is estimated to be running 1 part in <inlineequation><mathphrase>10<superscript>9</superscript></mathphrase></inlineequation> slow relative to the server.
</para>
</listitem>
</varlistentry>
@@ -955,7 +952,7 @@ commandkey 24
local stratum 10
initstepslew 20 master
allow 192.0.2.123</screen>
-Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of the master, and <systemitem class="systemname">master</systemitem> is the host name of the master. These clinet will resynchronize the master if it restarts.
+Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of the master, and <systemitem class="systemname">master</systemitem> is the host name of the master. These client will resynchronize the master if it restarts.
</para>
<para>
@@ -969,8 +966,8 @@ Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of t
<title>Using chronyc</title>
-<section id="sect-Using_chronyc_chronyc_to_control_cronyd">
- <title>Using chronyc to Control cronyd</title>
+<section id="sect-Using_chronyc_chronyc_to_control_chronyd">
+ <title>Using chronyc to Control chronyd</title>
<para>
To make changes using the command line utility <application>chronyc</application> in interactive mode, enter the following command as root:
<screen>~]# <command>chronyc</command></screen>
@@ -978,7 +975,7 @@ Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of t
</para>
<para>
The <application>chronyc</application> command prompt will be displayed as follows:</para>
- <screen>/chronyc></screen>
+ <screen>chronyc></screen>
<para>
You can type <command>help</command> to list all of the commands.
</para>
@@ -1012,7 +1009,7 @@ From the remote systems, the system administrator can issue commands after first
</para>
<para>
- The password or hash associated with the command key for a remote system is best obtained by <systemitem class="protocol">SSH</systemitem>. That is to say, an <systemitem class="protocol">SSH</systemitem> connection should be established to the remote machine and the ID of the command key from <filename>/etc/chrony.conf</filename> and the command key in <filename>/etc/chrony.keys</filename> memorised or stored securly for the duration of the session.
+ The password or hash associated with the command key for a remote system is best obtained by <systemitem class="protocol">SSH</systemitem>. That is to say, an <systemitem class="protocol">SSH</systemitem> connection should be established to the remote machine and the ID of the command key from <filename>/etc/chrony.conf</filename> and the command key in <filename>/etc/chrony.keys</filename> memorized or stored securely for the duration of the session.
</para>
</section>
@@ -1061,7 +1058,7 @@ From the remote systems, the system administrator can issue commands after first
</listitem>
<listitem>
<para>
- <filename>/usr/share/doc/chrony*/chrony.txt</filename> — User guide for the <application>chrony</application> suite.
+ <filename>/usr/share/doc/chrony*/chrony.txt</filename> — User guide for the <application>chrony</application> suite.
</para>
</listitem>
</itemizedlist>
10 years, 10 months
- 1
- 0
[system-administrators-guide] Bug 982485 - 3.3.7 Manually Adjusting the System Clock
by stephenw
commit 483f9c7da802ad733370125b836ffde07201cd3d
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Wed Jul 10 09:42:14 2013 +0200
Bug 982485 - 3.3.7 Manually Adjusting the System Clock
en-US/Configuring_NTP_using_the_Chrony_suite.xml | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
---
diff --git a/en-US/Configuring_NTP_using_the_Chrony_suite.xml b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
index c681c56..0b5f552 100644
--- a/en-US/Configuring_NTP_using_the_Chrony_suite.xml
+++ b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
@@ -851,16 +851,16 @@ This is the estimated error bounds on Freq (again in parts per million).
</section>
</section>
-<section id="sect-Adjusting-the-System_Clock">
- <title>Manualy Adjusting the System Clock</title>
+<section id="sect-Manually_Adjusting-the-System_Clock">
+ <title>Manually Adjusting the System Clock</title>
<para>
To update, or step, the system clock immediately, bypassing any adjustments in progress by slewing the clock, issue the following commands as root:
<screen>~]# <command>chronyc</command>
- chrony> <command>password</command>
+ chrony> <command>password</command> <replaceable>commandkey-password</replaceable>
200 OK
chrony> <command>makestep</command>
- 200 OK</screen>
-
+ 200 OK</screen>
+Where <replaceable>commandkey-password</replaceable> is the command key or password stored in the key file.
