Re: [chrony-users] cmd channel on localhost

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]

To: chrony-users@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [chrony-users] cmd channel on localhost
From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Thu, 4 Jul 2019 17:46:31 +0200

On Thu, Jul 04, 2019 at 05:04:55PM +0200, Youssef Ghorbal wrote:
>  The problem I'm trying to solve it to pull statistics from a local
> monitoring agent running on the same server (with its own user). So I
> was expecting it to work fine pulling stats using localhost
> cmdchannel. But from what I see this user needs to be part of the
> chrony group in order to be able to use the socket rather then UDP on
> localhost.

Only some of the chronyc commands are allowed over UDP for security
reasons. They are listed in the documentation. ntpdata is not one of
them. The reason is that the some of the data might be useful for
attacking the client.

-- 
Miroslav Lichvar

-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Follow-Ups:
- Re: [chrony-users] cmd channel on localhost
  - From: Youssef Ghorbal

References:
- [chrony-users] cmd channel on localhost
  - From: Youssef Ghorbal

Messages sorted by: [ date | thread ]
Prev by Date: [chrony-users] cmd channel on localhost
Next by Date: Re: [chrony-users] cmd channel on localhost
Previous by thread: [chrony-users] cmd channel on localhost
Next by thread: Re: [chrony-users] cmd channel on localhost

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/