[Bug 583994] Re: Consider replacing ntpdate calls by 'ntpd -g'
A. Denton
aquina at tron-delta.org
Sun Apr 19 16:09:39 UTC 2015
Quote by r0lf: "The NTP code has seen numerous security vulnerabilities
and we have to assume that ntpdate is not receiving the same scrutiny
anymore when compared to NTPd."
Sorry r0lf, but that's laughable. Do you really want people to run a
fully featured (your wording: vulnerable) NTP daemon just to do s.th.
like this (ntpdate -u HOSTNAME >>/var/log/messages 2>&1) one a day
within a "/etc/cron.hourly/ntp"?
Don't get me wrong -- I agree with you on the upstream-part of your
statement, but I disagree when it comes to bloat systems unnecessarily.
Once OS used to be simple, only containing things which their operators
needed. Why force them into running daemons the don't really have demand
for? I think "ntpd -qg" is the only option, although far from perfect.
https://twitter.com/TRONDELTA/status/546138511284658177
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/583994
Title:
Consider replacing ntpdate calls by 'ntpd -g'
Status in NTP:
Invalid
Status in ntp package in Ubuntu:
Confirmed
Status in ubuntu-meta package in Ubuntu:
Triaged
Status in ntp package in Debian:
Unknown
Bug description:
Binary package hint: ntp
Given that 'ntpdate' is being obsoleted upstream [1], we should
replace 'ntpdate' usage by:
* ntpd -qg (if we really want to set the time and exit), or
* ntpd-g (if we want to keep ntpd running)
the '-q' option will set the clock once, and exit; the 'g' allows for
large corrections to the clock, like what is done by 'ntpdate'.
[1] http://www.eecis.udel.edu/~mills/ntp/html/ntpdate.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/583994/+subscriptions
More information about the foundations-bugs
mailing list