</para>
<para>
The real-time clock should not be manually adjusted if the <command>rtcfile</command> directive is used as this would interfere with <application>chrony</application>'s need to measure the rate at which the real-time clock drifts if it was adjusted at random intervals.</para>
10 years, 10 months
- 1
- 0
[system-administrators-guide] Correcting description, "real-time clock should not be manually adjusted..." SME says no need to men
by stephenw
commit 87acdecb80de160af6256bdf0a67856fa635bbad
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Wed Jul 10 09:33:10 2013 +0200
Correcting description, "real-time clock should not be manually adjusted..."
SME says no need to mention OS and explain this is related to use of rtcfile
en-US/Configuring_NTP_using_the_Chrony_suite.xml | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
---
diff --git a/en-US/Configuring_NTP_using_the_Chrony_suite.xml b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
index b8ab28e..c681c56 100644
--- a/en-US/Configuring_NTP_using_the_Chrony_suite.xml
+++ b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
@@ -863,8 +863,7 @@ This is the estimated error bounds on Freq (again in parts per million).
</para>
<para>
- In &MAJOROS;, the real-time clock should not be manually adjusted as this would interfere with <application>chrony</application>'s need to measure the rate at which the real-time clock drifts if it was adjusted at random intervals. By default, the <application>rtcsync</application> directive is present in the <filename>/etc/chrony.conf</filename> file. This will inform the kernel the system clock is kept synchronized and the kernel will update the real-time clock every 11 minutes.
-</para>
+ The real-time clock should not be manually adjusted if the <command>rtcfile</command> directive is used as this would interfere with <application>chrony</application>'s need to measure the rate at which the real-time clock drifts if it was adjusted at random intervals.</para>
</section>
</section>
10 years, 10 months
- 1
- 0
[system-administrators-guide] Adding explanation of rtcsync directive
by stephenw
commit 834fa56c9faa5a2aad9812ed1950c4a94af95a6d
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Wed Jul 10 09:28:23 2013 +0200
Adding explanation of rtcsync directive
en-US/Configuring_NTP_using_the_Chrony_suite.xml | 8 ++++++++
1 files changed, 8 insertions(+), 0 deletions(-)
---
diff --git a/en-US/Configuring_NTP_using_the_Chrony_suite.xml b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
index ef95a3e..b8ab28e 100644
--- a/en-US/Configuring_NTP_using_the_Chrony_suite.xml
+++ b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
@@ -400,6 +400,14 @@ Not all real-time clocks are supported as their code system-specific.
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>rtcsync</term>
+ <listitem>
+ <para>
+ The <command>rtcsync</command> directive is present in the <filename>/etc/chrony.conf</filename> file by default. This will inform the kernel the system clock is kept synchronized and the kernel will update the real-time clock every 11 minutes.</para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</para>
</section>
10 years, 10 months
- 1
- 0
[system-administrators-guide] Corrections and clarifications suggested by SME
by stephenw
commit e0495716a00f728ec51c0813019149ff4920078c
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Wed Jul 10 09:28:05 2013 +0200
Corrections and clarifications suggested by SME
en-US/Configuring_NTP_using_the_Chrony_suite.xml | 29 +++++++++-------------
1 files changed, 12 insertions(+), 17 deletions(-)
---
diff --git a/en-US/Configuring_NTP_using_the_Chrony_suite.xml b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
index 1d0a90a..ef95a3e 100644
--- a/en-US/Configuring_NTP_using_the_Chrony_suite.xml
+++ b/en-US/Configuring_NTP_using_the_Chrony_suite.xml
@@ -13,12 +13,12 @@
The user space daemon updates the system clock running in the kernel. The system clock can keep time by using various clock sources. Usually, the <firstterm>Time Stamp Counter</firstterm> (<acronym>TSC</acronym>) is used. The TSC is a CPU register which counts the number of cycles since it was last reset. It is very fast, has a high resolution, and there are no interrupts.
</para>
<para>
-There is a choice between the daemons <systemitem class="daemon">ntpd</systemitem> and <systemitem class="daemon">chronyd</systemitem>, which are available from the repos in the <package>ntp</package> and <package>chrony</package> packages respectively. This section describes the use of the <application>chrony</application> suite of utilities to update the daemon on systems that do not fit into the conventional permanently networked, always on, dedicated server category.
