Re: [chrony-users] cmd channel on localhost

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


On Thu, Jul 4, 2019 at 5:46 PM Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
>
> On Thu, Jul 04, 2019 at 05:04:55PM +0200, Youssef Ghorbal wrote:
> >  The problem I'm trying to solve it to pull statistics from a local
> > monitoring agent running on the same server (with its own user). So I
> > was expecting it to work fine pulling stats using localhost
> > cmdchannel. But from what I see this user needs to be part of the
> > chrony group in order to be able to use the socket rather then UDP on
> > localhost.
>
> Only some of the chronyc commands are allowed over UDP for security
> reasons. They are listed in the documentation. ntpdata is not one of
> them. The reason is that the some of the data might be useful for
> attacking the client.

My bad! you are absolutely right!
I was so focused on chrony.conf man page that I completely missed
chronyc man page.

Youssef

-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/