Bug#1028149: bookworm: ntp has been replaced by ntpsec

To: Miroslav Lichvar <mlichvar0@gmail.com>, 1028149@bugs.debian.org, 1028149@bugs.debian.org
Subject: Bug#1028149: bookworm: ntp has been replaced by ntpsec
From: Antoine Beaupré <anarcat@debian.org>
Date: Tue, 28 Mar 2023 11:08:41 -0400
Message-id: <[🔎] 877cv029s6.fsf@angela.anarc.at>
Reply-to: Antoine Beaupré <anarcat@debian.org>, 1028149@bugs.debian.org
In-reply-to: <[🔎] ZCFeqLQWsU92hOQ7@localhost>
References: <[🔎] CAJ3BuoQBmMRMuuP+vA_orfT4PL3hRf-EbLMXB3HBd4=Of_tw_A@mail.gmail.com> <167312120217.25599.2536484742966698601.reportbug@fliwatuet.svr02.mucip.net> <[🔎] ZCFeqLQWsU92hOQ7@localhost> <167312120217.25599.2536484742966698601.reportbug@fliwatuet.svr02.mucip.net>

On 2023-03-27 11:15:20, Miroslav Lichvar wrote:
> On Thu, 23 Mar 2023 12:12:04 +0000 Richard Lewis <richard.lewis.debian@googlemail.com> wrote:
>> Presumably the release notes should also say that most people should
>> consider systemd-timesyncd as this is priority:standard (since at
>> least buster, but i dont remember seeing this in release notes then)?
>> - i assume the idea is that if you dont have any special needs beyond
>> "set the clock" should use systemd-timesyncd, And people who need
>> extra features (like running their own ntp server) should install
>> ntpsec / chrony / opennntpd ?
>
> Recommending timesyncd as an NTP client to replace ntpd would not be a
> good idea, especially if you consider the default configuration using
> servers from pool.ntp.org.
>
> The pool is very robust as a whole, but individual servers cannot be
> relied on. They are run by volunteers. Some are well maintained, some
> are not. Occasionally, servers drift away or step to a distant past or
> future, e.g. due to GPS firmware bugs. The pool monitoring system
> detects such servers and quickly removes them from the pool DNS, but
> simple clients like timesyncd cannot recover from that. Once they got
> the address from DNS, they will follow the server for as long as it
> claims to be synchronized, no matter how wrong it is. A full-featured
> NTP client is needed to detect and replace falsetickers. With
> timesyncd the only option is to restart the service when you notice
> the clock is wrong. I've seen many times users complaining about that
> and getting this advice over the years.
>
> timesyncd needs to be configured with a reliable server to work well.
> Canonical maintains their own NTP servers and uses them by default in
> Ubuntu. That makes senses. Debian uses pool.ntp.org, so it should
> recommend a proper NTP client for a reliable service.

It seems to me this should be reported as a bug against the
systemd-timesyncd package, at the very least.

Right now this is completely empty:

https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=systemd-timesyncd;dist=unstable

Now I agree that timesyncd might not be the best default NTP server: my
vote goes for chrony, personnally. But if we're going to object to it,
it should be at least properly documented in that package's bug list...

(To be fair, there *were* bugs reported agains the package before:

https://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=both;dist=unstable;package=systemd-timesyncd

... just not this specific one.)

a.

-- 
Si l'image donne l'illusion de savoir
C'est que l'adage pretend que pour croire,
L'important ne serait que de voir
                        - Lofofora

Reply to:

Follow-Ups:
- Bug#1028149: bookworm: ntp has been replaced by ntpsec
  - From: Miroslav Lichvar <mlichvar0@gmail.com>

References:
- Bug#1028149: bookworm: ntp has been replaced by ntpsec
  - From: Richard Lewis <richard.lewis.debian@googlemail.com>
- Bug#1028149: bookworm: ntp has been replaced by ntpsec
  - From: Miroslav Lichvar <mlichvar0@gmail.com>

Prev by Date: Bug#1033564: pip install changes should be documented
Next by Date: Bug#1033675: release-notes: apt-key improves system security with 3rd party sources
Previous by thread: Bug#1028149: bookworm: ntp has been replaced by ntpsec
Next by thread: Bug#1028149: bookworm: ntp has been replaced by ntpsec
Index(es):
- Date
- Thread