– General Linux 2 – Maintain system time [3] (Linux Professional Institute Certification) a .˜. /V\ // \\ @._.@ geoffrey robertson geoffrey@zip.com.au c 2002 Geoffrey Robertson. Permission is granted to make and distribute verbatim copies or modified versions of this document provided that this copyright notice and this permission notice are preserved on all copies under the terms of the GNU General Public License as published by the Free Software Foundation—either version 2 of the License or (at your option) any later version. a Copyright 1 List of Slides 2 (2.2) Administrative Tasks [21] 2.111.1 Manage users and group accounts and related system files [4] 2.111.2 Tune the user environment and system environment variables [3] 2.111.3 Configure and use system log files to meet administrative and security needs [3] 2.111.4 Automate system administration tasks by scheduling jobs to run in the future [4] 2.111.5 Maintain an effective data backup strategy [3] 2.111.6 Maintain system time [4] 3 Maintain system time [4] Objective Candidate should be able to properly maintain the system time and synchronise the clock over NTP. Tasks include: • Setting the system date and time • Setting the BIOS clock to the correct time in UTC • Configuring the correct timezone for the system • Configuring the system to correct clock drift to match NTP clock. 4 Maintain system time [4] Key files, terms, and utilities date hwclock ntpd ntpdate /usr/share/zoneinfo /etc/timezone /etc/localtime /etc/ntp.conf /etc/ntp.drift 5 Maintain system time [4] Resources of interest web http://www.ntp.org Debian ntp-doc /usr/share/doc/ntp-doc/index.html on sarg. LPI Linux Certification in a Nutshell : by Jeffrey Dean O’Reilly LPIC 1 Certification Bible : Angie Nash and Jason Nash Hungry Minds 6 date Display or Set System Date & Time The date command without any options will print the current date and time. The date will be relative to any timezone set for the machine. $ date ← Tue May 21 09:57:51 EST 2002 7 date Options to the Date command -I Output an ISO-8601 compliant date (YYYY-MM-DD) $ date -I ← 2002-05-21 8 date Options to the Date command -I Output an ISO-8601 compliant date (YYYY-MM-DD) $ date -I ← 2002-05-21 -R Output an RFC-822 compliant date (Local time + GMT 0ffset) $ date -R ← Tue, 21 May 2002 10:14:09 +1000 8-a date Options to the Date command -I Output an ISO-8601 compliant date (YYYY-MM-DD) $ date -I ← 2002-05-21 -R Output an RFC-822 compliant date (Local time + GMT 0ffset) $ date -R ← Tue, 21 May 2002 10:14:09 +1000 -r Display the last modification time of file $ date -r ˜/ivr/va/src/va.c ← Mon May 20 12:55:48 EST 2002 8-b date Options to the Date command -d Display date described by string instead of now $ date -d "last Monday 4 years ago" ← Mon May 18 00:00:00 EST 1998 9 date Options to the Date command -d Display date described by string instead of now $ date -d "last Monday 4 years ago" ← Mon May 18 00:00:00 EST 1998 -u Display UTC time & date instead of localtime $ date ← Tue May 21 10:55:34 EST 2002 $ date -u ← Tue May 21 00:55:34 UTC 2002 9-a date Options to the Date command -s Set the system time (must be superuser) # date -s "Tue May 21 10:03:06 EST 2002" ← Tue May 21 10:03:06 EST 2002 10 date Options to the Date command -s Set the system time (must be superuser) # date -s "Tue May 21 10:03:06 EST 2002" ← Tue May 21 10:03:06 EST 2002 +FORMAT Display date in user defined format $ date +"Today is %A, %d %B, %Y" ← Today is Tuesday, 21 May, 2002 10-a RTC vs. System Clock 11 RTC vs. System Clock The Real Time Clock (RTC) This is the hardware clock and is located on the motherboard of the system. This is what keeps track of the time when the system is not powered up. 11-a RTC vs. System Clock The Real Time Clock (RTC) This is the hardware clock and is located on the motherboard of the system. This is what keeps track of the time when the system is not powered up. The system clock This is maintained in the Linux kernel and is used while the system is running. 11-b hwclock RTC vs. System clock 12 hwclock RTC vs. System clock Hwclock is used to do the following: • Set the system clock from the Hardware clock 12-a hwclock RTC vs. System clock Hwclock is used to do the following: • Set the system clock from the Hardware clock • Set the hardware clock from the system clock 12-b hwclock RTC vs. System clock Hwclock is used to do the following: • Set the system clock from the Hardware clock • Set the hardware clock from the system clock • Show the time/date held by the RTC 12-c hwclock RTC vs. System clock Hwclock is used to do the following: • Set the system clock from the Hardware clock • Set the hardware clock from the system clock • Show the time/date held by the RTC • Adjust the RTC to account for clock drift 12-d Set System clock to Hardware clock 13 Set System clock to