Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using Debian-Testing and using ntpdate-debian for updating the time (ntpdate is taking a long time). I have following in /etc/rc.local file to open firewall otherwise ntpdate-debian does not work:
The first iptables-restore and ntpdate-debian commands work all right but the third command (iptables-restore blockall.rules) does not work. I check the status with 'sudo iptables-save' command after booting. How can I sort this problem? Thanks for your help.
I do not want to have a daemon running all the time. I want to synchronise time just once (at startup).
So I was initially using the command "{ntpd -qg; sudo hwclock -w}&;" in /etc/rc.local, but I noticed that it takes a long time to work when entered this command from commandline.
Then I noticed this "ntpdate" package in debian-testing repo. The command "sudo ntpdate" gives the error: "no servers can be used, exiting".
The command "sudo ntpdate-debian" works all right but needs some port to be unblocked. So I have to enter command to open the iptables temporarily. Otherwise it reports "sendto(ns02.hns.net.in): Operation not permitted" for all URLs.
ntpd uses absolutely minimal amounts of resources, and when running healthily won't even check once a day. There's no good reason for not running it. But either way, ntpdate and ntpd both use /etc/ntp.conf so, you'll need to configure it.
you shouldn't be using sudo in an rc.local file either as it's already root.
Does /etc/rc.local get executed before iptables package start the firewall? Is the iptables firewall state restored after reboot automatically and does it occur before /etc/rc.local execution? Do I really need to run a command to open iptables firewall at this stage?
rc.local would be the VERY last thing executed automatically by the init process. you should update the rulebase to permanently allow outbound connections to 123/UDP and forget about messing with iptables just to set the clock.
I do not want to have a daemon running all the time. I want to synchronise time just once (at startup).
So I was initially using the command "{ntpd -qg; sudo hwclock -w}&;" in /etc/rc.local, but I noticed that it takes a long time to work when entered this command from commandline.
Then I noticed this "ntpdate" package in debian-testing repo. The command "sudo ntpdate" gives the error: "no servers can be used, exiting".
The command "sudo ntpdate-debian" works all right but needs some port to be unblocked. So I have to enter command to open the iptables temporarily. Otherwise it reports "sendto(ns02.hns.net.in): Operation not permitted" for all URLs.
I set mine to '/etc/cron.hourly' so I get my clock set. You could set a time for cron to run once a day or use 'cron.daily' or however your Gnu/Linux is configured for 'cron'. You can just create a 'cron' job to task at whatever setting(s) you wish. Please be sure to use a 'pool'. Of course you should setup the firewall if you have blocked. But why block in the first place? I agree with 'acid_kewpie'. Setup your connection.
I realized that the command "{ntpd -qg; hwclock -w}&;" in /etc/rc.local keeps the time correct on my computer, though this command does not work later on because of the firewall! I think that firewall is not active when rc.local gets executed.
because that's good time management. Good sysadmin practise has all machines running ntpd. It is not a risk when ntpd is well configured.
ntpd does not periodically set the time, it tracks the reliability of the local system clock and uses multiple remote servers (Whereas ntpdate will only use one single server once) to understand how quickly the time is drifting off and make adjust the clock speed to keep it constantly correct.
Last edited by acid_kewpie; 01-09-2013 at 02:40 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.