subject:"how to reload date from ntpd"

Re: how to reload date from ntpd

2021-12-25 Thread Theo de Raadt

ntpd is started early because there are services that work better with
accurate time.  In most cases, ntpd will very quickly build accurate clock,
and those services run better.

In some cases, people build situations which challenge ntpd's fast startup.
Especially broken networks.

Because this can happen, ntpd contains code which kind of retries DNS to IP
translations.

It seems to work for me, in the situations where I build semi-broken networks.

I never delete lines in the stock ntpd.conf.  I only add additional lines.

ue...@danwin1210.de wrote:

> How can I reload date from ntpd after boot?
> And how can I do it automatically after dnscrypt_proxy service started
> Port: dnscrypt-proxy
> fp$ date
> Wed Dec 22 08:10:38 CET 2021
> fp$ doas rcctl restart ntpd
> ntpd(ok)
> ntpd(ok)
> fp$ date
> Wed Dec 22 08:10:48 CET 2021
> 
> I want to reload time from ntpd after dnscrypt_proxy is started because
> it's local DNS server and when it's not started ntpd can't resolve
> hostnames.
> 
> fp$ cat /etc/resolv.conf
> nameserver 127.0.0.1
> 
> fp$ doas rcctl order ntpd dnscrypt_proxy
> rcctl: ntpd is not a pkg script
> fp$ doas rcctl order dnscrypt_proxy ntpd
> rcctl: ntpd is not a pkg script
> 
> 
> fp$ cat /etc/rc.d/dnscrypt_proxy
> #!/bin/ksh
> #
> # $OpenBSD: dnscrypt_proxy.rc,v 1.5 2018/10/16 14:55:02 bket Exp $
> 
> daemon="/usr/local/bin/dnscrypt-proxy"
> daemon_flags="-config /etc/dnscrypt-proxy.toml"
> 
> . /etc/rc.d/rc.subr
> 
> pexp="${daemon}${daemon_flags:+ ${daemon_flags}}.*"
> 
> rc_bg=YES
> rc_reload=NO
> 
> rc_cmd $1
> 
> 
>

Re: how to reload date from ntpd

2021-12-25 Thread Stuart Henderson

On 2021/12/25 08:39, Crystal Kolipe wrote:
> On Sat, Dec 25, 2021 at 11:09:32AM -, Stuart Henderson wrote:
> > On 2021-12-22, ue...@danwin1210.de  wrote:
> > > How can I reload date from ntpd after boot?
> > 
> > rcctl stop ntpd
> > rdate $timeserver
> > rcctl start ntpd
> 
> Note that rdate doesn't support the concept of constraints as
> ntpd does, so it's entirely possible for someone who can observe
> the outgoing request, (to see the random timestamp that we send),
> and spoof a response from the ntp server, to deliberately cause
> your clock to be set incorrectly.

Yes, but on the other hand it does work reliably if the RTC is wrong,
whereas constraints doesn't allow moving the clock backwards.

Re: how to reload date from ntpd

2021-12-25 Thread Crystal Kolipe

On Sat, Dec 25, 2021 at 11:09:32AM -, Stuart Henderson wrote:
> On 2021-12-22, ue...@danwin1210.de  wrote:
> > How can I reload date from ntpd after boot?
> 
> rcctl stop ntpd
> rdate $timeserver
> rcctl start ntpd

Note that rdate doesn't support the concept of constraints as
ntpd does, so it's entirely possible for someone who can observe
the outgoing request, (to see the random timestamp that we send),
and spoof a response from the ntp server, to deliberately cause
your clock to be set incorrectly.

Assuming that ntpd restarts correctly immediately afterwards, the
window of opportunity is very small, but it does introduce a
vulnerability that wouldn't exist using ntpd alone.

Re: how to reload date from ntpd

2021-12-25 Thread Stuart Henderson

On 2021-12-22, ue...@danwin1210.de  wrote:
> How can I reload date from ntpd after boot?

rcctl stop ntpd
rdate $timeserver
rcctl start ntpd

> fp$ doas rcctl order ntpd dnscrypt_proxy
> rcctl: ntpd is not a pkg script

"order" does not work for base system services, they use a fixed order.
You can symlink another name e.g. /etc/rc.d/_ntpd to ntpd, disable ntpd,
and enable _ntpd, then it's not known as a base system service so you
can adjust the order relative to package daemons.

-- 
Please keep replies on the mailing list.

Re: how to reload date from ntpd

2021-12-25 Thread Crystal Kolipe

On Wed, Dec 22, 2021 at 11:42:16AM -, ue...@danwin1210.de wrote:
> I want to reload time from ntpd after dnscrypt_proxy is started because
> it's local DNS server and when it's not started ntpd can't resolve
> hostnames.

Why not just add the literal IP address of a known and trusted ntp server
to ntpd.conf, or add the hostname and IP to your hosts file?  That way
you will have ntpd working even when name resolution is unavailabe.

how to reload date from ntpd

2021-12-24 Thread uesso

How can I reload date from ntpd after boot?
And how can I do it automatically after dnscrypt_proxy service started
Port: dnscrypt-proxy
fp$ date
Wed Dec 22 08:10:38 CET 2021
fp$ doas rcctl restart ntpd
ntpd(ok)
ntpd(ok)
fp$ date
Wed Dec 22 08:10:48 CET 2021

I want to reload time from ntpd after dnscrypt_proxy is started because
it's local DNS server and when it's not started ntpd can't resolve
hostnames.

fp$ cat /etc/resolv.conf
nameserver 127.0.0.1

fp$ doas rcctl order ntpd dnscrypt_proxy
rcctl: ntpd is not a pkg script
fp$ doas rcctl order dnscrypt_proxy ntpd
rcctl: ntpd is not a pkg script


fp$ cat /etc/rc.d/dnscrypt_proxy
#!/bin/ksh
#
# $OpenBSD: dnscrypt_proxy.rc,v 1.5 2018/10/16 14:55:02 bket Exp $

daemon="/usr/local/bin/dnscrypt-proxy"
daemon_flags="-config /etc/dnscrypt-proxy.toml"

. /etc/rc.d/rc.subr

pexp="${daemon}${daemon_flags:+ ${daemon_flags}}.*"

rc_bg=YES
rc_reload=NO

rc_cmd $1

Re: how to reload date from ntpd

Re: how to reload date from ntpd

Re: how to reload date from ntpd

Re: how to reload date from ntpd

Re: how to reload date from ntpd

how to reload date from ntpd

6 matches

Site Navigation

Mail list logo

Footer information