ntp-4.2.6p2-htmldoc.patch 39 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395
  1. diff -up ntp-4.2.6p2/html/authopt.html.htmldoc ntp-4.2.6p2/html/authopt.html
  2. --- ntp-4.2.6p2/html/authopt.html.htmldoc 2010-04-18 10:05:39.000000000 +0200
  3. +++ ntp-4.2.6p2/html/authopt.html 2010-07-12 16:31:43.000000000 +0200
  4. @@ -208,11 +208,7 @@ UTC</p>
  5. <table width="100%" border="1" cellpadding="4">
  6. <tr>
  7. -<td rowspan="2" align="center">Client</td>
  8. -<td colspan="5" align="center">Server</td>
  9. -</tr>
  10. -
  11. -<tr>
  12. +<td align="center">Client/Server</td>
  13. <td align="center">NONE</td>
  14. <td align="center">AUTH</td>
  15. <td align="center">PC</td>
  16. @@ -368,7 +364,7 @@ UTC</p>
  17. are left unspecified, the default names are used as described below. Unless
  18. the complete path and name of the file are specified, the location of a file
  19. is relative to the keys directory specified in the <tt>keysdir</tt> configuration
  20. - command or default <tt>/usr/local/etc</tt>. Following are the options.</dd>
  21. + command or default <tt>/etc/ntp/crypto</tt>. Following are the options.</dd>
  22. <dd><dl>
  23. @@ -400,7 +396,7 @@ UTC</p>
  24. <dd>Specifies the complete path to the MD5 key file containing the keys and key IDs used by <tt>ntpd</tt>, <tt>ntpq</tt> and <tt>ntpdc</tt> when operating with symmetric key cryptography. This is the same operation as the <tt>-k </tt>command line option. Note that the directory path for Autokey media is specified by the <tt>keysdir</tt> command.</dd>
  25. <dt id="keysdir"><tt>keysdir <i>path</i></tt>K</dt>
  26. -<dd>This command specifies the default directory path for Autokey cryptographic keys, parameters and certificates. The default is <tt>/usr/local/etc/</tt>. Note that the path for the symmetric keys file is specified by the <tt>keys</tt> command.</dd>
  27. +<dd>This command specifies the default directory path for Autokey cryptographic keys, parameters and certificates. The default is <tt>/etc/ntp/crypto</tt>. Note that the path for the symmetric keys file is specified by the <tt>keys</tt> command.</dd>
  28. <dt id="requestkey"><tt>requestkey <i>keyid</i></tt></dt>
  29. <dd>Specifies the key ID to use with the
  30. @@ -494,4 +490,4 @@ UTC</p>
  31. </body>
  32. -</html>
  33. \ No newline at end of file
  34. +</html>
  35. diff -up ntp-4.2.6p2/html/keygen.html.htmldoc ntp-4.2.6p2/html/keygen.html
  36. --- ntp-4.2.6p2/html/keygen.html.htmldoc 2009-12-09 08:36:35.000000000 +0100
  37. +++ ntp-4.2.6p2/html/keygen.html 2010-07-12 16:27:39.000000000 +0200
  38. @@ -90,7 +90,7 @@
  39. <p>The <tt>pw</tt> option of the <tt>crypto</tt> configuration command specifies the read password for previously encrypted files. This must match the local password used by this program. If not specified, the host name is used. Thus, if files are generated by this program without password, they can be read back by <tt>ntpd</tt> without password, but only on the same host.</p>
  40. -<p>All files and links are usually installed in the directory <tt>/usr/local/etc</tt>,
  41. +<p>All files and links are usually installed in the directory <tt>/etc/ntp/crypto</tt>,
  42. which is normally in a shared filesystem in NFS-mounted networks and cannot
  43. be changed by shared clients. The location of the keys directory can be changed
  44. by the <tt>keysdir</tt> configuration command in such cases. Normally, encrypted
  45. @@ -101,7 +101,7 @@
  46. <h4 id="run">Running the Program</h4>
  47. -<p>To test and gain experience with Autokey concepts, log in as root and change to the keys directory, usually <tt>/usr/local/etc</tt>. When run for the first time, or if all files with names beginning <tt>ntpkey</tt> have been removed, use the <tt>ntp-keygen </tt>command without arguments to generate a default RSA host key and matching RSA-MD5 certificate with expiration date one year hence. If run again, the program uses the existing keys and parameters and generates only a new certificate with new expiration date one year hence; however, the certificate is not generated if the <tt>-e</tt> or <tt>-q</tt> options are present.</p>
  48. +<p>To test and gain experience with Autokey concepts, log in as root and change to the keys directory, usually <tt>/etc/ntp/crypto</tt>. When run for the first time, or if all files with names beginning <tt>ntpkey</tt> have been removed, use the <tt>ntp-keygen </tt>command without arguments to generate a default RSA host key and matching RSA-MD5 certificate with expiration date one year hence. If run again, the program uses the existing keys and parameters and generates only a new certificate with new expiration date one year hence; however, the certificate is not generated if the <tt>-e</tt> or <tt>-q</tt> options are present.</p>
  49. <p>Run the command on as many hosts as necessary. Designate one of them as the trusted host (TH) using <tt>ntp-keygen</tt> with the <tt>-T</tt> option and configure it to synchronize from reliable Internet servers. Then configure the other hosts to synchronize to the TH directly or indirectly. A certificate trail is created when Autokey asks the immediately ascendant host towards the TH to sign its certificate, which is then provided to the immediately descendant host on request. All group hosts should have acyclic certificate trails ending on the TH.</p>
