[pkg-ntp-maintainers] Bug#662770: ntp: should it be a ntp client by default?

Alberto Fuentes alberto.fuentes at qindel.com
Tue Mar 13 09:55:02 UTC 2012


On 06/03/12 18:25, Peter Eisentraut wrote:
> So what do you have in mind?  Change the default configuration, or
> change the wording in the documentation?  In either case, what concrete
> change do you suggest?

I think the bug should go upstream. There should be different ACL from 
clients and to servers, so we can effectively apply restrictions. I dont 
know if this has been discussed before, I dont think im discovering 
anything new.

In case this has been already discussed upstream, i would change the 
defaults to "restrict ignore" in the debian default conf, and change the 
server lines to ips instead of dns names to be able to apply "restrict 
ip" "effectively" (where dns resolve to many ips).

Yes, I think to apply a restrictive conf but still act as a server by 
default when the usual case is to act as a client (as stated by the own 
doc of ntpd[1]) is *THAT* bad.

If anybody can point me to a ntp client that does not make my machine go 
back in time, maybe thats another solution (as i understand it ntpdate 
is deprecated already).


In case this has been discussed already in debian and people think im 
crazy for even proposing that, at least we could state in the README 
that the default conf is of a (very restrictive but still a) server.

I can be more specific about the doc changes if my last resort is my 
only valid point here.

greets!
aL


[1] from ntpd man page:
        -q     Exit the ntpd just after the first time the clock is set. 
  This
behavior mimics that of the ntpdate program, which is to be
               retired.  The -g and -x options can be used with this option.
Note: The kernel  time  discipline  is  disabled  with  this
               option.





More information about the pkg-ntp-maintainers mailing list