+There is a choice between the daemons <systemitem class="daemon">ntpd</systemitem> and <systemitem class="daemon">chronyd</systemitem>, which are available from the repos in the <package>ntp</package> and <package>chrony</package> packages respectively. This section describes the use of the <application>chrony</application> suite of utilities to update the system clock on systems that do not fit into the conventional permanently networked, always on, dedicated server category.
</para>
<section id="sect-Introduction_to_the_chrony_suite">
<title>Introduction to the chrony Suite</title>
<para>
- <application>Chrony</application> consists of <systemitem class="daemon">chronyd</systemitem>, a daemon that runs in user space, and <application>chronyc</application>, a command line program for making adjustments to <systemitem class="daemon">chronyd</systemitem>. Systems which are not permanently connected, or not permanently powered up, take a relatively long time to adjust their system clocks using the <systemitem class="protocol">NTP</systemitem> time protocol. This is because many small corrections are made based on observations of the clocks drift and offset. Temperature changes, which may be significant when powering up a system, affect the stability of hardware clocks. Although adjustments begin within a few milliseconds of booting a system, acceptable accuracy may take anything from ten seconds from a warm restart to a number of hours depending on your requirements, operating environment and hardware. <application>chrony</application> is a different implementat
ion of the <systemitem class="protocol">NTP</systemitem> protocol than <systemitem class="daemon">ntpd</systemitem>, it can adjust the system clock more rapidly.
+ <application>Chrony</application> consists of <systemitem class="daemon">chronyd</systemitem>, a daemon that runs in user space, and <application>chronyc</application>, a command line program for making adjustments to <systemitem class="daemon">chronyd</systemitem>. Systems which are not permanently connected, or not permanently powered up, take a relatively long time to adjust their system clocks with <systemitem class="daemon">ntpd</systemitem>. This is because many small corrections are made based on observations of the clocks drift and offset. Temperature changes, which may be significant when powering up a system, affect the stability of hardware clocks. Although adjustments begin within a few milliseconds of booting a system, acceptable accuracy may take anything from ten seconds from a warm restart to a number of hours depending on your requirements, operating environment and hardware. <application>chrony</application> is a different implementation of the <systemit
em class="protocol">NTP</systemitem> protocol than <systemitem class="daemon">ntpd</systemitem>, it can adjust the system clock more rapidly.
</para>
<section id="sect-differences_between_ntpd_and_chronyd">
@@ -40,7 +40,7 @@ There is a choice between the daemons <systemitem class="daemon">ntpd</systemite
</listitem>
<listitem>
<para>
- <systemitem class="daemon">chronyd</systemitem> can usually synchronise the clock faster and with better accuracy.
+ <systemitem class="daemon">chronyd</systemitem> can usually synchronise the clock faster and with better time accuracy.
</para>
</listitem>
<listitem>
@@ -50,8 +50,7 @@ There is a choice between the daemons <systemitem class="daemon">ntpd</systemite
</listitem>
<listitem>
<para>
- <systemitem class="daemon">chronyd</systemitem> in the default configuration never steps the time, in order not to upset other running programs. <systemitem class="daemon">ntpd</systemitem> can be configured to never
- step the time too, but it has to use a different means of adjusting the clock, which has some disadvantages.
+ <systemitem class="daemon">chronyd</systemitem> in the default configuration never steps the time after the clock has been synchronized at system start, in order not to upset other running programs. <systemitem class="daemon">ntpd</systemitem> can be configured to never step the time too, but it has to use a different means of adjusting the clock, which has some disadvantages.
</para>
</listitem>
<listitem>
@@ -392,7 +391,7 @@ The <command>rtcfile</command> directive defines the name of the file in which <
The format of the syntax is:
-<screen>rtcfile /etc/chrony.rtc</screen>
+<screen>rtcfile /var/lib/chrony/rtc</screen>
<systemitem class="daemon">chronyd</systemitem> saves information in this file when it exits and when the writertc command is issued in <application>chronyc</application>. The information saved is the RTC’s error at some epoch, that epoch (in seconds since January 1 1970), and the rate at which the RTC gains or loses time.
@@ -408,7 +407,7 @@ Not all real-time clocks are supported as their code system-specific.
