Your message dated Tue, 18 Sep 2018 11:27:35 +0200 with message-id <[email protected]> and subject line Closing ntpdate ifupdown related bugs, removed from Buster has caused the Debian Bug report #823533, regarding allow to skip ntpdate on ifup to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 823533: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823533 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: ntp Version: 1:4.2.8p7+dfsg-3 While these days the systemd based timesync* tools are doing most of the work there is still a lot of buzz around the automated ntpdate on ifup being good/bad for various reasons. I'll try to to summarize the outcome of multiple discussions and bugs around this that I recently passed and propose a solution. - I've seen various reports of ntpdate syncing too much or time changes due to that annoying people. - but then there are different user scenarios so some want and others won't "autoupdate" feature on ifup - the ones that want it disabled are usually only "inconvenience issues" like too much calls, but also cases like "know it will hang", so could I disable it in advance - the ones require the updates are mostly having more severe issues (like breaking authentication due to time being off afterwards) We should try to create a solution for both parties to be able to config the system to their way. So lets keep the default to sync (as it seems the more critical way), but provide a way to disable it via the config files. Doing it via an environment variable also allows to "overwrite" it in ifup calls like DISABLE_NTPDATE=1 ifup eth0 The config file has to be read in ntpdate-debian if the variable is not set. Then just a simple check for that variable in the script to exit if disabled: [ "${DISABLE_NTPDATE:-0}" != "0" ] && exit 0 So the behavior would be like: 1. default it is running on ifup 2. one could set a different default in the config file 3. one can overwrite whatever was set via an environment variable Attached is a suggestion in form of a patch how to achieve that. Kind Regards, Christiandiff --git a/ntp-4.2.8p7+dfsg/debian/ntpdate-debian b/ntp-4.2.8p7+dfsg/debian/ntpdate-debian index 4f5b17b..b00678d 100644 --- a/ntp-4.2.8p7+dfsg/debian/ntpdate-debian +++ b/ntp-4.2.8p7+dfsg/debian/ntpdate-debian @@ -6,6 +6,8 @@ if [ -r /etc/default/ntpdate ]; then . /etc/default/ntpdate fi +[ "${DISABLE_NTPDATE:-0}" != "0" -o "${NTPDATE_IFUP_DISABLE}" != "0" ] && exit 0 + if [ "$NTPDATE_USE_NTP_CONF" = yes ]; then for f in /etc/ntp.conf /etc/openntpd/ntpd.conf; do if [ -r "$f" ]; then diff --git a/ntp-4.2.8p7+dfsg/debian/ntpdate.default b/ntp-4.2.8p7+dfsg/debian/ntpdate.default index 3241694..0b53a2f 100644 --- a/ntp-4.2.8p7+dfsg/debian/ntpdate.default +++ b/ntp-4.2.8p7+dfsg/debian/ntpdate.default @@ -5,6 +5,11 @@ # so you only have to keep it in one place. NTPDATE_USE_NTP_CONF=yes +# Set to 1 to disable the automated ntpdate-debian call triggered on ifup +# Even if kept at 0 an individual call to ifup can be disabled via the +# environment variable DISABLE_NTPDATE=1 +NTPDATE_IFUP_DISABLE="0" + # List of NTP servers to use (Separate multiple servers with spaces.) # Not used if NTPDATE_USE_NTP_CONF is yes. NTPSERVERS="0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org"
--- End Message ---
--- Begin Message ---Version: 1:4.2.8p12+dfsg-2 Dear user, the bug you have submitted is related to the ifupdown triggers shipped by the ntpdate package that did a one-shot time sync every time an interface managed by ifupdown was configured. The hooks have been removed from the ntpdate package in version 1:4.2.8p12+dfsg-2, which will be part of the Buster release. ntpdate.NEWS reads: TL;DR: The ntpdate package does NOT ship triggers for ifupdown to run a one-time sync every time an interface comes up anymore. These hooks will also be removed on upgrades to Buster. It is strongly recommended to switch to a permanent NTP daemon like ntp, systemd-timesyncd or chrony. If you need a one-time sync in your setup please arrange for it yourselves, i.e. by calling sntp with the appropriate parameters in /etc/network/interfaces(.d) . Historically the package ntpdate has included both /usr/bin/ntpdate (which is the historic go-to program for one-shot NTP querying) and ifupdown hooks to execute a one-shot NTP query on every interface up event. The ifupdown hooks have introduced buggy behaviour by syncing too often (on every ifup), too seldom (never again) and are likely to interfere with other time-keeping measures on the same system including ntpd. The hooks frequently caused dependency problems with local DNS resolvers or uncommon network configurations. They have therefor been dropped from the ntpdate package. For time synchronisation purpose please use one of the many timekeeping daemons in Debian (ntp, systemd-timesyncd, chrony). For the manual use, /usr/bin/ntpdate has been deprecated upstream and replaced by /usr/bin/sntp (in the sntp binary package). If you want a proper one-shot sync against a pool of servers you may also consider the -q option of ntpd. Best Regards, The NTP maintainers
--- End Message ---
