d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4743a67b21
freebsd-skq/contrib/ntp/ntpd/ntpd.html
delphij a3a54e251a MFV r298691: 
ntp 4.2.8p7.

Security:	CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550
Security:	CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518
Security:	CVE-2016-2519
Security:	FreeBSD-SA-16:16.ntp
With hat:	so
2016-04-27 07:46:38 +00:00

1020 lines
41 KiB
HTML
Raw Blame History

<html lang="en">
<head>
<title>ntpd: Network Time Protocol (NTP) Daemon User's Manual</title>
<meta http-equiv="Content-Type" content="text/html">
<meta name="description" content="ntpd: Network Time Protocol (NTP) Daemon User's Manual">
<meta name="generator" content="makeinfo 4.7">
<link title="Top" rel="top" href="#Top">
<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage">
<meta http-equiv="Content-Style-Type" content="text/css">
<style type="text/css"><!--
pre.display { font-family:inherit }
pre.format { font-family:inherit }
pre.smalldisplay { font-family:inherit; font-size:smaller }
pre.smallformat { font-family:inherit; font-size:smaller }
pre.smallexample { font-size:smaller }
pre.smalllisp { font-size:smaller }
span.sc { font-variant:small-caps }
span.roman { font-family: serif; font-weight: normal; }
--></style>
</head>
<body>
<h1 class="settitle">ntpd: Network Time Protocol (NTP) Daemon User's Manual</h1>
<div class="node">
<p><hr>
<a name="Top"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-Description">ntpd Description</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#dir">(dir)</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
<br>
</div>
<h2 class="unnumbered">ntpd: Network Time Protocol (NTP) Daemon User Manual</h2>
<p>The <code>ntpd</code> program is an operating system daemon that synchronizes the
system clock to remote NTP time servers or local reference clocks.
It is a complete implementation of NTP version 4 defined by RFC-5905, but
also retains compatible with version 3 defined by RFC-1305 and versions
1 and 2, defined by RFC-1059 and RFC-1119, respectively.
The program can operate in any of several modes, including client/server,
symmetric and broadcast modes, and with both symmetric-key and public-key
cryptography.
<p>This document applies to version 4.2.8p7 of <code>ntpd</code>.
<ul class="menu">
<li><a accesskey="1" href="#ntpd-Description">ntpd Description</a>: Description
<li><a accesskey="2" href="#ntpd-Invocation">ntpd Invocation</a>: Invoking ntpd
<li><a accesskey="3" href="#Usage">Usage</a>: Usage
</ul>
<div class="node">
<p><hr>
<a name="ntpd-Description"></a>
<br>
</div>
<!-- node-name, next, previous, up -->
<h3 class="section">Description</h3>
<p>The <code>ntpd</code> program ordinarily requires
a configuration file described at <a href="#ntp_002econf">ntp.conf</a>.
This configuration file contains configuration commands described on
the pages listed above.
However a client can discover remote servers and configure them
automatically.
This makes it possible to deploy a fleet of workstations without
specifying configuration details specific to the local environment.
<p>The <code>ntpd</code> program normally operates continuously while adjusting the
system time and frequency, but in some cases this might not be
practical.
With the <code>-q</code> option <code>ntpd</code> operates as in continuous mode, but
exits just after setting the clock for the first time.
Most applications will probably want to specify the <code>iburst</code>
option with the <code>server</code> command.
With this option an initial volley of messages is exchanged to
groom the data and set the clock in about ten seconds' time.
If nothing is heard after a few minutes' time,
the daemon times out and exits without setting the clock.
<div class="node">
<p><hr>
<a name="ntpd-Invocation"></a>
<br>
</div>
<h3 class="section">Invoking ntpd</h3>
<p><a name="index-ntpd-1"></a><a name="index-NTP-daemon-program-2"></a>
<p>The
<code>ntpd</code>
utility is an operating system daemon which sets
and maintains the system time of day in synchronism with Internet
standard time servers.
It is a complete implementation of the
Network Time Protocol (NTP) version 4, as defined by RFC-5905,
but also retains compatibility with
version 3, as defined by RFC-1305, and versions 1
and 2, as defined by RFC-1059 and RFC-1119, respectively.
