Switch to chrony as timeserver
|Status:||In Progress||Start date:||26/08/2018|
chrony is default since Leap 15. chrony in Leap is not compiled with sign support (needed for samba AD DC). Since 3.8.2018 chrony is compiled with signd support in Factory. If it comes with Leap 15.1, we should switch to chrony as soon as possible.
- Status changed from New to In Progress
- % Done changed from 0 to 10
Now I did the first steps towards chrony.
First Point is, that we hve to build our own packages, because the packages inside leap 15.0, .1 and the upcoming 15.2are compiled whithout signed support. First builds in our repos build successfully.
A first chrony.conf example is to find inside the xsrc folder.
First tests will follow.
- % Done changed from 10 to 40
It seems to work with the following configuration extension in /etc/chrony.d/:
# invis-Server chrony extension # Serve time even if not synchronized to a time source. local stratum 10 # Allow NTP client access from local network. allow 192.168.220.0/24 127.0.0.1 # Signd Socket for AD time synchronisation ntpsigndsocket /var/lib/samba/ntp_signd # Interface on which chronyd will listen for monitoring command packets # set to DC-Address as explaned in samba-wki bindcmdaddress 192.168.220.10