|
[ Elza @ 30.09.2009. 08:46 ] @
[ combuster @ 30.09.2009. 08:53 ] @
Jesi li probala da startujes servis ntpd i ntpdate ?
U /etc/ntp.conf treba da imas liniju server pool.ntp.org i naravno da ti je timezone podesen kako treba... [ Elza @ 30.09.2009. 09:23 ] @
Imam ovo u /etc/ntp.conf
# --- OUR TIMESERVERS ----- server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org nemam baš ovako server pool.ntp.org A gdje podešavam timezone? jel isto u /etc/ntp.conf ? Ovo mi je baš čudno jer na ostalim serverima je dovoljno pokrenuti ntpdate... [ combuster @ 30.09.2009. 09:34 ] @
Pa timezone se kod mene podesava u /etc/rc.conf
imam liniju TIMEZONE="Europe/Belgrade" Mada ajde da razumem da ti pomera vreme celih sat - dva ali za 6 minuta... probaj ntpdate pool.ntp.org [ Elza @ 30.09.2009. 09:50 ] @
Nemam tog fajla /etc/rc.conf uopće.
probala sam pokrenuti ntpdate pool.ntp.org izvrši se ali, opet isto. Znači u mene je razlika 6 min da brza unaprijed. To mi je baš bitno jer na tom stroju imam sistemskih logova vezano za posao. [ Elza @ 30.09.2009. 10:00 ] @
Probala sam promijeniti i ovu datoteku /etc/sysconfig/clock
more /etc/sysconfig/clock ZONE="Europe/Sarajevo" UTC=false ARC=false Stavila sam more /etc/sysconfig/clock ZONE="Europe/Sarajevo" UTC=true ARC=false ko što je na ostalim serverima i pokrenula ntpdate ali ništa ne pomaže. Treba li neki restart nečeg nakon promjene ove datotekice /etc/sysconfig/clock [ Jbyn4e @ 30.09.2009. 10:47 ] @
E svasta, 6 minuta.. jesi sigurna da ti referentni sat koji gledas ne kasni 6 minuta?
Btw. imas li ntpd instaliran? I KOJI linux je u pitanju? [ Elza @ 30.09.2009. 11:14 ] @
Da, upravo 6 minuta. I sve je u redu sa referentnim staom kojeg gledam, jer taj isti sat gledaju drugi serveri gdje je ok vrijeme.
Inače je ovaj Linux Red Hat Enterprise Linux WS release 4 kako provjeriti jel ntpd instaliran? U dignutim procesima ga nema. U stvari čak sam ga digla iz skripte za pokretanje i onda pokrenula ntpdate i opet isto... 6 minuta [ Srđan Pavlović @ 30.09.2009. 13:21 ] @
Citat: E svasta, 6 minuta.. Meni se ovo desavalo na Archu :) - bas tako - za 6 min. Ne secam se u cemu je bio fazon, posle kad sam podesio rc.conf, nije se vise desavalo. [ Elza @ 30.09.2009. 13:24 ] @
Al problem je što ja nemam rc.conf, hm uopće ne znam gdje je problem.
Ne možeš se sjetit kako si torješio? Na ostalim identičnim strojevima sve radi, al na ovom 6 minuta razlike... [ Srđan Pavlović @ 30.09.2009. 13:35 ] @
Pa ne znam kako se to na RHEL-u konfigurise, kod mene rc.conf, relevantan deo izgleda ovako:
HARDWARECLOCK="localtime" USEDIRECTISA="no" TIMEZONE="Europe/Belgrade" Sad nemam pojma ni kako se to resilo kod mene, samo sam se setio da je bilo to pomeranje i kod mene :( [ Elza @ 30.09.2009. 14:24 ] @
Ok hvala na odgovoru, budem guglala po netu...
[ Srđan Pavlović @ 30.09.2009. 14:43 ] @
[ Elza @ 01.10.2009. 07:55 ] @
Hvala na pomoći, al nije pomoglo. Uradila baš sve po toj proceduri al ništa. Opet razlika 6 min.....
