Enable ntp client functionality with chronyd

Using 'bindaddress' in the /etc/chrony/chrony.conf disables both client and server ntp functionality as it cannot get the ntp responses from peer servers. The default install will leave the servers unsynced with an ntp source causing them to skew over time and eventually break services that rely on synced time. Setting 'port 0' will disable the server functionality. Using 'bindcmdaddress' will still chronc<->chronyd communictions over localhost only. This should allow client functionality and disable server functionality. Change-Id: Ie9b6e73333d9469a17e4cee06f21aa99b2b3df7e Closes-Bug: #1656086 (cherry picked from commit 4cb2fa4eaa)
2017-02-23 15:00:02 -06:00 · 2017-02-23 15:00:02 -06:00 · e7dc4eec61
parent 160cb80bea
commit e7dc4eec61
1 changed files with 3 additions and 2 deletions
--- a/templates/chrony.conf.j2
+++ b/templates/chrony.conf.j2
@ -96,8 +96,9 @@ rtconutc

 {% if security_ntp_bind_local_interfaces_only | bool %}
 # Listen for NTP requests only on local interfaces.
-bindaddress 127.0.0.1
+port 0
+bindcmdaddress 127.0.0.1
 {% if not security_disable_ipv6 | bool %}
-bindaddress ::1
+bindcmdaddress ::1
 {% endif %}
 {% endif %}