This seems to be a misconception. Sorry to send such an email.
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年10月25日 20:39
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: [chrony-users] about nts
On Tue, Oct 25, 2022 at 12:34:01PM +, chengyechun wrote:
> Hi
Hi all:
I am considering using the NTS feature. chronyd can only read unencrypted keys,
and the configuration file does not contain the password option. Is there a
solution to this problem?
Hi all:
Recently, when I was compiling chrony-4.1, I always found that the 099-scfilter
use case failed.
The 099-scfilter case always fails. The failure log is as follows:
099-scfilter Testing system call filter in non-destructive tests:
level -1:
001-minimal
@chrony.tuxfamily.org
主题: Re: [chrony-users] about how to ues the NTS
On Mon, Sep 19, 2022 at 01:57:46AM +, chengyechun wrote:
> Hello all:
> Sorry to bother you again. Can the NTS key and certificate be generated
> only by the certtool? In the official guide and test cases, the certtool is
&g
Hello all:
Sorry to bother you again. Can the NTS key and certificate be generated
only by the certtool? In the official guide and test cases, the certtool is
used. Can the openssl command be used to generate the NTS key and certificate?
How should the NTS server certificate and key be generated? The method in the
test case or other methods show that the certificate is untrusted. Why is this
cause and what command should be used?
-邮件原件-
发件人: chengyechun
发送时间: 2022年9月20日 9:28
收件人: chrony-users@chrony.tuxfamily.org
主题: 答
Thank you very much for your help, I will try certbot
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年9月22日 20:49
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: [chrony-users] about how to ues the NTS
On Thu, Sep 22, 2022 at 12:33:01PM +, chengyechun wrote
DDoS amplification.
Best Regards,
A.Izumi
-Original Message-
From: chengyechun
Sent: Monday, December 19, 2022 9:07 PM
To: chrony-users@chrony.tuxfamily.org
Subject: [chrony-users] 答复: Can we deny non-NTS client?
NTS is applicable to server identity authentication. The existing config
HI all:
In the scenario where multiple clock sources are configured, we encounter some
problems. One IPv4 server and one IPv6 server are the clock source of local
stratum 10. As I mentioned last time, the two servers are generated by
different hosts using network namespaces. The command output
be synchronized?
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年12月5日 16:14
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: [chrony-users] the difference about namespace of ipv4 and ipv6
On Mon, Dec 05, 2022 at 03:47:58AM +, chengyechun wrote:
> MS Name/IP addr
, Dec 05, 2022 at 11:47:59AM +, chengyechun wrote:
> There is no other chrony instance running. My question is that when the IPv4
> server is mixed with the IPv6 server, the client synchronization status is x.
> I use the NTP software to verify the same result. Is this the d
NTS is applicable to server identity authentication. The existing configuration
parameters should not contain the field for rejecting clients that do not
support the NTS function. To prevent attacks, you can limit the IP address or
ntsratelimit.
-邮件原件-
发件人: akihiko.iz...@sony.com
Hi all
Is the IEEE 1588v2 protocol used as the hardware clock source described in the
chrony manual?
If you know the IP addresses of these clients, you can use allow or deny to
control the access rate. However, as far as I know, there should be no
configuration option on the server that controls whether visitors must carry
keys or certificates.
发件人: Elise Atkins
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年11月24日 16:41
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: 答复: [chrony-users] how to get the status of chronyd in namespace
On Thu, Nov 24, 2022 at 08:13:45AM +, chengyechun wrote:
> It takes more than
I'm sorry to bother you again. I'm testing this scenario: One client
corresponds to 1000 servers, and the servers are isolated using namespaces. I
found that it took more than ten minutes for the display to start syncing, is
that normal?