[ Jbyn4e @ 01.10.2009. 10:40 ] @
Daj nam izlaz komande:
# ntpq -p I da, btw, imas li log file? Linija u /etc/ntp.conf, nesto kao: Code: logfile /var/log/ntp i sta pise u njemu ako ga imas? [ Elza @ 01.10.2009. 12:06 ] @
Izlaz iz ove komande
cron.daily]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== meg.magnet.ie .INIT. 16 u - 64 0 0.000 0.000 4000.00 85.125.223.113 .INIT. 16 u - 64 0 0.000 0.000 4000.00 chris.magnet.ie .INIT. 16 u - 64 0 0.000 0.000 4000.00 LOCAL(0) LOCAL(0) 10 l - 64 0 0.000 0.000 4000.00 Nemam zapisa u /etc/ntp.conf o log fajlu.. Ali imam u messages Oct 1 13:09:05 ntpd: ntpd pokretanje succeeded Oct 1 13:09:05 ntpd[4433]: precision = 1.000 usec Oct 1 13:09:05 ntpd[4433]: Listening on interface wildcard, 0.0.0.0#123 Oct 1 13:09:05 ntpd[4433]: Listening on interface wildcard, ::#123 Oct 1 13:09:05 ntpd[4433]: Listening on interface lo, 127.0.0.1#123 Oct 1 13:09:05 ntpd[4433]: Listening on interface eth0, IP adresa stroja#123 Oct 1 13:09:05 ntpd[4433]: kernel time sync status 0040 Oct 1 13:09:05 ntpd[4433]: frequency initialized 0.000 PPM from /var/lib/ntp/drift [ Jbyn4e @ 01.10.2009. 14:16 ] @
Po
http://www.linuxhomenetworking..._HOWTO_:_Ch24_:_The_NTP_Server tvoj "stroj" se ne sinhronizuje kako treba, iz nekog razloga (recimo nema pristup uopste internetu) Citat: Citat: Your Linux NTP clients cannot Synchronize Properly A telltale sign that you haven't got proper synchronization is when all the remote servers have jitter, delay and reach values of 0. In some older versions of Fedora, the jitter values will be 4000. remote refid st t when poll reach delay offset jitter ============================================================================= LOCAL(0) LOCAL(0) 10 l - 64 7 0.000 0.000 0.008 ntp-cup.externa 0.0.0.0 16 u - 64 0 0.000 0.000 0.000 snvl-smtp1.trim 0.0.0.0 16 u - 64 0 0.000 0.000 0.000 nist1.aol-ca.tr 0.0.0.0 16 u - 64 0 0.000 0.000 0.000 This could be caused by the following: * Older versions of the NTP package that don't work correctly if you use the DNS name for the NTP servers. In these cases you will want to use the actual IP addresses instead. * A firewall blocking access to your Stratum 1 and 2 NTP servers. This could be located on one of the networks between the NTP server and its time source, or firewall software such as iptables could be running on the server itself. * The notrust nomodify notrap keywords are present in the restrict statement for the NTP client. In some versions of the Fedora Core 2's implementation of NTP, clients will not be able to synchronize with a Fedora Core 2 time server unless the notrust nomodify notrap keywords are removed from the NTP client's restrict statement. (obrati paznju na crveno!!!) Dakle, ti uopste ne uspes da pristupis serverima za sinhronizaciju... moras da ustanovis zasto je to tako. Btw. da li ti je ntpd startovan? Uradi: # date # service ntpd stop # ntpdate -u pool.ntp.org # service ntpd start # date pa vidi da li se nesto promenilo. [ Elza @ 01.10.2009. 15:02 ] @
E sad ne znam dosta je stara verzija ntp-a na ovom računalu, i system-config-date paketa.
Probat ću instalirati na novu verziju sve pa da vidim onda. [ Elza @ 28.10.2009. 12:55 ] @
Što je najgore, sad je razlika u vremenu 13min, i stalno se povečava,
a instalirala sam novije verije ntp-a , i system-config-date paketa kao npr. na ostalim strojevima gdje radi točno vrijeme. ??? [ Jbyn4e @ 28.10.2009. 14:29 ] @
Ajmo opet, Elizabeta:
procitaj Pravilnik, clanovi 3 i 8. i postupi po tome. Narocito kad si vec update-ovala pakete, daj nam OPET izlaz gornjih komandi, samo sa novim paketima. I jos nesto, daj izlaz ovoga: # hwclock --show; date [ Elza @ 30.10.2009. 08:16 ] @
Evo izlaza komandi s najnovijim paketima:
[root@ ~]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== mirror.be.gbxs. .INIT. 16 u - 64 0 0.000 0.000 4000.00 213-133-98-226. .INIT. 16 u - 64 0 0.000 0.000 4000.00 bock133.dotsour .INIT. 16 u - 64 0 0.000 0.000 4000.00 LOCAL(0) LOCAL(0) 10 l 55 64 1 0.000 0.000 0.001 [root@ ~]# hwclock --show Pet 30 Lis 2009 10:28:40 -0.032818 seconds [root@Nadzor ~]# date Pet Lis 30 09:29:07 CET 2009 A sad je trenutno 9:16 sati po stvarnom vremenu [ Jbyn4e @ 30.10.2009. 10:33 ] @
A ima li ti taj racunar vezu sa internetom uopste? Opet imas isti jitter.
