Re: State of the microserver HOWTO

Yo Hal! I agree with Hal, my descriptions are a bit long and picky for the newbie howto. Get that done, then these issues will get addressed in due time. On Tue, 07 Jun 2016 17:21:50 -0700 Hal Murray wrote: > e...@thyrsus.com said: > > My plan was to encourage you to

Re: microserver HOWTO timeservice patch

Gary E. Miller : > I have filed issues for most of these. But I know the issue tracker is > where things go to die. :-) Actually, I do pay attention to it. I fixed two issues today. But I admit that tends to be a background task because the stuff that shows up there is not

Re: State of the microserver HOWTO

e...@thyrsus.com said: > My plan was to encourage you to elaborate - *and explain* - your favorite > odd features for your local config, then work with you to prune it back to > someting we might ship. You are letting Gary suck you down ratholes. I think you need to think hard about what your

Re: microserver HOWTO timeservice patch

Gary E. Miller : > I like to have gpsd start first. That way when ntpd restarts it has > a good local time handy. If ntpd starts first, it will set the local > clock using a remote, probably pool, server. Then cntpd has to spend a > whole day undoing the damage done to the PLL.

Re: Logfile permissions and ntp group

Yo Hal! On Tue, 07 Jun 2016 16:51:05 -0700 Hal Murray wrote: > g...@rellim.com said: > > logrotate does not make files, it restarts ntpd, so ntpd can make > > the new file. Which has all the problems of restarting ntpd. > > The logrotate I'm familiar with has the

Re: Logfile permissions and ntp group

g...@rellim.com said: > logrotate does not make files, it restarts ntpd, so ntpd can make the new > file. Which has all the problems of restarting ntpd. The logrotate I'm familiar with has the option to make the new file after renaming the old one. (I may be confused by the netbsd/freebsd

Re: State of the microserver HOWTO

On 06/07/2016 07:39 PM, Hal Murray wrote: bellyac...@gmail.com said: Thanks for that. Is that documented somewhere that I've missed or overlooked? Or is this buried in the code somewhere that will be harder for someone such as myself to understand, figure out? I didn't find it in the

Re: Would you please check libntp/systime.c

e...@thyrsus.com said: >> Why didn't any of the other tools notice this? The code isn't particularly >> complicated. > I don't know. It does seem like the sort of error a static analyzer should > spot. Should we feed them a test case? e...@thyrsus.com said: > The assignment to tvlast

Re: State of the microserver HOWTO

bellyac...@gmail.com said: > Thanks for that. Is that documented somewhere that I've missed or > overlooked? Or is this buried in the code somewhere that will be harder > for someone such as myself to understand, figure out? I didn't find it in the documentation. It's in the code:

Re: microserver HOWTO timeservice patch

On 06/07/2016 07:26 PM, Eric S. Raymond wrote: Mike : Looking at the timeservice init script after seeing that ntpd has a PID value lower than gpsd it looks like their startup order is reversed. Patch attached... I'm not objecting to the patch per se, but what makes the

Re: Logfile permissions and ntp group

Hal Murray : > The stats files automatically roll over. You can specify how often, but > daily works for me. They don't get opened until needed which is long after > dropping root, so they need the right user:group on the directory as well as > any existing current

Re: microserver HOWTO timeservice patch

Yo Eric! On Tue, 7 Jun 2016 19:26:22 -0400 "Eric S. Raymond" wrote: > Mike : > > Looking at the timeservice init script after seeing that ntpd has a > > PID value lower than gpsd it looks like their startup order is > > reversed. > > > > Patch

Re: Logfile permissions and ntp group

Yo Hal! On Tue, 07 Jun 2016 16:17:38 -0700 Hal Murray wrote: > e...@thyrsus.com said: > > You are suggesting that this is not so - that as long as we open > > log files before privilege-dropping the ntp user/group pair isn't > > necessary at all. If true I would mildly

Re: microserver HOWTO timeservice patch

Mike : > Looking at the timeservice init script after seeing that ntpd has a PID > value lower than gpsd it looks like their startup order is reversed. > > Patch attached... I'm not objecting to the patch per se, but what makes the order reversed? It doesn't seem like

Re: Logfile permissions and ntp group

Yo Eric! On Tue, 7 Jun 2016 18:46:44 -0400 "Eric S. Raymond" wrote: > I thought I was going to have to tweak clockmaker to create an ntp > user and group if it doesn't already exist, then set ntp to run with > those IDs in the init script. That's easy enough to do. And

