Hello, I just emerged ntp and found that the included config template is a bit "minimalistic" as it does not include any access restrictions or hints to configure them at all. So please find attached a suggestion for an updated ntpd.conf template. Thanks. Daniel PS: By the way...trivial but also check the einfo output of the ebuild - or is this meant to stress "RTFM"? ;-) --- Quote --- [...] * Please run etc-update and then read all the comments * all the comments in /etc/ntp.conf and [...] --- /Quote --- Reproducible: Always Steps to Reproduce: 1. 2. 3.
Created attachment 9374 [details] Suggestion for an updated ntp.conf template. Diff: *** /usr/share/ntp/ntp.conf Fri Mar 14 11:43:12 2003 --- ntp.conf Fri Mar 14 11:42:30 2003 *************** *** 19,21 **** --- 19,53 ---- # you should not need to modify the following paths logfile /var/log/ntpd.log driftfile /var/lib/misc/ntp.drift + + + # Warning: Using default NTP settings will leave your NTP + # server accessible to all hosts on the Internet. + + # + # If you want to deny all machines from accessing + # your NTP server, uncomment: + # + #restrict default ignore + + + # To only deny other machines from changing the + # configuration but allow localhost uncomment: + # + #restrict default notrust nomodify + #restrict 127.0.0.1 + + + # To allow machines within your network to synchronize + # their clocks with your server, but ensure they are + # not allowed to configure the server or used as peers + # to synchronize against, uncomment this line. + # + #restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap + + + # To only deny other machines from changing the + # configuration but allow localhost uncomment: + # + #restrict default notrust nomodify + #restrict 127.0.0.1
thanks daniel, will look into this
Another but rather trivial suggestion that just came to my mind, would be to consider adding an example for setting a "prefer" statement to the server part of the configuration when using multiple servers, similar to: #server ntplocal.example.com prefer #server timeserver.example.org Thanks. :-)
changed in portage, thanks Daniel
the extra einfo is a 'rtfm' msg simply because people were not doing so and were filing bugs/complaining on mailing lists + forums i added the einfo so as to quiet them ;)