Hardware clock • To set the system time from the RTC, use the following option to hwclock: hwclock -s (or hwclock --hctosys) 13-a Set System clock to Hardware clock • To set the system time from the RTC, use the following option to hwclock: hwclock -s hwclock -w (or hwclock --hctosys) (or hwclock --systohc) • To set the RTC from the system time, use this option: 13-b Set System clock to Hardware clock • To set the system time from the RTC, use the following option to hwclock: hwclock -s hwclock -w hwclock -r (or hwclock --hctosys) (or hwclock --systohc) (or hwclock --show) • To set the RTC from the system time, use this option: • To display the contents of the RTC, use this option: 13-c Set System clock to Hardware clock • To set the system time from the RTC, use the following option to hwclock: hwclock -s hwclock -w hwclock -r hwclock -a (or hwclock --hctosys) (or hwclock --systohc) (or hwclock --show) (or hwclock --adjust) • To set the RTC from the system time, use this option: • To display the contents of the RTC, use this option: • To adjust the RTC for clock drift, use this option: 13-d Set System clock to Hardware clock • To set the system time from the RTC, use the following option to hwclock: hwclock -s hwclock -w hwclock -r hwclock -a (or hwclock --hctosys) (or hwclock --systohc) (or hwclock --show) (or hwclock --adjust) • To set the RTC from the system time, use this option: • To display the contents of the RTC, use this option: • To adjust the RTC for clock drift, use this option: Note that the file /etc/adjtime is used to hold information about the extent to which (and direction) your RTC drifts 13-e NTP - Network Time Protocol NTP is a time protocol used to synchronise a systems clock to master time source. For example, the CSIRO maintains a nationwide time source with atomic clock accuracy. As a user I can synchronise my system to that time source by sending a request to the CSIRO’s ntp server. Features and properties of NTP include: 14 NTP - Network Time Protocol NTP is a time protocol used to synchronise a systems clock to master time source. For example, the CSIRO maintains a nationwide time source with atomic clock accuracy. As a user I can synchronise my system to that time source by sending a request to the CSIRO’s ntp server. Features and properties of NTP include: • NTP takes into account the time taken to send/receive NTP packets 14-b NTP - Network Time Protocol NTP is a time protocol used to synchronise a systems clock to master time source. For example, the CSIRO maintains a nationwide time source with atomic clock accuracy. As a user I can synchronise my system to that time source by sending a request to the CSIRO’s ntp server. Features and properties of NTP include: • NTP takes into account the time taken to send/receive NTP packets • Uses the UDP protocol 14-c NTP - Network Time Protocol NTP is a time protocol used to synchronise a systems clock to master time source. For example, the CSIRO maintains a nationwide time source with atomic clock accuracy. As a user I can synchronise my system to that time source by sending a request to the CSIRO’s ntp server. Features and properties of NTP include: • NTP takes into account the time taken to send/receive NTP packets • Uses the UDP protocol • Uses Port 123 plus one other unpriveledged port (1024:65535) 14-d NTP - Network Time Protocol NTP is a time protocol used to synchronise a systems clock to master time source. For example, the CSIRO maintains a nationwide time source with atomic clock accuracy. As a user I can synchronise my system to that time source by sending a request to the CSIRO’s ntp server. Features and properties of NTP include: • NTP takes into account the time taken to send/receive NTP packets • Uses the UDP protocol • Uses Port 123 plus one other unpriveledged port (1024:65535) • Can operate in both client & server modes 14-e NTP - Network Time Protocol NTP is a time protocol used to synchronise a systems clock to master time source. For example, the CSIRO maintains a nationwide time source with atomic clock accuracy. As a user I can synchronise my system to that time source by sending a request to the CSIRO’s ntp server. Features and properties of NTP include: • NTP takes into account the time taken to send/receive NTP packets • Uses the UDP protocol • Uses Port 123 plus one other unpriveledged port (1024:65535) • Can operate in both client & server modes • There are 3 versions of the protocol (ntp1, ntp2 & ntp3) 14-f NTP - Network Time Protocol NTP is a time protocol used to synchronise a systems clock to master time source. For example, the CSIRO maintains a nationwide time source with atomic clock accuracy. As a user I can synchronise my system to that time source by sending a request to the CSIRO’s ntp server. Features and properties of NTP include: • NTP takes into account the time taken to send/receive NTP packets • Uses the UDP protocol • Uses Port 123 plus one other unpriveledged port (1024:65535) • Can operate in both client & server modes • There are 3 versions of the protocol (ntp1, ntp2 & ntp3) • Available for Unix & Windows machines. 