Re: [chrony-users] cmd channel on localhost

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


On Thu, Jul 04, 2019 at 05:04:55PM +0200, Youssef Ghorbal wrote:
>  The problem I'm trying to solve it to pull statistics from a local
> monitoring agent running on the same server (with its own user). So I
> was expecting it to work fine pulling stats using localhost
> cmdchannel. But from what I see this user needs to be part of the
> chrony group in order to be able to use the socket rather then UDP on
> localhost.

Only some of the chronyc commands are allowed over UDP for security
reasons. They are listed in the documentation. ntpdata is not one of
them. The reason is that the some of the data might be useful for
attacking the client.

-- 
Miroslav Lichvar

-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/