Re: 答复: [chrony-users] about nts

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ] 

On Mon, Nov 07, 2022 at 01:24:15AM +0000, chengyechun wrote:
> Am I misunderstood the makestep directive? I think makesteps 1 and 3 are modified in the next 3 synchronizations at any time longer than 1 second. It seems that the makestep command is executed only during startup. Makestep 1 -1 is what I understand. Does it synchronize any time more than 1 second? I've just verified it, and it seems that the result is

The -1 means infinity, i.e. the step can happen at any update of the
clock. Normally, people don't want any steps to not upset running
applications and avoid MITM attackers from shifting the clock too far
in the past or future (e.g. to invalidate certificates). That's not
very practical as the RTC which keeps time when the computer is shut
down is not very accurate, so a step usually needs to be allowed at
least on start. That's the recommended configuration.

If you intentionally set your clock to wrong time to see if chronyd
can bring it back, you need to allow the step to happen.

-- 
Miroslav Lichvar


-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/