chrony: added a working conf file.
This commit is contained in:
parent
c0a6a15dc6
commit
943f604137
2 changed files with 314 additions and 1 deletions
312
srcpkgs/chrony/files/chrony.conf
Normal file
312
srcpkgs/chrony/files/chrony.conf
Normal file
|
@ -0,0 +1,312 @@
|
|||
#######################################################################
|
||||
#
|
||||
# This is an example chrony configuration file. You should copy it to
|
||||
# /etc/chrony.conf after uncommenting and editing the options that you
|
||||
# want to enable. The more obscure options are not included. Refer
|
||||
# to the documentation for these.
|
||||
#
|
||||
# Copyright 2002 Richard P. Curnow
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of version 2 of the GNU General Public License as
|
||||
# published by the Free Software Foundation.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful, but
|
||||
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
# General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License along
|
||||
# with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
#
|
||||
#
|
||||
#######################################################################
|
||||
### COMMENTS
|
||||
# Any of the following lines are comments (you have a choice of
|
||||
# comment start character):
|
||||
# a comment
|
||||
% a comment
|
||||
! a comment
|
||||
; a comment
|
||||
#
|
||||
# Below, the '!' form is used for lines that you might want to
|
||||
# uncomment and edit to make your own chrony.conf file.
|
||||
#
|
||||
#######################################################################
|
||||
#######################################################################
|
||||
### SPECIFY YOUR NTP SERVERS
|
||||
# Most computers using chrony will send measurement requests to one or
|
||||
# more 'NTP servers'. You will probably find that your Internet Service
|
||||
# Provider or company have one or more NTP servers that you can specify.
|
||||
# Failing that, there are a lot of public NTP servers. There is a list
|
||||
# you can access at
|
||||
# http://www.eecis.udel.edu/~mills/ntp/servers.htm.
|
||||
|
||||
server 0.pool.ntp.org
|
||||
server 1.pool.ntp.org
|
||||
server 2.pool.ntp.org
|
||||
|
||||
# However, for dial-up use you probably want these instead. The word
|
||||
# 'offline' means that the server is not visible at boot time. Use
|
||||
# chronyc's 'online' command to tell chronyd that these servers have
|
||||
# become visible after you go on-line.
|
||||
|
||||
! server ntp0.your-isp.com offline
|
||||
! server ntp1.your-isp.com offline
|
||||
! server ntp.public-server.org offline
|
||||
|
||||
# You may want to specify NTP 'peers' instead. If you run a network
|
||||
# with a lot of computers and want several computers running chrony to
|
||||
# have the 'front-line' interface to the public NTP servers, you can
|
||||
# 'peer' these machines together to increase robustness.
|
||||
|
||||
! peer ntp0.my-company.com
|
||||
|
||||
# There are other options to the 'server' and 'peer' directives that you
|
||||
# might want to use. For example, you can ignore measurements whose
|
||||
# round-trip-time is too large (indicating that the measurement is
|
||||
# probably useless, because you don't know which way the measurement
|
||||
# message got held up.) Consult the full documentation for details.
|
||||
|
||||
#######################################################################
|
||||
### AVOIDING POTENTIALLY BOGUS CHANGES TO YOUR CLOCK
|
||||
#
|
||||
# To avoid changes being made to your computer's gain/loss compensation
|
