Line 116: | Line 116: | ||
== Contingency Plan == | == Contingency Plan == | ||
<!-- If you cannot complete your feature by the final development freeze, what is the backup plan? This might be as simple as "Revert the shipped configuration". Or it might not (e.g. rebuilding a number of dependent packages). If you feature is not completed in time we want to assure others that other parts of Fedora will not be in jeopardy. --> | <!-- If you cannot complete your feature by the final development freeze, what is the backup plan? This might be as simple as "Revert the shipped configuration". Or it might not (e.g. rebuilding a number of dependent packages). If you feature is not completed in time we want to assure others that other parts of Fedora will not be in jeopardy. --> | ||
* Contingency mechanism: (What to do? Who will do it?) | * Contingency mechanism: (What to do? Who will do it?) Revert to the previous configuration of continuing use of ntpdate. <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | ||
<!-- When is the last time the contingency mechanism can be put in place? This will typically be the beta freeze. --> | <!-- When is the last time the contingency mechanism can be put in place? This will typically be the beta freeze. --> | ||
* Contingency deadline: | * Contingency deadline: Beta Freeze <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | ||
<!-- Does finishing this feature block the release, or can we ship with the feature in incomplete state? --> | <!-- Does finishing this feature block the release, or can we ship with the feature in incomplete state? --> | ||
* Blocks release? | * Blocks release? No <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | ||
== Documentation == | == Documentation == |
Revision as of 19:29, 8 July 2013
Removed deprecated calls of using ntpdate in favor of ntpd
Summary
ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize systems that make use of ntpdate.
Owner
- Name: Michael Harris
- Email: MikeDawg@gmail.com
- Release notes owner:
Current status
- Targeted release: Fedora 19
- Last updated: 2013-7-8
- Tracker bug: <will be assigned by the Wrangler>
Detailed Description
ntpdate is slowly being depricated in favor of ntpd. DoD STIGs now penalize for the use of ntpdate on Red Hat Enterprise systems. I would like to "modernize" the ntpdate utility to do two things.
First, I would like to get rid of the dependency of ntpdate, in favor of ntpd.
Second, I would like to add a set time for ntpd to check for time updates (as configured by the user in /etc/sysconfig/ntpdate).
Benefit to Fedora
First and foremost, it is backing away from a dependency that is set to deprecate at some point in the future. ntpd now handles many/most of the tasks that ntpdate was once used for. I'm also adding the feature of either random time checks based on a user interval, or just checks at an interval.
Scope
- Proposal owners:
- Other developers: N/A (not a System Wide Change)
- Release engineering: N/A (not a System Wide Change)
- Policies and guidelines: N/A (not a System Wide Change)
Upgrade/compatibility impact
No changes will be needed for the system to function as-is. In order to incorporate a (random or not) check of time will require modification of the /etc/sysconfig/ntpdate configuration file.
How To Test
Will need to verify that ntpd correctly launches, and is able to set the time/date. Will also need to verify the random/interval check is running. This can be easily done by parsing the info out the log files.
User Experience
Will not be noticeable to the average audience. The change will impact those that are doing various levels of security checks/tests against their systems, and more specifically, those that are using guidelines from the DoD STIGs, NSA Hardening Guidelines (currently only up to RHEL 5, however, many of the configurations still apply), and the CIS Hardening Documents.
Dependencies
Will have the continued dependency on ntpd.
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) Revert to the previous configuration of continuing use of ntpdate.
- Contingency deadline: Beta Freeze
- Blocks release? No
Documentation
N/A (not a System Wide Change)