Bug 83253

Summary: DHCP assigned NTP server is never configured properly
Product: [Retired] Red Hat Linux Reporter: Sean E. Millichamp <sean>
Component: dhcpAssignee: Daniel Walsh <dwalsh>
Severity: medium Docs Contact:
Priority: medium    
Version: 9   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-08-01 20:02:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Sean E. Millichamp 2003-01-31 21:59:35 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
When assigning an NTP server from DHCP, the DHCP client program creates a new
/etc/ntp.conf file with settings in order to use the server assigned from DHCP.
 The problem is that the configuration is missing a line to be functional.

The /sbin/dhclient-script writes out the /etc/ntp.conf file with the server's IP
address but does not write out the required "restrict" line to modify the NTP
ACLs to allow communication with the server.  As part of the /etc/ntp.conf file
it writes out it includes a "restrict default ignore" which instructs NTP to
ignore all packets from all hosts unless there is another restrict line
specifically allowing it.  Currently, there isn't.

N.B.: The file produced by the firststart NTP configuration routine after an
install DOES produce a proper (working) ntp.conf file.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install the ntp and dhclient RPMs
2. Configure your interface for DHCP and the DHCP server to serve the
"ntp-server" option.
3. Reboot/bring up the DHCP interface

Actual Results:  This file is generated by /sbin/dhclient-script:

restrict default ignore
driftfile /etc/ntp/drift
broadcastdelay 0.008
authenticate yes
keys /etc/ntp/keys

Expected Results:  Note that the required "restrict nomodify notrap
noquery" line is missing.  Note that "ntpq -c pe" never shows a proper

The generated file should read:
restrict default ignore
driftfile /etc/ntp/drift
broadcastdelay 0.008
authenticate yes
keys /etc/ntp/keys
restrict nomodify notrap noquery

Additional info:

Here is a diff -u against /sbin/dhclient-script from phoebe2 to correct it:

--- dhclient-script-orig        2003-01-31 16:37:59.000000000 -0500
+++ dhclient-script     2003-01-31 16:38:37.000000000 -0500
@@ -156,6 +156,7 @@
       :> /etc/ntp/step-tickers
       for I in $new_ntp_servers; do
+          echo "restrict $I nomodify notrap noquery" >> /etc/ntp.conf
          echo "server $I" >> /etc/ntp.conf
          echo "$I" >> /etc/ntp/step-tickers

Comment 1 Daniel Walsh 2003-02-03 16:40:11 UTC
Fixed in dhcp-3.0pl1-23