Re: systemd, ntp, kernel and hwclock
Adam Borowski <kilobyte@angband.pl> writes:
> On Tue, Feb 28, 2017 at 10:15:23AM +0100, Daniel Pocock wrote:
>> > But ntpd is also known to have a large amount of code written
>> > without as much regard for security as one would hope. It seems
>> > like an unnecessary risk for most systems.
>>
>>
>> Thanks for that security tip, I'm tempted to get rid of some ntpd
>> instances now
>
> You'd be interested in NTPsec (https://www.ntpsec.org/) then, which is a
> project to review and sanitize ntpd without downsides prevalent in most
> replacements (such as same-week accuracy or no managing clock drift).
>
> Sadly, it's not a part of stretch or even unstable yet:
> https://bugs.debian.org/819806
I don't think there are enough people caring about ntp in Debian (or the
world) to maintain two code bases. And the fork is still young and not
"obviously better" or "clearly the one true path forward".
See also https://lwn.net/Articles/713901/ for more background
information.
IMHO, it's very unfortunate that this fork was created, and I cannot see
anything good coming out of it. It's just wasting developer resources
which could have been used to improve ntp.
Bjørn
Reply to:
- References:
- systemd, ntp, kernel and hwclock
- From: Daniel Pocock <daniel@pocock.pro>
- Re: systemd, ntp, kernel and hwclock
- From: Russ Allbery <rra@debian.org>
- Re: systemd, ntp, kernel and hwclock
- From: Ben Hutchings <ben@decadent.org.uk>
- Re: systemd, ntp, kernel and hwclock
- From: Daniel Pocock <daniel@pocock.pro>
- Re: systemd, ntp, kernel and hwclock
- From: Adam Borowski <kilobyte@angband.pl>