  50. @@ -206,6 +206,7 @@
  51. <p>All cryptographically sound key generation schemes must have means to randomize the entropy seed used to initialize the internal pseudo-random number generator used by the OpenSSL library routines. If a site supports <tt>ssh</tt>, it is very likely that means to do this are already available. The entropy seed used by the OpenSSL library is contained in a file, usually called <tt>.rnd</tt>, which must be available when starting the <tt>ntp-keygen</tt> program or <tt>ntpd</tt> daemon.</p>
  52. <p>The OpenSSL library looks for the file using the path specified by the <tt>RANDFILE</tt> environment variable in the user home directory, whether root or some other user. If the <tt>RANDFILE</tt> environment variable is not present, the library looks for the <tt>.rnd</tt> file in the user home directory. Since both the <tt>ntp-keygen</tt> program and <tt>ntpd</tt> daemon must run as root, the logical place to put this file is in <tt>/.rnd</tt> or <tt>/root/.rnd</tt>. If the file is not available or cannot be written, the program exits with a message to the system log.</p>
  53. +<p>On systems that provide /dev/urandom, the randomness device is used instead and the file specified by the <tt>randfile</tt> subcommand or the <tt>RANDFILE</tt> environment variable is ignored.</p>
  54. <h4 id="priv">Cryptographic Data Files</h4>
  55. @@ -237,4 +238,4 @@
  56. </body>
  57. -</html>
  58. \ No newline at end of file
  59. +</html>
  60. diff -up ntp-4.2.6p2/html/ntp-wait.html.htmldoc ntp-4.2.6p2/html/ntp-wait.html
  61. --- ntp-4.2.6p2/html/ntp-wait.html.htmldoc 2010-07-12 16:27:39.000000000 +0200
  62. +++ ntp-4.2.6p2/html/ntp-wait.html 2010-07-12 16:27:39.000000000 +0200
  63. @@ -0,0 +1,30 @@
  64. +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
  65. +<html>
  66. + <head>
  67. + <meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
  68. + <meta name="generator" content="HTML Tidy, see www.w3.org">
  69. + <title>ntp-wait - waits until ntpd is in synchronized state</title>
  70. + <link href="scripts/style.css" type="text/css" rel="stylesheet">
  71. + </head>
  72. + <body>
  73. + <h3><tt>ntp-wait</tt> - waits until ntpd is in synchronized state</h3>
  74. + <hr>
  75. + <h4>Synopsis</h4>
  76. + <p><tt>ntp-wait [ -v ] [ -n <i>tries</i> ] [ -s <i>seconds</i> ]</tt></p>
  77. + <h4>Description</h4>
  78. + <p>The <tt>ntp-wait</tt> program blocks until ntpd is in synchronized state.
  79. + This can be useful at boot time, to delay the boot sequence
  80. + until after "ntpd -g" has set the time.
  81. + <h4>Command Line Options</h4>
  82. + <dl>
  83. + <dt><tt>-n <i>tries</i></tt>
  84. + <dd>Number of tries before giving up. The default is 1000.
  85. + <dt><tt>-s <i>seconds</i></tt>
  86. + <dd>Seconds to sleep between tries. The default is 6 seconds.
  87. + <dt><tt>-v</tt>
  88. + <dd>Be verbose.
  89. + </dl>
  90. + <script type="text/javascript" language="javascript" src="scripts/footer.txt"></script>
  91. + </body>
  92. +
  93. +</html>
  94. diff -up ntp-4.2.6p2/html/ntpd.html.htmldoc ntp-4.2.6p2/html/ntpd.html
  95. --- ntp-4.2.6p2/html/ntpd.html.htmldoc 2009-12-09 08:36:35.000000000 +0100
  96. +++ ntp-4.2.6p2/html/ntpd.html 2010-07-12 16:27:39.000000000 +0200
  97. @@ -32,7 +32,7 @@
  98. </ul>
  99. <hr>
  100. <h4 id="synop">Synopsis</h4>
  101. - <tt>ntpd [ -46aAbdDgLmnNqx ] [ -c <i>conffile</i> ] [ -f <i>driftfile</i> ] [ -i <i>jaildir</i> ] [ -k <i>keyfile</i> ] [ -l <i>logfile</i> ] [ -p <i>pidfile</i> ] [ -P <i>priority</i> ] [ -r <i>broadcastdelay</i> ] [ -s <i>statsdir</i> ] [ -t <i>key</i> ] [ -u <i>user</i>[:<i>group</i>] ] [ -U <i>interface_update_interval</i> ] [ -v <i>variable</i> ] [ -V <i>variable</i> ]</tt>
  102. + <tt>ntpd [ -46aAbdDgLnNqx ] [ -c <i>conffile</i> ] [ -f <i>driftfile</i> ] [ -i <i>jaildir</i> ] [ -I <i>iface</i> ] [ -k <i>keyfile</i> ] [ -l <i>logfile</i> ] [ -p <i>pidfile</i> ] [ -P <i>priority</i> ] [ -r <i>broadcastdelay</i> ] [ -s <i>statsdir</i> ] [ -t <i>key</i> ] [ -u <i>user</i>[:<i>group</i>] ] [ -U <i>interface_update_interval</i> ] [ -v <i>variable</i> ] [ -V <i>variable</i> ]</tt>
  103. <h4 id="descr">Description</h4>
  104. <p>The <tt>ntpd</tt> program is an operating system daemon that synchronises the system clock with remote NTP&nbsp;time servers or local reference clocks. It is a complete implementation of the Network Time Protocol (NTP) version 4, but also retains compatibility with version 3, as defined by RFC-1305, and version 1 and 2, as defined by RFC-1059 and RFC-1119, respectively. The program can operate in any of several modes, as described on the <a href="assoc.html">Association Management</a> page, and with both symmetric key and public key cryptography, as described on the <a href="manyopt.html">Authentication Options</a> page.</p>
