freebsd-nq/contrib/ntp/ntpd/ntpd.1
Ollivier Robert eb6d21b4ca Merge 4.2.4p8 into contrib (r200452 & r200454).
Subversion is being difficult here so take a hammer and get it in.

MFC after:		2 weeks
Security:		CVE-2009-3563
2009-12-15 14:58:10 +00:00

297 lines
8.4 KiB
Groff

.TH NTPD 1 2009-12-08 "( 4.2.4p8)" "Programmer's Manual"
.\" EDIT THIS FILE WITH CAUTION (ntpd.1)
.\"
.\" It has been AutoGen-ed Tuesday December 8, 2009 at 08:13:11 AM EST
.\" From the definitions ntpd-opts.def
.\" and the template file agman1.tpl
.\"
.SH NAME
ntpd \- NTP daemon program
.SH SYNOPSIS
.B ntpd
.\" Mixture of short (flag) options and long options
.RB [ \-\fIflag\fP " [\fIvalue\fP]]... [" \--\fIopt-name\fP " [[=| ]\fIvalue\fP]]..."
.PP
All arguments must be options.
.SH "DESCRIPTION"
This manual page documents, briefly, the \fBntpd\fP command.
.SH OPTIONS
.TP
.BR \-4 ", " \--ipv4
Force IPv4 DNS name resolution.
This option is a member of the ipv4 class of options.
.sp
Force DNS resolution of following host names on the command line
to the IPv4 namespace.
.TP
.BR \-6 ", " \--ipv6
Force IPv6 DNS name resolution.
This option is a member of the ipv4 class of options.
.sp
Force DNS resolution of following host names on the command line
to the IPv6 namespace.
.TP
.BR \-a ", " \--authreq
Require crypto authentication.
This option must not appear in combination with any of the following options:
authnoreq.
.sp
Require cryptographic authentication for broadcast client,
multicast client and symmetric passive associations.
This is the default.
.TP
.BR \-A ", " \--authnoreq
Do not require crypto authentication.
This option must not appear in combination with any of the following options:
authreq.
.sp
Do not require cryptographic authentication for broadcast client,
multicast client and symmetric passive associations.
This is almost never a good idea.
.TP
.BR \-b ", " \--bcastsync
Allow us to sync to broadcast servers.
.sp
.TP
.BR \-c " \fIstring\fP, " \--configfile "=" \fIstring\fP
configuration file name.
.sp
The name and path of the configuration file,
/etc/ntp.conf
by default.
.TP
.BR \-d ", " \--debug-level
Increase output debug message level.
This option may appear an unlimited number of times.
.sp
Increase the debugging message output level.
.TP
.BR \-D " \fIstring\fP, " \--set-debug-level "=" \fIstring\fP
Set the output debug message level.
This option may appear an unlimited number of times.
.sp
Set the output debugging level. Can be supplied multiple times,
but each overrides the previous value(s).
.TP
.BR \-f " \fIstring\fP, " \--driftfile "=" \fIstring\fP
frequency drift file name.
.sp
The name and path of the frequency file,
/etc/ntp.drift
by default.
This is the same operation as the
driftfile driftfile
configuration specification in the
/etc/ntp.conf
file.
.TP
.BR \-g ", " \--panicgate
Allow the first adjustment to be Big.
.sp
Normally,
ntpd
exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that,
ntpd
will exit with a message to the system log. This option can be used with the
-q
and
-x
options.
See the
tinker
configuration file directive for other options.
.TP
.BR \-i " \fIstring\fP, " \--jaildir "=" \fIstring\fP
Jail directory.
.sp
Chroot the server to the directory
jaildir
.
This option also implies that the server attempts to drop root privileges at startup (otherwise, chroot gives very little additional security), and it is only available if the OS supports to run the server without full root privileges.
You may need to also specify a
-u
option.
.TP
.BR \-I " \fIiface\fP, " \--interface "=" \fIiface\fP
Listen on interface.
This option may appear an unlimited number of times.
.sp
.TP
.BR \-k " \fIstring\fP, " \--keyfile "=" \fIstring\fP
path to symmetric keys.
.sp
Specify the name and path of the symmetric key file.
/etc/ntp.keys
is the default.
This is the same operation as the
keys keyfile
configuration file directive.
.TP
.BR \-l " \fIstring\fP, " \--logfile "=" \fIstring\fP
path to the log file.
.sp
Specify the name and path of the log file.
The default is the system log file.
This is the same operation as the
logfile logfile
configuration file directive.
.TP
.BR \-L ", " \--novirtualips
Do not listen to virtual IPs.
.sp
Do not listen to virtual IPs. The default is to listen.
