d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6660d5e435
freebsd-dev/contrib/ntp/ntpd/ntpd-opts.texi
Ollivier Robert eb6d21b4ca Merge 4.2.4p8 into contrib (r200452 & r200454). 
Subversion is being difficult here so take a hammer and get it in.

MFC after:		2 weeks
Security:		CVE-2009-3563
2009-12-15 14:58:10 +00:00

497 lines
15 KiB
Plaintext
Raw Blame History

@node ntpd Invocation
@section Invoking ntpd
@pindex ntpd
@cindex NTP daemon program
@ignore
#
# EDIT THIS FILE WITH CAUTION (ntpd-opts.texi)
#
# It has been AutoGen-ed Tuesday December 8, 2009 at 08:13:12 AM EST
# From the definitions ntpd-opts.def
# and the template file aginfo.tpl
@end ignore
This program has no explanation.
This section was generated by @strong{AutoGen},
the aginfo template and the option descriptions for the @command{ntpd} program. It documents the ntpd usage text and option meanings.
This software is released under a specialized copyright license.
@menu
* ntpd usage:: ntpd usage help (-?)
* ntpd authnoreq:: authnoreq option (-A)
* ntpd authreq:: authreq option (-a)
* ntpd bcastsync:: bcastsync option (-b)
* ntpd configfile:: configfile option (-c)
* ntpd debug-level:: debug-level option (-d)
* ntpd driftfile:: driftfile option (-f)
* ntpd dvar:: dvar option (-V)
* ntpd interface:: interface option (-I)
* ntpd ipv4:: ipv4 option (-4)
* ntpd ipv6:: ipv6 option (-6)
* ntpd jaildir:: jaildir option (-i)
* ntpd keyfile:: keyfile option (-k)
* ntpd logfile:: logfile option (-l)
* ntpd modifymmtimer:: modifymmtimer option (-M)
* ntpd nice:: nice option (-N)
* ntpd nofork:: nofork option (-n)
* ntpd novirtualips:: novirtualips option (-L)
* ntpd panicgate:: panicgate option (-g)
* ntpd pidfile:: pidfile option (-p)
* ntpd priority:: priority option (-P)
* ntpd propagationdelay:: propagationdelay option (-r)
* ntpd quit:: quit option (-q)
* ntpd set-debug-level:: set-debug-level option (-D)
* ntpd slew:: slew option (-x)
* ntpd statsdir:: statsdir option (-s)
* ntpd trustedkey:: trustedkey option (-t)
* ntpd updateinterval:: updateinterval option (-U)
* ntpd user:: user option (-u)
* ntpd var:: var option (-v)
@end menu
@node ntpd usage
@subsection ntpd usage help (-?)
@cindex ntpd usage
This is the automatically generated usage text for ntpd:
@exampleindent 0
@example
ntpd - NTP daemon program - Ver. 4.2.5p247-RC
USAGE: ntpd [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
Flg Arg Option-Name Description
-4 no ipv4 Force IPv4 DNS name resolution
- prohibits these options:
ipv6
-6 no ipv6 Force IPv6 DNS name resolution
- prohibits these options:
ipv4
-a no authreq Require crypto authentication
- prohibits these options:
authnoreq
-A no authnoreq Do not require crypto authentication
- prohibits these options:
authreq
-b no bcastsync Allow us to sync to broadcast servers
-c Str configfile configuration file name
-d no debug-level Increase output debug message level
- may appear multiple times
-D Str set-debug-level Set the output debug message level
- may appear multiple times
-f Str driftfile frequency drift file name
-g no panicgate Allow the first adjustment to be Big
- may appear multiple times
-i --- jaildir built without --enable-clockctl or --enable-linuxcaps
-I Str interface Listen on an interface name or address
- may appear multiple times
-k Str keyfile path to symmetric keys
-l Str logfile path to the log file
-L no novirtualips Do not listen to virtual interfaces
-n no nofork Do not fork
-N no nice Run at high priority
-p Str pidfile path to the PID file
-P Num priority Process priority
-q no quit Set the time and quit
-r Str propagationdelay Broadcast/propagation delay
Str saveconfigquit Save parsed configuration and quit
-s Str statsdir Statistics file location
-t Str trustedkey Trusted key number
- may appear multiple times
-u --- user built without --enable-clockctl or --enable-linuxcaps
-U Num updateinterval interval in seconds between scans for new or dropped interfaces
Str var make ARG an ntp variable (RW)
- may appear multiple times
Str dvar make ARG an ntp variable (RW|DEF)
- may appear multiple times
-x no slew Slew up to 600 seconds
opt version Output version information and exit
-? no help Display extended usage information and exit
-! no more-help Extended usage information passed thru pager
Options are specified by doubled hyphens and their name
or by a single hyphen and the flag character.
