mirror of
https://github.com/PrivSec-dev/privsec.dev
synced 2024-12-22 04:41:33 -05:00
Update Chrony configurations
This commit is contained in:
parent
8bfc2ba1c8
commit
90dce6a30b
@ -388,6 +388,13 @@ If decide on using NTS with chronyd, consider using multiple, independent time p
|
|||||||
|
|
||||||
GrapheneOS uses a [quite nice chrony configuration](https://github.com/GrapheneOS/infrastructure/blob/main/chrony.conf) for their infrastructure. I recommend that you replicate their `chrony.conf` on your system.
|
GrapheneOS uses a [quite nice chrony configuration](https://github.com/GrapheneOS/infrastructure/blob/main/chrony.conf) for their infrastructure. I recommend that you replicate their `chrony.conf` on your system.
|
||||||
|
|
||||||
|
You should also enable the secommp filter for chronyd in `/etc/sysconfig/chronyd`:
|
||||||
|
|
||||||
|
```
|
||||||
|
# Command-line options for chronyd
|
||||||
|
OPTIONS="-F 1"
|
||||||
|
```
|
||||||
|
|
||||||
![Verifying NTS configuration](/images/nts.png)
|
![Verifying NTS configuration](/images/nts.png)
|
||||||
|
|
||||||
### Pluggable Authentication Modules (PAM)
|
### Pluggable Authentication Modules (PAM)
|
||||||
|
@ -103,6 +103,9 @@ server ptbtime1.ptb.de iburst nts
|
|||||||
minsources 2
|
minsources 2
|
||||||
authselectmode require
|
authselectmode require
|
||||||
|
|
||||||
|
# EF
|
||||||
|
dscp 46
|
||||||
|
|
||||||
driftfile /var/lib/chrony/drift
|
driftfile /var/lib/chrony/drift
|
||||||
ntsdumpdir /var/lib/chrony
|
ntsdumpdir /var/lib/chrony
|
||||||
|
|
||||||
@ -117,7 +120,14 @@ cmdport 0
|
|||||||
allow 10.0.2.2/32
|
allow 10.0.2.2/32
|
||||||
```
|
```
|
||||||
|
|
||||||
If you are confused about what this configuration is doing, here are some quick explanations:
|
Optionally, you can enable the secommp filter for chronyd in `/etc/sysconfig/chronyd`:
|
||||||
|
|
||||||
|
```
|
||||||
|
# Command-line options for chronyd
|
||||||
|
OPTIONS="-F 1"
|
||||||
|
```
|
||||||
|
|
||||||
|
If you are confused about what these configurations are doing, here are some quick explanations:
|
||||||
|
|
||||||
* We get our time from 4 different sources:
|
* We get our time from 4 different sources:
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user