||||
# when the measurement history is too erratic, you might want to enable
|
||||
# one of the following lines. The first seems good for dial-up (or
|
||||
# other high-latency connections like slow leased lines), the second
|
||||
# seems OK for a LAN environment.
|
||||
|
||||
! maxupdateskew 100
|
||||
maxupdateskew 5
|
||||
|
||||
#######################################################################
|
||||
### FILENAMES ETC
|
||||
# Chrony likes to keep information about your computer's clock in files.
|
||||
# The 'driftfile' stores the computer's clock gain/loss rate in parts
|
||||
# per million. When chronyd starts, the system clock can be tuned
|
||||
# immediately so that it doesn't gain or lose any more time. You
|
||||
# generally want this, so it is uncommented.
|
||||
|
||||
driftfile /etc/chrony.drift
|
||||
|
||||
# If you want to use the program called chronyc to configure aspects of
|
||||
# chronyd's operation once it is running (e.g. tell it the Internet link
|
||||
# has gone up or down), you need a password. This is stored in the
|
||||
# following keys file. (You also need keys to support authenticated NTP
|
||||
# exchanges between cooperating machines.) Again, this option is
|
||||
# assumed by default.
|
||||
|
||||
keyfile /etc/chrony.keys
|
||||
|
||||
# Tell chronyd which numbered key in the file is used as the password
|
||||
# for chronyc. (You can pick any integer up to 2**32-1. '1' is just a
|
||||
# default. Using another value will _NOT_ increase security.)
|
||||
|
||||
commandkey 1
|
||||
|
||||
# chronyd can save the measurement history for the servers to files when
|
||||
# it it exits. This is useful in 2 situations:
|
||||
#
|
||||
# 1. On Linux, if you stop chronyd and restart it with '-r' (e.g. after
|
||||
# an upgrade), the old measurements will still be relevant when chronyd
|
||||
# is restarted. This will reduce the time needed to get accurate
|
||||
# gain/loss measurements, especially with a dial-up link.
|
||||
#
|
||||
# 2. Again on Linux, if you use the RTC support and start chronyd with
|
||||
# '-r -s' on bootup, measurements from the last boot will still be
|
||||
# useful (the real time clock is used to 'flywheel' chronyd between
|
||||
# boots).
|
||||
#
|
||||
# Enable these two options to use this.
|
||||
|
||||
! dumponexit
|
||||
! dumpdir /var/log/chrony
|
||||
|
||||
# chronyd writes its process ID to a file. If you try to start a second
|
||||
# copy of chronyd, it will detect that the process named in the file is
|
||||
# still running and bail out. If you want to change the path to the PID
|
||||
# file, uncomment this line and edit it. The default path is shown.
|
||||
|
||||
! pidfile /var/run/chronyd.pid
|
||||
|
||||
#######################################################################
|
||||
### INITIAL CLOCK CORRECTION
|
||||
# This option is only useful if your NTP servers are visible at boot
|
||||
# time. This probably means you are on a LAN. If so, the following
|
||||
# option will choose the best-looking of the servers and correct the
|
||||
# system time to that. The value '10' means that if the error is less
|
||||
# than 10 seconds, it will be gradually removed by speeding up or
|
||||
# slowing down your computer's clock until it is correct. If the error
|
||||
# is above 10 seconds, an immediate time jump will be applied to correct
|
||||
# it. Some software can get upset if the system clock jumps (especially
|
||||
# backwards), so be careful!
|
||||
|
||||
! initstepslew 10 ntp0.your-company.com ntp1.your-company.com ntp2.your-company.com
