On Fri, Dec 27, 2019 at 11:51:25AM -0800, John Maher wrote: > understanding is that the ClockVM, which is usually sys-net, runs ntp and > and communicates the time to dom0, which communicates the time to all of > the other VMs.
actualy in qubes4 dom0+appvms "fetch" the time from clockvm, though appvms go through dom0 for that (qrpc acl plus an extra check that clockvm is running). (in qubes3 it used to be dom0 pulling from clockvm, then pushing to all appvms, which had the side-effect that a naughty appvm could block/stall the clocksync mechanism for all appvms) > I don't know how sys-net will get network time without ntp running. man systemd-timesyncd > Any suggestions on how to get my clock synced with network time? if your clock is off, check clockvm (sys-net) first, and make sure to get systemd-timesyncd.service working there. once clockvm has a reasonable time, it should filter down to "all" other VMs on its own over the next 6 hours or so. you can speed up the transfer from clockvm to all other vms by running "sudo qvm-sync-clock" in each vm you want to fetch time. note the current resolution for the sync mechanism is just "seconds", which even means it can cause the time to run "backwards" when triggered at the wrong moment. (i have a patchset somewhere to improve this to "low ms" precision, if anyone cares...) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191227204633.GE17393%40priv-mua.
