Difference between revisions of "OpenNTPD"

From ArchWiki
Jump to: navigation, search
(Installation)
(Increasing time shift: remove nonsensical section, was added without reason in 2011)
 
(48 intermediate revisions by 16 users not shown)
Line 1: Line 1:
 
[[Category:Networking]]
 
[[Category:Networking]]
[[Category:Daemons and system services]]
 
 
[[it:OpenNTPD]]
 
[[it:OpenNTPD]]
OpenNTPD (part of the OpenBSD project) is a daemon that can be used to synchronize the system clock to internet time servers using the Network Time Protocol, and can also act as a time server itself if needed.
+
[[ja:OpenNTPD]]
 +
{{Related articles start}}
 +
{{Related|Time}}
 +
{{Related|Network Time Protocol daemon}}
 +
{{Related|systemd-timesyncd}}
 +
{{Related|Chrony}}
 +
{{Related articles end}}
  
{{Warning|''OpenNTPD'' is not currently maintained for Linux (see [http://bbs.archlinux.org/viewtopic.php?id=68627 this thread]): users interested in its functions should better use [[NTPd]].}}
+
[http://www.openntpd.org/ OpenNTPD] (part of the OpenBSD project) is a daemon that can be used to synchronize the system clock to internet time servers using the Network Time Protocol, and can also act as a time server itself if needed. It implements the Simple Network Time Protocol version 4, as described in RFC 5905, and the Network Time Protocol version 3, as described in RFC 1305.
  
 
== Installation ==
 
== Installation ==
[http://www.openntpd.org/ OpenNTPD] can be installed from [community]:
 
  
# pacman -S openntpd
+
[[Install]] the {{Pkg|openntpd}} package.
 +
The default configuration is actually usable if all you want is to sync the time of the local computer.
  
The default configuration is actually usable if all you want is to sync the time of the local computer. For more detailed settings, the {{ic|/etc/ntpd.conf}} file must be edited:
+
== Configuration ==
  
To sync to a particular server, uncomment and edit the "server" directive. You can find the server's URL in your area at [http://www.pool.ntp.org/zone/@ www.pool.ntp.org/zone/@].
+
To configure OpenNTPD, you need to edit {{ic|/etc/ntpd.conf}}. See {{man|5|ntpd.conf|url=http://man.openbsd.org/ntpd.conf}} for all available options.
  
  server ntp.example.org
+
{{Tip|After configuring, check the configuration file for validity by executing:
 +
  $ ntpd -n
 +
}}
  
The "servers" directive works the same as the "server" directive, however, if the DNS name resolves to multiple IP address, ALL of them will be synced to. The default, "pool.ntp.org" is working and should be acceptable in most cases.
+
{{Note|1=[https://marc.info/?l=openbsd-tech&m=142356166731390&w=2 HTTPS constraint feature] is not supported by {{Pkg|openntpd}}, it requires OpenNTPD to be built with LibreSSL. {{Pkg|openntpd}} is built with OpenSSL.}}
  
  pool.ntp.org
+
=== Client ===
 +
 
 +
To sync to a single particular server, uncomment and edit the "server" directive.
 +
 
 +
{{hc|/etc/ntpd.conf|
 +
server ntp.example.org
 +
}}
 +
 
 +
The "servers" directive works the same as the "server" directive, however, if the DNS name resolves to multiple IP address, ALL of them will be synced to. The default, "pool.ntp.org" is working and should be acceptable in most cases. You can find the server's URL in your area at [http://www.pool.ntp.org/zone/@ www.pool.ntp.org/zone/@].
 +
 
 +
{{hc|/etc/ntpd.conf|
 +
servers pool.ntp.org
 +
}}
  
 
Any number of "server" or "servers" directives may be used.
 
Any number of "server" or "servers" directives may be used.
 +
 +
=== Server ===
  
 
If you want the computer you run OpenNTPD on to also be a time server, simply uncomment and edit the "listen" directive.
 
