Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 41827 - ntpd 4.2.0 seems to send out packets with NULL originate etc. timestamps which results in no sync
Summary: ntpd 4.2.0 seems to send out packets with NULL originate etc. timestamps whic...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: x86 Linux
: High blocker (vote)
Assignee: SpanKY
URL:
Whiteboard:
Keywords:
: 59653 (view as bug list)
Depends on:
Blocks:
 
Reported: 2004-02-16 14:09 UTC by soundbastlerlive
Modified: 2007-09-13 10:57 UTC (History)
7 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description soundbastlerlive 2004-02-16 14:09:11 UTC
firstly the droproot doesn't work for me anymore. the conf.d file changed from -u ntp to -U ntp:ntp which it seems to accept, but the server will immedeatly exit without any error in the log etc., without it it will run "fine" (see below) but as root
i upgraded from 4.1.2 to 4.2.0 and noticed that it will continously send packets to the ntp servers (one internal 4.1.2 and 2 external stratum1). it never synced and the ntpdc-peers showed problems like stratum 16, and ever changing poll rate, etc.)
so i captured the traffic with tethereal and found out that the originate timestamp field and the one below in the ethereal gui (i think recieve timestamp) are always NULL, which i think means that syncing could not ever work, because this is what it is about.
i emerged back to 4.1.2 and everything is fine, but i checked 4.2.0 a few times, rebooting, reemerging, etc.

my ntp.conf:

restrict default noquery notrust nomodify
restrict 127.0.0.1
restrict 192.168.128.0 mask 255.255.255.0
fudge 127.127.1.0 stratum 9
server [...] prefer iburst
server [...] iburst
peer 192.168.128.100 iburst burst maxpoll 6
driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp/ntp.log
statsdir /var/log/ntp/stats/
enable auth monitor
logconfig =all
filegen peerstats file peerstats type day enable
filegen loopstats file loopstats type day enable
filegen clockstats file clockstats type day enable

i just removed the server names.

Reproducible: Always
Steps to Reproduce:
1. stop ntpd
2. use the above config with different servers, though i really don't think that matters
3. start e.g. ethereal -T text -w ~/blah.log -R ntp
4. start ntpd, drop-root doesn't work for me here anymore
5. wait until you have like 20 packets, it's ~1-3p/s for me, because it seems to send packets out forever, probably because they are broken
6. kill ntpd
Actual Results:  
7. i'm not 1337 enough to look at it without a gui, so i openend it with the 
ethereal gui
8. expand the ntp part of the packet
9. originate and recieve timestamp (or so) are always NULL

Expected Results:  
well, some valid timestamps of course, with 4.1.2 i have perfectly fine ones

i don't have emerge info ntp for 4.2.0 right now

config is amd athlon xp palomino @ 1666mhz, epox 8rda3+ (nforce2), 2*512mb 
twinmos twister pc3500 ddr ram, nvidia onboard lan, realtek onboard lan, 3c59x 
pci card and 3c2000 gigabit card (sk98lin 6.22)
kernel 2.6.3-rc3-gentoo
etc.etc.
it happens on a similar system (barton @ 2300mhz, same board, 2*512mb corsair, 
same 3c2000 etc.) using the windows binaries and a slightly different config too 
(at least it never works out, couldn't do ethereal there)

i chose "blocker" because it really makes it unusable

sorry if it is a trivial stupidity of myself, but i can't see what's wrong when 
it's fine with 4.1.2

thank you
Comment 1 Alexander Minges 2004-02-17 07:15:02 UTC
Same problem over here. I got ntpd running, but for some reason I had to completely unmerge ntp and after this to emerge it a second time.
Nevertheless I'm not able to sync to any server, either. 
ntpq -p shows stratum 16 for all servers and a jitter of 4000.0.

This might be a problem of ntp-4.2.0, but even old ntp-4.1.2 stopped working for me when I switched from kernel 2.6.1 to 2.6.2 and above.
Comment 2 Doug Goldstein (RETIRED) gentoo-dev 2004-02-18 12:55:29 UTC
I'm having the same problems as the bug reporter. I also noticed that in the /etc/passwd file the line for ntp is as follows.

ntp:x:123:123:added by portage for ntp:/bin/false:/dev/null

That kind of doesn't make sense. the ntp-4.1.2 and ntp-4.2.0 ebuilds both set this.

ntp:x:123:123:added by portage for ntp:/dev/null:/bin/false 

is the correct line.

