Monday, 15 December 2014

Re: ntp by default on servers in Vivid

On Wed, Oct 22, 2014 at 10:59:24AM -0400, Seth Arnold wrote:
> On Wed, Oct 22, 2014 at 02:51:56PM +0100, Robie Basak wrote:
> Historically, ntpd would refuse to change the system time beyond a small
> amount, so ntpdate was run in the initscripts for ntpd to make sure that
> ntpd could keep things synchronized from then on. Is this still the case?
> is this smallish amount of time configurable?

If -g is specified to ntpd, then it will allow any variance the first
time it sets the time. After that, and always if -g was not specified,
it will exit (thus stop syncing time) if the variance is greater than
1000 seconds. I don't see any mechanism to configure this 1000s even
though the manpage implies to me that it is configurable.

In Debian and Ubuntu, /etc/default/ntp sets the default parameter to
"-g", so it looks like the time will always be fixed regardless of the
variance when the daemon is first run.

> It only makes sense to install ntpd if it will also be configured. Are we
> going to use This may work well enough for "simple" uses,
> but does allow any member of to completely mess up times of
> potentially hundreds of thousands or millions of users.

We're already using when ntpdate is installed and ntp
is not installed (the current default). When ntp is installed manually,
this currently switches to

If we make ntp default and do not seed ntpdate any more (my proposal),
then this will change to using by default in all cases.

According to the default ntp.conf we ship, the decision to use was made by the TB, and I can see your concern was
presented at the time (in LP bug 104525). It seems to me that a decision
on this has already been made and would remain valid if we made NTP
default. If you disagree though, please let me know soon and we can ask
the TB for clarification.

> Will it be easy enough for an organization to override the configuration
> in each of the use cases you've described?

I'll need to address this question separately; thank you for asking it.
You can always override /etc/ntp.conf, but perhaps this should be
pre-seedable or something. There's also code to handle ntp-servers via
DHCP; I should check to see what is active under which use case.