<p>The
<code>ntpd</code>
utility does most computations in 64-bit floating point
arithmetic and does relatively clumsy 64-bit fixed point operations
only when necessary to preserve the ultimate precision, about 232
picoseconds.
While the ultimate precision is not achievable with
ordinary workstations and networks of today, it may be required
with future gigahertz CPU clocks and gigabit LANs.
<p>Ordinarily,
<code>ntpd</code>
reads the
<code>ntp.conf(5)</code>
configuration file at startup time in order to determine the
synchronization sources and operating modes.
It is also possible to
specify a working, although limited, configuration entirely on the
command line, obviating the need for a configuration file.
This may
be particularly useful when the local host is to be configured as a
broadcast/multicast client, with all peers being determined by
listening to broadcasts at run time.
<p>If NetInfo support is built into
<code>ntpd</code>
then
<code>ntpd</code>
will attempt to read its configuration from the
NetInfo if the default
<code>ntp.conf(5)</code>
file cannot be read and no file is
specified by the
<code>-c</code>
option.
<p>Various internal
<code>ntpd</code>
variables can be displayed and
configuration options altered while the
<code>ntpd</code>
is running
using the
<code>ntpq(1ntpqmdoc)</code>
and
<code>ntpdc(1ntpdcmdoc)</code>
utility programs.
<p>When
<code>ntpd</code>
starts it looks at the value of
<code>umask(2)</code>,
and if zero
<code>ntpd</code>
will set the
<code>umask(2)</code>
to 022.
<p>This section was generated by <strong>AutoGen</strong>,
using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntpd</code> program.
This software is released under the NTP license, &lt;http://ntp.org/license&gt;.
<ul class="menu">
<li><a accesskey="1" href="#ntpd-usage">ntpd usage</a>: ntpd help/usage (<span class="option">--help</span>)
<li><a accesskey="2" href="#ntpd-ipv4">ntpd ipv4</a>: ipv4 option (-4)
<li><a accesskey="3" href="#ntpd-ipv6">ntpd ipv6</a>: ipv6 option (-6)
<li><a accesskey="4" href="#ntpd-authreq">ntpd authreq</a>: authreq option (-a)
<li><a accesskey="5" href="#ntpd-authnoreq">ntpd authnoreq</a>: authnoreq option (-A)
<li><a accesskey="6" href="#ntpd-configfile">ntpd configfile</a>: configfile option (-c)
<li><a accesskey="7" href="#ntpd-driftfile">ntpd driftfile</a>: driftfile option (-f)
<li><a accesskey="8" href="#ntpd-panicgate">ntpd panicgate</a>: panicgate option (-g)
<li><a accesskey="9" href="#ntpd-force_002dstep_002donce">ntpd force-step-once</a>: force-step-once option (-G)
<li><a href="#ntpd-jaildir">ntpd jaildir</a>: jaildir option (-i)
<li><a href="#ntpd-interface">ntpd interface</a>: interface option (-I)
<li><a href="#ntpd-keyfile">ntpd keyfile</a>: keyfile option (-k)
<li><a href="#ntpd-logfile">ntpd logfile</a>: logfile option (-l)
<li><a href="#ntpd-novirtualips">ntpd novirtualips</a>: novirtualips option (-L)
<li><a href="#ntpd-modifymmtimer">ntpd modifymmtimer</a>: modifymmtimer option (-M)
<li><a href="#ntpd-nice">ntpd nice</a>: nice option (-N)
<li><a href="#ntpd-pidfile">ntpd pidfile</a>: pidfile option (-p)
<li><a href="#ntpd-priority">ntpd priority</a>: priority option (-P)
<li><a href="#ntpd-quit">ntpd quit</a>: quit option (-q)
<li><a href="#ntpd-propagationdelay">ntpd propagationdelay</a>: propagationdelay option (-r)
<li><a href="#ntpd-saveconfigquit">ntpd saveconfigquit</a>: saveconfigquit option
<li><a href="#ntpd-statsdir">ntpd statsdir</a>: statsdir option (-s)
<li><a href="#ntpd-trustedkey">ntpd trustedkey</a>: trustedkey option (-t)
<li><a href="#ntpd-user">ntpd user</a>: user option (-u)
<li><a href="#ntpd-updateinterval">ntpd updateinterval</a>: updateinterval option (-U)
<li><a href="#ntpd-wait_002dsync">ntpd wait-sync</a>: wait-sync option (-w)
<li><a href="#ntpd-slew">ntpd slew</a>: slew option (-x)