Re: State of the microserver HOWTO

Yo Eric! On Tue, 7 Jun 2016 18:48:42 -0400 "Eric S. Raymond" wrote: > > > My plan was to encourage you to elaborate - *and explain* - your > > > favorite odd features for your local config, then work with you to > > > prune it back to someting we might ship. > > > > Howz it

Re: State of the microserver HOWTO

On 06/07/2016 07:02 PM, Hal Murray wrote: bellyac...@gmail.com said: things have stabilized. The something on the order of once an hour or so from there on out. Have I misunderstood that? I think that's right, but there is another layer that suppresses writes if drift hasn't changed much.

microserver HOWTO timeservice patch

Looking at the timeservice init script after seeing that ntpd has a PID value lower than gpsd it looks like their startup order is reversed. Patch attached... Mike --- timeservice 2016-06-07 18:43:50.269898401 -0400 +++ timeservice.mab 2016-06-07 18:47:47.302535057 -0400 @@ -13,10 +13,10 @@

Re: State of the microserver HOWTO

bellyac...@gmail.com said: > things have stabilized. The something on the order of once an hour or so > from there on out. > Have I misunderstood that? I think that's right, but there is another layer that suppresses writes if drift hasn't changed much. The idea is to reduce wear on flash

Re: Logfile permissions and ntp group

On 06/07/2016 06:46 PM, Eric S. Raymond wrote: Mike : On 06/07/2016 05:57 PM, Hal Murray wrote: Ntpd is running as user nobody, whom can't write to that directory. Hopefully that is user ntp rather than nobody. The file permissions need to be setup for log files as well

Re: State of the microserver HOWTO

Gary E. Miller : > On Tue, 7 Jun 2016 18:37:02 -0400 > "Eric S. Raymond" wrote: > > > Gary E. Miller : > > > But remember, Eric asked for MY config, not what I think others > > > should be using. I would hope we get a collection of slightly >

Re: State of the microserver HOWTO

bellyac...@gmail.com said: > The logfile set to /var/log/ntpd.log is root:root. I'm not getting errors > there, gathering that it was opened before privileges were dropped. I think that will break if/when we fix ntpd to cooperate with logrotate or newsyslog. The stats files roll over

Re: State of the microserver HOWTO

Yo Mike! On Tue, 7 Jun 2016 18:35:13 -0400 Mike wrote: > > I opened a bug: > > > > https://gitlab.com/NTPsec/ntpsec/issues/76 > > > Gary, > > I'm not seeing that once I set the ownership to nobody. > > mike@3142:/var/lib/ntp $ ls -al > total 12 > drwxr-xr-x 2 nobody

Re: State of the microserver HOWTO

Yo Hal! On Tue, 07 Jun 2016 15:24:36 -0700 Hal Murray wrote: > > I made it nobody, mod 777, and still no luck > > I'm not sure what "no luck" means. # ls -l /var/lib/ntp/ total 0 > It doesn't get written at shutdown. Well, that would be dumb not to. It also

Re: State of the microserver HOWTO

On 06/07/2016 04:47 PM, Gary E. Miller wrote: Yo Mike! On Tue, 7 Jun 2016 16:27:45 -0400 Mike wrote: If you do ship the one supplied now I just found one thing that will need a fix. # Drift file etc. driftfile /var/lib/ntp/ntp.drift Ntpd is running as user nobody,

Re: State of the microserver HOWTO

On 06/07/2016 05:57 PM, Hal Murray wrote: Ntpd is running as user nobody, whom can't write to that directory. Hopefully that is user ntp rather than nobody. The file permissions need to be setup for log files as well as the drift file. The HOWTO setsup ntpd to run as nobody:nogroup. The

Re: Would you please check libntp/systime.c

Hal Murray : > > The initial symptom is a warning from clang 3.8.0 on a Raspberry Pi. > > ../../libntp/systime.c:460:37: warning: variable 'tvlast' is uninitialized > when > used here [-Wuninitialized] > > Why didn't any of the other tools notice this? The code isn't

Re: State of the microserver HOWTO

Yo Hal! On Tue, 07 Jun 2016 14:57:37 -0700 Hal Murray wrote: > > Ntpd is running as user nobody, whom can't write to that > > directory. > > Hopefully that is user ntp rather than nobody. I made it nobody, mod 777, and still no luck RGDS GARY

Re: State of the microserver HOWTO

> Ntpd is running as user nobody, whom can't write to that directory. Hopefully that is user ntp rather than nobody. The file permissions need to be setup for log files as well as the drift file. -- These are my opinions. I hate spam. ___ devel

