On Jul 10, 2013, at 5:28 PM, Kent R. Spillner wrote: > What's the use case for running NTP from cron?
http://www.nsa.gov/ia/_files/os/redhat/NSA_RHEL_5_GUIDE_v4.2.pdf In general, they recommend running a daemon only when absolutely necessary. The ntp daemon is only necessary for a time-server, not the client. 3.10.2.1.2 Run ntpd using Cron Create a le /etc/cron.d/ntpd containing the following crontab: 15 * * * * root /usr/sbin/ntpd -q -u ntp:ntp The -q option instructs ntpd to exit just after setting the clock, and the -u option instructs it to run as the specied user. Note: When setting the clock for the rst time, execute the above command with the -g option, as ntpd will refuse to set the clock if it is signicantly different from the source. This crontab will execute ntpd to synchronize the time to the NTP server at 15 minutes past every hour. (It is possible to choose a dierent minute, or to vary the minute between machines in order to avoid heavy trac to the NTP server.) Hourly synchronization should be suciently frequent that clock drift will not be noticeable. http://people.redhat.com/sgrubb/files/hardening-rhel5.pdf http://doc.ntp.org/4.1.0/ntpd.htm Operating mode, which describes the use of “ntpd -q” instead of ntpdate > In general, that's considered bad practice, and unnecessary because of ntpd's > maturity. A few years ago we were bitten by NTP running out of cron on > RedHat Enterprise Linux 6.0 systems because of the "tickless kernel.” That might be from folks using ntpdate from cron instead of "ntpd -q" > > On Jul 10, 2013, at 15:52, Dan White <y...@comcast.net> wrote: > >> OK. Here are some wish-list items: >> >> Using ntp by cron rather than as a daemon >> An easy way to specify your own, internal time servers without tearing up >> the class. >> In the Red Hat template (since that's what I work on) : There is no resource >> to ensure the driftfile exists or has the proper permissions on it or on its >> directory. >> And a comment: Is all the commentary necessary in the template ? >> >> As I get time, I will be happy to make some contributions to the module on >> my first two points -- I can do Red Had / CentOS / Fedora, but someone else >> will need to assist on the other distros. >> >> “Sometimes I think the surest sign that intelligent life exists elsewhere in >> the universe is that none of it has tried to contact us.” >> Bill Waterson (Calvin & Hobbes) >> >> From: "Ashley Penney" <ashley.pen...@puppetlabs.com> >> To: puppet-users@googlegroups.com >> Sent: Wednesday, July 10, 2013 1:57:32 PM >> Subject: [Puppet Users] puppetlabs-ntp template discussion >> >> If you've ever refused to use the ntp module as it lacks something you need, >> now is the time to shout out! >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users+unsubscr...@googlegroups.com. >> To post to this group, send email to puppet-users@googlegroups.com. >> Visit this group at http://groups.google.com/group/puppet-users. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users. > For more options, visit https://groups.google.com/groups/opt_out. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
