Jason's Home Page - Linux HOWTOs

ntp - Network Time Protocol server ChangeLog

Web site:	https://www.ntp.org/
Wikipedia:	https://en.wikipedia.org/wiki/Network_Time_Protocol

HOWTO

# NTP 4.2.8p17 (2023-06-06)
# ============
# Slackware 14.0, 14.1: ntp 4.2.6p5
# Slackware 14.2: ntp 4.2.8p8
# Slackware 15.0: ntp 4.2.8p15

# I used to have several versions here because the stable was several years
# old, but while active development is going on, I'll just stick to the
# latest production/stable release.

# NTP supports OpenSSL 3.0 as of 4.2.8p16

# Prerequisites:
# pkg-config
# libevent >= 2.x
# readline
# Perl
# Net-SNMP (optional)
# OpenSSL (optional)
# Ruby (optional)
# gtest (optional)

# If you have a copy of NTP installed that was installed under /usr/local,
# or you want to clean up files from an old version before installing the
# new one, skip down to the bottom

# See the Network Time Foundation NTP Support Wiki for installation and
# configuration docs:
# https://support.ntp.org/bin/view/Main/WebHome
# https://support.ntp.org/bin/view/Support/InstallingNTP
# https://support.ntp.org/bin/view/Support/ConfiguringNTP

# NTP Pool Project

# If you have trouble downloading it with the URL below, you can get it from
# these other places:
# https://archive.ntp.org/ntp4/ntp-4.2/
# https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/

# 4.2.8p17 Release Announcement

# Get the tarball
cd
test -f installed/ntp-4.2.8p17.tar.gz && mv installed/ntp-4.2.8p17.tar.gz .
test ! -f ntp-4.2.8p17.tar.gz &&
wget http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/\
ntp-4.2.8p17.tar.gz

# Verify tarball w/ sha256sum:
# (from the .sha256 file at download URL)
echo "103dd272e6a66c5b8df07dce5e9a02555fcd6f1397bdfb782237328e89d3a8\
66  ntp-4.2.8p17.tar.gz" | sha256sum -c

# Extract the source
mkdir -p -m 0700 ~/src
cd ~/src
find -maxdepth 1 -type d -name "ntp-*" -exec rm -r {} \;
find -maxdepth 1 -type d -name "xntp-*" -exec rm -r {} \;
tar xzvf ~/ntp-4.2.8p17.tar.gz
cd ntp-4.2.8p17
test $UID = 0 && chown -R root:root .

## If you want everything to be where a Slack-installed NTP would be, use
## this configure line instead of what I have below:
# ./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc \
#  --bindir=/usr/sbin --program-prefix= --program-suffix=

# If you have Net-SNMP installed but do not want it built-in, add
# --without-ntpsnmpd

# This will use pkg-config to find OpenSSL, so it should work wherever
# it is, as long as it can find openssl.pc
# If not, try --with-openssl-libdir and --with-openssl-incdir

# The default path for ntpd is /usr/bin unless you use --bindir=/usr/sbin
# as shown above

# Configure the build
./configure --prefix=/usr --docdir=/usr/doc/ntp --sysconfdir=/etc \
--localstatedir=/var --mandir=/usr/man

# Build it
make

# Become root to install it
su

# Back up your existing /etc/ntp.conf
test -f /etc/ntp.conf &&
( mkdir -p -m 0700 ~/backup
   cp -a /etc/ntp.conf ~/backup/ntp.conf-$(date +%Y%m%d) )

# Back up files in /etc/ntp/
test -d /etc/ntp &&
( mkdir -p -m 0700 ~/backup/ntp
   cp -a /etc/ntp/* ~/backup/ntp/
   chmod -R go-rwx ~/backup/ntp )

# Remove the Slackware package, if there is one
test -x /sbin/removepkg && /sbin/removepkg ntp ntp4 xntp

# Clear out files, if you're sure you don't need them, that old
# versions may have left behind
rm -f /etc/ntp.keys /etc/step-tickers /etc/rc.d/rc.ntpd /etc/ntp.conf.orig