<section id="sect-Security_with_chronyc">
<title>Security with chronyc</title>
<para>
- As access to <application>chronyc</application> allows changing <systemitem class="daemon">chronyd</systemitem> just as editing the configuration files would, access to <application>chronyc</application> should be limited. Passwords or their hashes can be specified in the key file, to restrict the use of <application>chronyc</application>. One of the entries is used to restrict the use of operational commands and is referred to as the command key. In the default configuration, a random command key is generated automatically on start. It should not be necessary to specify or alter it manually.</para>
+ As access to <application>chronyc</application> allows changing <systemitem class="daemon">chronyd</systemitem> just as editing the configuration files would, access to <application>chronyc</application> should be limited. Passwords can be specified in the key file, written in ASCII or HEX, to restrict the use of <application>chronyc</application>. One of the entries is used to restrict the use of operational commands and is referred to as the command key. In the default configuration, a random command key is generated automatically on start. It should not be necessary to specify or alter it manually.</para>
<para>Other entries in the key file can be used as <systemitem class="protocol">NTP</systemitem> keys to authenticate packets received from remote <systemitem class="protocol">NTP</systemitem> servers or peers. The two sides need to share a key with identical ID, hash type and password in their key file. This requires manually creating the keys and copying them over a secure medium, such as <systemitem class="protocol">SSH</systemitem>. If the key ID was, for example, 10 then the systems that act as clients must have a line in their configuration files in the following format:
<screen>server w.x.y.z key 10
peer w.x.y.z key 10
@@ -433,16 +432,14 @@ peer w.x.y.z key 10
Were <literal>20</literal> is the key ID and <literal>foobar</literal> is the secret authentication key. The default hash is MD5, and ASCII is the default format for the key.
</para>
<para>
- By default, <systemitem class="daemon">chronyd</systemitem> is configured to listen for commands only from <systemitem class="systemname">localhost</systemitem> (<systemitem class="ipaddress">127.0.0.1</systemitem> and <systemitem class="ipaddress">::1</systemitem>). To access <systemitem class="daemon">chronyd</systemitem> remotely with <application>chronyc</application>, any <command>bindcmdaddress</command> directives in the <filename>/etc/chrony.conf</filename> file should be removed to enable listening on all interfaces and the <command>cmdallow</command> directive should be used to allow commands from the remote IP address, network, or subnet. Note that the <command>allow</command> directive is for <systemitem class="protocol">NTP</systemitem> access whereas the <command>cmdallow</command> directive is to enable the receiving of remote commands. It is possible to make these changes temporarily using <application>chronyc</application> running locally. Edit the c
onfiguration file to make persistent changes.
+ By default, <systemitem class="daemon">chronyd</systemitem> is configured to listen for commands only from <systemitem class="systemname">localhost</systemitem> (<systemitem class="ipaddress">127.0.0.1</systemitem> and <systemitem class="ipaddress">::1</systemitem>) on port <literal>323</literal>. To access <systemitem class="daemon">chronyd</systemitem> remotely with <application>chronyc</application>, any <command>bindcmdaddress</command> directives in the <filename>/etc/chrony.conf</filename> file should be removed to enable listening on all interfaces and the <command>cmdallow</command> directive should be used to allow commands from the remote IP address, network, or subnet. In addition, port <literal>323</literal> has to be opened in the firewall in order to connect from a remote system. Note that the <command>allow</command> directive is for <systemitem class="protocol">NTP</systemitem> access whereas the <command>cmdallow</command> directive is to enable the
receiving of remote commands. It is possible to make these changes temporarily using <application>chronyc</application> running locally. Edit the configuration file to make persistent changes.
