picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

It's now ok to use Google NTP servers (#5311)

Browse source
This commit is contained in:
Michael Shields 2017-02-11 21:30:40 -08:00 committed by Zbigniew Jędrzejewski-Szmek
parent dbb1d5cf69
commit 501bf2d5d2
3 changed files with 12 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
DISTRO_PORTING
View file

@ -25,22 +25,20 @@ HOWTO:
NTP POOL: NTP POOL:
By default, timesyncd uses the Google NTP servers By default, timesyncd uses the Google Public NTP servers
time[1-4].google.com. They serve time that is not standards time[1-4].google.com. They serve time that uses a leap second
compliant, and can be up to .5s off. Google does not smear, and can be up to .5s off from servers that use stepped
officially support these servers for the broader leap seconds.
audience. Distributions and vendors really should not ship
OSes or devices with these NTP servers configured. Instead, https://developers.google.com/time/smear
please register your own vendor pool at ntp.org and make it
the built-in default by passing --with-ntp-servers= to If you prefer to use leap second steps, please register your own
configure. Registering vendor pools is free: vendor pool at ntp.org and make it the built-in default by
passing --with-ntp-servers= to configure. Registering vendor
pools is free:
http://www.pool.ntp.org/en/vendors.html http://www.pool.ntp.org/en/vendors.html
Again, if you ship your software or device with the default
NTP servers, then you will get served wrong time, and will
rely on services that might not be supported for long.
PAM: PAM:
The default PAM config shipped by systemd is really bare bones. The default PAM config shipped by systemd is really bare bones.
It does not include many modules your distro might want to enable It does not include many modules your distro might want to enable

5
README
View file

@ -275,11 +275,6 @@ WARNINGS:
false positives will be triggered by code which violates false positives will be triggered by code which violates
some rules but is actually safe. some rules but is actually safe.
Currently, systemd-timesyncd defaults to use the Google NTP
servers if not specified otherwise at configure time. You
really should not ship an OS or device with this default
setting. See DISTRO_PORTING for details.
ENGINEERING AND CONSULTING SERVICES: ENGINEERING AND CONSULTING SERVICES:
Kinvolk (https://kinvolk.io) offers professional engineering Kinvolk (https://kinvolk.io) offers professional engineering
and consulting services for systemd. Please contact Chris Kühl and consulting services for systemd. Please contact Chris Kühl

5
configure.ac
View file

@ -1146,10 +1146,7 @@ AC_ARG_WITH(ntp-servers,
AS_HELP_STRING([--with-ntp-servers=NTPSERVERS], AS_HELP_STRING([--with-ntp-servers=NTPSERVERS],
[space-separated list of default NTP servers]), [space-separated list of default NTP servers]),
[NTP_SERVERS="$withval"], [NTP_SERVERS="$withval"],
[NTP_SERVERS="time1.google.com time2.google.com time3.google.com time4.google.com" [NTP_SERVERS="time1.google.com time2.google.com time3.google.com time4.google.com"])
AC_MSG_WARN([*** Using Google NTP servers.
Do not ship OSes or devices with these default settings.
See DISTRO_PORTING for details!])])
AC_DEFINE_UNQUOTED(NTP_SERVERS, ["$NTP_SERVERS"], [Default NTP Servers]) AC_DEFINE_UNQUOTED(NTP_SERVERS, ["$NTP_SERVERS"], [Default NTP Servers])
AC_SUBST(NTP_SERVERS) AC_SUBST(NTP_SERVERS)