# Create an 'ntp' user and group
getent group | grep "^ntp:" > /dev/null 2>&1 || groupadd ntp
id ntp > /dev/null 2>&1 || useradd -d /etc/ntp -g ntp ntp

# Create /etc/ntp/ and let the 'ntp' user write to it
mkdir -p /etc/ntp
chown root:ntp /etc/ntp
chmod 770 /etc/ntp

# Install it
make install

# If you have scripts that think ntpd is in /usr/sbin, create a symlink
# to keep them happy:
test -L /usr/sbin/ntpd && rm /usr/sbin/ntpd
ln -s /usr/bin/ntpd /usr/sbin/ntpd

# If you will be running ntpd, this will install a /etc/rc.d/rc.ntpd script,
# which Slackware will run on boot-up via rc.M (if it's executable):
cat scripts/rc/ntpd | sed 's%/usr/sbin/%/usr/bin/%' > rc.ntpd.new &&
mv -f rc.ntpd.new /etc/rc.d/
test -s /etc/rc.d/rc.ntpd.new &&
( cd /etc/rc.d
   test -f rc.ntpd && mv -f rc.ntpd rc.ntpd.old
   test -s rc.ntpd.new && mv -f rc.ntpd.new rc.ntpd
test -f    chmod 700 rc.ntpd )
# If you will be running ntpd with IPv4 only, you can add -4 to NTPD_OPTS
# in /etc/rc.d/rc.ntp

## If you will NOT be running ntpd as a server 24/7, add something like
## this to set the clock right away on boot-up via rc.local  Beyond this
## one-time run of ntpd on boot-up, running it from cron will keep it
## updated.  If the NTP servers are your own, use their IPs here instead
## so there won't be a problem if DNS is on the fritz.
# if [ -x /usr/bin/ntpd ]; then
#   echo "Fixing clock by ntp..."
#   ( /usr/bin/ntpd -4 -g -q
#     /sbin/hwclock --systohc ) > /dev/null 2>&1 &
# fi

# To set up an NTP client (don't do this on a server!), create an
# /etc/ntp.conf  The list of stratum 2 NTP servers is here:
# https://support.ntp.org/bin/view/Servers/StratumTwoTimeServers
# ...but unless you need to set up an NTP server yourself, it should be
# good enough for you to just use us.pool.ntp.org (or us -> XX where your
# country is XX) which is a DNS record with multiple A records for open
# access NTP servers.  See pool.ntp.org and here for more info.
#
# Be aware that recent versions of dhcpcd will overwrite /etc/ntp.conf with
# settings sent from your DHCP server (if your DHCP server is set to do that,
# like mine is).  You can pass -N to dhcpcd to disable this behavior, or
# in recent versions of Slackware, set something like DHCP_KEEPNTP[0]="yes"
# in /etc/rc.d/rc.inet1.conf  dhcpd is normally run out of rc.inet1 if you
# run an older version of Slackware.
#
cat << EOF > /etc/ntp.conf
driftfile /etc/ntp/ntp.drift
server 0.us.pool.ntp.org iburst
server 1.us.pool.ntp.org iburst
server 2.us.pool.ntp.org iburst
server 3.us.pool.ntp.org iburst
logfile /var/log/ntp.log
EOF

# You can use ntpdate run from cron, but at some point, ntpdate is
# going to be retired, so you're better off using 'ntpd -q' instead
#
# If I'm running ntpd from cron, I typically run it with -4 -g -q
# -4 = Use IPv4 DNS resolution
# -g = Even if the time is way off, allow the adjustment
#      (if the server is broken, it will use it's clock anyway,
#      but if your clock is 3 years off, you'd want to do this)
# -q = Quit after setting the clock
#
# If you have the /etc/cron.(hourly|daily|weekly|monthly) directories set
# up, create a /etc/cron.hourly/ntp script to set the clock by NTP every
# hour (by Slack's default, they all run at 47 minutes after the hour):
cat << EOF > /etc/cron.hourly/ntp
#!/bin/sh
if [ -x "/usr/bin/ntpd" ]; then
  killall -q ntpd
  sleep 1
  killall -q -9 ntpd
  sleep 1
  /usr/bin/ntpd -4 -g -q
else
  if [ -e "/usr/bin/ntpd" ]; then
    echo "/usr/bin/ntpd is not executable!"
  else
    echo "/usr/bin/ntpd does not exist!"
  fi
fi
EOF
chmod 700 /etc/cron.hourly/ntp

