[chrony-dev] chrony-2.2-pre1 released |
[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]
The first prerelease for chrony-2.2 is now available. The most significant change is support for the command and monitoring protocol over Unix domain socket, which replaces authentication with the command key. This simplifies the configuration and it should also make the protocol more secure as only few monitoring commands can now be allowed for remote hosts. Users that need to configure chronyd remotely or locally as an ordinary user should consider using ssh and/or sudo to run chronyc on the server under the root user or the user under which chronyd is running when configured to drop the root privileges. The sources can be downloaded here: http://download.tuxfamily.org/chrony/chrony-2.2-pre1.tar.gz MD5 and SHA1 sums: cb9381ec832e937fe4324aceea681060 RELEASES/chrony-2.2-pre1.tar.gz 131e5ed17167e6b28607d3bc8c73f27a6add917a RELEASES/chrony-2.2-pre1.tar.gz Changes since version 2.1.1: Enhancements ------------ * Add support for configuration and monitoring over Unix domain socket (accessible by root or chrony user when root privileges are dropped) * Add support for system call filtering with seccomp on Linux * Add support for dropping root privileges on NetBSD * Control frequency of system clock on FreeBSD, NetBSD, Solaris * Add system leap second handling mode on FreeBSD, NetBSD, Solaris * Add dynamic drift removal on Mac OS X * Add support for setting real-time priority on Mac OS X * Add maxdistance directive to limit source selection by root distance * Add refresh command to get new addresses of NTP sources * Allow wildcard patterns in include directive * Add -d option to chronyc to enable debug messages * Allow multiple addresses to be specified for chronyc with -h option and reconnect when no valid reply is received Bug fixes --------- * Fix building on Solaris * Restore time from driftfile with -s option if reading RTC failed Removed features ---------------- * Drop support for authentication with command key (run-time configuration is now allowed only for local users that can access the Unix domain socket) -- Miroslav Lichvar
Attachment:
pgphZP1GmTFzs.pgp
Description: PGP signature
Mail converted by MHonArc 2.6.19+ | http://listengine.tuxfamily.org/ |