<li><a href="#ntpd-usepcc">ntpd usepcc</a>: usepcc option
<li><a href="#ntpd-pccfreq">ntpd pccfreq</a>: pccfreq option
<li><a href="#ntpd-mdns">ntpd mdns</a>: mdns option (-m)
<li><a href="#ntpd-config">ntpd config</a>: presetting/configuring ntpd
<li><a href="#ntpd-exit-status">ntpd exit status</a>: exit status
<li><a href="#ntpd-Usage">ntpd Usage</a>: Usage
<li><a href="#ntpd-Files">ntpd Files</a>: Files
<li><a href="#ntpd-See-Also">ntpd See Also</a>: See Also
<li><a href="#ntpd-Bugs">ntpd Bugs</a>: Bugs
<li><a href="#ntpd-Notes">ntpd Notes</a>: Notes
</ul>
<div class="node">
<p><hr>
<a name="ntpd-usage"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-ipv4">ntpd ipv4</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ntpd help/usage (<span class="option">--help</span>)</h4>
<p><a name="index-ntpd-help-3"></a>
This is the automatically generated usage text for ntpd.
<p>The text printed is the same whether selected with the <code>help</code> option
(<span class="option">--help</span>) or the <code>more-help</code> option (<span class="option">--more-help</span>). <code>more-help</code> will print
the usage text by passing it through a pager program.
<code>more-help</code> is disabled on platforms without a working
<code>fork(2)</code> function. The <code>PAGER</code> environment variable is
used to select the program, defaulting to <span class="file">more</span>. Both will exit
with a status code of 0.
<pre class="example">ntpd - NTP daemon program - Ver. 4.2.8p6
Usage: ntpd [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... \
[ &lt;server1&gt; ... &lt;serverN&gt; ]
Flg Arg Option-Name Description
-4 no ipv4 Force IPv4 DNS name resolution
- prohibits the option 'ipv6'
-6 no ipv6 Force IPv6 DNS name resolution
- prohibits the option 'ipv4'
-a no authreq Require crypto authentication
- prohibits the option 'authnoreq'
-A no authnoreq Do not require crypto authentication
- prohibits the option 'authreq'
-b no bcastsync Allow us to sync to broadcast servers
-c Str configfile configuration file name
-d no debug-level Increase debug verbosity level
- may appear multiple times
-D Num set-debug-level Set the debug verbosity level
- may appear multiple times
-f Str driftfile frequency drift file name
-g no panicgate Allow the first adjustment to be Big
- may appear multiple times
-G no force-step-once Step any initial offset correction.
-i Str jaildir Jail directory
-I Str interface Listen on an interface name or address
- may appear multiple times
-k Str keyfile path to symmetric keys
-l Str logfile path to the log file
-L no novirtualips Do not listen to virtual interfaces
-n no nofork Do not fork
- prohibits the option 'wait-sync'
-N no nice Run at high priority
-p Str pidfile path to the PID file
-P Num priority Process priority
-q no quit Set the time and quit
- prohibits these options:
saveconfigquit
wait-sync
-r Str propagationdelay Broadcast/propagation delay
Str saveconfigquit Save parsed configuration and quit
- prohibits these options:
quit
wait-sync
-s Str statsdir Statistics file location
-t Str trustedkey Trusted key number
- may appear multiple times
-u Str user Run as userid (or userid:groupid)
-U Num updateinterval interval in seconds between scans for new or dropped interfaces
Str var make ARG an ntp variable (RW)
- may appear multiple times
Str dvar make ARG an ntp variable (RW|DEF)
- may appear multiple times
-w Num wait-sync Seconds to wait for first clock sync
- prohibits these options:
nofork
quit
saveconfigquit
-x no slew Slew up to 600 seconds
opt version output version information and exit
-? no help display extended usage information and exit
-! no more-help extended usage information passed thru pager
Options are specified by doubled hyphens and their name or by a single
hyphen and the flag character.