## If you don't have those directories set up, and want to run ntpd from
## cron (instead of all the time), add a cron entry (crontab -e) like this
## to run it every hour at 47 minutes after the hour:
# 47 * * * * /usr/bin/ntpd -4 -g -q &

# If your configuration will cause you to end up with a /var/log/ntp.log,
# set logrotate to rotate it:
cat << EOF > /etc/logrotate.d/ntp
/var/log/ntp.log {
  rotate 6
  daily
  notifempty
  #compress
  #create 0640 root wheel
  copytruncate
  missingok
}
EOF

# Leap second file
#   If the leap-seconds.list file does not have any future leap seconds
#   defined, it will have no effect, but you might want to set up cron to
#   check for updates once a month or something like that.
#   As I write this, none of the leap-seconds.list files below have a leap second
#   defined for a future date, so they will have no effect, but eventually they
#   will be updated.
# ConfiguringNTP: Using the NIST Leap Second File
# NIST: Leap Seconds FAQs
# Wikipedia: Leap second
# Available here:
#   ftp://ftp.nist.gov/pub/time/leap-seconds.list
#   ftp://tycho.usno.navy.mil/pub/ntp/leap-seconds.list
#   http://www.ietf.org/timezones/data/leap-seconds.list
#   https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list
# To use it, ntp.conf needs a line like this:
#   leapfile /etc/ntp/leap-seconds.list
( cd /etc/ntp
  wget ftp://ftp.nist.gov/pub/time/leap-seconds.list
  chown root:ntp leap-seconds.list
  chmod 640 leap-seconds.list )

# Make sure your non-root user can remove the source later
chown -R $(logname) .
chmod -R u+w .

# Become yourself again:
exit

# FYI, if you have Windblows-based computers on your network and you set up
# ntpd on one of your Linux boxen, you can set Windows 10 to sync with it.
# * Type the Windows key + R
# * Enter: control timedate.cpl
# * Click the "Internet Time" tab
# * Click the "Change settings" button
# * Check the box for "Synchronize with an Internet time server"
# * Enter the FQDN for your NTP server next to Server
# * Click the "Update now" button
# * Click OK
#
# There is also a 'w32tm' command prompt command for the Windows Time Service

# Save the source for later
cd
mkdir -p -m 0700 installed
rm -f installed/ntp-*.tar.*
mv ntp-4.2.8p17.tar.gz installed/

# If you ever want to uninstall NTP, this should do it
# 'make uninstall' in the source directory as root should do it alone
# The rest is just in case, and could certainly be missing something - I do
# not necessarily update this section every time
cd
su
test -d src/ntp-* && ( cd src/ntp-* ; make uninstall )
for pfx in /usr/local /usr;
do
  ( cd ${pfx}/bin
    rm -f calc_tickadj ntp-keygen ntp-wait ntpd ntpdate ntpdc ntpq ntptime \
     ntptrace sntp tickadj update-leap )
  test -d ${pfx}/doc/ntp && rm -r ${pfx}/doc/ntp
  ( cd ${pfx}/man/man1
    rm -f calc_tickadj.1 ntp-keygen.1 ntp-wait.1 ntpd.1 ntpdc.1 ntpq.1 \
     ntpsnmpd.1 ntptrace.1 sntp.1 update-leap.1 )
  ( cd ${pfx}/man/man5 ; rm -f ntp.conf.5 ntp.keys.5 )
  test -d ${pfx}/share/ntp && rm -r ${pfx}/share/ntp
done
test -d /etc/ntp && rm -r /etc/ntp
test -d /usr/local/etc/ntp && rm -r /usr/local/etc/ntp
rm -f /etc/ntp.conf
ldconfig
exit
find ~/src -maxdepth 1 -type d -name "ntp-*" -exec rm -r {} \;
rm -f ~/installed/ntp-*.tar.*