Odd NTP Offset Issues (continued)

21

Glad all is working!

For some reason ntpq -p won’t work without the changes. I noticed the same back in 2018 when I started experimenting with ntp. (I’m not skilled enough to figure the “why”.)

EDIT: There are some funky things related to permissions and/or ownership of an ntp file. So you may still see another NTP error.

22

Well, the default /etc/ntp.conf does not contain the line “restrict 127.0.0.1”

Found it here https://github.com/ipfire/ipfire-2.x/blob/master/lfs/ntp (should be after line 87)

23

So changing this:

[root@ipfire ~]# cat /etc/ntp.conf
disable monitor
restrict default nomodify noquery
server  127.127.1.0 prefer
fudge   127.127.1.0 stratum 10
driftfile /etc/ntp/drift

-to this-

[root@ipfire ~]# cat /etc/ntp.conf
disable monitor
restrict default nomodify noquery
restrict 127.0.0.1
server  127.127.1.0 prefer
fudge   127.127.1.0 stratum 10
driftfile /etc/ntp/drift

…fixes the error you saw above?

I haven’t tried it but if it works for you you may want to add a bug report item.

24

yes, if you comment that line, restart ntpd, ntpq -p gives that localhost.localdomain error.

I was searching the bug list for ntp issues …

25

I think there may be another bug (in that same file) related to permissions and owners:


 
The ntp service runs as root in IPFire and I think it usually runs as ntp. 
[root@ipfire ~]# ps -ef | grep -i ntp
root      3285     1  0 Oct27 ?        00:00:07 /usr/bin/ntpd -Ap /var/run/ntpd.pid

 

I am guessing running as ntp is a convention and not necessarily a must do. (this is where things are beyond my skills). So if the ntp service runs as root, should not the ntp directory and files (like the driftfile /etc/ntp/drift) run as root?

So I am thinking line 85 and new line 86 should be:

chown -R ntp:root /etc/ntp
chmod -R 771 /etc/ntp        # this is from memory and may not be correct

 

EDIT: Forgot the important part! This is the error that I see and the above helps eliminate:

00:36:12 ntpd[14000]:  frequency file /etc/ntp/drift.TEMP: Permission denied
26

I submitted

2 Likes
27

Paul - if you happen to see this error please let me know. Tnx!

00:36:12 ntpd[14000]:  frequency file /etc/ntp/drift.TEMP: Permission denied

 

check with:

grep ntpd /var/log/messages
28

will do …

ntpd is running ok but I have these two lines from 2 hours ago; no idea where they come from …

Oct 29 13:21:05 ipfire ntpd[18013]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Oct 29 13:21:05 ipfire ntpd[18013]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized

29

Me too, but evidently that is to be expected as ntp is working toward getting properly synced

30

Those lines always appear. I think NTP calls it a feature! :grinning: And I was never able to determine the “why”…

31

It seems to be an info message. IPFire core 151 comes with ntpd 4.2.8p15, we get this info message. I checked another system that has an older ntpd 4.2.8p10 … no such message in syslog. Oh well …

32

The NTP issues I saw are fixed in IPFire 2.27 - Core Update 169 released.

see:
https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=2234e8aacac2e0d0b06dac4513585c15c2b3b440

2 Likes