From b9e07101d6347c0359fc68eac62e049acdfdbb78 Mon Sep 17 00:00:00 2001 From: Alex Harpin Date: Thu, 26 Feb 2015 22:50:05 +0000 Subject: vyatta-cfg-system: redesign the layout and updating of ntp When NTP is configured on the system, it not only acts as a client for the configured servers, but also as a server. Although the server is only available as a time source, it still represents a service that the user hasn't specifically enabled. This commit sets the default configuration of NTP to disallow all external access, so the system acts purely as a client by default, and also introduces the ability to configure which addresses / subnets are allowed to both query and use it as a time source. If the servers configured are specified as host names, these are resolved to IP addresses before being added to ntp.conf, with the same process carried out after name server changes. syntax 'set system ntp client address' Bug #94 http://bugzilla.vyos.net/show_bug.cgi?id=94 --- templates/system/ntp/node.def | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'templates/system/ntp/node.def') diff --git a/templates/system/ntp/node.def b/templates/system/ntp/node.def index 7a4ddad7..38e67e05 100644 --- a/templates/system/ntp/node.def +++ b/templates/system/ntp/node.def @@ -2,8 +2,7 @@ priority: 400 help: Network Time Protocol (NTP) configuration end: - /opt/vyatta/sbin/vyatta_update_ntp.pl /tmp/ntp.conf - sudo cp -b /tmp/ntp.conf /etc/ntp.conf + sudo /opt/vyatta/sbin/vyatta_update_ntp.pl if grep -q '^server' /etc/ntp.conf then if pgrep -f -u ntp /usr/sbin/ntpd > /dev/null @@ -15,4 +14,3 @@ end: else sudo /usr/sbin/invoke-rc.d ntp stop fi - rm -f /tmp/ntp.conf -- cgit v1.2.3