The line in the ebuild is as follows...

enewuser ntp 123 /bin/false /dev/null ntp

Looks like a flop in params is needed. But this doesn't fix the bug, just addressing a seperate issue.
Comment 3 Angela 2004-02-21 01:18:53 UTC
Same here, it just won't sync, not sure why though. Here's what i get from ntpq-p. This is running on 2.6.3 kernel. So i assume all the 2.6.1-3 have confirmed not working. I don't see any weird error msgs in the log files though.

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 dense.utcc.utor .INIT.          16 u    -  512    0    0.000    0.000 4000.00
 time1.chu.nrc.c .INIT.          16 u    -  512    0    0.000    0.000 4000.00
 doghaus.cns.uto .INIT.          16 u    -  512    0    0.000    0.000 4000.00
 time.nrc.ca     .INIT.          16 u    -  512    0    0.000    0.000 4000.00
*LOCAL(0)        LOCAL(0)         3 l   15   64  377    0.000    0.000   0.001

Best Regards,
Comment 4 Doug Goldstein (RETIRED) gentoo-dev 2004-02-21 01:34:49 UTC
I have gs-sources-2.4.25_pre7-r2 as my kernel. So it's not 2.6.x specific.
Comment 5 SpanKY gentoo-dev 2004-02-21 05:20:33 UTC
so everyone with the problem is running in drop root mode ?

i.e. you all have -u ntp:ntp

what if you run without -u ntp:ntp in conf.d/ntp ? does ntpd still malfunction ?
Comment 6 soundbastlerlive 2004-02-21 08:33:07 UTC
it clearly states that i (including others) cannot even use ntpd in drop-root mode, it will immedeatly quit (MAYBE because of the /etc/passwd oops, i didn't try)

cheers
Comment 7 SpanKY gentoo-dev 2004-02-21 11:59:28 UTC
the wording of the bug report made it sound like 'drop-root is broken because when i use it, it sends out NULL packets'

i'm pretty sure all drop-root issues have been fixed, i just need a rev bump to push out the changes
Comment 8 soundbastlerlive 2004-02-21 12:03:51 UTC
yeah, i admit that, but still, the very first sentence reads:
"firstly the droproot doesn't work for me anymore."

anyways, i want to thank you very much for taking a look at it!
if you need to know anything else, just post it or mail me
Comment 9 SpanKY gentoo-dev 2004-02-26 22:50:43 UTC
could everyone with the problem post `emerge info`
Comment 10 Andreas Vinsander 2004-02-27 05:50:10 UTC
I think I have this problem as well...

Although my ntpd starts and continues to run with droproot, but I can't get it to sync towards an external server. ntpdate can successfully set the time of my server but ntpd is not successfull in syncing it continuosly.

david ntp # ps -ef |grep ntp
ntp      24878     1  0 Feb23 ?        00:00:07 /usr/bin/ntpd -p /var/run/ntpd.pid -u ntp:ntp


david ntp # ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*LOCAL(0)        73.78.73.84      5 l   10   64  377    0.000    0.000   0.001
 c-573470d5.06-2 .RSTR.          16 u    -   64    0    0.000    0.000 4000.00


david ntp # emerge info
Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3_pre20040207-r0, 2.4.22-gentoo-r7)
=================================================================
System uname: 2.4.22-gentoo-r7 i686 AMD Athlon(tm) XP 2200+
Gentoo Base System version 1.4.3.13
distcc 2.12.1 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.3 [enabled]
Autoconf: sys-devel/autoconf-2.59-r3
Automake: sys-devel/automake-1.8.2
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CFLAGS="-march=athlon-xp -O2 -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /var/bind /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-march=athlon-xp -O2 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox"
GENTOO_MIRRORS="http://ds.thn.htu.se/linux/gentoo http://gentoo.linux.no/ http://gentoo.oregonstate.edu/ http://www.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages/arch/athlon-xp"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://portage.ryttargarden/gentoo-portage"
USE="3dnow X alsa apache2 apm arts avi berkdb cdr crypt cups dvd emacs encode esd evms2 fam foomaticdb gdbm gif gphoto2 gpm gtk2 imap imlib java jpeg kde libg++ libwww mad maildir mikmod mmx motif mozilla mpeg ncurses nls oggvorbis opengl oss pam pdflib perl png ppds python qt quicktime readline samba sasl scanner sdl slang spell sse ssl svga tcltk tcpd tiff truetype usb wmf x86 xml2 xmms xv zlib"