Re: State of the microserver HOWTO

Yo Frank! Good input, net ntp.conf below. On Tue, 7 Jun 2016 17:04:21 -0400 Frank Nicholas wrote: > > On Jun 7, 2016, at 4:52 PM, Gary E. Miller wrote: > > > > peer 204.17.205.1 maxpoll 5 # catbert > > peer 204.17.205.17 maxpoll 5 # pi2 > >

Re: State of the microserver HOWTO

> On Jun 7, 2016, at 4:52 PM, Gary E. Miller wrote: > > peer 204.17.205.1 maxpoll 5 # catbert > peer 204.17.205.17 maxpoll 5 # pi2 > #peer 204.17.205.23 maxpoll 5 # pi3 > peer 204.17.205.27 maxpoll 5 # kong > peer 204.17.205.30 maxpoll 5 > peer [2001:470:e815::8] maxpoll 5 #

Re: Testing: IPv6

Yo Hal! On Tue, 07 Jun 2016 13:05:14 -0700 Hal Murray wrote: > I'm just fishing for ways to get more eyeballs looking for quirks > and/or potentially useful places to look. The IPv6 only case seems > like a good one to test. Yup. I added some IPv6 peers to my

Re: State of the microserver HOWTO

Yo Eric! A small adjustment to my ntp.conf. I added the issue number for the tartup glitch. Comments welcome. RGDS GARY --- Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703 g...@rellim.com

Re: State of the microserver HOWTO

Yo Mike! On Tue, 7 Jun 2016 16:27:45 -0400 Mike wrote: > If you do ship the one supplied now I just found one thing that will > need a fix. > > # Drift file etc. > driftfile /var/lib/ntp/ntp.drift > > Ntpd is running as user nobody, whom can't write to that directory.

Re: State of the microserver HOWTO

On 06/06/2016 07:27 PM, Eric S. Raymond wrote: Please send me configurations. This is a last blocker on releasing version 1.0 of the HOWTO and I don't want to wait too long. If I don't get a suitable replacement in a reasonable time I will shrug and ship the flawed one. If nobody cared enough

Re: Testing: IPv6

fr...@nicholasfamilycentral.com said: > I do have IPv6 available - I run dual stack. I could setup a Pi with only > IPv6... Thanks. I'm not expecting any troubles. The testing I've done works fine. I'm just fishing for ways to get more eyeballs looking for quirks and/or potentially useful

Re: State of the microserver HOWTO

Yo Achim! On Tue, 07 Jun 2016 21:13:56 +0200 Achim Gratz wrote: > Gary E. Miller writes: > > "On startup ntpd will take the first time it gets to set the system > > clock. If this first time is an imprecise clock, say derived from > > NMEA, then ntpd may takes days to

Would you please check libntp/systime.c

The initial symptom is a warning from clang 3.8.0 on a Raspberry Pi. ../../libntp/systime.c:460:37: warning: variable 'tvlast' is uninitialized when used here [-Wuninitialized] Why didn't any of the other tools notice this? The code isn't particularly complicated. A diff with

Re: Testing: IPv6

Yo Hal! On Tue, 07 Jun 2016 11:39:07 -0700 Hal Murray wrote: > There is a typical discussion/flame-war in NANOG about Netflix > blocking HE's IPv6 tunnels. That reminds me that we should be sure > we are testing IPv6. I do. I've had an HE IPv6 free tunnel up since

Re: Testing: IPv6

> On Jun 7, 2016, at 2:39 PM, Hal Murray wrote: > > There is a typical discussion/flame-war in NANOG about Netflix blocking HE's > IPv6 tunnels. That reminds me that we should be sure we are testing IPv6. > > Is anybody running a system without IPv4? > I do have

Testing: IPv6

There is a typical discussion/flame-war in NANOG about Netflix blocking HE's IPv6 tunnels. That reminds me that we should be sure we are testing IPv6. Is anybody running a system without IPv4? What sort of strange cases should we be testing? --- Even if you don't have an IPv6 connection

Re: My pre-1.0 wishlist

Yo Hal! On Tue, 07 Jun 2016 00:40:06 -0700 Hal Murray wrote: > e...@thyrsus.com said: > > You're right. Requiring registration to post bugs is imposing > > unacceptable overhead. > > I think it's reasonably common. Without registration or a captcha or > some

Re: State of the microserver HOWTO

Gary E. Miller : > > Assume I've never read that list, or anything else about NTP other > > than the HOWTO itself. Remember who we're teaching! > > You want me to do all the work?!? You're the writer. :-) Yes, which is why I know how error-prone and crazy-making for both of

VERSION string, support tangle

We had a discussion several months ago, but I don't think we actually decided what to do. The current scheme is broken because I can't easily tell a pre-release in-development version from the released version. I know of two ways to fix that. One is to put a suffix on the in-progress