Wonky NTP startup and the incremental-configuration problem

[Mark Atwood]

Hello Achim,

I do like the idea of rich but simple signal semantics.   We will have to
talk it out more here in devel@

..m


On Fri, Jun 10, 2016 at 11:05 AM Achim Gratz <Stromeko at nexgo.de> wrote:

> Eric S. Raymond writes:
> > ntpq has dangerous operations that tweak parameters of the time-sync
> > algorithms on the fly - operations that can be triggered remotely. Or so
> I
> > gather from things Hal Murray has said; my outside view is weak here,
> > I've never explored those operations.
>
> In the standard configuration you can only tweak those locally (via
> loopback) and then you still need to set up a password.
>
> > It would be better for code verifiability and security if the
> > only source of configuration information for the daemon were the
> > ntp.conf file.  (We can't quite get there due to the requirement
> > to store drift state, but closer would be better.)
>
> If you do that, you need some way to change the configuration without a
> wholesale restart of ntpd or at least determining and tweaking fudge
> factors gets a lot harder than it already is.
>
> Come to think of it, ntpd should gracefully react on a few signals
> rather than just exit: HUP for close/reopen of any files (logrotate…),
> USR1 for re-read of config and maybe USR2 for re-read of an alternate
> config file (so you can go back pre ante by just sending USR1 if you
> messed up).
>
>
> Regards,
> Achim.
> --
> +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
>
> Wavetables for the Waldorf Blofeld:
> http://Synth.Stromeko.net/Downloads.html#BlofeldUserWavetables
>
> _______________________________________________
> devel mailing list
> devel at ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160613/07b65ef0/attachment.html>