Comment 11 Andreas Vinsander 2004-02-27 05:57:35 UTC
Another observation:
Other hosts on my internal net running ntp-4.2.0 is able to sync against the host that is supposed to have contact with some external timesource... (wonder if that was understandable at all... english isn't my native language)
Comment 12 Howard B. Golden 2004-02-27 08:58:54 UTC
SpanKY, here is my emerge info:

Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.2, glibc-2.3.3_pre20040207-r0, 2.6.1-gentoo-r1)
=================================================================
System uname: 2.6.1-gentoo-r1 i686 AMD Athlon(tm) XP 2200+
Gentoo Base System version 1.4.3.13p1
Autoconf: sys-devel/autoconf-2.59-r3
Automake: sys-devel/automake-1.8.2
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CFLAGS="-mcpu=athlon-xp -O2 -pipe"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /etc/tomcat /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-mcpu=athlon-xp -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox usersandbox"
GENTOO_MIRRORS="ftp://mirror.iawnet.sandia.gov/pub/gentoo/ http://gentoo.seren.com/gentoo ftp://csociety-ftp.ecn.purdue.edu/pub/gentoo/"
MAKEOPTS="-j1"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow X Xaw3d acl acpi acpi4linux alsa amd antlr apache2 apm arts artswrappersuid avi berkdb bonobo cdr crypt cups directfb dnd doc droproot dv dvd dvdr encode esd ethereal evo fbcon fbdev foomaticdb foreign-package foreign-sysvinit freetds gb gd gd-external gdbm gif ginac gnome gnomedb gpm gstreamer gtk gtk2 gtkhtml guile imap imlib innodb ipv6 java jikes jpeg junit kde kerberos ldap libg++ libgda libwww mad maildir mbox mdb mikmod mmx motif mozilla moznoirc moznomail mpeg mysql ncurses nls nptl oci8 odbc ofx oggvorbis opengl oss pam parse-clocks pda pdflib perl pg-hier pic plotutils png postgres ppds python qt quicktime radeon readline ruby ruby18 samba sasl sdk sdl slang slp snmp spell ssl svga tcltk tcpd tetex tiff truetype type1 usb wmf wxwindows x86 xml xml2 xmms xv zeo zlib"
Comment 13 Doug Goldstein (RETIRED) gentoo-dev 2004-02-27 09:32:31 UTC
To comment #5: Removing droproot mode makes it not die on start-up. but it still doesn't look to be working correct...

ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 ftp08.apple.com .RSTR.          16 u    -   64    0    0.000    0.000 4000.00

 emerge info
Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3_pre20040207-r0, 2.4.25_pre7-gss-r2)
=================================================================
System uname: 2.4.25_pre7-gss-r2 i686 Mobile Intel(R) Pentium(R) 4 - M CPU 2.40GHz
Gentoo Base System version 1.4.3.13
Autoconf: sys-devel/autoconf-2.59-r3
Automake: sys-devel/automake-1.8.2
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CFLAGS="-march=pentium4 -O3 -pipe -fomit-frame-pointer -fexpensive-optimizations -ffast-math -falign-functions=4 -fforce-addr -funroll-loops -maccumulate-outgoing-args -frerun-loop-opt -fprefetch-loop-arrays -frerun-cse-after-loop -mfpmath=sse"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-march=pentium4 -O3 -pipe -fomit-frame-pointer -fexpensive-optimizations -ffast-math -falign-functions=4 -fforce-addr -funroll-loops -maccumulate-outgoing-args -frerun-loop-opt -fprefetch-loop-arrays -frerun-cse-after-loop -mfpmath=sse"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox"
GENTOO_MIRRORS="http://gentoo.oregonstate.edu http://distro.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync2.us.gentoo.org/gentoo-portage"
USE="X alsa apm avi berkdb cdr crypt cups dvd encode esd foomaticdb footmaticdb gdbm gif gnome gnomedb gpm gstreamer gtk gtk2 imlib ipv6 jpeg libg++ libwww mad mikmod motif mozilla moznocompose moznoirc moznomail mozsvg mpeg mysql ncurses nptl oav oggvorbis opengl oss pam pcmcia pdflib perl pic png pnp ppds python qt quicktime readline samba sdl slang slp smooth spell sse ssl svga tcltk tcpd tiff truetype usb wmf x86 xml2 xmms xv zlib"
Comment 14 soundbastlerlive 2004-02-28 11:06:16 UTC
here's my emerge info:

Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3_pre20040207-r0, 2.6.3-mm4)
=================================================================
System uname: 2.6.3-mm4 i686 AMD Athlon(tm) XP 2000+
Gentoo Base System version 1.4.3.13p1
Autoconf: sys-devel/autoconf-2.59-r3
Automake: sys-devel/automake-1.8.2
ACCEPT_KEYWORDS="x86 ~x86"
ACCEPT_LICENSE=""
ARCH="x86"
AUTOCLEAN="yes"
BASH_ENV="/etc/portage/bashrc"
CC="gcc"
CFLAGS="-march=athlon-xp -O3 -pipe"
CHOST="i686-pc-linux-gnu"
CLASSPATH="/opt/blackdown-jdk-1.4.1/jre/lib/rt.jar:."
CLEAN_DELAY="3"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CVS_RSH="ssh"
CXX="g++"
CXXFLAGS="-march=athlon-xp -O3 -pipe"
DCCC_PATH="/usr/lib/distcc/bin"
DISTCC_DIR="/var/tmp/portage/.distcc"
DISTCC_LOG=""
DISTCC_VERBOSE="0"
DISTDIR="/usr/portage/distfiles"
EDITOR="/bin/nano"
FEATURES="autoaddcvs ccache fixpackages sandbox"
FETCHCOMMAND="/usr/bin/wget -t 2 --passive-ftp -P ${DISTDIR} ${URI}"
GENTOO_MIRRORS="http://gentoo.inode.at/source/"
GLIBC_SSP_CHECKED="1"
GRP_STAGE23_USE="ipv6 pam tcpd readline nls ssl gpm perl python berkdb acl ncurses"
GUILE_LOAD_PATH="/usr/share/guile/1.6"
G_BROKEN_FILENAMES="1"
HOME="/root"
HOSTNAME="fs0"
INFODIR="/usr/share/info"
INFOPATH="/usr/share/info:/usr/share/gcc-data/i686-pc-linux-gnu/3.3/info"
INPUTRC="/etc/inputrc"
JAVAC="/opt/blackdown-jdk-1.4.1/bin/javac"
JAVA_HOME="/opt/blackdown-jdk-1.4.1"
JDK_HOME="/opt/blackdown-jdk-1.4.1"
LESS="-R"
LESSOPEN="|lesspipe.sh %s"
LOGNAME="kiwi128"
LS_COLORS="no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.deb=01;31:*.rpm=01;31:*.jpg=01;35:*.gif=01;35:*.bmp=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.png=01;35:*.mpg=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:"
MAKEOPTS="-j2"
MANPATH="/usr/share/man:/usr/local/share/man:/usr/share/gcc-data/i686-pc-linux-gnu/3.3/man:/opt/blackdown-jdk-1.4.1/man"
NOCOLOR="false"
PAGER="/usr/bin/less"
PATH="/sbin:/bin:/usr/sbin:/usr/bin"
PKGDIR="/usr/portage/packages"
PORTAGE_BINHOST_CHUNKSIZE="3000"
PORTAGE_CACHEDIR="/var/cache/edb/dep/"
PORTAGE_CALLER="emerge"
PORTAGE_GID="250"
PORTAGE_MASTER_PID="12769"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
PRELINK_PATH=""
PRELINK_PATH_MASK=""
PS1="\[\033[01;32m\]\u@\h \[\033[01;35m\]\W \$ \[\033[00m\]"
PWD="/home/kiwi128"
RESUMECOMMAND="/usr/bin/wget -c -t 2 --passive-ftp -P ${DISTDIR} ${URI}"
RPMDIR="/usr/portage/rpm"
RSYNC_RETRIES="1"
RSYNC_TIMEOUT="30"
SHLVL="2"
SSH_AUTH_SOCK="/tmp/ssh-CrYOq11368/agent.11368"
SSH_CLIENT="192.168.128.1 1619 22"
SSH_CONNECTION="192.168.128.1 1619 192.168.128.99 22"
SSH_TTY="/dev/pts/2"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
TERM="xterm"
USE="3dnow aalib acpi acpi4linux adns apache2 apm avi berkdb bonobo cdr chroot crypt cscope dvd dvdr encode fbcon flac foomaticdb gd gdbm gif gpm guile imap imlib innodb java jbig jpeg kerberos libda libg++ libwww mad matroska mbox mcal md5sum mikmod mmx mpeg mysql mysql4 ncurses nls nptl oggvorbis pam pdf pdflib perl php php4 physfs png python quicktime readline samba slang snmp speex spell sse ssl tcpd tiff truetype unicode usb wmf x86 xml xml2 zlib"
USER="kiwi128"
USERLAND="GNU"
USE_EXPAND="VIDEO_CARDS INPUT_DEVICES LINGUAS"
XARGS="xargs -r"
_="/usr/bin/emerge"

this is with a diffrent kernel than originally filed, but i tested on different ones and don't think it's related
Comment 15 Andreas Vinsander 2004-03-02 05:07:27 UTC
Has anybody verified if this is a gentoo only problem or if it is ntp-4.2.0 in general that behaves like this?
Comment 16 soundbastlerlive 2004-03-02 10:12:25 UTC
original post:

"it happens on a similar system (barton @ 2300mhz, same board, 2*512mb corsair, 
same 3c2000 etc.) using the windows binaries and a slightly different config too 
(at least it never works out, couldn't do ethereal there)"
Comment 17 Andreas Vinsander 2004-03-02 22:41:22 UTC
Oups, thnx sblive!

Another thing related to drop-root is permission to write to /etc/ntp.drift, It seems like ntpd is trying to write to /etc/ntp.drift.TEMP once an hour which it isn't allowed to do since /etc is only writable by root. Would it be wise to create /etc/ntp/ owned by 'ntp:ntp' and move ntp.drift. How does dhcpcd handle that when trying to create ntp.conf, is it possible to provide dhcpcd with some config telling it where /etc/ntp/ntp.drift is situated to make it produce a correct /etc/ntp.conf file?
Comment 18 SpanKY gentoo-dev 2004-03-03 02:34:04 UTC
no, you need to update your /etc/ntp.conf to fix the file locations

review /usr/share/ntp/ntp.conf ... it contains the bare min setup to run in drop-root mode
Comment 19 Jani Averbach 2004-03-31 20:18:54 UTC
I had the same problem, and it went away, when I removed
notrust modifier from my restrict settings
Comment 20 Andreas Vinsander 2004-03-31 21:42:36 UTC
I can confirm Jani's findings. I removed 'notrust' from my config files some week ago and it works like a charm.

Could it be that 'notrust' was ignored in previous versions but now is actually working and demanding you to setup some keys?
Comment 21 SpanKY gentoo-dev 2004-04-04 10:54:06 UTC
is there anyone here who still has this bug when they remove notrust from their /etc/ntp.conf and dont have keys setup ?

if not, i'll bump the ntp ebuild and add a check for 'notrust' in /etc/ntp.conf, printing a warning message in case it's found ...
Comment 22 soundbastlerlive 2004-04-04 11:09:20 UTC
yeah, please do so!
thanks everyone for your help, especially jani for finding out!
i'm not sure if i should change the status to fixed, so i'm just adding this comment.

thanks for all the work again!
Comment 23 Howard B. Golden 2004-04-04 13:57:36 UTC
Removing "notrust" works for me.
Comment 24 SpanKY gentoo-dev 2004-04-05 16:24:13 UTC
done deal then, 4.2.0-r2 has a check for 'notrust' in /etc/ntp.conf and prints a warning about it

thanks all for tracking this down :)
Comment 25 Kent B. Hansen 2004-04-19 05:44:19 UTC
I just emerged the new (4.2.0-r2) ntpd. I have the same problem, and NO notrust in my /etc/ntp.conf.

This is the content of my /etc/ntp.conf:

server x.x.x.x
restrict x.x.x.x noquery nomodify notrap noserve nopeer
server y.y.y.y
restrict y.y.y.y noquery nomodify notrap noserve nopeer
logfile         /var/log/ntpd.log
driftfile       /var/lib/ntp/ntp.drift
restrict default ignore
restrict 127.0.0.1
restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap

It has write-acces to the drift-file:
ls -ld /var/lib/ntp/
drwxr-xr-x    2 ntp      ntp          4096 Apr 19 13:53 /var/lib/ntp/

But it just hangs with this ".INIT." stuff:
ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 x.x.x.x         .INIT.          16 u    - 1024    0    0.000    0.000 4000.00
 y.y.y.y         .INIT.          16 u    - 1024    0    0.000    0.000 4000.00
Comment 26 Andreas Vinsander 2004-04-19 05:58:37 UTC
What happens if you move the line 'restrict default ignore' to the top of the file?
Comment 27 Kent B. Hansen 2004-04-19 06:18:29 UTC
Ahhh, it seems that it was the "noserve" keyword, that was causing the problem here...
Comment 28 Barry Wardell 2004-07-02 04:10:54 UTC
I had trouble with droproot. Turns out it was related to the fact that I'm running a 2.6 kernel with CONFIG_SECURITY_CAPABILITIES as a module. Seems this is required for droproot, so doing "modprobe capability" fixed it
Comment 29 SpanKY gentoo-dev 2004-08-08 13:54:25 UTC
*** Bug 59653 has been marked as a duplicate of this bug. ***
Comment 30 george 2007-09-05 17:47:23 UTC
I still have this problem,
no notrust noserve,

ntp.conf:
restrict default ignore
restrict 127.0.0.1

driftfile       /var/lib/ntp/ntp.drift

server xx.xx.xx.xx prefer

restrict xx.xx.xx.xx

and:
gentoo-hardened-2.6.20 with CONFIG_SECURITY_CAPABILITIES=m
net-misc/ntp-4.2.4-r1  USE="caps openntpd ssl -debug -ipv6 -parse-clocks (-selinux)



Comment 31 george 2007-09-05 17:50:09 UTC
I still have this problem,
no notrust noserve,

ntp.conf:
restrict default ignore
restrict 127.0.0.1

driftfile       /var/lib/ntp/ntp.drift

server xx.xx.xx.xx prefer

restrict xx.xx.xx.xx

and:
gentoo-hardened-2.6.20 with CONFIG_SECURITY_CAPABILITIES=m
net-misc/ntp-4.2.4-r1  USE="caps openntpd ssl -debug -ipv6 -parse-clocks (-selinux)

error messages:
# /etc/init.d/ntpd start
 * Starting ntpd ...
/usr/sbin/ntpd: invalid option -- u
usage: ntpd [-dSs] [-f file]
 * Failed to start ntpd  
Comment 32 Doug Goldstein (RETIRED) gentoo-dev 2007-09-05 18:14:33 UTC
Invalid option sounds like your /etc/conf.d/ntpd file is bad
Comment 33 george 2007-09-06 02:26:42 UTC
This is my /etc/conf.d/ntpd

# /etc/conf.d/ntpd: config file for openntpd's ntpd

NTPD_HOME=/var/empty

# See ntpd(8) man page ... some popular options:
#  -s   Set the time immediately at startup
NTPD_OPTS="-u ntp:ntp -s"


If I comment the last line, it works.

Sorry if this is a stupid problem.
Comment 34 george 2007-09-06 09:49:20 UTC
#man ntpd
-u string, --user=string
Run as userid (or userid:groupid).
Specify a user, and optionally a group, to switch to. This option is only
available if the OS supports to run the server without full root privileges.
Currently, this option is supported under NetBSD (configure with --enable-
clockctl ) and Linux (configure with --enable-linuxcaps ).


There is no invalid info about -u?
If -u is invalid, do you know how to run on droproot? 

Comment 35 Doug Goldstein (RETIRED) gentoo-dev 2007-09-06 12:52:59 UTC
The USE=caps passes --enable-linuxcaps, which it appears you have enabled. So it looks like it's a bug upstream if we're passing --enable-linuxcaps and they're not actually enabling it.
Comment 36 george 2007-09-13 10:57:34 UTC
Hi
Now I know where's problem.
It's my stupid not software's bug.

Please see this: http://forums.gentoo.org/viewtopic-p-4228739.html#4228739

Thank you .