14-g NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon 15 NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon • ntpq - standard NTP query program 15-a NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon • ntpq - standard NTP query program • ntpdc - special NTP query program 15-b NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon • ntpq - standard NTP query program • ntpdc - special NTP query program • ntpdate - set the date and time via NTP 15-c NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon • ntpq - standard NTP query program • ntpdc - special NTP query program • ntpdate - set the date and time via NTP • ntptrace - trace a chain of NTP servers to the primary source 15-d NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon • ntpq - standard NTP query program • ntpdc - special NTP query program • ntpdate - set the date and time via NTP • ntptrace - trace a chain of NTP servers to the primary source • tickadj - set time-related kernel variables 15-e NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon • ntpq - standard NTP query program • ntpdc - special NTP query program • ntpdate - set the date and time via NTP • ntptrace - trace a chain of NTP servers to the primary source • tickadj - set time-related kernel variables • ntptime - read kernel time variables 15-f NTP - Network Time Protocol The suite of tools NTP normally comes in a package and contains the following binaries: • ntpd - Network Time Protocol (NTP) daemon • ntpq - standard NTP query program • ntpdc - special NTP query program • ntpdate - set the date and time via NTP • ntptrace - trace a chain of NTP servers to the primary source • tickadj - set time-related kernel variables • ntptime - read kernel time variables • ntp-genkeys - generate public and private keys 15-g NTP - Network Time Protocol Quick install guide For anyone new to NTP, here’s a quick guide to installing & setting up NTP. 16 NTP - Network Time Protocol Quick install guide For anyone new to NTP, here’s a quick guide to installing & setting up NTP. • Install NTP package (rpm -Uvh ntp-4.1.0-4.rpm) or apt-get install ntp 16-a NTP - Network Time Protocol Quick install guide For anyone new to NTP, here’s a quick guide to installing & setting up NTP. • Install NTP package (rpm -Uvh ntp-4.1.0-4.rpm) or apt-get install ntp • Modify /etc/ntp.conf to reflect time servers 16-b NTP - Network Time Protocol Quick install guide For anyone new to NTP, here’s a quick guide to installing & setting up NTP. • Install NTP package (rpm -Uvh ntp-4.1.0-4.rpm) or apt-get install ntp • Modify /etc/ntp.conf to reflect time servers • Start the service: service ntpd start 16-c NTP - Network Time Protocol Quick install guide For anyone new to NTP, here’s a quick guide to installing & setting up NTP. • Install NTP package (rpm -Uvh ntp-4.1.0-4.rpm) or apt-get install ntp • Modify /etc/ntp.conf to reflect time servers • Start the service: service ntpd start • Confirm operation using ntpq (command pe) 16-d NTP - Network Time Protocol Quick install guide For anyone new to NTP, here’s a quick guide to installing & setting up NTP. • Install NTP package (rpm -Uvh ntp-4.1.0-4.rpm) or apt-get install ntp • Modify /etc/ntp.conf to reflect time servers • Start the service: service ntpd start • Confirm operation using ntpq (command pe) That’s all there is to it! The hardest part is deciding which public time servers to use. 16-e NTP - Network Time Protocol ntpdate - Set system time & date • ntpdate is a command line utility that will set the local machines time & date from the indicated remote time server(s). 17 NTP - Network Time Protocol ntpdate - Set system time & date • ntpdate is a command line utility that will set the local machines time & date from the indicated remote time server(s). • More than one server can be specified in order for ntp to get a better idea of the transit time and overall server accuracy. 