I jos nesto, citaj malo sta ti se pise. Nisam trazio: Code: # hwclock --show # date vec # hwclock --show; date Primer: Citat: # hwclock --show; date Fri Oct 30 11:32:46 2009 -0.410160 seconds Fri Oct 30 11:32:46 CET 2009 [ Elza @ 30.10.2009. 10:37 ] @
[root@Nadzor var]# hwclock --show; date Pet 30 Lis 2009 12:50:17 -0.681019 seconds Pet Lis 30 11:50:17 CET 2009 A sad je stvarno vrijeme 11:37 Računalo ima vezu s netom, jer mogu ići sa elinks po netu. [ Jbyn4e @ 30.10.2009. 21:43 ] @
To sto mozes ici po netu elinks-om (ma sta to bilo), ne znaci da imas vezu sa ntp serverima (udp port 123). Hajde da probamo nekoliko pristupa:
1) Da li postoji neki firewall koji mozda blokira pristup? 2) probaj dasa strojeva koji rade iskopiras /etc/ntp.conf pa da pokrenes ntpdate 3) daj nam izlaz komande date; ntpdate st.ntp.carnet.hr;date da vidimo menja li se ista i sta tacno ispisuje. Prikaci nam ceo /etc/ntp.conf, ceo /etc/sysconfig/clock i ako ima nesto u /var/log/messages sto ima veze sa ntp kopiraj ovamo. [ Elza @ 05.11.2009. 07:29 ] @
[root@Nadzor cron.daily]# date; ntpdate st.ntp.carnet.hr;date
Čet Stu 5 08:41:38 CET 2009 Čet Stu 5 08:41:38 CET 2009 more /etc/ntp.conf # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify notrap noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 # -- CLIENT NETWORK ------- # Permit systems on this network to synchronize with this # time service. Do not permit those systems to modify the # configuration of this service. Also, do not use those # systems as peers for synchronization. # restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # --- OUR TIMESERVERS ----- # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). server 0.rhel.pool.ntp.org server 1.rhel.pool.ntp.org server 2.rhel.pool.ntp.org # --- NTP MULTICASTCLIENT --- #multicastclient # listen on default 224.0.1.1 # restrict 224.0.1.1 mask 255.255.255.255 nomodify notrap # restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # --- GENERAL CONFIGURATION --- # # Undisciplined Local Clock. This is a fake driver intended for backup # and when no outside source of synchronized time is available. The # default stratum is usually 3, but in this case we elect to use stratum # 0. Since the server line does not have the prefer keyword, this driver # is never used for synchronization, unless no other other # synchronization source is available. In case the local host is # controlled by some external source, such as an external oscillator or # another protocol, the prefer keyword would cause the local host to # disregard all other synchronization sources, unless the kernel # modifications are in use and declare an unsynchronized condition. # server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 # # Drift file. Put this in a directory which the daemon can write to. # No symbolic links allowed, either, since the daemon updates the file # by creating a temporary in the same directory and then rename()'ing # it to the file. # driftfile /var/lib/ntp/drift broadcastdelay 0.008 # # Keys file. If you want to diddle your server at run time, make a # keys file (mode 600 for sure) and define the key number to be # used for making requests. # # PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote # systems might be able to reset your clock at will. Note also that # ntpd is started with a -A