If you want the computer you run OpenNTPD on to also be a time server, simply uncomment and edit the "listen" directive.
Line 27: Line 48:
 
For example:
 
For example:
  
listen on *
+
{{hc|/etc/ntpd.conf|
 +
listen on *
 +
}}
  
 
will listen on all interfaces, and
 
will listen on all interfaces, and
  
listen on 127.0.0.1
+
{{hc|/etc/ntpd.conf|
 +
listen on 127.0.0.1
 +
listen on ::1
 +
}}
  
 
will only listen on the loopback interface.
 
will only listen on the loopback interface.
Line 37: Line 63:
 
Your time server will only begin to serve time after it has synchronized itself to a high resolution. This may take hours, or days, depending on the accuracy of your system.
 
Your time server will only begin to serve time after it has synchronized itself to a high resolution. This may take hours, or days, depending on the accuracy of your system.
  
If you would like to run OpenNTPD at boot, add {{Ic|openntpd}} the DAEMONS variable in your {{ic|/etc/rc.conf}} following your network daemon.
+
== Usage ==
  
DAEMONS=(syslog-ng network '''openntpd''' ...)
+
=== Start OpenNTPD at boot ===
  
If openntpd is being used to set local system time only, it may be safely backgrounded.
+
[[Enable]] {{ic|openntpd.service}}.
  
DAEMONS=(syslog-ng network '''@openntpd''' ...)
+
=== Making openntpd dependent upon network access ===
  
To see the status of NTP syncing, visit {{ic|/var/log/daemon.log}} and look for entries with "ntpd".
+
If you have intermittent network access (you roam around on a laptop, you use dial-up, etc), it does not make sense to have {{Ic|openntpd}} running as a system daemon on start up. Here are a few ways you can control {{Ic|openntpd}} based on the presence of a network connection.
  
OpenNTPD adjusts the clock by small amounts at a time. It is designed this way to prevent sudden, large time fluctuations in your system, which could adversely affect system services (e.g., cron jobs). Thus, it can take some time to correct the time.
+
==== Using NetworkManager dispatcher ====
  
If your clock is off by more than 180 seconds you can try "{{Ic|ntpd -s -d}}" in the console. If ntpd is already running, you can simply restart it with {{Ic|sudo /etc/rc.d/openntpd restart}}, as the Arch openntpd package uses the "-s" flag by default. See {{Ic|man ntpd}} for more info. You can also set the [[Time#Time_Set|system clock]] to as close to possible to the actual time and then let OpenNTPD fine tune the time.
+
OpenNTPD can be brought up/down along with a network connection through the use of [[NetworkManager#Network services with NetworkManager dispatcher|NetworkManager's dispatcher scripts]].
  
=== Enable OpenNTPD through systemd ===
+
Install {{pkg|networkmanager-dispatcher-openntpd}}.
If you are using systemd init instead, you must enable the service related to OpenNTPD as follows:
+
# systemctl enable openntpd
+
Then reboot.
+
  
Alternatively start manually without autostart on boot:
+
==== Using wicd ====
# systemctl start openntpd
+
  
== Making openntpd dependent upon network access ==
+
Create these two scripts and mark them executable using [[chmod]].
If you have intermittent network access (you roam around on a laptop, you use dial-up, etc), it does not make sense to have {{Ic|openntpd}} running as a system daemon on start up. Here are a few ways you can control {{Ic|openntpd}} based on the presence of a network connection. These instructions should also work for {{Ic|ntpd}} found further below. 
+
  
=== Using netcfg ===
+
{{hc|/etc/wicd/scripts/postconnect/openntpd-start.sh|
If you are using netcfg, you can also start/stop openntpd as a POST_UP/PRE_DOWN command in your network profile:
+
#!/bin/sh
 +
systemctl start openntpd.service
 +
}}
  
POST_UP="/etc/rc.d/openntpd start || true"
+
{{hc|/etc/wicd/scripts/predisconnect/openntpd-stop.sh|
PRE_DOWN="/etc/rc.d/openntpd stop || true"
+
#!/bin/sh
 +
systemctl stop openntpd.service
 +
}}
  
