Bug 1834855 - Network Time Security
Summary: Network Time Security
Alias: None
Product: Fedora
Classification: Fedora
Component: Changes Tracking
Version: 33
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Miroslav Lichvar
QA Contact:
Depends On: 1872624
Blocks: F33Changes
TreeView+ depends on / blocked
Reported: 2020-05-12 14:26 UTC by Ben Cotton
Modified: 2020-12-21 16:39 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2020-10-27 14:47:46 UTC
Type: ---

Attachments (Terms of Use)

Description Ben Cotton 2020-05-12 14:26:44 UTC
This is a tracking bug for Change: Network Time Security
For more details, see: https://fedoraproject.org/wiki/Changes/NetworkTimeSecurity

Support for the Network Time Security (NTS) authentication mechanism in the NTP client/server (chrony) and installer (anaconda).

Comment 1 Miroslav Lichvar 2020-07-16 09:37:12 UTC
Pull request for NTS support in anaconda: https://github.com/rhinstaller/anaconda/pull/2738

Comment 2 Ben Cotton 2020-08-11 14:42:27 UTC
Branching F33 Change Tracker bugs.

Today is the code complete (testable) deadline. All bugs should be at least in MODIFIED state by now to indicate they are testable.

Comment 3 Miroslav Lichvar 2020-08-11 14:50:26 UTC
A chrony 4.0 prerelease with enabled NTS support is in rawhide. It doesn't use the newly assigned port for NTS-KE (4460) by default yet. An update to another prerelease and then final release is expected before Fedora 33 is released.

NTS support in anaconda was added in version 33.24.

Comment 4 Miroslav Lichvar 2020-08-26 09:09:33 UTC
chrony was updated to the latest prerelease, which uses the new NTS-KE port by default. Everything should be working as expected.

selinux-policy needs an update to allow connecting and binding to the port (bug #1872624).

Comment 5 Ben Cotton 2020-08-27 01:11:57 UTC
Yesterday we reached the Code complete (100% code complete) deadline for Fedora 33 Changes. If your Change is complete, please set this tracking bug to ON_QA. If you need to defer this Change to Fedora 34, please let NEEDINFO me.

As a reminder, we are now in the Beta Freeze. If you need to land package updates, please propose it as a Freeze Exception at https://qa.fedoraproject.org/blockerbugs/propose_bug

Comment 6 Miroslav Lichvar 2020-10-08 09:14:02 UTC
The final chrony-4.0 is now in updates testing.

Comment 7 Ben Cotton 2020-10-27 14:47:46 UTC
Closing tracking bugs for F33. If your change didn't make it into F33 for some reason, please reopen this and NEEDINFO me.

Note You need to log in before you can comment on or make changes to this bug.