17-a NTP - Network Time Protocol ntpdate - Set system time & date • ntpdate is a command line utility that will set the local machines time & date from the indicated remote time server(s). • More than one server can be specified in order for ntp to get a better idea of the transit time and overall server accuracy. • Running as a cron job is a simple way to maintain system time 17-b NTP - Network Time Protocol ntpdate - Set system time & date • ntpdate is a command line utility that will set the local machines time & date from the indicated remote time server(s). • More than one server can be specified in order for ntp to get a better idea of the transit time and overall server accuracy. • Running as a cron job is a simple way to maintain system time Usage: ntpdate [options] server ... # ntpdate ntp.nml.csiro.au 21 May 14:01:13 ntpdate[4002]: adjust time server 10.27.1.10 offset -0.000804 sec 17-c NTP - Network Time Protocol ntpdate - Set system time & date • ntpdate is a command line utility that will set the local machines time & date from the indicated remote time server(s). • More than one server can be specified in order for ntp to get a better idea of the transit time and overall server accuracy. • Running as a cron job is a simple way to maintain system time Usage: ntpdate [options] server ... # ntpdate ntp.nml.csiro.au 21 May 14:01:13 ntpdate[4002]: adjust time server 10.27.1.10 offset -0.000804 sec This will set the local machines system time using server ntp.nml.csiro.au 17-d ntpd - The NTP daemon • NTPD is a better way to maintain the system time on a permanent basis. 18 ntpd - The NTP daemon • NTPD is a better way to maintain the system time on a permanent basis. • NTPD acts as both a client & server (Linux only). 18-a ntpd - The NTP daemon • NTPD is a better way to maintain the system time on a permanent basis. • NTPD acts as both a client & server (Linux only). • In server mode, other machines on the local network can use the server to set their own system clocks 18-b ntpd - The NTP daemon • NTPD is a better way to maintain the system time on a permanent basis. • NTPD acts as both a client & server (Linux only). • In server mode, other machines on the local network can use the server to set their own system clocks • For Windows machines, automachron is available. 18-c ntpd - The NTP daemon • NTPD is a better way to maintain the system time on a permanent basis. • NTPD acts as both a client & server (Linux only). • In server mode, other machines on the local network can use the server to set their own system clocks • For Windows machines, automachron is available. • NTPD also keeps track of RTC drift. The NTP daemon is normally started up by the system initialisation scripts. Debian :$ /etc/init.d/ntp {start|stop|restart|force-reload} ← RedHat : $ service ntp start ← 18-d ntpd usage & configuration Usage: ntpd [options] & (normally done in the /etc/init.d scripts) NTPD is configured using these files: 19 ntpd usage & configuration Usage: ntpd [options] & (normally done in the /etc/init.d scripts) NTPD is configured using these files: • /etc/ntp.conf - Configuration file 19-a ntpd usage & configuration Usage: ntpd [options] & (normally done in the /etc/init.d scripts) NTPD is configured using these files: • /etc/ntp.conf - Configuration file • /etc/ntp.drift - RTC drift file 19-b ntpd usage & configuration Usage: ntpd [options] & (normally done in the /etc/init.d scripts) NTPD is configured using these files: • /etc/ntp.conf - Configuration file • /etc/ntp.drift - RTC drift file • /etc/ntp.keys - Key file (for authentication mode) 19-c ntpd usage & configuration Usage: ntpd [options] & (normally done in the /etc/init.d scripts) NTPD is configured using these files: • /etc/ntp.conf - Configuration file • /etc/ntp.drift - RTC drift file • /etc/ntp.keys - Key file (for authentication mode) The only file of concern to the user is ntp.conf. The other files are all written to and read by the ntp applications. 19-d Sample ntp.conf file # Disable authentication mode disable auth restrict default ignore # ignore all requests by default server ntp.cs.mu.OZ.AU # 128.250.36.2 server apphys16.mst.csiro.au # 138.194.21.154 server ntp.nml.csiro.au # 130.155.98.1 server 127.0.0.1 # localhost # Lift restrictions on time servers restrict 128.250.36.2 nomodify # time service only, no rt mods restrict 138.194.21.154 nomodify restrict 130.155.98.1 nomodify # All local addresses are unrestricted restrict 127.0.0.1 restrict 10.27.1.0 mask 255.255.255.0 # Set the default drift file driftfile /etc/ntp/drift 20 Public Time Servers A (partial) list of public time servers is shown below. When using these servers, it is considered polite to advise the administrator of the service that you intend on using it. Primary NTP Time Servers • ntp.cs.mu.OZ.AU (128.250.36.2) • apphys16.mst.csiro.au (138.194.21.154) • ntp.nml.csiro.au ( 130.155.98.1) Secondary NTP Time Servers • ntp.saard.net (203.21.37.18) • ntp.iprolink.co.nz (36.50.59.6) 21 NTP - Network Time Protocol Testing NTP Once you have the NTP daemon up & running, the easiest way of testing it is to use the ntpq utility. # ntpq ntpq> pe remote refid ... delay offset jitter =========================================================== localhost.local 0.0.0.0 ... 0.000 0.000 4000.00 xmurgon.cs.mu.OZ .GPS. ... 526.202 -206.43 208.270 +apphys16.mst.cs .ATOM. ... 169.956 -5.576 87.828 ... 149.988 -24.328 6.761 *tictoc.tip.CSIR .ATOM. ntpq> q # 22 The End 23