  105. <p>The <tt>ntpd</tt> program ordinarily requires a configuration file as desccribe on the Configuration Commands and Options collection above. However a client can discover remote servers and configure them automatically. This makes it possible to deploy a fleet of workstations without specifying configuration details specific to the local environment. Further details are on the <a href="manyopt.html">Automatic Server Discovery</a> page.</p>
  106. @@ -44,7 +44,7 @@
  107. <p>The issues should be carefully considered before using these options. The maximum slew rate possible is limited to 500 parts-per-million (PPM) by the Unix kernel. As a result, the clock can take 2000 s for each second the clock is outside the acceptable range. During this interval the clock will not be consistent with any other network clock and the system cannot be used for distributed applications that require correctly synchronized network time.</p>
  108. <p>The frequency file, usually called <tt>ntp.drift</tt>, contains the latest estimate of clock frequency. If this file does not exist when <tt>ntpd</tt> is started, it enters a special mode designed to measure the particular frequency directly. The measurement takes 15 minutes, after which the frequency is set and <tt>ntpd</tt> resumes normal mode where the time and frequency are continuously adjusted. The frequency file is updated at intervals of an hour or more depending on the measured clock stability.</p>
  109. <h4 id="modes">Operating Modes</h4>
  110. - <p>The <tt>ntpd</tt> program normally operates continuously while adjusting the time and frequency, but in some cases it may not be practical to run it continuously. With the <tt>-q</tt> option <tt>ntpd</tt> operates as in continous mode, but exits just after setting the clock for the first time. Most applications will probably want to specify the <tt>iburst</tt> option with the <tt>server</tt> command. With this option a volley of messages is exchanged to groom the data and set the clock in about 10 s. If nothing is heard after a few minutes, the daemon times out and exits.</p>
  111. + <p>The <tt>ntpd</tt> program normally operates continuously while adjusting the time and frequency, but in some cases it may not be practical to run it continuously. With the <tt>-q</tt> option <tt>ntpd</tt> operates as in continous mode, but exits just after setting the clock for the first time with the configured servers. Most applications will probably want to specify the <tt>iburst</tt> option with the <tt>server</tt> command. With this option a volley of messages is exchanged to groom the data and set the clock in about 10 s. If nothing is heard after a few minutes, the daemon times out and exits.</p>
  112. <h4 id="poll">Poll Interval Control</h4>
  113. <p>NTP uses an intricate heuristic algorithm to automatically control the poll interval for maximum accuracy consistent with minimum network overhead. The algorithm measures the incidental offset and jitter to determine the best poll interval. When <tt>ntpd</tt> starts, the interval is the default minimum 64 s. Under normal conditions when the clock discipline has stabilized, the interval increases in steps to the default maximum 1024 s. In addition, should a server become unreachable after some time, the interval increases in steps to the maximum in order to reduce network overhead.</p>
  114. <p>The default poll interval range is suitable for most conditions, but can be changed using options on the <a href="confopt.html">Server Options</a> and <a href="miscopt.html">Miscellaneous Options</a> pages. However, when using maximum intervals much larger than the default, the residual clock frequency error must be small enough for the discipline loop to capture and correct. The capture range is 500 PPM with a 64-s interval decreasing by a factor of two for each interval doubling. At a 36-hr interval, for example, the capture range is only 0.24 PPM.</p>
  115. @@ -88,8 +88,13 @@
  116. <p>In contexts where a host name is expected, a <tt>-4</tt> qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a <tt>-6</tt> qualifier forces DNS resolution to the IPv6 namespace.</p>
  117. <p>Various internal <tt>ntpd</tt> variables can be displayed and configuration options altered while the <tt>ntpd</tt> is running using the <tt><a href="ntpq.html">ntpq</a></tt> and <tt><a href="ntpdc.html">ntpdc</a></tt> utility programs.</p>
  118. <p>When <tt>ntpd</tt> starts it looks at the value of <tt>umask</tt>, and if zero <tt>ntpd</tt> will set the <tt>umask</tt> to <tt>022</tt>.</p>
  119. + <p>Unless the <tt>-n</tt>, <tt>-d</tt> or <tt>-D</tt> option is used, <tt>ntpd</tt> changes the current working directory to the root directory, so any options or commands specifying paths need to use an absolute path or a path relative to the root.</p>
  120. <h4 id="cmd">Command Line Options</h4>
  121. <dl>
  122. + <dt><tt>-4</tt>
  123. + <dd>Force DNS resolution of host names to the IPv4 namespace.
  124. + <dt><tt>-6</tt>
  125. + <dd>Force DNS resolution of host names to the IPv6 namespace.
  126. <dt><tt>-a</tt></dt>
  127. <dd>Require cryptographic authentication for broadcast client, multicast client and symmetric passive associations. This is the same operation as the <tt>enable auth</tt> command and is the default.</dd>
  128. <dt><tt>-A</tt></dt>
  129. @@ -103,7 +108,7 @@
  130. <dt><tt>-D <i>level</i></tt></dt>
  131. <dd>Specify debugging level directly.</dd>
  132. <dt><tt>-f <i>driftfile</i></tt></dt>
  133. - <dd>Specify the name and path of the frequency file, default <tt>/etc/ntp.drift</tt>. This is the same operation as the <tt>driftfile <i>driftfile</i></tt> command.</dd>
  134. + <dd>Specify the name and path of the frequency file. This is the same operation as the <tt>driftfile <i>driftfile</i></tt> command.</dd>
  135. <dt><tt>-g</tt></dt>
  136. <dd>Normally, <tt>ntpd</tt> exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that, <tt>ntpd</tt> will exit with a message to the system log. This option can be used with the <tt>-q</tt> and <tt>-x</tt> options. See the <tt>tinker</tt> command for other options.</dd>
  137. <dt><tt>-i <i>jaildir</i></tt></dt>
  138. @@ -111,7 +116,7 @@
  139. <dt id="--interface"><tt>-I [<i>address</i> | <i>interface name</i>]</tt></dt>
  140. <dd>Open the network address given, or all the addresses associated with the given interface name. This option may appear multiple times. This option also implies not opening other addresses, except wildcard and localhost. This option is deprecated. Please consider using the configuration file <a href="miscopt.html#interface">interface</a> command, which is more versatile.</dd>
  141. <dt><tt>-k <i>keyfile</i></tt></dt>
  142. - <dd>Specify the name and path of the symmetric key file, default <tt>/etc/ntp.keys</tt>. This is the same operation as the <tt>keys <i>keyfile</i></tt> command.</dd>
  143. + <dd>Specify the name and path of the symmetric key file. This is the same operation as the <tt>keys <i>keyfile</i></tt> command.</dd>
  144. <dt><tt>-l <i>logfile</i></tt></dt>
  145. <dd>Specify the name and path of the log file. The default is the system log file. This is the same operation as the <tt>logfile <i>logfile</i></tt> command.</dd>
  146. <dt id="--novirtualips"><tt>-L</tt></dt>
  147. @@ -209,17 +214,20 @@
  148. </tr>
  149. <tr>
  150. <td width="30%">statistics path</td>
  151. - <td width="30%"><tt>/var/NTP</tt></td>
  152. + <td width="30%"><tt>/var/log/ntpstats/</tt></td>
  153. <td width="20%"><tt>-s</tt></td>
  154. <td width="20%"><tt>statsdir</tt></td>
  155. </tr>
  156. <tr>
  157. <td width="30%">keys path</td>
  158. - <td width="30%"><tt>/usr/local/etc</tt></td>
  159. - <td width="20%"><tt>-k</tt></td>
  160. + <td width="30%"><tt>/etc/ntp/crypto</tt></td>
  161. + <td width="20%"><tt>none</tt></td>
  162. <td width="20%"><tt>keysdir</tt></td>
  163. </tr>
  164. </table>
  165. + <h4 id="codes">Exit Codes</h4>
  166. + <p>A non-zero exit code indicates an error. Any error messages are logged to the system log by default.</p>
  167. + <p>The exit code is 0 only when <tt>ntpd</tt> is terminated by a signal, or when the <tt>-q</tt> option is used and <tt>ntpd</tt> successfully sets the system clock.</p>
  168. <hr>
  169. <script type="text/javascript" language="javascript" src="scripts/footer.txt"></script>
  170. </body>
  171. diff -up ntp-4.2.6p2/html/ntpdate.html.htmldoc ntp-4.2.6p2/html/ntpdate.html
  172. --- ntp-4.2.6p2/html/ntpdate.html.htmldoc 2010-07-12 16:27:39.000000000 +0200
  173. +++ ntp-4.2.6p2/html/ntpdate.html 2010-07-12 16:27:39.000000000 +0200
  174. @@ -18,9 +18,9 @@
  175. <hr>
  176. <p>Disclaimer: The functionality of this program is now available in the <tt>ntpd</tt> program. See the <tt>-q</tt> command line option in the <a href="ntpd.html"><tt>ntpd</tt> - Network Time Protocol (NTP) daemon</a> page. After a suitable period of mourning, the <tt>ntpdate</tt> program is to be retired from this distribution</p>
  177. <h4>Synopsis</h4>
  178. - <tt>ntpdate [ -bBdoqsuv ] [ -a <i>key</i> ] [ -e <i>authdelay</i> ] [ -k <i>keyfile</i> ] [ -o <i>version</i> ] [ -p <i>samples</i> ] [ -t <i>timeout</i> ] [ -U <i>user_name</i> ] <i>server</i> [ ... ]</tt>
  179. + <tt>ntpdate [ -46bBdqsuv ] [ -a <i>key</i> ] [ -e <i>authdelay</i> ] [ -k <i>keyfile</i> ] [ -o <i>version</i> ] [ -p <i>samples</i> ] [ -t <i>timeout</i> ] [ -U <i>user_name</i> ] <i>server</i> [ ... ]</tt>
  180. <h4>Description</h4>
  181. - <tt>ntpdate</tt> sets the local date and time by polling the Network Time Protocol (NTP) server(s) given as the <i>server</i> arguments to determine the correct time. It must be run as root on the local host. A number of samples are obtained from each of the servers specified and a subset of the NTP clock filter and selection algorithms are applied to select the best of these. Note that the accuracy and reliability of <tt>ntpdate</tt> depends on the number of servers, the number of polls each time it is run and the interval between runs.
  182. + <p><tt>ntpdate</tt> sets the local date and time by polling the Network Time Protocol (NTP) server(s) given as the <i>server</i> arguments to determine the correct time. It must be run as root on the local host. A number of samples are obtained from each of the servers specified and a subset of the NTP clock filter and selection algorithms are applied to select the best of these. Note that the accuracy and reliability of <tt>ntpdate</tt> depends on the number of servers, the number of polls each time it is run and the interval between runs.</p>
  183. <p><tt>ntpdate</tt> can be run manually as necessary to set the host clock, or it can be run from the host startup script to set the clock at boot time. This is useful in some cases to set the clock initially before starting the NTP daemon <tt>ntpd</tt>. It is also possible to run <tt>ntpdate</tt> from a <tt>cron</tt> script. However, it is important to note that <tt>ntpdate</tt> with contrived <tt>cron</tt> scripts is no substitute for the NTP daemon, which uses sophisticated algorithms to maximize accuracy and reliability while minimizing resource use. Finally, since <tt>ntpdate</tt> does not discipline the host clock frequency as does <tt>ntpd</tt>, the accuracy using <tt>ntpdate</tt> is limited.</p>
  184. <p>Time adjustments are made by <tt>ntpdate</tt> in one of two ways. If <tt>ntpdate</tt> determines the clock is in error more than 0.5 second it will simply step the time by calling the system <tt>settimeofday()</tt> routine. If the error is less than 0.5 seconds, it will slew the time by calling the system <tt>adjtime()</tt> routine. The latter technique is less disruptive and more accurate when the error is small, and works quite well when <tt>ntpdate</tt> is run by <tt>cron</tt> every hour or two.</p>
  185. <p><tt>ntpdate</tt> will decline to set the date if an NTP server daemon (e.g., <tt>ntpd</tt>) is running on the same host. When running <tt>ntpdate</tt> on a regular basis from <tt>cron</tt> as an alternative to running a daemon, doing so once every hour or two will result in precise enough timekeeping to avoid stepping the clock.</p>
  186. @@ -33,9 +33,9 @@
  187. <dt><tt>-6</tt>
  188. <dd>Force DNS resolution of following host names on the command line to the IPv6 namespace.
  189. <dt><tt>-a <i>key</i></tt>
  190. - <dd>Enable the authentication function and specify the key identifier to be used for authentication as the argument <i>key</i><tt>ntpdate</tt>. The keys and key identifiers must match in both the client and server key files. The default is to disable the authentication function.
  191. + <dd>Enable the authentication function and specify the key identifier to be used for authentication as the argument <i>key</i>. The keys and key identifiers must match in both the client and server key files. The default is to disable the authentication function.
  192. <dt><tt>-B</tt>
  193. - <dd>Force the time to always be slewed using the adjtime() system call, even if the measured offset is greater than +-128 ms. The default is to step the time using settimeofday() if the offset is greater than +-128 ms. Note that, if the offset is much greater than +-128 ms in this case, that it can take a long time (hours) to slew the clock to the correct value. During this time. the host should not be used to synchronize clients.
  194. + <dd>Force the time to always be slewed using the adjtime() system call, even if the measured offset is greater than +-500 ms. The default is to step the time using settimeofday() if the offset is greater than +-500 ms. Note that, if the offset is much greater than +-500 ms in this case, that it can take a long time (hours) to slew the clock to the correct value. During this time. the host should not be used to synchronize clients.
  195. <dt><tt>-b</tt>
  196. <dd>Force the time to be stepped using the settimeofday() system call, rather than slewed (default) using the adjtime() system call. This option should be used when called from a startup file at boot time.
  197. <dt><tt>-d</tt>
  198. @@ -43,9 +43,9 @@
  199. <dt><tt>-e <i>authdelay</i></tt>
  200. <dd>Specify the processing delay to perform an authentication function as the value <i>authdelay</i>, in seconds and fraction (see <tt>ntpd</tt> for details). This number is usually small enough to be negligible for most purposes, though specifying a value may improve timekeeping on very slow CPU's.
  201. <dt><tt>-k <i>keyfile</i></tt>
  202. - <dd>Specify the path for the authentication key file as the string <i>keyfile</i>. The default is <tt>/etc/ntp.keys</tt>. This file should be in the format described in <tt>ntpd</tt>.
  203. + <dd>Specify the path for the authentication key file as the string <i>keyfile</i>. The default is <tt>/etc/ntp/keys</tt>. This file should be in the format described in <tt>ntpd</tt>.
  204. <dt><tt>-o <i>version</i></tt>
  205. - <dd>Specify the NTP version for outgoing packets as the integer <i>version</i>, which can be 1 or 2. The default is 3. This allows <tt>ntpdate</tt> to be used with older NTP versions.
  206. + <dd>Specify the NTP version for outgoing packets as the integer <i>version</i>, which can be 1 or 2. The default is 4. This allows <tt>ntpdate</tt> to be used with older NTP versions.
  207. <dt><tt>-p <i>samples</i></tt>
  208. <dd>Specify the number of samples to be acquired from each server as the integer <i>samples</i>, with values from 1 to 8 inclusive. The default is 4.
  209. <dt><i><tt>-q</tt></i>
  210. @@ -55,7 +55,7 @@
  211. <dt><tt>-t <i>timeout</i></tt>
  212. <dd>Specify the maximum time waiting for a server response as the value <i>timeout</i>, in seconds and fraction. The value is is rounded to a multiple of 0.2 seconds. The default is 1 second, a value suitable for polling across a LAN.
  213. <dt><tt>-u</tt>
  214. - <dd>Direct <tt>ntpdate</tt> to use an unprivileged port or outgoing packets. This is most useful when behind a firewall that blocks incoming traffic to privileged ports, and you want to synchronise with hosts beyond the firewall. Note that the <tt>-d</tt> option always uses unprivileged ports.
  215. + <dd>Direct <tt>ntpdate</tt> to use an unprivileged port for outgoing packets. This is most useful when behind a firewall that blocks incoming traffic to privileged ports, and you want to synchronize with hosts beyond the firewall. Note that the <tt>-d</tt> option always uses unprivileged ports.
  216. <dt><tt>-<i>v</i></tt>
  217. <dd>Be verbose. This option will cause <tt>ntpdate</tt>'s version identification string to be logged.
  218. @@ -67,7 +67,7 @@
  219. <h4>Diagnostics</h4>
  220. <tt>ntpdate</tt>'s exit status is zero if it finds a server and updates the clock, and nonzero otherwise.
  221. <h4>Files</h4>
  222. - <tt>/etc/ntp.keys</tt> - encryption keys used by <tt>ntpdate</tt>.
  223. + <tt>/etc/ntp/keys</tt> - encryption keys used by <tt>ntpdate</tt>.
  224. <h4>Bugs</h4>
  225. The slew adjustment is actually 50% larger than the measured offset, since this (it is argued) will tend to keep a badly drifting clock more accurate. This is probably not a good idea and may cause a troubling hunt for some values of the kernel variables <tt>tick</tt> and <tt>tickadj</tt>.&nbsp;
  226. <hr>
  227. diff -up ntp-4.2.6p2/html/ntpdc.html.htmldoc ntp-4.2.6p2/html/ntpdc.html
  228. --- ntp-4.2.6p2/html/ntpdc.html.htmldoc 2009-12-09 08:36:35.000000000 +0100
  229. +++ ntp-4.2.6p2/html/ntpdc.html 2010-07-12 16:27:39.000000000 +0200
  230. @@ -19,9 +19,9 @@
  231. <script type="text/javascript" language="javascript" src="scripts/manual.txt"></script>
  232. <hr>
  233. <h4>Synopsis</h4>
  234. - <tt>ntpdc [ -ilnps ] [ -c <i>command</i> ] [ <i>host</i> ] [ ... ]</tt>
  235. + <tt>ntpdc [ -46dilnps ] [ -c <i>command</i> ] [ <i>host</i> ] [ ... ]</tt>
  236. <h4>Description</h4>
  237. - <tt>ntpdc</tt> is used to query the <tt>ntpd</tt> daemon about its current state and to request changes in that state. The program may be run either in interactive mode or controlled using command line arguments. Extensive state and statistics information is available through the <tt>ntpdc</tt> interface. In addition, nearly all the configuration options which can be specified at startup using ntpd's configuration file may also be specified at run time using <tt>ntpdc</tt>.
  238. + <p><tt>ntpdc</tt> is used to query the <tt>ntpd</tt> daemon about its current state and to request changes in that state. The program may be run either in interactive mode or controlled using command line arguments. Extensive state and statistics information is available through the <tt>ntpdc</tt> interface. In addition, nearly all the configuration options which can be specified at startup using ntpd's configuration file may also be specified at run time using <tt>ntpdc</tt>.</p>
  239. <p>If one or more request options are included on the command line when <tt>ntpdc</tt> is executed, each of the requests will be sent to the NTP servers running on each of the hosts given as command line arguments, or on localhost by default. If no request options are given, <tt>ntpdc</tt> will attempt to read commands from the standard input and execute these on the NTP server running on the first host given on the command line, again defaulting to localhost when no other host is specified. <tt>ntpdc</tt> will prompt for commands if the standard input is a terminal device.</p>
  240. <p><tt>ntpdc</tt> uses NTP mode 7 packets to communicate with the NTP server, and hence can be used to query any compatible server on the network which permits it. Note that since NTP is a UDP protocol this communication will be somewhat unreliable, especially over large distances in terms of network topology. <tt>ntpdc</tt> makes no attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time.</p>
  241. <p>The operation of <tt>ntpdc</tt> are specific to the particular implementation of the <tt>ntpd</tt> daemon and can be expected to work only with this and maybe some previous versions of the daemon. Requests from a remote <tt>ntpdc</tt> program which affect the state of the local server must be authenticated, which requires both the remote program and local server share a common key and key identifier.</p>
  242. @@ -35,6 +35,8 @@
  243. <dd>Force DNS resolution of following host names on the command line to the IPv6 namespace.
  244. <dt><tt>-c <i>command</i></tt>
  245. <dd>The following argument is interpreted as an interactive format command and is added to the list of commands to be executed on the specified host(s). Multiple -c options may be given.
  246. + <dt><tt>-d</tt>
  247. + <dd>Turn on debugging mode.
  248. <dt><tt>-i</tt>
  249. <dd>Force <tt>ntpdc</tt> to operate in interactive mode. Prompts will be written to the standard output and commands read from the standard input.
  250. <dt><tt>-l</tt>
  251. @@ -134,11 +136,11 @@
  252. <dt><tt>addpeer <i>peer_address</i> [
  253. <i>keyid</i> ] [ <i>version</i> ] [
  254. <tt>minpoll# | prefer | iburst | burst | minpoll
  255. - <i>N</i> | <tt>maxpoll</tt> <i>N</i> [...] ]</tt>
  256. + <i>N</i> | <tt>maxpoll</tt> <i>N</i> [...] </tt> ]</tt>
  257. <dt><tt>addpeer <i>peer_address</i> [
  258. <tt>prefer | iburst | burst | minpoll
  259. <i>N</i> | <tt>maxpoll</tt> <i>N</i> | <tt>keyid</tt>
  260. - <i>N</i> | <tt>version</tt> <i>N</i> [...] ]</tt>
  261. + <i>N</i> | <tt>version</tt> <i>N</i> [...] </tt> ]</tt>
  262. <dd>Add a configured peer association at the
  263. given address and operating in symmetric
  264. active mode. Note that an existing association
  265. @@ -162,16 +164,16 @@
  266. <tt>peer</tt> configuration file command of
  267. ntpd. See the <a href="confopt.html">Server Options</a> page for further information.