The following option preset mechanisms are supported:
- examining environment variables named NTPD_*
Please send bug reports to: &lt;http://bugs.ntp.org, bugs@ntp.org&gt;
</pre>
<div class="node">
<p><hr>
<a name="ntpd-ipv4"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-ipv6">ntpd ipv6</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-usage">ntpd usage</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ipv4 option (-4)</h4>
<p><a name="index-ntpd_002dipv4-4"></a>
This is the &ldquo;force ipv4 dns name resolution&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must not appear in combination with any of the following options:
ipv6.
</ul>
<p>Force DNS resolution of following host names on the command line
to the IPv4 namespace.
<div class="node">
<p><hr>
<a name="ntpd-ipv6"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-authreq">ntpd authreq</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-ipv4">ntpd ipv4</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ipv6 option (-6)</h4>
<p><a name="index-ntpd_002dipv6-5"></a>
This is the &ldquo;force ipv6 dns name resolution&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must not appear in combination with any of the following options:
ipv4.
</ul>
<p>Force DNS resolution of following host names on the command line
to the IPv6 namespace.
<div class="node">
<p><hr>
<a name="ntpd-authreq"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-authnoreq">ntpd authnoreq</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-ipv6">ntpd ipv6</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">authreq option (-a)</h4>
<p><a name="index-ntpd_002dauthreq-6"></a>
This is the &ldquo;require crypto authentication&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must not appear in combination with any of the following options:
authnoreq.
</ul>
<p>Require cryptographic authentication for broadcast client,
multicast client and symmetric passive associations.
This is the default.
<div class="node">
<p><hr>
<a name="ntpd-authnoreq"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-configfile">ntpd configfile</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-authreq">ntpd authreq</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">authnoreq option (-A)</h4>
<p><a name="index-ntpd_002dauthnoreq-7"></a>
This is the &ldquo;do not require crypto authentication&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must not appear in combination with any of the following options:
authreq.
</ul>
<p>Do not require cryptographic authentication for broadcast client,
multicast client and symmetric passive associations.
This is almost never a good idea.
<div class="node">
<p><hr>
<a name="ntpd-configfile"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-driftfile">ntpd driftfile</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-authnoreq">ntpd authnoreq</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">configfile option (-c)</h4>
<p><a name="index-ntpd_002dconfigfile-8"></a>
This is the &ldquo;configuration file name&rdquo; option.
This option takes a string argument.
The name and path of the configuration file,
<span class="file">/etc/ntp.conf</span>
by default.
<div class="node">
<p><hr>
<a name="ntpd-driftfile"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-panicgate">ntpd panicgate</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-configfile">ntpd configfile</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">driftfile option (-f)</h4>
<p><a name="index-ntpd_002ddriftfile-9"></a>
This is the &ldquo;frequency drift file name&rdquo; option.
This option takes a string argument.
The name and path of the frequency file,
<span class="file">/etc/ntp.drift</span>
by default.
This is the same operation as the
<code>driftfile</code> <kbd>driftfile</kbd>
configuration specification in the
<span class="file">/etc/ntp.conf</span>
file.
<div class="node">
<p><hr>
<a name="ntpd-panicgate"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-force_002dstep_002donce">ntpd force-step-once</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-driftfile">ntpd driftfile</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">panicgate option (-g)</h4>
<p><a name="index-ntpd_002dpanicgate-10"></a>
This is the &ldquo;allow the first adjustment to be big&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>may appear an unlimited number of times.
</ul>
<p>Normally,
<code>ntpd</code>
exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that,
<code>ntpd</code>
will exit with a message to the system log. This option can be used with the
<code>-q</code>
and
<code>-x</code>
options.
See the
<code>tinker</code>
configuration file directive for other options.