The following option preset mechanisms are supported:
- examining environment variables named NTPD_*
please send bug reports to: http://bugs.ntp.org, bugs@@ntp.org
@end example
@exampleindent 4
@node ntpd ipv4
@subsection ipv4 option (-4)
@cindex ntpd-ipv4
This is the ``force ipv4 dns name resolution'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
is a member of the ipv4 class of options.
@end itemize
Force DNS resolution of following host names on the command line
to the IPv4 namespace.
@node ntpd ipv6
@subsection ipv6 option (-6)
@cindex ntpd-ipv6
This is the ``force ipv6 dns name resolution'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
is a member of the ipv4 class of options.
@end itemize
Force DNS resolution of following host names on the command line
to the IPv6 namespace.
@node ntpd authreq
@subsection authreq option (-a)
@cindex ntpd-authreq
This is the ``require crypto authentication'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
must not appear in combination with any of the following options:
authnoreq.
@end itemize
Require cryptographic authentication for broadcast client,
multicast client and symmetric passive associations.
This is the default.
@node ntpd authnoreq
@subsection authnoreq option (-A)
@cindex ntpd-authnoreq
This is the ``do not require crypto authentication'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
must not appear in combination with any of the following options:
authreq.
@end itemize
Do not require cryptographic authentication for broadcast client,
multicast client and symmetric passive associations.
This is almost never a good idea.
@node ntpd bcastsync
@subsection bcastsync option (-b)
@cindex ntpd-bcastsync
This is the ``allow us to sync to broadcast servers'' option.
@node ntpd configfile
@subsection configfile option (-c)
@cindex ntpd-configfile
This is the ``configuration file name'' option.
The name and path of the configuration file,
/etc/ntp.conf
by default.
@node ntpd debug-level
@subsection debug-level option (-d)
@cindex ntpd-debug-level
This is the ``increase output debug message level'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
may appear an unlimited number of times.
@item
must be compiled in by defining @code{DEBUG} during the compilation.
@end itemize
Increase the debugging message output level.
@node ntpd set-debug-level
@subsection set-debug-level option (-D)
@cindex ntpd-set-debug-level
This is the ``set the output debug message level'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
may appear an unlimited number of times.
@item
must be compiled in by defining @code{DEBUG} during the compilation.
@end itemize
Set the output debugging level. Can be supplied multiple times,
but each overrides the previous value(s).
@node ntpd driftfile
@subsection driftfile option (-f)
@cindex ntpd-driftfile
This is the ``frequency drift file name'' option.
The name and path of the frequency file,
/etc/ntp.drift
by default.
This is the same operation as the
driftfile driftfile
configuration specification in the
/etc/ntp.conf
file.
@node ntpd panicgate
@subsection panicgate option (-g)
@cindex ntpd-panicgate
This is the ``allow the first adjustment to be big'' option.
Normally,
ntpd
exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that,
ntpd
will exit with a message to the system log. This option can be used with the
-q
and
-x
options.
See the
tinker
configuration file directive for other options.
@node ntpd jaildir
@subsection jaildir option (-i)
@cindex ntpd-jaildir
This is the ``jail directory'' option.
Chroot the server to the directory
jaildir
.
This option also implies that the server attempts to drop root privileges at startup (otherwise, chroot gives very little additional security), and it is only available if the OS supports to run the server without full root privileges.
You may need to also specify a
-u
option.
@node ntpd interface
@subsection interface option (-I)
@cindex ntpd-interface
This is the ``listen on interface'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
may appear an unlimited number of times.
@end itemize
@node ntpd keyfile
@subsection keyfile option (-k)
@cindex ntpd-keyfile
This is the ``path to symmetric keys'' option.
Specify the name and path of the symmetric key file.
/etc/ntp.keys
is the default.
This is the same operation as the
keys keyfile
configuration file directive.
@node ntpd logfile
@subsection logfile option (-l)
@cindex ntpd-logfile
This is the ``path to the log file'' option.