</para>
<para>
The communication between <application>chronyc</application> and <application>chronyd</application> is done over <systemitem class="protocol">UDP</systemitem>, so it needs to be authorized before issuing operational commands. To authorize, use the <command>authhash</command> and <command>password</command> commands as follows:
<screen>chronyc> <command>authhash SHA1</command>
chronyc> <command>password HEX:A6CFC50C9C93AB6E5A19754C246242FC5471BCDF</command>
200 OK</screen>
- Alternatively, you can use the <application>chrony-helper</application> wrapper, which will do that automatically. For example, to use the <command>reselect</command> command:
- <screen>~]# <command>/usr/libexec/chrony-helper command reselect</command></screen>
- </para>
+ </para>
<para>
Only the following commands can be used without providing a password:
@@ -980,8 +977,8 @@ Where <systemitem class="ipaddress">192.0.2.123</systemitem> is the address of t
</para>
<para>
- The utility can also be invoked in non-interactive command mode if called together with an option as follows:
- <screen>~]# <command>chronyc <replaceable>option</replaceable></command></screen>
+ The utility can also be invoked in non-interactive command mode if called together with a command as follows:
+ <screen>~]# <command>chronyc <replaceable>command</replaceable></command></screen>
</para>
</section>
@@ -994,7 +991,7 @@ Where <replaceable>hostname</replaceable> is the <systemitem class="systemname">
</para>
<para>
To configure <application>chrony</application> to connect to a remote instance of <systemitem class="daemon">chronyd</systemitem> on a non-default port, issue a command as root in the following format:
-<screen>~]# <command>chronyc <option>-p</option> <replaceable>port</replaceable></command></screen>
+<screen>~]# <command>chronyc <option>-h</option> <replaceable>hostname</replaceable> <option>-p</option> <replaceable>port</replaceable></command></screen>
Where <replaceable>port</replaceable> is the port in use for controlling and monitoring by the instance of <systemitem class="daemon">chronyd</systemitem> to be connected to.
</para>
<para>
@@ -1002,11 +999,9 @@ Note that commands issued at the <application>chrony</application> command promp
</para>
<para>
- From the remote systems, the system administrator can issue commands after first using the <command>password</command> command at the <application>chronyc</application> command prompt as follows:
+From the remote systems, the system administrator can issue commands after first using the <command>password</command> command, preceded by the <command>authhash</command> command if the key used a hash different from MD5, at the <application>chronyc</application> command prompt as follows:
<screen>chronyc> <command>password secretpasswordwithnospaces</command>
200 OK</screen>
- Alternatively, the remote system can use the chrony-helper wrapper, which will do that automatically. For example, to use the <command>reselect</command> command:
- <screen>~]# <command>/usr/libexec/chrony-helper command reselect</command></screen>
</para>
<para>
10 years, 10 months
- 1
- 0
[install-guide] Various fixes and enhancements in 3.2. Preparing a USB flash drive as an installation source
by pbokoc
commit c29f055279422984f46b76b6487af6053c95a953
Author: Petr Bokoc <pbokoc(a)redhat.com>
Date: Tue Jul 9 20:46:29 2013 +0200
Various fixes and enhancements in 3.2. Preparing a USB flash drive as an installation source
en-US/Making_USB_media.xml | 68 ++++++++++++++---------------------
en-US/Procedure-dd_Image_to_USB.xml | 14 ++-----
2 files changed, 31 insertions(+), 51 deletions(-)
---
diff --git a/en-US/Making_USB_media.xml b/en-US/Making_USB_media.xml
index 4c91ad5..9f3ab3b 100644
--- a/en-US/Making_USB_media.xml
+++ b/en-US/Making_USB_media.xml
@@ -26,13 +26,13 @@
</para> -->
<section id="Making_USB_Media-Windows">
<title>Making Fedora USB Media on a Windows Operating System</title>
- <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<para>
The most straightforward way to place a Fedora image on USB media using a Windows operating system is to transfer the Fedora live image to the USB device with the <application>LiveUSB Creator</application> tool.
</para>
<para>
Note that the <application>dd</application> tool discussed in <xref linkend="Making_USB_Media-UNIX_Linux"/> is also available for Windows. Follow the instructions in that section to use an implementation of <application>dd</application> for Windows operating systems. The instructions in this section assume that you will use <application>LiveUSB Creator</application>.