  268. Each flag (or its absence) replaces the
  269. - previous setting. The <tt>prefer</tt> keyword indicates a preferred peer (and thus will be used primarily for clock synchronisation if possible). The preferred peer also determines the validity of the PPS signal - if the preferred peer is suitable for synchronisation so is the PPS signal.
  270. + previous setting. The <tt>prefer</tt> keyword indicates a preferred peer (and thus will be used primarily for clock synchronization if possible). The preferred peer also determines the validity of the PPS signal - if the preferred peer is suitable for synchronization so is the PPS signal.
  271. The <tt>dynamic</tt> keyword allows association configuration even when no suitable network interface is found at configuration time. The dynamic interface update mechanism may complete the configuration when new interfaces appear (e.g. WLAN/PPP interfaces) at a later time and thus render the association operable.
  272. <dt><tt>addserver <i>peer_address</i> [
  273. <i>keyid</i> ] [ <i>version</i> ] [
  274. <tt>minpoll# | prefer | iburst | burst | minpoll
  275. - <i>N</i> | <tt>maxpoll</tt> <i>N</i> [...] ]</tt>
  276. + <i>N</i> | <tt>maxpoll</tt> <i>N</i> [...] </tt> ]</tt>
  277. <dt><tt>addserver <i>peer_address</i> [
  278. <tt>prefer | iburst | burst | minpoll
  279. <i>N</i> | <tt>maxpoll</tt> <i>N</i> | <tt>keyid</tt>
  280. - <i>N</i> | <tt>version</tt> <i>N</i> [...] ]</tt>
  281. + <i>N</i> | <tt>version</tt> <i>N</i> [...] </tt> ]</tt>
  282. <dd>Identical to the addpeer command, except that the operating mode is client.
  283. <dt><tt>broadcast <i>peer_address</i> [
  284. <i>keyid</i> ] [ <i>version</i> ] [ <i>prefer</i> ]</tt>
  285. @@ -200,9 +202,9 @@
  286. <dd>Returns information concerning the authentication module, including known keys and counts of encryptions and decryptions which have been done.
  287. <dt><tt>traps</tt>
  288. <dd>Display the traps set in the server. See the source listing for further information.
  289. - <dt><tt>addtrap [ <i>address</i> [ <i>port</i> ] [ <i>interface</i> ]</tt>
  290. + <dt><tt>addtrap [ <i>address</i> ] [ <i>port</i> ] [ <i>interface</i> ]</tt>
  291. <dd>Set a trap for asynchronous messages. See the source listing for further information.
  292. - <dt><tt>clrtrap [ <i>address</i> [ <i>port</i> ] [ <i>interface</i>]</tt>
  293. + <dt><tt>clrtrap [ <i>address</i> ] [ <i>port</i> ] [ <i>interface</i>]</tt>
  294. <dd>Clear a trap for asynchronous messages. See the source listing for further information.
  295. <dt><tt>reset</tt>
  296. <dd>Clear the statistics counters in various modules of the server. See the source listing for further information.
  297. diff -up ntp-4.2.6p2/html/ntpq.html.htmldoc ntp-4.2.6p2/html/ntpq.html
  298. --- ntp-4.2.6p2/html/ntpq.html.htmldoc 2010-02-09 11:01:26.000000000 +0100
  299. +++ ntp-4.2.6p2/html/ntpq.html 2010-07-12 16:27:39.000000000 +0200
  300. @@ -21,7 +21,7 @@
  301. <script type="text/javascript" language="javascript" src="scripts/manual.txt"></script>
  302. <hr>
  303. <h4>Synopsis</h4>
  304. - <tt>ntpq [-inp] [-c <i>command</i>] [<i>host</i>] [...]</tt>
  305. + <tt>ntpq [-46dinp] [-c <i>command</i>] [<i>host</i>] [...]</tt>
  306. <h4>Description</h4>
  307. <p>The <tt>ntpq</tt> utility program is used to monitor NTP daemon <tt>ntpd</tt> operations
  308. and determine performance. It uses the standard NTP mode 6 control
  309. @@ -591,4 +591,4 @@
  310. <script type="text/javascript" language="javascript" src="scripts/footer.txt"></script>
  311. </body>
  312. -</html>
  313. \ No newline at end of file
  314. +</html>
  315. diff -up ntp-4.2.6p2/html/ntptrace.html.htmldoc ntp-4.2.6p2/html/ntptrace.html
  316. --- ntp-4.2.6p2/html/ntptrace.html.htmldoc 2009-12-09 08:36:36.000000000 +0100
  317. +++ ntp-4.2.6p2/html/ntptrace.html 2010-07-12 16:27:39.000000000 +0200
  318. @@ -17,7 +17,7 @@
  319. <br clear="left">
  320. <hr>
  321. <h4>Synopsis</h4>
  322. - <tt>ntptrace [ -vdn ] [ -r <i>retries</i> ] [ -t <i>timeout</i> ] [ <i>server</i> ]</tt>
  323. + <tt>ntptrace [ -n ] [ -m <i>maxhosts</i> ] [ <i>server</i> ]</tt>
  324. <h4>Description</h4>
  325. <p><tt>ntptrace</tt> is a <tt>perl</tt> script that uses the <tt>ntpq</tt> utility program to follow the chain of NTP&nbsp;servers from a given host back to the primary time source. For <tt>ntptrace</tt> to work properly, each of these servers must implement the NTP&nbsp;Control and Monitoring Protocol specified in RFC 1305 and enable NTP&nbsp;Mode 6 packets.</p>
  326. <p>If given no arguments, <tt>ntptrace</tt> starts with <tt>localhost</tt>. Here is an example of the output from <tt>ntptrace</tt>:</p>
  327. @@ -30,16 +30,8 @@ usndh.edu: stratum 1, offset 0.0019298,
  328. <p>On each line, the fields are (left to right): the host name, the host stratum, the time offset between that host and the local host (as measured by <tt>ntptrace</tt>; this is why it is not always zero for &quot;<tt>localhost</tt>&quot;), the host synchronization distance, and (only for stratum-1 servers) the reference clock ID. All times are given in seconds. Note that the stratum is the server hop count to the primary source, while the synchronization distance is the estimated error relative to the primary source. These terms are precisely defined in RFC-1305.</p>
  329. <h4>Options</h4>
  330. <dl>
  331. - <dt><tt>-d</tt>
  332. - <dd>Turns on some debugging output.