<div class="node">
<p><hr>
<a name="ntpd-force_002dstep_002donce"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-jaildir">ntpd jaildir</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-panicgate">ntpd panicgate</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">force-step-once option (-G)</h4>
<p><a name="index-ntpd_002dforce_002dstep_002donce-11"></a>
This is the &ldquo;step any initial offset correction.&rdquo; option.
Normally,
<code>ntpd</code>
steps the time if the time offset exceeds the step threshold,
which is 128 ms by default, and otherwise slews the time.
This option forces the initial offset correction to be stepped,
so the highest time accuracy can be achieved quickly.
However, this may also cause the time to be stepped back
so this option must not be used if
applications requiring monotonic time are running.
See the <code>tinker</code> configuration file directive for other options.
<div class="node">
<p><hr>
<a name="ntpd-jaildir"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-interface">ntpd interface</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-force_002dstep_002donce">ntpd force-step-once</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">jaildir option (-i)</h4>
<p><a name="index-ntpd_002djaildir-12"></a>
This is the &ldquo;jail directory&rdquo; option.
This option takes a string argument.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>HAVE_DROPROOT</code> during the compilation.
</ul>
<p>Chroot the server to the directory
<kbd>jaildir</kbd>
.
This option also implies that the server attempts to drop root privileges at startup.
You may need to also specify a
<code>-u</code>
option.
This option is only available if the OS supports adjusting the clock
without full root privileges.
This option is supported under NetBSD (configure with
<code>--enable-clockctl</code>) or Linux (configure with
<code>--enable-linuxcaps</code>) or Solaris (configure with <code>--enable-solarisprivs</code>).
<div class="node">
<p><hr>
<a name="ntpd-interface"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-keyfile">ntpd keyfile</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-jaildir">ntpd jaildir</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">interface option (-I)</h4>
<p><a name="index-ntpd_002dinterface-13"></a>
This is the &ldquo;listen on an interface name or address&rdquo; option.
This option takes a string argument <span class="file">iface</span>.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>may appear an unlimited number of times.
</ul>
<p>Open the network address given, or all the addresses associated with the
given interface name. This option may appear multiple times. This option
also implies not opening other addresses, except wildcard and localhost.
This option is deprecated. Please consider using the configuration file
<code>interface</code> command, which is more versatile.
<div class="node">
<p><hr>
<a name="ntpd-keyfile"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-logfile">ntpd logfile</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-interface">ntpd interface</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">keyfile option (-k)</h4>
<p><a name="index-ntpd_002dkeyfile-14"></a>
This is the &ldquo;path to symmetric keys&rdquo; option.
This option takes a string argument.
Specify the name and path of the symmetric key file.
<span class="file">/etc/ntp.keys</span>
is the default.
This is the same operation as the
<code>keys</code> <kbd>keyfile</kbd>
configuration file directive.
<div class="node">
<p><hr>
<a name="ntpd-logfile"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-novirtualips">ntpd novirtualips</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-keyfile">ntpd keyfile</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">logfile option (-l)</h4>
<p><a name="index-ntpd_002dlogfile-15"></a>
This is the &ldquo;path to the log file&rdquo; option.
This option takes a string argument.
Specify the name and path of the log file.
The default is the system log file.
This is the same operation as the
<code>logfile</code> <kbd>logfile</kbd>
configuration file directive.
<div class="node">
<p><hr>
<a name="ntpd-novirtualips"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-modifymmtimer">ntpd modifymmtimer</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-logfile">ntpd logfile</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">novirtualips option (-L)</h4>
<p><a name="index-ntpd_002dnovirtualips-16"></a>
This is the &ldquo;do not listen to virtual interfaces&rdquo; option.
Do not listen to virtual interfaces, defined as those with
names containing a colon. This option is deprecated. Please
consider using the configuration file <code>interface</code> command, which
is more versatile.
<div class="node">
<p><hr>
<a name="ntpd-modifymmtimer"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-nice">ntpd nice</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-novirtualips">ntpd novirtualips</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">modifymmtimer option (-M)</h4>
<p><a name="index-ntpd_002dmodifymmtimer-17"></a>
This is the &ldquo;modify multimedia timer (windows only)&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>SYS_WINNT</code> during the compilation.