- </para>
+ </para>
<procedure>
<step>
<para>
@@ -78,14 +78,14 @@
</para>
<section id="Making_USB_Media-UNIX_Linux-RHEL_Fedora-graphical">
<title>Making Fedora USB Media with a graphical tool</title>
- <xi:include href="Important-Enable_EPEL.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Important-Enable_EPEL.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<procedure>
<step>
<para>
Install the <package>liveusb-creator</package> on your system with your graphical package manager, or the following command:
</para>
-<screen><![CDATA[su -c 'yum -y install liveusb-creator']]></screen>
+<screen><command>su -c 'yum -y install liveusb-creator'</command></screen>
</step>
<step>
<para>
@@ -123,35 +123,34 @@
</section>
<section id="Making_USB_Media-UNIX_Linux-RHEL_Fedora-livecd-tools">
<title>Making Fedora USB Media with <application>livecd-tools</application></title>
- <xi:include href="Important-Enable_EPEL.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Important-Enable_EPEL.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<procedure>
<step>
<para>
Install the <package>livecd-tools</package> package on your system with your graphical package manager, or the following command:
</para>
-<screen><![CDATA[su -c 'yum -y install livecd-tools']]></screen>
+<screen><command>su -c 'yum -y install livecd-tools'</command></screen>
</step>
<step>
<para>
- Plug in your USB media.
+ Plug in your USB flash drive.
</para>
</step>
<step>
<para>
- Find the device name for your USB media. If the media has a volume name, use it to look up the device name in <filename class="directory">/dev/disk/by-label</filename>, or use the <command>findfs</command>:
+ Find the flash drive's device name. If the media has a volume name, use it to look up the device name in <filename class="directory">/dev/disk/by-label</filename>, or use the <command>findfs</command> command:
</para>
-<screen><![CDATA[su -c 'findfs LABEL="]]><replaceable>MyLabel</replaceable><![CDATA["']]></screen>
+<screen><command>findfs LABEL=<replaceable>MyLabel</replaceable></command></screen>
<para>
- If the media does not have a volume name, or you do not know it, consult the <filename>/var/log/messages</filename> log for details:
+ If the media does not have a volume name or you do not know it, you can also use the <command>dmesg</command> command shortly after connecting the media to your computer. After running the command, the device name (such as <systemitem>sdb</systemitem> or <systemitem>sdc</systemitem>) should appear in several lines towards the end of the output.
</para>
-<screen><![CDATA[su -c 'less /var/log/messages']]></screen>
</step>
<step>
<para>
Use the <command>livecd-iso-to-disk</command> command to write the ISO image to the media:
</para>
-<screen><![CDATA[su -c 'livecd-iso-to-disk ]]><replaceable>the_image.iso</replaceable><![CDATA[ /dev/]]><replaceable>sdX1</replaceable><![CDATA[']]></screen>
+<screen><command>su -c 'livecd-iso-to-disk <replaceable>the_image.iso</replaceable>/dev/<replaceable>sdX1</replaceable>'</command></screen>
<para>
Replace <replaceable>sdX1</replaceable> with the device name for the partition on the USB media. Most flash drives and external hard disks use only one partition. If you have changed this behavior or have oddly partitioned media, you may need to consult other sources of help.
</para>
@@ -160,9 +159,9 @@
</section>
<section id="Making_USB_Media-UNIX_Linux-RHEL_Fedora-dd">
<title>Making Fedora USB Media with <application>dd</application></title>
- <xi:include href="DU-Preparing_a_driver_update_disk_ppc_x86-warning-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="DU-livecdtools_recommended-note-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Procedure-dd_Image_to_USB.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="DU-Preparing_a_driver_update_disk_ppc_x86-warning-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="DU-livecdtools_recommended-note-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Procedure-dd_Image_to_USB.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</section>
</section>
<section id="Making_USB_Media-UNIX_Linux-other">
@@ -171,8 +170,8 @@
To create Fedora USB media from a DVD or live image on a computer that uses a Linux distribution other than Fedora and those derived from Fedora, use one of the command-line procedures detailed in this section.
</para>
<section id="Making_USB_Media-UNIX_Linux-other_livecd-tools">
- <title>Making Fedora USB Media with <application>livecd-tools</application></title>
- <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <title>Making Fedora USB Media with <application>livecd-tools</application></title>
+ <xi:include href="Note_Nondestructive_Method.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<para>
This method works only on Linux operating systems.
</para>
@@ -184,18 +183,17 @@
</step>
<step>
<para>
- Plug in your USB media.
+ Plug in your USB flash drive.
