network time default, f23

Tomasz Torcz tomek at
Mon Aug 31 18:32:17 UTC 2015

On Mon, Aug 31, 2015 at 02:24:39PM -0400, Stephen Gallagher wrote:
> > What it sounds like is FreeIPA by default mistrusts system time,
> > until
> > it checks for the presence and enabled state of ntpd in order to
> > trust
> > system time. Is this some throwback to a time when system time
> > couldn't be trusted?
> > 
> No, FreeIPA provides an NTPD server to its clients as the
> authoritative source. It has nothing to do with trusting system time
> (kind of the opposite; it's asserting that this system's time is so
> authoritative that its clients should use it as the One Truth.

  IMO FreeIPA should be changed to install use chrony as server,
as chrony is default since few Fedora releases. 
> > Separately I'm noticing on atomic cloud (F22), that there is also no
> > network time set. Chrony and ntpd are not installed and
> > systemd-timesyncd.service is disabled.  I'd really hate to think we
> > end up with three completely different ways of syncing time on the
> > three products.
> Yes, I concur that we should try to settle on one. That's kind of why
> I was suggesting timesyncd; it seemed most likely to be present on all
> Editions.
  I'd rather see chrony; it is small and provides full NTP sync.
> BTW, is timesyncd == timedated? Because the FESCo ruling was about
> timedated. If it's just a name-change, fine. But if it's a new
> implementation, we may want a new investigation.

  Those are two different things. Timesyncd is simple SNTP client (plus
time restoration over reboot, for things without RTC).  Timedated
is providing an API + utility to set system timezone and time and to
toggle external time sync.
  There are two implementation of timedated:
 – systemd's on, this only toggles timesyncd as synchronisation mechanism
 – timedatex, which can toggle arbitrary NTP daemon

Tomasz Torcz                Only gods can safely risk perfection,
xmpp: zdzichubg at     it's a dangerous thing for a man.  -- Alia

More information about the server mailing list