Summary: in Ubuntu, I'd like to leave ntpdate and its bugs behind, since we don't use it any more.
(I've Bcc'd the Debian NTP Team because it seemed appropriate to stay connected and for them to be aware of this discussion, but I don't expect any action from Debian on this - this is mostly a discussion for Ubuntu. This thread can be followed at https://lists.ubuntu.com/archives/ubuntu-devel/) There are a bunch of outstanding bugs[1][2][3] in the behaviour of the ntpdate package. When Christian merged ntp this cycle[4], he found/wrote fixes for these bugs. He has sent patches to Debian, but they're pushed for time at the moment, so I don't expect these patches to be processed by Debian any time soon[5]. Please note that nothing in this post applies to bugs or maintenance of ntpd itself, just ntpdate. ntpdate is actually deprecated in favour of options to ntpd to run in "ntpdate mode", but that also has no real bearing on my discussion here. The bugs apply when using "ntpdate mode" functionality (single shot, jump time) from the ntpdate package in particular conditions. Various behaviour changes when the ntp package is installed, but the bugs all relate to ntpdate-like behaviour. The bugs would generally remain even if we switch from using ntpdate directly to "ntpd in ntpdate mode". Since we switched to systemd, we use systemd-timesyncd by default if the ntp package (shipping ntpd) isn't installed, and we no longer seed ntpdate*. So nothing ntp gets installed by default†, only systemd-timesyncd to provide a basic time sync service. Users can install the ntp (for ntpd) or ntpdate packages if they wish. This applies to both desktop and server in Xenial. On Precise and Trusty, ntpdate is seeded and thus installed by default, there is no systemd-timesyncd, and users can of course still install ntpd if they wish. From the server perspective, we think that there is almost no circumstance in which a user would want the ntpdate package, since that could cause server time to jump around. Unless a server is mostly offline, we think that systemd-timesyncd or ntpd (in regular, non-jumping mode) make far more sense. Since we seem to be heading away from ntpdate, I don't want to introduce new deltas in Ubuntu relating to ntpdate bugs, unless some other team volunteers to maintain them. I think Christian's patches all look good, but some of them necessarily introduce new configuration directives or otherwise assign extra meaning to them, which could be different to what Debian ends up doing. So this could lead to a maintenance and upgrade path headache if we end up diverging from Debian as a consequence. If we SRU them, then I think there's a risk that the consequent change in behaviour may surprise or regress some users, even though for other users the bugfix is supposed to change that behaviour. For the development release: I asked Christian to drop these fixes from his merge, and to leave it to Debian to pick up his patches in their own time. If consensus from this thread is to introduce deltas, we can of course upload anyway. For the stable releases: Precise and Trusty are still supported, so with ntpdate installed there by default, this does have consequences if we want to SRU these bugfixes. I propose that SRUs are not necessary. Since, going forward, we don't think ntpdate is necessary in most use cases, I propose that affected users on Precise and Trusty just disable ntpdate (it can't easily be removed as it is seeded and ubuntu-minimal depends on it). Where MAAS deploys Precise or Trusty and if MAAS users are affected by ntpdate bugs, I propose that MAAS arranges for ntpdate to be disabled on install via cloud-init. To disable ntpdate, depending on the exact functionality that needs to be disabled (which depends on the bug you're hitting), users can set NTPOPTIONS="-q" in /etc/default/ntpdate (it will still query but not change the system time). Alternatively, /etc/dhcp/dhclient-exit-hooks.d/ntpdate and /etc/network/if-up.d/ntpdate can be disabled, for example by deleting them. Since these are conffiles, modifications should be preserved correctly. If correct ntpdate behaviour in relation to these bugs does really matter to some users, I'd love to hear from them to understand their use cases, and see which team might be appropriate to maintain any additional delta from Debian as might be necessary. In the meantime, I propose to "Won't Fix" these bugs with reference to this thread. Any objections? * dovecot-core recommends ntpdate for some reason; perhaps we should consider dropping this. †though ceph recommends ntp, and mythbuntu-desktop and ubuntu-mate-desktop also pull ntp in. [1] https://launchpad.net/bugs/427775 [2] https://launchpad.net/bugs/1129696 [3] https://launchpad.net/bugs/1206164 [4] https://code.launchpad.net/~paelzer/ubuntu/+source/ntp/+git/ntp/+merge/299122 [5] https://lists.alioth.debian.org/pipermail/pkg-ntp-maintainers/2016-June/004282.html -- ubuntu-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