</ul>
<p>Set the Windows Multimedia Timer to highest resolution. This
ensures the resolution does not change while ntpd is running,
avoiding timekeeping glitches associated with changes.
<div class="node">
<p><hr>
<a name="ntpd-nice"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-pidfile">ntpd pidfile</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-modifymmtimer">ntpd modifymmtimer</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">nice option (-N)</h4>
<p><a name="index-ntpd_002dnice-18"></a>
This is the &ldquo;run at high priority&rdquo; option.
To the extent permitted by the operating system, run
<code>ntpd</code>
at the highest priority.
<div class="node">
<p><hr>
<a name="ntpd-pidfile"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-priority">ntpd priority</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-nice">ntpd nice</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">pidfile option (-p)</h4>
<p><a name="index-ntpd_002dpidfile-19"></a>
This is the &ldquo;path to the pid file&rdquo; option.
This option takes a string argument.
Specify the name and path of the file used to record
<code>ntpd</code>'s
process ID.
This is the same operation as the
<code>pidfile</code> <kbd>pidfile</kbd>
configuration file directive.
<div class="node">
<p><hr>
<a name="ntpd-priority"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-quit">ntpd quit</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-pidfile">ntpd pidfile</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">priority option (-P)</h4>
<p><a name="index-ntpd_002dpriority-20"></a>
This is the &ldquo;process priority&rdquo; option.
This option takes a number argument.
To the extent permitted by the operating system, run
<code>ntpd</code>
at the specified
<code>sched_setscheduler(SCHED_FIFO)</code>
priority.
<div class="node">
<p><hr>
<a name="ntpd-quit"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-propagationdelay">ntpd propagationdelay</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-priority">ntpd priority</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">quit option (-q)</h4>
<p><a name="index-ntpd_002dquit-21"></a>
This is the &ldquo;set the time and quit&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must not appear in combination with any of the following options:
saveconfigquit, wait-sync.
</ul>
<p><code>ntpd</code>
will not daemonize and will exit after the clock is first
synchronized. This behavior mimics that of the
<code>ntpdate</code>
program, which will soon be replaced with a shell script.
The
<code>-g</code>
and
<code>-x</code>
options can be used with this option.
Note: The kernel time discipline is disabled with this option.
<div class="node">
<p><hr>
<a name="ntpd-propagationdelay"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-saveconfigquit">ntpd saveconfigquit</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-quit">ntpd quit</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">propagationdelay option (-r)</h4>
<p><a name="index-ntpd_002dpropagationdelay-22"></a>
This is the &ldquo;broadcast/propagation delay&rdquo; option.
This option takes a string argument.
Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol.
<div class="node">
<p><hr>
<a name="ntpd-saveconfigquit"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-statsdir">ntpd statsdir</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-propagationdelay">ntpd propagationdelay</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">saveconfigquit option</h4>
<p><a name="index-ntpd_002dsaveconfigquit-23"></a>
This is the &ldquo;save parsed configuration and quit&rdquo; option.
This option takes a string argument.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>SAVECONFIG</code> during the compilation.
<li>must not appear in combination with any of the following options:
quit, wait-sync.
</ul>
<p>Cause <code>ntpd</code> to parse its startup configuration file and save an
equivalent to the given filename and exit. This option was
designed for automated testing.
<div class="node">
<p><hr>
<a name="ntpd-statsdir"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-trustedkey">ntpd trustedkey</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-saveconfigquit">ntpd saveconfigquit</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">statsdir option (-s)</h4>
<p><a name="index-ntpd_002dstatsdir-24"></a>
This is the &ldquo;statistics file location&rdquo; option.
This option takes a string argument.
Specify the directory path for files created by the statistics facility.
This is the same operation as the
<code>statsdir</code> <kbd>statsdir</kbd>
configuration file directive.
<div class="node">
<p><hr>
<a name="ntpd-trustedkey"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-user">ntpd user</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-statsdir">ntpd statsdir</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">trustedkey option (-t)</h4>
<p><a name="index-ntpd_002dtrustedkey-25"></a>
This is the &ldquo;trusted key number&rdquo; option.
