NTPD and SecureLevel
Harlan Stenn
Harlan.Stenn at pfcs.com
Wed Jun 16 19:13:13 GMT 2004
I think running ntpwait after starting ntpd and before bumping the
securelevel is safer and even better.
Also, be sure to us iburst for each server/peer, and use a driftfile.
This is somewhat discussed at http://twiki.ntp.org . Feel free to make
improvements there.
H
--
> Pavel M. Rebrov wrote:
> > I've installed and configured ntpd daemon and was wondering if it going to
> > work with SecureLevel higher than 1. SecureLevel 2 forbids changing the sys
> tem
> > date and, therefore, ntpdate and rdate won't work.
>
> You will want to "step" the system time at boot before the securelevel is set
> .
> Afterwards, ntpd will use another mechanism to "slew" the system time (the
> adjtime() call) which ought to still be permitted by the securelevel.
>
> --
> -Chuck
>
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
More information about the freebsd-stable
mailing list