On Fri, 11 Nov 2016 17:48:45 -0300, Dererk wrote:
> Usually from the standpoint of some servers that contain timestamp
> operations embedded on them, like databases or things alike, enabling
> -s could possible trigger data corruption, since from one instant to
> the other time change backwards. This is also default behavior from
> openntpd upstream.
>
> Personally I do have set -s on systems I know risks are not taken.
Note that -s only makes large adjustments to the time on startup. In
normal operation, this will occur only when the system boots, before any
databases or other critical processes begin.
I don't see that the upstream default is reasonable, especially when I
see messages like the following in my system log:
Apr 13 00:23:00 test64 ntpd[931]: adjusting local clock by 199.207333s
Apr 13 00:25:39 test64 ntpd[931]: adjusting local clock by 199.127660s
Apr 13 00:29:20 test64 ntpd[931]: adjusting local clock by 199.017683s
Apr 13 00:30:25 test64 ntpd[931]: adjusting local clock by 198.985143s
Apr 13 00:34:12 test64 ntpd[931]: adjusting local clock by 198.871842s
Apr 13 00:37:22 test64 ntpd[931]: adjusting local clock by 198.776466s
Apr 13 00:38:56 test64 ntpd[931]: adjusting local clock by 198.728357s
Apr 13 00:40:36 test64 ntpd[931]: adjusting local clock by 198.679637s
I would argue that the expectation for openntpd in Debian is to work as
a drop-in replacement for ntp, and so should be configured to behave
similarly, even if this differs from the upstream default. That is,
presumably, why the config file lists four Debian NTP pool systems. If
there are data-loss issues that arise with -s, then these should also
arise with -g in ntp---and would have a much bigger impact there, as
that package is many times more popular.
Can -s be made the default in /etc/default/openntpd ?
--Daniel
--
Daniel Richard G. || [email protected]
My ASCII-art .sig got a bad case of Times New Roman.