Of course, you will have to specify this manually for each network profile.
+
==== Using dhclient hooks ====
  
=== Using NetworkManager dispatcher ===
+
{{Expansion|hook example needed}}
OpenNTPD can be brought up/down along with a network connection through the use of [[NetworkManager#Network Services with NetworkManager Dispatcher|NetworkManager's dispatcher scripts]]. You can install the needed script from [community]:
+
# pacman -S networkmanager-dispatcher-openntpd
+
  
=== Using wicd ===
+
Another possibility is to use dhclient hooks to start and stop openntpd.
These instructions require wicd 1.7.0 or later, which is available in the standard Arch repository.
+
When dhclient detects a change in state it will run the following scripts:
You will also need write access to {{ic|/etc/wicd/scripts}}.
+
  
{{Note|Remember to make these two scripts executable using {{Ic|chmod}} }}
+
* {{ic|/etc/dhclient-enter-hooks}}
 +
* {{ic|/etc/dhclient-exit-hooks}}
  
Make one shell script inside {{ic|/etc/wicd/scripts/postconnect/openntpd-start.sh}} with the following:
+
See {{man|8|dhclient-script|url=}}
<pre>
+
#!/bin/sh
+
/etc/rc.d/openntpd start
+
</pre>
+
 
+
Similarly, make another shell script inside {{ic|/etc/wicd/scripts/predisconnect/openntpd-stop.sh}} with the following:
+
<pre>
+
#!/bin/sh
+
/etc/rc.d/openntpd stop
+
</pre>
+
 
+
=== Using dhclient hooks ===
+
Another possibility is to use dhclient hooks to start and stop openntpd.
+
When dhclient detects a change in state it will run the following scripts:
+
*{{ic|/etc/dhclient-enter-hooks}}
+
*{{ic|/etc/dhclient-exit-hooks}}
+
  
The following example uses {{ic|/etc/dhclient-exit-hooks}} to start and stop openntpd depending on dhcp status:
+
==== Using dhcpcd hooks ====
<pre>
+
[ "$interface" != "eth0" ] && exit 0
+
  
 +
{{hc|/etc/dhcpcd.exit-hook|
 
if $if_up; then
 
if $if_up; then
    pgrep ntpd &> /dev/null || /etc/rc.d/openntpd start
+
systemctl start openntpd.service
 
elif $if_down; then
 
elif $if_down; then
    pgrep ntpd &> /dev/null && /etc/rc.d/openntpd stop
+
systemctl stop openntpd.service
 
fi
 
fi
</pre>
+
}}
  
See dhclient-script(8)
+
See {{man|8|dhcpcd-run-hooks|url=http://roy.marples.name/man/html8/dhcpcd-run-hooks.html}}
  
=== Using dhcpcd hooks ===
+
== Troubleshooting ==
{{ic|/usr/lib/dhcpcd/dhcpcd-hooks/*}}
+
  
See dhcpcd-run-hooks(8)
+
=== Error adjusting time ===
  
==Troubleshooting==
 
===Error adjusting time===
 
 
If you find your time set incorrectly and in log you see:
 
If you find your time set incorrectly and in log you see:
  
Line 124: Line 127:
 
Try:
 
Try:
  
  ntpd -s -d
+
  # ntpd -s -d
  
 
This is also how you would manually sync your system.
 
This is also how you would manually sync your system.
  