Specify the name and path of the log file.
The default is the system log file.
This is the same operation as the
logfile logfile
configuration file directive.
@node ntpd novirtualips
@subsection novirtualips option (-L)
@cindex ntpd-novirtualips
This is the ``do not listen to virtual ips'' option.
Do not listen to virtual IPs. The default is to listen.
@node ntpd modifymmtimer
@subsection modifymmtimer option (-M)
@cindex ntpd-modifymmtimer
This is the ``modify multimedia timer (windows only)'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
must be compiled in by defining @code{SYS_WINNT} during the compilation.
@end itemize
Set the Windows Multimedia Timer to highest resolution.
@node ntpd nofork
@subsection nofork option (-n)
@cindex ntpd-nofork
This is the ``do not fork'' option.
@node ntpd nice
@subsection nice option (-N)
@cindex ntpd-nice
This is the ``run at high priority'' option.
To the extent permitted by the operating system, run
ntpd
at the highest priority.
@node ntpd pidfile
@subsection pidfile option (-p)
@cindex ntpd-pidfile
This is the ``path to the pid file'' option.
Specify the name and path of the file used to record
ntpd's
process ID.
This is the same operation as the
pidfile pidfile
configuration file directive.
@node ntpd priority
@subsection priority option (-P)
@cindex ntpd-priority
This is the ``process priority'' option.
To the extent permitted by the operating system, run
ntpd
at the specified
sched_setscheduler(SCHED_FIFO)
priority.
@node ntpd quit
@subsection quit option (-q)
@cindex ntpd-quit
This is the ``set the time and quit'' option.
ntpd
will exit just after the first time the clock is set. This behavior mimics that of the
ntpdate
program, which is to be retired.
The
-g
and
-x
options can be used with this option.
Note: The kernel time discipline is disabled with this option.
@node ntpd propagationdelay
@subsection propagationdelay option (-r)
@cindex ntpd-propagationdelay
This is the ``broadcast/propagation delay'' option.
Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol.
@node ntpd updateinterval
@subsection updateinterval option (-U)
@cindex ntpd-updateinterval
This is the ``interval in seconds between scans for new or dropped interfaces'' option.
Give the time in seconds between two scans for new or dropped interfaces.
For systems with routing socket support the scans will be performed shortly after the interface change
has been detected by the system.
Use 0 to disable scanning.
@node ntpd statsdir
@subsection statsdir option (-s)
@cindex ntpd-statsdir
This is the ``statistics file location'' option.
Specify the directory path for files created by the statistics facility.
This is the same operation as the
statsdir statsdir
configuration file directive.
@node ntpd trustedkey
@subsection trustedkey option (-t)
@cindex ntpd-trustedkey
This is the ``trusted key number'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
may appear an unlimited number of times.
@end itemize
Add a key number to the trusted key list.
@node ntpd user
@subsection user option (-u)
@cindex ntpd-user
This is the ``run as userid (or userid:groupid)'' option.
Specify a user, and optionally a group, to switch to.
This option is only available if the OS supports to run the server without full root privileges.
Currently, this option is supported under NetBSD (configure with
--enable-clockctl
) and Linux (configure with
--enable-linuxcaps
).
@node ntpd var
@subsection var option (-v)
@cindex ntpd-var
This is the ``make arg an ntp variable (rw)'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
may appear an unlimited number of times.
@end itemize
@node ntpd dvar
@subsection dvar option (-V)
@cindex ntpd-dvar
This is the ``make arg an ntp variable (rw|def)'' option.
This option has some usage constraints. It:
@itemize @bullet
@item
may appear an unlimited number of times.
@end itemize
@node ntpd slew
@subsection slew option (-x)
@cindex ntpd-slew
This is the ``slew up to 600 seconds'' option.
Normally, the time is slewed if the offset is less than the step threshold, which is 128 ms by default, and stepped if above the threshold.
This option sets the threshold to 600 s, which is well within the accuracy window to set the clock manually.
Note: Since the slew rate of typical Unix kernels is limited to 0.5 ms/s, each second of adjustment requires an amortization interval of 2000 s.
Thus, an adjustment as much as 600 s will take almost 14 days to complete.
This option can be used with the
-g
and
-q
options.
See the
tinker
configuration file directive for other options.
Note: The kernel time discipline is disabled with this option.
Reference in New Issue View Git Blame Copy Permalink