[Xymon] Patch: ntpdate option -p deprecated
Brian Scott
bscott at bunyatech.com.au
Mon Feb 12 08:32:18 CET 2024
The -p 1 option is still desirable for standard ntpd. The default is to
do 4 probes which is overkill for xymon.
I have just checked a fresh install of ntpsec from source and can't see
ntpdate being installed. Found this on the ntpsec site under Security
Improvements:
* The deprecated and vulnerability-prone ntpdate program has been
replaced with a shell wrapper around ntpdig. Its -e and -p options
are not implemented. It is no longer documented, but can be found in
the attic/ directory of the source distribution.
I notice that in the script the behaviour when it finds the -p option is
to simply warn and ignore it:
p) echo "ntpdate: -p is no longer supported." >&2;;
So it's just a neatness thing. The script is undocumented (debian may
have pinched their man page from standard ntp) and unlikely to ever be
updated.
Not sure where this leaves us. I know others had similar problems when
distros moved to chrony for ntp. Maybe we need a more generalised
approach to different ntp implementations going forward.
Cheers,
Brian Scott
On 12/2/2024 1:14 am, Roland Rosenfeld wrote:
> Hi!
>
> In Debian ntpdate from ntpsec package throws a warning that "-p is no
> longer supported". So it may be a good idea to remove the "-p 1" from
> NTPDATEOPTS="-u -q -p 1" # Standard options to ntpdate
> in xymond/etcfiles/xymonserver.cfg.DIST.
>
> The attached patch solves this issue.
>
> Greetings
> Roland
>
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20240212/281bd6a3/attachment.htm>
More information about the Xymon
mailing list