-邮件原件-
发件人: chengyechun
发送时间: 2022年11月23日 16:50
...@redhat.com]
发送时间: 2022年11月24日 16:09
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: [chrony-users] how to get the status of chronyd in namespace
On Thu, Nov 24, 2022 at 07:45:47AM +, chengyechun wrote:
> I'm sorry to bother you again. I'm testing this scenario: One client
> corre
@chrony.tuxfamily.org
主题: Re: [chrony-users] ipV4 and ipV6
On Sat, Nov 26, 2022 at 06:29:55AM +, chengyechun wrote:
> Hi all
> When the chrony works in both IPv4 and IPv6 modes, for example, one client is
> configured with two servers, one server is iPv4 and the other is ipv6, and
> the
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年11月30日 16:38
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: [chrony-users] ipV4 and ipV6
On Wed, Nov 30, 2022 at 02:05:20AM +, chengyechun wrote:
> I'm testing the IPv4 and IPv6 dual-stack mode. That is,
Hi all
When the chrony works in both IPv4 and IPv6 modes, for example, one client is
configured with two servers, one server is iPv4 and the other is ipv6, and the
NTS function is configured. I found that they were able to communicate, but the
time source state was displayed as x, which was a
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年11月28日 16:47
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: [chrony-users] ipV4 and ipV6
On Sat, Nov 26, 2022 at 06:29:55AM +, chengyechun wrote:
> Hi all
> When the chrony works in both IPv4 and IPv6
Can you look at your client configuration and server configuration? I think the
smaller the stratum value, the higher the priority of the clock source,
发件人: MUZZULINI Frank [mailto:frank.muzzul...@frequentis.com]
发送时间: 2022年11月28日 20:52
收件人: chrony-users@chrony.tuxfamily.org
主题: [chrony-users]
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年12月1日 15:59
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: 答复: 答复: [chrony-users] ipV4 and ipV6
On Thu, Dec 01, 2022 at 02:10:42AM +, chengyechun wrote:
> Specifying multiple ip_addresses is valid. I fo
_|___ Advanced Research _| Fax: +1(604)822-5324 UBC,
Vancouver,BC _|_ Program in Cosmology | un...@physics.ubc.ca Canada V6T 1Z1
| and Gravity __|_ www.theory.physics.ubc.ca/
On Mon, 28 Nov 2022, chengyechun wrote:
>
>
> -邮件原件-
> 发件人: Miroslav Lichvar [
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年12月1日 16:25
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: 答复: 答复: 答复: [chrony-users] ipV4 and ipV6
On Thu, Dec 01, 2022 at 08:16:29AM +, chengyechun wrote:
> Yes, I use ntsratelimit to explain this phenome
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年11月30日 17:26
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: 答复: [chrony-users] ipV4 and ipV6
On Wed, Nov 30, 2022 at 08:44:35AM +, chengyechun wrote:
> Do the certificates contain a different n
Hi all
I am using the chronyd service, but I put the service in the namespace for
isolation, and then synchronize other servers. I find that the synchronization
status of the chronyd in the namespace cannot be queried through chronyc. What
can I do?
thank you,it work
程业春 chengyechun
Mobile: +86-13736096892
Email: chengyech...@huawei.com
发件人:Miroslav Lichvar
收件人:chrony-users
时 间:2022-11-23 17:47:39
主 题:Re: 答复: [chrony-users] how to get the status of chronyd in namespace
On Wed, Nov 23, 2022 at 08:50
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年11月23日 16:22
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: [chrony-users] how to get the status of chronyd in namespace
On Wed, Nov 23, 2022 at 03:16:35AM +, chengyechun wrote:
> Hi all
> I am using the c
...@redhat.com]
发送时间: 2022年11月15日 21:35
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: [chrony-users] about drift
On Tue, Nov 15, 2022 at 12:26:14PM +, chengyechun wrote:
> Hi all:
> When I use chrony-4.1 to synchronize time, the configuration is normal.
> However, the response packets are
Yes, this test requires a description document. In addition, during the test, I
find that if the interval of the ntsrefresh parameter is set to a small value,
the NTS function of the client will be abnormal. Therefore, I suggest that the
minimum value be limited in the man manual.
Another
HI all
Yes, this test requires a description document. In addition, during the test, I
find that if the interval of the ntsrefresh parameter is set to a small value,
the NTS function of the client will be abnormal. Therefore, I suggest that the
minimum value be limited in the man manual.
/run/chrony/chronyd.sock
2022-11-11T09:37:03Z util.c:1259:(UTI_OpenFile) Could not open
/var/lib/chrony/10.137.16.177.nts : No such file or directory
发件人: chengyechun
发送时间: 2022年11月11日 17:08
收件人: 'chrony-users@chrony.tuxfamily.org'
主题: about nts-cookies
HI all
Yes, this test requires
I did not read the code carefully. Cookies were saved only when the chronyc
dump and chronyc shutdown commands were executed. I recommend the man manual to
set the minimum value of ntsrefresh. If the value is too small, the NTS
function of the client is unavailable.
