On Tue, 2015-04-07 at 14:37 +0200, Miroslav Lichvar wrote:
On Tue, Apr 07, 2015 at 08:18:47AM -0400, Simo Sorce wrote:
> On Tue, 2015-04-07 at 10:01 +0200, Miroslav Lichvar wrote:
> > On Mon, Apr 06, 2015 at 08:08:43PM -0400, Simo Sorce wrote:
> > > Given the domain controller role uses ntpd, shouldn't we rather
> > > that one ?
> > Is that for the MS-SNTP authentication?
> No, we do not make use of that yet (we probably should).
> We used ntpd because it was the only one able to serve as a time server,
> has cronyd gained the ability to be a server itself ?
chronyd can work as an NTP server, but unlike ntpd it's disabled by
default. The allow directive can be used in chrony.conf or at runtime
with "chronyc -a allow" to allow NTP client access.
> > Would there be any interest in adding support for MS-SNTP to chronyd?
> It would probably be a good thing, I know samba has hooks for that on
> the server side at least.
Yes, that's what I meant, support for the samba ntp signd socket. With
chronyd I think the default would be disabled and it would need to be
enabled in chrony.conf when needed.
Maybe chronyd should include files from an /etc/chrony.d directory
where other packages could put their files to enable NTP access, etc?
Yeah a /etc/chrony.d directory where you can drop config files would
probably be nice too. (Hopefully we do not end up dropping conflicting
Simo Sorce * Red Hat, Inc * New York