.TP
.BR \-M ", " \--modifymmtimer
Modify Multimedia Timer (Windows only).
.sp
Set the Windows Multimedia Timer to highest resolution.
.TP
.BR \-n ", " \--nofork
Do not fork.
.sp
.TP
.BR \-N ", " \--nice
Run at high priority.
.sp
To the extent permitted by the operating system, run
ntpd
at the highest priority.
.TP
.BR \-p " \fIstring\fP, " \--pidfile "=" \fIstring\fP
path to the PID file.
.sp
Specify the name and path of the file used to record
ntpd's
process ID.
This is the same operation as the
pidfile pidfile
configuration file directive.
.TP
.BR \-P " \fInumber\fP, " \--priority "=" \fInumber\fP
Process priority.
This option takes an integer number as its argument.
.sp
To the extent permitted by the operating system, run
ntpd
at the specified
sched_setscheduler(SCHED_FIFO)
priority.
.TP
.BR \-q ", " \--quit
Set the time and quit.
.sp
ntpd
will exit just after the first time the clock is set. This behavior mimics that of the
ntpdate
program, which is to be retired.
The
-g
and
-x
options can be used with this option.
Note: The kernel time discipline is disabled with this option.
.TP
.BR \-r " \fIstring\fP, " \--propagationdelay "=" \fIstring\fP
Broadcast/propagation delay.
.sp
Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol.
.TP
.BR \-U " \fInumber\fP, " \--updateinterval "=" \fInumber\fP
interval in seconds between scans for new or dropped interfaces.
This option takes an integer number as its argument.
.sp
Give the time in seconds between two scans for new or dropped interfaces.
For systems with routing socket support the scans will be performed shortly after the interface change
has been detected by the system.
Use 0 to disable scanning.
.TP
.BR \-s " \fIstring\fP, " \--statsdir "=" \fIstring\fP
Statistics file location.
.sp
Specify the directory path for files created by the statistics facility.
This is the same operation as the
statsdir statsdir
configuration file directive.
.TP
.BR \-t " \fItkey\fP, " \--trustedkey "=" \fItkey\fP
Trusted key number.
This option may appear an unlimited number of times.
.sp
Add a key number to the trusted key list.
.TP
.BR \-u " \fIstring\fP, " \--user "=" \fIstring\fP
Run as userid (or userid:groupid).
.sp
Specify a user, and optionally a group, to switch to.
This option is only available if the OS supports to run the server without full root privileges.
Currently, this option is supported under NetBSD (configure with
--enable-clockctl
) and Linux (configure with
--enable-linuxcaps
).
.TP
.BR \-v " \fInvar\fP, " \--var "=" \fInvar\fP
make ARG an ntp variable (RW).
This option may appear an unlimited number of times.
.sp
.TP
.BR \-V " \fIndvar\fP, " \--dvar "=" \fIndvar\fP
make ARG an ntp variable (RW|DEF).
This option may appear an unlimited number of times.
.sp
.TP
.BR \-x ", " \--slew
Slew up to 600 seconds.
.sp
Normally, the time is slewed if the offset is less than the step threshold, which is 128 ms by default, and stepped if above the threshold.
This option sets the threshold to 600 s, which is well within the accuracy window to set the clock manually.
Note: Since the slew rate of typical Unix kernels is limited to 0.5 ms/s, each second of adjustment requires an amortization interval of 2000 s.
Thus, an adjustment as much as 600 s will take almost 14 days to complete.
This option can be used with the
-g
and
-q
options.
See the
tinker
configuration file directive for other options.
Note: The kernel time discipline is disabled with this option.
.TP
.BR \-? , " \--help"
Display usage information and exit.
.TP
.BR \-! , " \--more-help"
Extended usage information passed thru pager.
.TP
.BR \-v " [{\fIv|c|n\fP}]," " \--version" "[=\fI{v|c|n}\fP]"
Output version of program and exit. The default mode is `v', a simple
version. The `c' mode will print copyright information and `n' will
print the full copyright notice.
.SH OPTION PRESETS
Any option that is not marked as \fInot presettable\fP may be preset
by loading values from environment variables named:
.nf
\fBNTPD_<option-name>\fP or \fBNTPD\fP
.fi
.aj
.SH AUTHOR
David L. Mills and/or others
.br
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
.PP
.nf
.na
see html/copyright.html
.fi
.ad
.PP
This manual page was \fIAutoGen\fP-erated from the \fBntpd\fP
option definitions.