This option takes a string argument <span class="file">tkey</span>.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>may appear an unlimited number of times.
</ul>
<p>Add the specified key number to the trusted key list.
<div class="node">
<p><hr>
<a name="ntpd-user"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-updateinterval">ntpd updateinterval</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-trustedkey">ntpd trustedkey</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">user option (-u)</h4>
<p><a name="index-ntpd_002duser-26"></a>
This is the &ldquo;run as userid (or userid:groupid)&rdquo; option.
This option takes a string argument.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>HAVE_DROPROOT</code> during the compilation.
</ul>
<p>Specify a user, and optionally a group, to switch to.
This option is only available if the OS supports adjusting the clock
without full root privileges.
This option is supported under NetBSD (configure with
<code>--enable-clockctl</code>) or Linux (configure with
<code>--enable-linuxcaps</code>) or Solaris (configure with <code>--enable-solarisprivs</code>).
<div class="node">
<p><hr>
<a name="ntpd-updateinterval"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-wait_002dsync">ntpd wait-sync</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-user">ntpd user</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">updateinterval option (-U)</h4>
<p><a name="index-ntpd_002dupdateinterval-27"></a>
This is the &ldquo;interval in seconds between scans for new or dropped interfaces&rdquo; option.
This option takes a number argument.
Give the time in seconds between two scans for new or dropped interfaces.
For systems with routing socket support the scans will be performed shortly after the interface change
has been detected by the system.
Use 0 to disable scanning. 60 seconds is the minimum time between scans.
<div class="node">
<p><hr>
<a name="ntpd-wait_002dsync"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-slew">ntpd slew</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-updateinterval">ntpd updateinterval</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">wait-sync option (-w)</h4>
<p><a name="index-ntpd_002dwait_002dsync-28"></a>
This is the &ldquo;seconds to wait for first clock sync&rdquo; option.
This option takes a number argument.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>HAVE_WORKING_FORK</code> during the compilation.
<li>must not appear in combination with any of the following options:
nofork, quit, saveconfigquit.
</ul>
<p>If greater than zero, alters <code>ntpd</code>'s behavior when forking to
daemonize. Instead of exiting with status 0 immediately after
the fork, the parent waits up to the specified number of
seconds for the child to first synchronize the clock. The exit
status is zero (success) if the clock was synchronized,
otherwise it is <code>ETIMEDOUT</code>.
This provides the option for a script starting <code>ntpd</code> to easily
wait for the first set of the clock before proceeding.
<div class="node">
<p><hr>
<a name="ntpd-slew"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-usepcc">ntpd usepcc</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-wait_002dsync">ntpd wait-sync</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">slew option (-x)</h4>
<p><a name="index-ntpd_002dslew-29"></a>
This is the &ldquo;slew up to 600 seconds&rdquo; option.
Normally, the time is slewed if the offset is less than the step threshold, which is 128 ms by default, and stepped if above the threshold.
This option sets the threshold to 600 s, which is well within the accuracy window to set the clock manually.
Note: Since the slew rate of typical Unix kernels is limited to 0.5 ms/s, each second of adjustment requires an amortization interval of 2000 s.
Thus, an adjustment as much as 600 s will take almost 14 days to complete.
This option can be used with the
<code>-g</code>
and
<code>-q</code>
options.
See the
<code>tinker</code>
configuration file directive for other options.
Note: The kernel time discipline is disabled with this option.
<div class="node">
<p><hr>
<a name="ntpd-usepcc"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-pccfreq">ntpd pccfreq</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-slew">ntpd slew</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">usepcc option</h4>
<p><a name="index-ntpd_002dusepcc-30"></a>
This is the &ldquo;use cpu cycle counter (windows only)&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>SYS_WINNT</code> during the compilation.
</ul>
<p>Attempt to substitute the CPU counter for <code>QueryPerformanceCounter</code>.
The CPU counter and <code>QueryPerformanceCounter</code> are compared, and if
they have the same frequency, the CPU counter (RDTSC on x86) is
used directly, saving the overhead of a system call.
