The -p 1 option is still desirable for standard ntpd. The default is to do 4 probes which is overkill for xymon.
I have just checked a fresh install of ntpsec from source and can't see ntpdate being installed. Found this on the ntpsec site under Security Improvements:
- The deprecated and vulnerability-prone ntpdate program has been replaced with a shell wrapper around ntpdig. Its -e and -p options are not implemented. It is no longer documented, but can be found in the attic/ directory of the source distribution.
I notice that in the script the behaviour when it finds the -p option is to simply warn and ignore it:
p) echo "ntpdate: -p is no longer supported." >&2;;
So it's just a neatness thing. The script is undocumented (debian may have pinched their man page from standard ntp) and unlikely to ever be updated.
Not sure where this leaves us. I know others had similar problems when distros moved to chrony for ntp. Maybe we need a more generalised approach to different ntp implementations going forward.
Cheers,
Brian Scott
On 12/2/2024 1:14 am, Roland Rosenfeld wrote:
Hi!
In Debian ntpdate from ntpsec package throws a warning that "-p is no longer supported". So it may be a good idea to remove the "-p 1" from NTPDATEOPTS="-u -q -p 1" # Standard options to ntpdate in xymond/etcfiles/xymonserver.cfg.DIST.
The attached patch solves this issue.
Greetings Roland
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon