From 854c68d43d8f1cf20417edd12284ea20f9e7ec9a Mon Sep 17 00:00:00 2001
From: Georgiy Tugai <georgiy@crossings.link>
Date: Wed, 13 Oct 2021 13:28:11 +0200
Subject: ntp: T3904: Fix NTP pool associations

As of NTP 4.2.7, 'nopeer' also blocks pool associations.

See https://bugs.ntp.org/show_bug.cgi?id=2657

See also https://github.com/geerlingguy/ansible-role-ntp/pull/84
---
 data/templates/ntp/ntpd.conf.tmpl | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'data')

diff --git a/data/templates/ntp/ntpd.conf.tmpl b/data/templates/ntp/ntpd.conf.tmpl
index 2b56b53c3..38e68f24f 100644
--- a/data/templates/ntp/ntpd.conf.tmpl
+++ b/data/templates/ntp/ntpd.conf.tmpl
@@ -6,6 +6,8 @@
 driftfile /var/lib/ntp/ntp.drift
 # By default, only allow ntpd to query time sources, ignore any incoming requests
 restrict default noquery nopeer notrap nomodify
+# Allow pool associations
+restrict source nomodify notrap noquery
 # Local users have unrestricted access, allowing reconfiguration via ntpdc
 restrict 127.0.0.1
 restrict -6 ::1
-- 
cgit v1.2.3