| Message ID | cover.1610381875.git.simon@simonsouth.net |
|---|---|
| Headers | show |
| Series | services: openntpd: Remove support for deprecated "-s" option. | expand |
Hi, Simon South <simon@simonsouth.net> skribis: > This patch removes support for OpenNTPD's deprecated "-s" command-line option > and the corresponding "allow-large-adjustment?" field from Guix's > openntpd-configuration record type. > > Previously this option allowed OpenNTPD to make a single, arbitrarily large > adjustment to the clock at startup. In the current release this option has > been disabled[0] in favour of the use of authenticated constraints, and > configuring a service with "(allow-large-adjustment? #t)" now causes this > message to appear in /var/log/ntpd: > > -s option no longer works and will be removed soon. > Please reconfigure to use constraints or trusted servers. > > For systems like the ROCK64 that lack a battery-backed clock, generally the > solution is to replace the "allow-large-adjustment?" option with a setting > like > > (constraint-from '("www.gnu.org")) > > which will give OpenNTPD an independent estimate of the current time and allow > it to evaluate the trustworthiness of the configured NTP servers. > > [0] https://cvsweb.openbsd.org/src/usr.sbin/ntpd/ntpd.c?rev=1.127&content-type=text/x-cvsweb-markup Thanks for explaining. > * gnu/services/networking.scm (openntpd-configuration): Remove > "allow-large-adjustment?" field. > (openntpd-shepherd-service): Remove use of "allow-large-adjustment?" > configuration field and "-s" daemon option. > * tests/networking.scm (%openntpd-conf-sample): Remove > "allow-large-adjustment?" field. > * doc/guix.texi (Networking Services)[openntpd-service-type]: Remove > "allow-large-adjustment?" field from sample configuration. > [openntpd-configuration]: Remove description of "allow-large-adjustment?" > field. Applied, thanks! Ludo’.
This patch removes support for OpenNTPD's deprecated "-s" command-line option and the corresponding "allow-large-adjustment?" field from Guix's openntpd-configuration record type. Previously this option allowed OpenNTPD to make a single, arbitrarily large adjustment to the clock at startup. In the current release this option has been disabled[0] in favour of the use of authenticated constraints, and configuring a service with "(allow-large-adjustment? #t)" now causes this message to appear in /var/log/ntpd: -s option no longer works and will be removed soon. Please reconfigure to use constraints or trusted servers. For systems like the ROCK64 that lack a battery-backed clock, generally the solution is to replace the "allow-large-adjustment?" option with a setting like (constraint-from '("www.gnu.org")) which will give OpenNTPD an independent estimate of the current time and allow it to evaluate the trustworthiness of the configured NTP servers. [0] https://cvsweb.openbsd.org/src/usr.sbin/ntpd/ntpd.c?rev=1.127&content-type=text/x-cvsweb-markup -- Simon South simon@simonsouth.net Simon South (1): services: openntpd: Remove support for deprecated "-s" option. doc/guix.texi | 6 +----- gnu/services/networking.scm | 12 +++--------- tests/networking.scm | 3 +-- 3 files changed, 5 insertions(+), 16 deletions(-)