| Re: [chrony-users] cmd channel on localhost |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
- To: chrony-users@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-users] cmd channel on localhost
- From: Youssef Ghorbal <youssef.ghorbal@xxxxxxxxx>
- Date: Thu, 4 Jul 2019 18:10:46 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=R6NBfQ69KVFa+53DZlByEsYCJTLnr7IOWLqhNZ3Uvr4=; b=PLTqIKTlfo3XpFpMEOCRdVWxRvkVYmIw99EGw7Z3e0UdW2wOo5TD7q3U8sCpmhd0iI ixffOI8uLaIQ580rhVXXu5qfAomOreceu9B9wyPIVQlA13TExjkevV0ssbDrh8VAcIqW tmR/ucyOCXv16TO8oKfLGEScVsV/vn3TSolaUzngWYObWKPb1aGOYYnUnzQpR4HSxN8E qXImoWxNbrTl8jpzOPJCZPbwKIw3F+O5KsWXTB4lS+mmuetdcAlONaThuHR0rRtmqNju 0UW81ZSrOmaNyvO/o2Oj1myiLnCH/bputkSYLRAzOa2cluqMoWU3EHgDlr1x8bqykCs2 sIiA==
On Thu, Jul 4, 2019 at 5:46 PM Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
>
> On Thu, Jul 04, 2019 at 05:04:55PM +0200, Youssef Ghorbal wrote:
> > The problem I'm trying to solve it to pull statistics from a local
> > monitoring agent running on the same server (with its own user). So I
> > was expecting it to work fine pulling stats using localhost
> > cmdchannel. But from what I see this user needs to be part of the
> > chrony group in order to be able to use the socket rather then UDP on
> > localhost.
>
> Only some of the chronyc commands are allowed over UDP for security
> reasons. They are listed in the documentation. ntpdata is not one of
> them. The reason is that the some of the data might be useful for
> attacking the client.
My bad! you are absolutely right!
I was so focused on chrony.conf man page that I completely missed
chronyc man page.
Youssef
--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.