|
||||
|
||||
#######################################################################
|
||||
### LOGGING
|
||||
# If you want to log information about the time measurements chronyd has
|
||||
# gathered, you might want to enable the following lines. You probably
|
||||
# only need this if you really enjoy looking at the logs, you want to
|
||||
# produce some graphs of your system's timekeeping performance, or you
|
||||
# need help in debugging a problem.
|
||||
|
||||
! logdir /var/log/chrony
|
||||
! log measurements statistics tracking
|
||||
|
||||
# If you have real time clock support enabled (see below), you might want
|
||||
# this line instead:
|
||||
|
||||
! log measurements statistics tracking rtc
|
||||
|
||||
#######################################################################
|
||||
### ACTING AS AN NTP SERVER
|
||||
# You might want the computer to be an NTP server for other computers.
|
||||
# e.g. you might be running chronyd on a dial-up machine that has a LAN
|
||||
# sitting behind it with several 'satellite' computers on it.
|
||||
#
|
||||
# By default, chronyd does not allow any clients to access it. You need
|
||||
# to explicitly enable access using 'allow' and 'deny' directives.
|
||||
#
|
||||
# e.g. to enable client access from the 192.168.*.* class B subnet,
|
||||
|
||||
! allow 192.168/16
|
||||
|
||||
# .. but disallow the 192.168.100.* subnet of that,
|
||||
|
||||
! deny 192.168.100/24
|
||||
|
||||
# You can have as many allow and deny directives as you need. The order
|
||||
# is unimportant.
|
||||
|
||||
# If you want chronyd to act as an NTP broadcast server, enable and edit
|
||||
# (and maybe copy) the following line. This means that a broadcast
|
||||
# packet is sent to the address 192.168.1.255 every 60 seconds. The
|
||||
# address MUST correspond to the broadcast address of one of the network
|
||||
# interfaces on your machine. If you have multiple network interfaces,
|
||||
# add a broadcast line for each.
|
||||
|
||||
! broadcast 60 192.168.1.255
|
||||
|
||||
# If you want to present your computer's time for others to synchronise
|
||||
# with, even if you don't seem to be synchronised to any NTP servers
|
||||
# yourself, enable the following line. The value 10 may be varied
|
||||
# between 1 and 15. You should avoid small values because you will look
|
||||
# like a real NTP server. The value 10 means that you appear to be 10
|
||||
# NTP 'hops' away from an authoritative source (atomic clock, GPS
|
||||
# receiver, radio clock etc).
|
||||
|
||||
! local stratum 10
|
||||
|
||||
# Normally, chronyd will keep track of how many times each client
|
||||
# machine accesses it. The information can be accessed by the 'clients'
|
||||
# command of chronyc. You can disable this facility by uncommenting the
|
||||
# following line. This will save a bit of memory if you have many
|
||||
# clients.
|
||||
|
||||
! noclientlog
|
||||
|
||||
# The clientlog size is limited to 512KB by default. If you have many
|
||||
# clients, especially in many different subnets, you might want to
|
||||
# increase the limit.
|
||||
|
||||
! clientloglimit 4194304
|
||||
|
||||
#######################################################################
|
||||
### REPORTING BIG CLOCK CHANGES
|
||||
# Perhaps you want to know if chronyd suddenly detects any large error
|
||||
# in your computer's clock. This might indicate a fault or a problem
|
||||
# with the server(s) you are using, for example.
|
||||
#
|
||||
# The next option causes a message to be written to syslog when chronyd
|
||||
# has to correct an error above 0.5 seconds (you can use any amount you
|
||||
# like).
|
||||
|
||||
! logchange 0.5
|
||||
|
||||
# The next option will send email to the named person when chronyd has
|
||||
# to correct an error above 0.5 seconds. (If you need to send mail to
|
||||
# several people, you need to set up a mailing list or sendmail alias
|
||||
# for them and use the address of that.)
|
||||
|
||||
! mailonchange wibble@foobar.org 0.5
|
||||
|
||||
#######################################################################
|
||||
### COMMAND ACCESS
|
||||
# The program chronyc is used to show the current operation of chronyd
|
||||
# and to change parts of its configuration whilst it is running.
|
||||
|
||||
# Normally, chronyd will only allow connections from chronyc on the same
|