<div class="node">
<p><hr>
<a name="ntpd-pccfreq"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-mdns">ntpd mdns</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-usepcc">ntpd usepcc</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">pccfreq option</h4>
<p><a name="index-ntpd_002dpccfreq-31"></a>
This is the &ldquo;force cpu cycle counter use (windows only)&rdquo; option.
This option takes a string argument.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>SYS_WINNT</code> during the compilation.
</ul>
<p>Force substitution the CPU counter for <code>QueryPerformanceCounter</code>.
The CPU counter (RDTSC on x86) is used unconditionally with the
given frequency (in Hz).
<div class="node">
<p><hr>
<a name="ntpd-mdns"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-config">ntpd config</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-pccfreq">ntpd pccfreq</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">mdns option (-m)</h4>
<p><a name="index-ntpd_002dmdns-32"></a>
This is the &ldquo;register with mdns as a ntp server&rdquo; option.
<p class="noindent">This option has some usage constraints. It:
<ul>
<li>must be compiled in by defining <code>HAVE_DNSREGISTRATION</code> during the compilation.
</ul>
<p>Registers as an NTP server with the local mDNS server which allows
the server to be discovered via mDNS client lookup.
<div class="node">
<p><hr>
<a name="ntpd-config"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-exit-status">ntpd exit status</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-mdns">ntpd mdns</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">presetting/configuring ntpd</h4>
<p>Any option that is not marked as <i>not presettable</i> may be preset by
loading values from environment variables named <code>NTPD</code> and <code>NTPD_&lt;OPTION_NAME&gt;</code>. <code>&lt;OPTION_NAME&gt;</code> must be one of
the options listed above in upper case and segmented with underscores.
The <code>NTPD</code> variable will be tokenized and parsed like
the command line. The remaining variables are tested for existence and their
values are treated like option arguments.
<p>The command line options relating to configuration and/or usage help are:
<h5 class="subsubheading">version (-)</h5>
<p>Print the program version to standard out, optionally with licensing
information, then exit 0. The optional argument specifies how much licensing
detail to provide. The default is to print just the version. The licensing infomation may be selected with an option argument.
Only the first letter of the argument is examined:
<dl>
<dt><span class="samp">version</span><dd>Only print the version. This is the default.
<br><dt><span class="samp">copyright</span><dd>Name the copyright usage licensing terms.
<br><dt><span class="samp">verbose</span><dd>Print the full copyright usage licensing terms.
</dl>
<div class="node">
<p><hr>
<a name="ntpd-exit-status"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-Usage">ntpd Usage</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-config">ntpd config</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ntpd exit status</h4>
<p>One of the following exit values will be returned:
<dl>
<dt><span class="samp">0 (EXIT_SUCCESS)</span><dd>Successful program execution.
<br><dt><span class="samp">1 (EXIT_FAILURE)</span><dd>The operation failed or the command syntax was not valid.
</dl>
<div class="node">
<p><hr>
<a name="ntpd-Usage"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-Files">ntpd Files</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-exit-status">ntpd exit status</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ntpd Usage</h4>
<div class="node">
<p><hr>
<a name="ntpd-Files"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-See-Also">ntpd See Also</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-Usage">ntpd Usage</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ntpd Files</h4>
<div class="node">
<p><hr>
<a name="ntpd-See-Also"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-Bugs">ntpd Bugs</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-Files">ntpd Files</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ntpd See Also</h4>
<div class="node">
<p><hr>
<a name="ntpd-Bugs"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntpd-Notes">ntpd Notes</a>,
Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-See-Also">ntpd See Also</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ntpd Bugs</h4>
<div class="node">
<p><hr>
<a name="ntpd-Notes"></a>Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntpd-Bugs">ntpd Bugs</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="#ntpd-Invocation">ntpd Invocation</a>
<br>
</div>
<h4 class="subsection">ntpd Notes</h4>
<div class="node">
<p><hr>
<a name="Usage"></a>
<br>
</div>
<!-- node-name, next, previous, up -->
<h3 class="section">Usage</h3>
Reference in New Issue View Git Blame Copy Permalink