发件人: chengyechun
发送时间: 2022
second? I've
just verified it, and it seems that the result is
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2022年11月5日 16:34
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: [chrony-users] about nts
On Fri, Nov 04, 2022 at 10:34:55AM +, chengyechun wrote
-users@chrony.tuxfamily.org
主题: Re: [chrony-users] about nts
On Fri, Nov 04, 2022 at 10:34:55AM +, chengyechun wrote:
> The certificate is correct. The chronyc sources -a -v command indicates that
> the synchronization is successful. However, if you run the date command to
> change t
@chrony.tuxfamily.org
主题: Re: [chrony-users] about nts
On Tue, Oct 25, 2022 at 12:34:01PM +, chengyechun wrote:
> Hi all:
> I am considering using the NTS feature. chronyd can only read unencrypted
> keys, and the configuration file does not contain the password option. Is
> ther
Hi all
I am using chrony4.1 for time synchronization and have enabled the NTS
function. The following is my configuration file:
Client:
driftfile /var/lib/chrony/drift
makestep 1 1
rtcsync
ntsdumpdir /var/lib/chrony
logdir /var/log/chrony
server 9.82.245.237 iburst minpoll 3 maxpoll 3 nts
On Fri, Nov 11, 2022 at 10:04:24AM +, chengyechun wrote:
> I did not read the code carefully. Cookies were saved only when the chronyc
> dump and chronyc shutdown commands were executed. I recommend the man manual
> to set the minimum value of ntsrefresh. If the value is too small
Hi all:
When I use chrony-4.1 to synchronize time, the configuration is normal.
However, the response packets are different. Is it because the value of
/var/lib/chrony/drift is too large? Why is no error displayed in this case? The
status of the server is as follows:
● chronyd.service - NTP
[mailto:mlich...@redhat.com]
发送时间: 2023年3月29日 17:48
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: 答复: [chrony-users] question about chrony-DNS
On Wed, Mar 29, 2023 at 09:35:34AM +, chengyechun wrote:
> 2023-03-29TO9:20:39Z ntp_sources.c:408:(name_resolve_handler)
> ntp.od.safaric
" SELinux blocks resolver access from chronyd, simply disabling it allows you
to test if this is the cause or add an exception. "
On Wed, Mar 29, 2023 at 2:04 AM chengyechun
mailto:chengyech...@huawei.com>> wrote:
HI all:
I'm using chrony-3.2 on linux, and there's a problem simila
-users] question about chrony-DNS
you could check if it is due to SELinux's access restrictions by replacing the
server name with its IP address, then restart the chronyd to see if the issue
is gone.
Frank
On Wed, Mar 29, 2023 at 6:07 PM chengyechun
mailto:chengyech...@huawei.com>>
@chrony.tuxfamily.org
主题: Re: [chrony-users] question about chrony-DNS
Yes, this means the SELinux does not block the chronyd to access the network,
but it does block the chronyd to use resolver(DNS service) to find server's IP
addresses
On Thu, Mar 30, 2023 at 5:44 PM chengyechun
mailto:chengyech
)
ntp.od.safaricom.net resolved to O addrs
-邮件原件-
发件人: Miroslav Lichvar [mailto:mlich...@redhat.com]
发送时间: 2023年3月29日 17:15
收件人: chrony-users@chrony.tuxfamily.org
主题: Re: [chrony-users] question about chrony-DNS
On Wed, Mar 29, 2023 at 09:03:55AM +, chengyechun wrote:
> HI all:
> I'm
HI all:
I'm using chrony-3.2 on linux, and there's a problem similar to the problem in
this link, but when I shut down selinux and manually start the chronyd service
using the /usr/bin/chronyd command, it still doesn't synchronize properly. Did
I miss something?
Hi all
If chronyd is used as the local clock source, ntptime does not seem to work
properly, because of chrony's design or what configuration can control?
The following is the local configuration.
chronyd -p:
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
allow all
local stratum 10
] ntptime returned error 5
On Wed, Jan 03, 2024 at 02:09:31AM +, chengyechun wrote:
> Hi all
> If chronyd is used as the local clock source, ntptime does not seem to work
> properly, because of chrony's design or what configuration can control?
That's expected. chronyd doesn't mark t
: +1(604)822-5324 UBC,
Vancouver,BC _|_ Program in Cosmology | un...@physics.ubc.ca
Canada V6T 1Z1 | and Gravity __|_theory.physics.ubc.ca/
On Wed, 3 Jan 2024, chengyechun wrote:
> [CAUTION: Non-UBC Email]
>
> Hi all
>
> If chronyd is used as the local clock
49 matches
Mail list logo