flag, disabling authentication, that # will have to be removed as well. # keys /etc/ntp/keys more /etc/sysconfig/clock ZONE="Europe/Zagreb" UTC=false ARC=false U /var/log/message za ntp imam Oct 30 09:26:59 Nadzor ntpd[11779]: ntpd [email protected] Wed Apr 23 07:36:42 EDT 2008 (1) Oct 30 09:26:59 Nadzor kernel: audit(1256891219.051:0): avc: denied { sys_resource } for pid=11779 exe=/usr/sbin/ntpd capability=24 scontext=root:system_r:ntpd_t tcontext=root:system_r:ntpd_t tclass=capability Oct 30 09:26:59 Nadzor ntpd[11779]: Cannot set RLIMIT_MEMLOCK: Operation not permitted Oct 30 09:26:59 Nadzor ntpd: ntpd pokretanje succeeded Oct 30 09:27:00 Nadzor ntpd[11779]: precision = 1.000 usec Oct 30 09:27:00 Nadzor ntpd[11779]: Listening on interface wildcard, 0.0.0.0#123 Oct 30 09:27:00 Nadzor ntpd[11779]: Listening on interface wildcard, ::#123 Oct 30 09:27:00 Nadzor ntpd[11779]: Listening on interface lo, 127.0.0.1#123 Oct 30 09:27:00 Nadzor ntpd[11779]: Listening on interface eth0, 85.94.144.125#123 Oct 30 09:27:00 Nadzor ntpd[11779]: kernel time sync status 0040 Oct 30 09:27:00 Nadzor ntpd[11779]: frequency initialized 0.000 PPM from /var/lib/ntp/drift Oct 30 09:30:18 Nadzor ntpd[11779]: synchronized to LOCAL(0), stratum 10 Oct 30 09:30:18 Nadzor ntpd[11779]: kernel time sync disabled 0041 Oct 30 09:31:24 Nadzor ntpd[11779]: kernel time sync enabled 0001 [ Jbyn4e @ 05.11.2009. 10:05 ] @
Greske koje se javljaju su posledica SELINUX-a koji ti je ukljucen (barem tako kazu na netu) i trebalo bi malo da potrazis na tu temu.
Neki su koliko vidim pokusali: # restorecon -R -v /etc i nakon reboot-a im je radilo kako treba. Pokusaj, nista ne kosta ;) Ili drugi nacin testiranja, iskljuci SELINUX (ma gde se tona rhel-u iskljucivalo) pa probaj da li onda radi. Napomena: ntpdate ne bi trebalo da moze da se koristi dok radi ntpd. U svakom slucaju, ne znam dovoljno o selinux-u, da bih ti pomogao dalje, samo cu ti dati jedan od linkova koji sam pronasao: http://www.centos.org/modules/...hp?topic_id=10410&forum=41 [ Elza @ 05.11.2009. 12:53 ] @
Sve to uradila, pokrenula
restorecon -R -v /etc i restartala stroj, isključila selinux, sad kaže kad pokrenem sestatus da je disabled. Ali kad pokrenem /usr/sbin/ntpdate zg1.ntp.carnet.hr ntpdate[3683]: no server suitable for synchronization found a izlaz komande [root@Nadzor cron.daily]# date; ntpdate st.ntp.carnet.hr;date Čet Stu 5 14:07:46 CET 2009 5 Nov 14:07:51 ntpdate[4922]: no server suitable for synchronization found Čet Stu 5 14:07:51 CET 2009 opet isto.. sad mi neće da radi dakle ntpdate (oboren je ntpd) moram tražit za ovu grešku no server suitable for synchronization found [ Elza @ 09.11.2009. 14:28 ] @
Hm.. znači sad npr. ne prolazi ni ping
ping st.ntp.carnet.hr Znači li to da je problem u firewall-u s ovim serverom. Inače mogu otvarati stranice na internetu... [ Elza @ 16.11.2009. 19:55 ] @
Samo da javim, problem riješen, i to tako da je otklonjen problem s firewallom...
Hvala svima na odgovorima! [ Jbyn4e @ 16.11.2009. 23:02 ] @
Pa lepo ja rekoh jos 01.10 u
http://www.elitesecurity.org/p2401968 da nemas pristup serverima za sinhronizaciju... ali nece Elizabeta da me slusa... I kasnije sam pitao i za firewall-ove... Eh... nije trebalo ni mesec i po da ustanovimo to isto. Copyright (C) 2001-2024 by www.elitesecurity.org. All rights reserved.
|