F20 Self Contained Change: Remove deprecated calls of using ntpdate in favor of ntpd
Miroslav Lichvar
mlichvar at redhat.com
Wed Jul 17 13:36:40 UTC 2013
On Wed, Jul 17, 2013 at 12:43:41PM +0200, Jaroslav Reznik wrote:
> https://fedoraproject.org/wiki/Changes/ntpdate
>
> Change owner(s): Michael Harris <MikeDawg (at) gmail (dot) com>
> ntpdate is slowly being depricated in favor of ntpd. DoD STIGs now penalize
> for the use of ntpdate on Red Hat Enterprise systems. I would like to
> "modernize" the ntpdate utility to do two things.
>
> First, I would like to get rid of the dependency of ntpdate, in favor of ntpd.
Which dependency exactly do you want to get rid of? The ntpdate
service is disabled by default and AFAIK it needs to enabled manually.
> Second, I would like to add a set time and/or randomized time for ntpd to
> check for time updates (as configured by the user in /etc/sysconfig/ntpdate).
>
> I'm thinking of using ntpd with the -q option to immediately exit the daemon
> after it runs.
Please note that there is an official replacement for ntpdate called
sntp, which is in the sntp subpackage of ntp and it includes a service
similar to ntpdate.
> == Scope ==
> Proposal owners: Need to re-engineer the startup task for ntpdate (
> /etc/init.d/ntpdate, NOT /usr/sbin/ntpdate ); or figure out if this is
> something that is more easily created via a cron job. Format
> /etc/sysconfig/ntpdate to accept additional options, as discussed above.
If you want to have something that calls sntp (or ntpd -q)
periodically, please consider using the systemd timers. It's very
important that the time when the program is executed is not aligned to
any second/minute/hour (as it would be with cron) to avoid flooding
the public NTP servers.
--
Miroslav Lichvar
More information about the devel
mailing list