</para>
</step>
<step>
<para>
- Find the device name for your USB media. If the media has a volume name, look up the name in <filename class="directory">/dev/disk/by-label</filename>, or use the <command>findfs</command>:
+ Find the flash drive's device name. If the media has a volume name, use it to look up the device name in <filename class="directory">/dev/disk/by-label</filename>, or use the <command>findfs</command> command:
</para>
-<screen><![CDATA[su -c 'findfs LABEL="]]><replaceable>MyLabel</replaceable><![CDATA["']]></screen>
+<screen><command>findfs LABEL=<replaceable>MyLabel</replaceable></command></screen>
<para>
- If the media does not have a volume name, or you do not know it, consult the <filename>/var/log/messages</filename> log for details:
+ If the media does not have a volume name or you do not know it, you can also use the <command>dmesg</command> command shortly after connecting the media to your computer. After running the command, the device name (such as <systemitem>sdb</systemitem> or <systemitem>sdc</systemitem>) should appear in several lines towards the end of the output.
</para>
-<screen><![CDATA[su -c 'less /var/log/messages']]></screen>
</step>
<step>
<para>
@@ -275,25 +273,13 @@
</section>
<section id="Making_USB_Media-UNIX_Linux-other-dd">
<title>Making Fedora USB Media with <application>dd</application></title>
- <xi:include href="DU-Preparing_a_driver_update_disk_ppc_x86-warning-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="DU-livecdtools_recommended-note-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="DU-Preparing_a_driver_update_disk_ppc_x86-warning-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="DU-livecdtools_recommended-note-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<para>
Use this method for the distribution image, the minimal boot media image, or on systems with a UNIX operating system (including Mac OX X).
</para>
-
- <xi:include href="Procedure-dd_Image_to_USB.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
-
- </section>
- </section>
+ <xi:include href="Procedure-dd_Image_to_USB.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ </section>
+ </section>
</section>
-
-
-
-
-
-
-
-
-
-
</section>
diff --git a/en-US/Procedure-dd_Image_to_USB.xml b/en-US/Procedure-dd_Image_to_USB.xml
index 7a13d66..b4b0d54 100644
--- a/en-US/Procedure-dd_Image_to_USB.xml
+++ b/en-US/Procedure-dd_Image_to_USB.xml
@@ -10,28 +10,22 @@
</step>
<step>
<para>
- Find the flash drive's device name. If the media has a volume name, use it to look up the device name in <filename class="directory">/dev/disk/by-label</filename>, or use the <command>findfs</command>:
+ Find the flash drive's device name. If the media has a volume name, use it to look up the device name in <filename class="directory">/dev/disk/by-label</filename>, or use the <command>findfs</command> command:
</para>
-<screen>findfs LABEL=<replaceable>MyLabel</replaceable></screen>
+<screen><command>findfs LABEL=<replaceable>MyLabel</replaceable></command></screen>
<para>
If the media does not have a volume name or you do not know it, you can also use the <command>dmesg</command> command shortly after connecting the media to your computer. After running the command, the device name (such as <systemitem>sdb</systemitem> or <systemitem>sdc</systemitem>) should appear in several lines towards the end of the output.
</para>
</step>
<step>
<para>
- Become root:
- </para>
-<screen><command>su -</command></screen>
- </step>
- <step>
- <para>
Use the <command>dd</command> command to transfer the boot ISO image to the USB device:
</para>
-<screen><command># dd if=<replaceable>path/image_name</replaceable>.iso of=/dev/<replaceable>device</replaceable></command></screen>
+<screen><command>su -c 'dd if=<replaceable>path/image_name</replaceable>.iso of=/dev/<replaceable>device</replaceable>'</command></screen>
<para>
where <replaceable>path/image_name</replaceable>.iso is the boot ISO image file that you downloaded and <filename><replaceable>device</replaceable></filename> is the device name for the USB flash drive. Ensure you specify the device name (such as <systemitem>sdc</systemitem>), not the partition name (such as <systemitem>sdc1</systemitem>). For example:
</para>
-<screen><command># dd if=~/Download/Fedora-&PRODVER;-x86_64-DVD.iso of=/dev/sdc</command></screen>
+<screen><command>su -c 'dd if=~/Download/Fedora-&PRODVER;-x86_64-DVD.iso of=/dev/sdc'</command></screen>
</step>
</procedure>
10 years, 11 months
- 1
- 0
[install-guide] BZ#980796 - Updated procedure 3.2.2.1.3. Making Fedora USB Media with dd to remove unnecessary steps
by pbokoc
commit d881d1643a90911f0ff2ed04fbc71fe1b76c5331
Author: Petr Bokoc <pbokoc(a)redhat.com>
Date: Tue Jul 9 20:20:21 2013 +0200
BZ#980796 - Updated procedure 3.2.2.1.3. Making Fedora USB Media with dd to remove unnecessary steps
en-US/Procedure-dd_Image_to_USB.xml | 75 +++++++++++++---------------------
1 files changed, 29 insertions(+), 46 deletions(-)
---
diff --git a/en-US/Procedure-dd_Image_to_USB.xml b/en-US/Procedure-dd_Image_to_USB.xml
index e809875..7a13d66 100644
--- a/en-US/Procedure-dd_Image_to_USB.xml
+++ b/en-US/Procedure-dd_Image_to_USB.xml
@@ -3,53 +3,36 @@
]>
<procedure>
- <step>
- <para>
- Plug in your USB flash drive.
