[Gllug] Linux ntp talking to MS Windows
Chris Bell
chrisbell at overview.demon.co.uk
Thu Aug 3 19:13:06 UTC 2006
On Thu 03 Aug, Alain Williams wrote:
>
> On Thu, Aug 03, 2006 at 11:34:01AM +0100, Chris Bell wrote:
> > On Thu 03 Aug, Alain Williams wrote:
> > >
> >
> > > If I go:
> > > ntpdate vega
> > > the time becomes synchronised exactly (and ntpdc confirms this), now is about a da
> y
> > > since I last did this.
> > >
> > > I do notice that Linux ntpd sends out NTPv4 packets and vega replies NTPv3, but th
> e
> > > documentation suggests that this should work. (This I learned from tcpdump).
> > >
> > > I have a feeling that I have done something stupid, npt is normally a no brainer.
> > >
> > > Can anyone point me in the right direction ?
> > >
> >
> > There has been a security privilege issue with ntp trying to modify the
> > hardware clock, while ntpdate may adjust a software offset.
>
> ''security privilege'' -- do you mean SELinux ?
>
> I have switched that to 'permissive' anyway.
>
I gather that ix86 processors separate system commands into groups which
require different privilege settings, and write access to the BIOS as needed
to adjust the internal clock is one of the highest levels. I have not used
RedHat for a while; Debian provides both options but suggests that the safer
alternative is to restrict the allocation of special privileges and use a
system that will modify a software offset instead of the hardware clock.
--
Chris Bell
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list