  333. <dt><tt>-n</tt>
  334. <dd>Turns off the printing of host names; instead, host IP addresses are given. This may be useful if a nameserver is down.
  335. - <dt><tt>-r <i>retries</i></tt>
  336. - <dd>Sets the number of retransmission attempts for each host (default = 5).
  337. - <dt><tt>-t <i>timeout</i></tt>
  338. - <dd>Sets the retransmission timeout (in seconds) (default = 2).
  339. - <dt><tt>-v</tt>
  340. - <dd>Prints verbose information about the NTP servers.
  341. </dl>
  342. <h4>Bugs</h4>
  343. <p>This program makes no attempt to improve accuracy by doing multiple samples.</p>
  344. @@ -47,4 +39,4 @@ usndh.edu: stratum 1, offset 0.0019298,
  345. <script type="text/javascript" language="javascript" src="scripts/footer.txt"></script>
  346. </body>
  347. -</html>
  348. \ No newline at end of file
  349. +</html>
  350. diff -up ntp-4.2.6p2/html/tickadj.html.htmldoc ntp-4.2.6p2/html/tickadj.html
  351. --- ntp-4.2.6p2/html/tickadj.html.htmldoc 2009-12-09 08:36:36.000000000 +0100
  352. +++ ntp-4.2.6p2/html/tickadj.html 2010-07-12 16:27:39.000000000 +0200
  353. @@ -14,10 +14,12 @@
  354. <p>Last update: <csobj format="ShortTime" h="25" locale="00000409" region="0" t="DateTime" w="61">18:53</csobj> UTC <csobj format="LongDate" h="25" locale="00000409" region="0" t="DateTime" w="308">Wednesday, January 16, 2008</csobj></p>
  355. <hr>
  356. <h4>Synopsis</h4>
  357. - <tt>tickadj [ -Aqs ] [ -a <i>tickadj</i> ] [ -t <i>tick</i> ]</tt>
  358. + <p><tt>tickadj [ <i>tick</i> ]</tt></p>
  359. + <p><tt>tickadj [ -Aqs ] [ -a <i>tickadj</i> ] [ -t <i>tick</i> ]</tt></p>
  360. <h4>Description</h4>
  361. <p>The <tt>tickadj</tt> program reads, and optionally modifies, several timekeeping-related variables in older kernels that do not have support for precision ttimekeeping, including HP-UX, SunOS, Ultrix, SGI and probably others. Those machines provide means to patch the kernel <tt>/dev/kmem</tt>. Newer machines with kernel time support, including Solaris, Tru64, FreeBSD and Linux, should NOT use the program, even if it appears to work, as it will destabilize the kernel time support. Use the <a href="ntptime.html"><tt>ntptime</tt></a> program instead.</p>
  362. <p>The particular variables that can be changed with <tt>tickadj</tt> include <tt>tick</tt>, which is the number of microseconds added to the system time for a clock interrupt, <tt>tickadj</tt>, which sets the slew rate and resolution used by the <tt>adjtime</tt> system call, and <tt>dosynctodr</tt>, which indicates to the kernels on some machines whether they should internally adjust the system clock to keep it in line with time-of-day clock or not.</p>
  363. + <p>On Linux, only the <tt>tick</tt> variable is supported and the only allowed argument is the tick value.</p>
  364. <p>By default, with no arguments, <tt>tickadj</tt> reads the variables of interest in the kernel and displays them. At the same time, it determines an &quot;optimal&quot; value for the value of the <tt>tickadj</tt> variable if the intent is to run the <tt>ntpd</tt> Network Time Protocol (NTP) daemon, and prints this as well. Since the operation of <tt>tickadj</tt> when reading the kernel mimics the operation of similar parts of the <tt>ntpd</tt> program fairly closely, this can be useful when debugging problems with <tt>ntpd</tt>.</p>
  365. <p>Note that <tt>tickadj</tt> should be run with some caution when being used for the first time on different types of machines. The operations which <tt>tickadj</tt> tries to perform are not guaranteed to work on all Unix machines and may in rare cases cause the kernel to crash.</p>
  366. <h4>Command Line Options</h4>
  367. @@ -43,4 +45,4 @@
  368. <script type="text/javascript" language="javascript" src="scripts/footer.txt"></script>
  369. </body>
  370. -</html>
  371. \ No newline at end of file
  372. +</html>