- </para>
-
- </step>
- <step>
- <para>
- Become root:
- </para>
-
+ <step>
+ <para>
+ Plug in your USB flash drive.
+ </para>
+ </step>
+ <step>
+ <para>
+ Find the flash drive's device name. If the media has a volume name, use it to look up the device name in <filename class="directory">/dev/disk/by-label</filename>, or use the <command>findfs</command>:
+ </para>
+<screen>findfs LABEL=<replaceable>MyLabel</replaceable></screen>
+ <para>
+ If the media does not have a volume name or you do not know it, you can also use the <command>dmesg</command> command shortly after connecting the media to your computer. After running the command, the device name (such as <systemitem>sdb</systemitem> or <systemitem>sdc</systemitem>) should appear in several lines towards the end of the output.
+ </para>
+ </step>
+ <step>
+ <para>
+ Become root:
+ </para>
<screen><command>su -</command></screen>
-
- </step>
- <step>
- <para>
- Your flash drive must have a single partition with a vfat file system. To determine how it is formatted, find the name of this partition and the device itself by running <command>dmesg</command> shortly after connecting the drive. The device name (similar to <filename>/dev/sdc</filename>) and the partition name (similar to <filename>/dev/sdc1</filename>) both appear in several lines towards the end of the output.
- </para>
- </step>
- <step>
- <para>
- Use the partition name to ensure that the file system type of the USB flash drive is vfat.
- </para>
-<screen><command># blkid <replaceable>partition</replaceable></command></screen>
- <para>
- You should now see a message similar to:
-<screen>LABEL="LIVE" UUID="6676-27D3" TYPE="vfat"</screen>
- </para>
- <para>
- If TYPE is anything other than vfat (for example, TYPE="iso9660"), clear the first blocks of the USB flash drive:
- </para>
- <screen><command># dd if=/dev/zero of=<replaceable>partition</replaceable> bs=1M count=100</command></screen>
- </step>
-
- <step>
- <para>
- Use the <command>dd</command> command to transfer the boot ISO image to the USB device:
- </para>
-
-<screen><command># dd if=<replaceable>path/image_name</replaceable>.iso of=<replaceable>device</replaceable></command></screen>
- <para>
- where <replaceable>path/image_name</replaceable>.iso is the boot ISO image file that you downloaded and <filename><replaceable>device</replaceable></filename> is the device name for the USB flash drive. Ensure you specify the device name, not the partition name. For example:
- </para>
-
+ </step>
+ <step>
+ <para>
+ Use the <command>dd</command> command to transfer the boot ISO image to the USB device:
+ </para>
+<screen><command># dd if=<replaceable>path/image_name</replaceable>.iso of=/dev/<replaceable>device</replaceable></command></screen>
+ <para>
+ where <replaceable>path/image_name</replaceable>.iso is the boot ISO image file that you downloaded and <filename><replaceable>device</replaceable></filename> is the device name for the USB flash drive. Ensure you specify the device name (such as <systemitem>sdc</systemitem>), not the partition name (such as <systemitem>sdc1</systemitem>). For example:
+ </para>
<screen><command># dd if=~/Download/Fedora-&PRODVER;-x86_64-DVD.iso of=/dev/sdc</command></screen>
-
- </step>
- </procedure>
+ </step>
+</procedure>
10 years, 11 months
- 1
- 0