===Increasing time shift===
+
== See also ==
Starting ''openntpd'' in the background could lead to synchronization errors between the actual time and the time stored on your computer. If you recognize an increasing time difference between your desktop clock and the actual time, try to start the ''openntpd'' daemon normal and not in the background.
+
 
+
===Initialization Failure===
+
Openntpd may fail to initialize properly if it is started before the network is fully configured. In some cases you may want to remove {{Ic|openntpd}} from the DAEMONS array in {{ic|/etc/rc.conf}} and add the following line to {{ic|/etc/rc.local}}:
+
 
+
(sleep 300 && /etc/rc.d/openntpd start) &
+
{{Note|This method is an alternative to the four methods listed [[#Making openntpd dependent upon network access|above]]. The other three methods are preferred and work better. Use this as a last resort.}}
+
 
+
This will wait 5 minutes before starting openntpd, which should give the system sufficient time to set up the network properly. If your network settings change often, you may also consider restarting the daemon regularly with cron.
+
 
+
==See also==
+
* [[Network Time Protocol daemon]]
+
  
==External links==
 
 
* http://www.openntpd.org
 
* http://www.openntpd.org
 +
* [https://github.com/openntpd-portable/openntpd-portable OpenNTPD Portable]

Latest revision as of 23:53, 2 December 2016

OpenNTPD (part of the OpenBSD project) is a daemon that can be used to synchronize the system clock to internet time servers using the Network Time Protocol, and can also act as a time server itself if needed. It implements the Simple Network Time Protocol version 4, as described in RFC 5905, and the Network Time Protocol version 3, as described in RFC 1305.

Installation

Install the openntpd package. The default configuration is actually usable if all you want is to sync the time of the local computer.

Configuration

To configure OpenNTPD, you need to edit /etc/ntpd.conf. See ntpd.conf(5) for all available options.

Tip: After configuring, check the configuration file for validity by executing:
$ ntpd -n
Note: HTTPS constraint feature is not supported by openntpd, it requires OpenNTPD to be built with LibreSSL. openntpd is built with OpenSSL.

Client

To sync to a single particular server, uncomment and edit the "server" directive.

/etc/ntpd.conf
server ntp.example.org

The "servers" directive works the same as the "server" directive, however, if the DNS name resolves to multiple IP address, ALL of them will be synced to. The default, "pool.ntp.org" is working and should be acceptable in most cases. You can find the server's URL in your area at www.pool.ntp.org/zone/@.

/etc/ntpd.conf
servers pool.ntp.org

Any number of "server" or "servers" directives may be used.

Server

If you want the computer you run OpenNTPD on to also be a time server, simply uncomment and edit the "listen" directive.

For example:

/etc/ntpd.conf
listen on *

will listen on all interfaces, and

/etc/ntpd.conf
listen on 127.0.0.1
listen on ::1

will only listen on the loopback interface.

Your time server will only begin to serve time after it has synchronized itself to a high resolution. This may take hours, or days, depending on the accuracy of your system.

Usage

Start OpenNTPD at boot

Enable openntpd.service.

Making openntpd dependent upon network access

If you have intermittent network access (you roam around on a laptop, you use dial-up, etc), it does not make sense to have openntpd running as a system daemon on start up. Here are a few ways you can control openntpd based on the presence of a network connection.

Using NetworkManager dispatcher

OpenNTPD can be brought up/down along with a network connection through the use of NetworkManager's dispatcher scripts.

Install networkmanager-dispatcher-openntpd.

Using wicd

Create these two scripts and mark them executable using chmod.

/etc/wicd/scripts/postconnect/openntpd-start.sh
#!/bin/sh
systemctl start openntpd.service
/etc/wicd/scripts/predisconnect/openntpd-stop.sh
#!/bin/sh
systemctl stop openntpd.service

Using dhclient hooks

Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: hook example needed (Discuss in Talk:OpenNTPD#)

Another possibility is to use dhclient hooks to start and stop openntpd. When dhclient detects a change in state it will run the following scripts:

  • /etc/dhclient-enter-hooks
  • /etc/dhclient-exit-hooks

See dhclient-script(8)

Using dhcpcd hooks

/etc/dhcpcd.exit-hook
if $if_up; then
	systemctl start openntpd.service
elif $if_down; then
	systemctl stop openntpd.service
fi

See dhcpcd-run-hooks(8)

Troubleshooting

Error adjusting time

If you find your time set incorrectly and in log you see:

openntpd adjtime failed: Invalid argument

Try:

# ntpd -s -d

This is also how you would manually sync your system.

See also