Re: how to reload date from ntpd
ntpd is started early because there are services that work better with accurate time. In most cases, ntpd will very quickly build accurate clock, and those services run better. In some cases, people build situations which challenge ntpd's fast startup. Especially broken networks. Because this can happen, ntpd contains code which kind of retries DNS to IP translations. It seems to work for me, in the situations where I build semi-broken networks. I never delete lines in the stock ntpd.conf. I only add additional lines. ue...@danwin1210.de wrote: > How can I reload date from ntpd after boot? > And how can I do it automatically after dnscrypt_proxy service started > Port: dnscrypt-proxy > fp$ date > Wed Dec 22 08:10:38 CET 2021 > fp$ doas rcctl restart ntpd > ntpd(ok) > ntpd(ok) > fp$ date > Wed Dec 22 08:10:48 CET 2021 > > I want to reload time from ntpd after dnscrypt_proxy is started because > it's local DNS server and when it's not started ntpd can't resolve > hostnames. > > fp$ cat /etc/resolv.conf > nameserver 127.0.0.1 > > fp$ doas rcctl order ntpd dnscrypt_proxy > rcctl: ntpd is not a pkg script > fp$ doas rcctl order dnscrypt_proxy ntpd > rcctl: ntpd is not a pkg script > > > fp$ cat /etc/rc.d/dnscrypt_proxy > #!/bin/ksh > # > # $OpenBSD: dnscrypt_proxy.rc,v 1.5 2018/10/16 14:55:02 bket Exp $ > > daemon="/usr/local/bin/dnscrypt-proxy" > daemon_flags="-config /etc/dnscrypt-proxy.toml" > > . /etc/rc.d/rc.subr > > pexp="${daemon}${daemon_flags:+ ${daemon_flags}}.*" > > rc_bg=YES > rc_reload=NO > > rc_cmd $1 > > >
Re: how to reload date from ntpd
On 2021/12/25 08:39, Crystal Kolipe wrote: > On Sat, Dec 25, 2021 at 11:09:32AM -, Stuart Henderson wrote: > > On 2021-12-22, ue...@danwin1210.de wrote: > > > How can I reload date from ntpd after boot? > > > > rcctl stop ntpd > > rdate $timeserver > > rcctl start ntpd > > Note that rdate doesn't support the concept of constraints as > ntpd does, so it's entirely possible for someone who can observe > the outgoing request, (to see the random timestamp that we send), > and spoof a response from the ntp server, to deliberately cause > your clock to be set incorrectly. Yes, but on the other hand it does work reliably if the RTC is wrong, whereas constraints doesn't allow moving the clock backwards.
Re: how to reload date from ntpd
On Sat, Dec 25, 2021 at 11:09:32AM -, Stuart Henderson wrote: > On 2021-12-22, ue...@danwin1210.de wrote: > > How can I reload date from ntpd after boot? > > rcctl stop ntpd > rdate $timeserver > rcctl start ntpd Note that rdate doesn't support the concept of constraints as ntpd does, so it's entirely possible for someone who can observe the outgoing request, (to see the random timestamp that we send), and spoof a response from the ntp server, to deliberately cause your clock to be set incorrectly. Assuming that ntpd restarts correctly immediately afterwards, the window of opportunity is very small, but it does introduce a vulnerability that wouldn't exist using ntpd alone.
Re: how to reload date from ntpd
On 2021-12-22, ue...@danwin1210.de wrote: > How can I reload date from ntpd after boot? rcctl stop ntpd rdate $timeserver rcctl start ntpd > fp$ doas rcctl order ntpd dnscrypt_proxy > rcctl: ntpd is not a pkg script "order" does not work for base system services, they use a fixed order. You can symlink another name e.g. /etc/rc.d/_ntpd to ntpd, disable ntpd, and enable _ntpd, then it's not known as a base system service so you can adjust the order relative to package daemons. -- Please keep replies on the mailing list.
Re: how to reload date from ntpd
On Wed, Dec 22, 2021 at 11:42:16AM -, ue...@danwin1210.de wrote: > I want to reload time from ntpd after dnscrypt_proxy is started because > it's local DNS server and when it's not started ntpd can't resolve > hostnames. Why not just add the literal IP address of a known and trusted ntp server to ntpd.conf, or add the hostname and IP to your hosts file? That way you will have ntpd working even when name resolution is unavailabe.
how to reload date from ntpd
How can I reload date from ntpd after boot? And how can I do it automatically after dnscrypt_proxy service started Port: dnscrypt-proxy fp$ date Wed Dec 22 08:10:38 CET 2021 fp$ doas rcctl restart ntpd ntpd(ok) ntpd(ok) fp$ date Wed Dec 22 08:10:48 CET 2021 I want to reload time from ntpd after dnscrypt_proxy is started because it's local DNS server and when it's not started ntpd can't resolve hostnames. fp$ cat /etc/resolv.conf nameserver 127.0.0.1 fp$ doas rcctl order ntpd dnscrypt_proxy rcctl: ntpd is not a pkg script fp$ doas rcctl order dnscrypt_proxy ntpd rcctl: ntpd is not a pkg script fp$ cat /etc/rc.d/dnscrypt_proxy #!/bin/ksh # # $OpenBSD: dnscrypt_proxy.rc,v 1.5 2018/10/16 14:55:02 bket Exp $ daemon="/usr/local/bin/dnscrypt-proxy" daemon_flags="-config /etc/dnscrypt-proxy.toml" . /etc/rc.d/rc.subr pexp="${daemon}${daemon_flags:+ ${daemon_flags}}.*" rc_bg=YES rc_reload=NO rc_cmd $1