||||
# machine as itself. This is for security. If you have a subnet
|
||||
# 192.168.*.* and you want to be able to use chronyc from any machine on
|
||||
# it, you could uncomment the following line. (Edit this to your own
|
||||
# situation.)
|
||||
|
||||
! cmdallow 192.168/16
|
||||
|
||||
# You can add as many 'cmdallow' and 'cmddeny' lines as you like. The
|
||||
# syntax and meaning is the same as for 'allow' and 'deny', except that
|
||||
# 'cmdallow' and 'cmddeny' control access to the chronyd's command port.
|
||||
|
||||
# NOTE, even if the host where you run chronyc is granted access, you
|
||||
# still need a command key set up and you have to know the password to
|
||||
# put into chronyc to allow you to modify chronyd's parameters. By
|
||||
# default all you can do is view information about chronyd's operation.
|
||||
|
||||
# Some people have reported that the need the following line to allow
|
||||
# chronyc to work even on the same machine. This should not be
|
||||
# necessary, and the problem is being investigated. You can leave this
|
||||
# line enabled, as it's benign otherwise.
|
||||
|
||||
cmdallow 127.0.0.1
|
||||
|
||||
#######################################################################
|
||||
### REAL TIME CLOCK
|
||||
# chronyd can characterise the system's real-time clock. This is the
|
||||
# clock that keeps running when the power is turned off, so that the
|
||||
# machine knows the approximate time when it boots again. The error at
|
||||
# a particular epoch and gain/loss rate can be written to a file and
|
||||
# used later by chronyd when it is started with the '-s' option.
|
||||
#
|
||||
# You need to have 'enhanced RTC support' compiled into your Linux
|
||||
# kernel. (Note, these options apply only to Linux.)
|
||||
|
||||
! rtcfile /etc/chrony.rtc
|
||||
|
||||
# Your RTC can be set to keep Universal Coordinated Time (UTC) or local
|
||||
# time. (Local time means UTC +/- the effect of your timezone.) If you
|
||||
# use UTC, chronyd will function correctly even if the computer is off
|
||||
# at the epoch when you enter or leave summer time (aka daylight saving
|
||||
# time). However, if you dual boot your system with Microsoft Windows,
|
||||
# that will work better if your RTC maintains local time. You take your
|
||||
# pick!
|
||||
|
||||
! rtconutc
|
||||
|
||||
# By default chronyd assumes that the enhanced RTC device is accessed as
|
||||
# /dev/rtc. If it's accessed somewhere else on your system (e.g. you're
|
||||
# using devfs), uncomment and edit the following line.
|
||||
|
||||
! rtcdevice /dev/misc/rtc
|
||||
|
||||
#######################################################################
|
||||
### REAL TIME SCHEDULER
|
||||
# This directive tells chronyd to use the real-time FIFO scheduler with the
|
||||
# specified priority (which must be between 0 and 100). This should result
|
||||
# in reduced latency. You don't need it unless you really have a requirement
|
||||
# for extreme clock stability. Works only on Linux. Note that the "-P"
|
||||
# command-line switch will override this.
|
||||
|
||||
! sched_priority 1
|
||||
|
||||
#######################################################################
|
||||
### LOCKING CHRONYD INTO RAM
|
||||
# This directive tells chronyd to use the mlockall() syscall to lock itself
|
||||
# into RAM so that it will never be paged out. This should result in reduced
|
||||
# latency. You don't need it unless you really have a requirement
|
||||
# for extreme clock stability. Works only on Linux. Note that the "-m"
|
||||
# command-line switch will also enable this feature.
|
||||
|
||||
! lock_all
|
|
@ -1,6 +1,7 @@
|
|||
# Template file for 'chrony'
|
||||
pkgname=chrony
|
||||
version=1.26
|
||||
revision=1
|
||||
homepage="http://chrony.tuxfamily.org/"
|
||||
distfiles="http://download.tuxfamily.org/chrony/$pkgname-$version.tar.gz"
|
||||
build_style=gnu_configure
|
||||
|
@ -31,7 +32,7 @@ Add_dependency build libcap-devel
|
|||
Add_dependency build readline-devel
|
||||
|
||||
post_install() {
|
||||
vinstall examples/chrony.conf.example 644 etc chrony.conf
|
||||
vinstall ${FILESDIR}/chrony.conf 644 etc
|
||||
vinstall ${FILESDIR}/chrony.service 644 lib/systemd/system
|
||||
rm -rf ${DESTDIR}/usr/share/doc
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue