F20 Self Contained Change: Remove deprecated calls of using ntpdate in favor of ntpd
Jaroslav Reznik
jreznik at redhat.com
Wed Jul 17 10:43:41 UTC 2013
= Proposed Self Contained Change: Remove deprecated calls of using ntpdate in
favor of ntpd =
https://fedoraproject.org/wiki/Changes/ntpdate
Change owner(s): Michael Harris <MikeDawg (at) gmail (dot) com>
ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize
systems that make use of ntpdate. Also documentation from the NSA Hardening
Guidelines as well as CIS Hardening documentation recommends disabling the use
of ntpd as a full-time daemon.
== Detailed description ==
ntpdate is slowly being depricated in favor of ntpd. DoD STIGs now penalize
for the use of ntpdate on Red Hat Enterprise systems. I would like to
"modernize" the ntpdate utility to do two things.
First, I would like to get rid of the dependency of ntpdate, in favor of ntpd.
Second, I would like to add a set time and/or randomized time for ntpd to
check for time updates (as configured by the user in /etc/sysconfig/ntpdate).
I'm thinking of using ntpd with the -q option to immediately exit the daemon
after it runs.
== Scope ==
Proposal owners: Need to re-engineer the startup task for ntpdate (
/etc/init.d/ntpdate, NOT /usr/sbin/ntpdate ); or figure out if this is
something that is more easily created via a cron job. Format
/etc/sysconfig/ntpdate to accept additional options, as discussed above.
Other developers: None
Release engineering: None
Policies and guidelines: None
More information about the devel-announce
mailing list