NTP - default /etc/ntp.conf

[Sean C. Farley]

On Fri, 5 Jun 2009, Edwin Groothuis wrote:

> After pondering at conf/58595, I came with this text.
>
> The ntpd is not enabled by default, so the fact that the servers
> are commented out should not be an issue.
>
> Any objections against adding it to the tree?

I like it.

I would also add restrict lines to it since ntp defaults to being open 
to all packets.

These would ignore everything except the pools (restricted) and 
localhost (open):
restrict default ignore
restrict pool.ntp.org nomodify nopeer noquery notrap
restrict pool.ntp.org nomodify nopeer noquery notrap
restrict 127.0.0.1
restrict -6 ::1

> Index: etc/ntp.conf
> ===================================================================
> --- etc/ntp.conf	(revision 0)
> +++ etc/ntp.conf	(revision 0)
> @@ -0,0 +1,28 @@
> +#
> +# $FreeBSD$
> +#
> +# Default NTP servers for the FreeBSD operating system.
> +#
> +# Don't forget to enable ntpd in /etc/rc.conf with:
> +# ntpd_enable="YES"
> +#
> +
> +driftfile /var/db/ntpd.drift
> +
> +#
> +# Uncomment the following three lines to sync against three "local"
> +# public NTP servers.
> +#
> +# server pool.ntp.org
> +# server pool.ntp.org
> +# server pool.ntp.org
> +
> +#
> +# If you want to pick yourself which country's public NTP server
> +# you want sync against, comment out the above servers, uncomment
> +# the next ones and replace CC with the country's abbrevation.
> +#
> +# server CC.pool.ntp.org
> +# server CC.pool.ntp.org
> +# server CC.pool.ntp.org
> +#
> Index: etc/Makefile
> ===================================================================
> --- etc/Makefile	(revision 193485)
> +++ etc/Makefile	(working copy)
> @@ -14,7 +14,7 @@
> 	hosts hosts.allow hosts.equiv \
> 	inetd.conf libalias.conf login.access login.conf mac.conf motd \
> 	netconfig network.subr networks newsyslog.conf nsswitch.conf \
> -	phones profile protocols \
> +	ntpd.conf phones profile protocols \

ntpd.conf or ntp.conf?

Sean
-- 
scf at FreeBSD.org