ntpd and S4 mystery

Matthieu Patou mat at samba.org
Thu Apr 7 03:04:13 MDT 2011


Hi Mark,

I used to have the same haircut as Stallman before dealing with (s)ntp 
and now I look more like bruce willis.

The things I did to debug it is strace ntp while forcing the client to 
resync to see if it's really talking to the ntp_signd socket:
grep sign /tmp/l
connect(6, {sa_family=AF_FILE, 
path="/usr/local/samba/var/run/ntp_signd/socket"...}, 110) = 0


Please be aware that windows won't accept the answer from the time 
server even if it has the signature if the server says that it's not 
completely synchronized with a upper time server.

For the record the following configuration is working for me:


My ntp.conf is

ntpsigndsocket /usr/local/samba/var/run/ntp_signd
  +
restrict default mssntp

On 07/04/2011 09:09, Mark Rutherford wrote:
> I grabbed this earlier.. I don't know if it is what your after but if 
> not let me know what it is you need.
> (sorry about the formatting)
>
> select(26, [16 17 18 19 20 21 22 23 24 25], NULL, NULL, {0, 0}) = 1 
> (in [20], left {0, 0})
> recvmsg(20, {msg_name(16)={sa_family=AF_INET, sin_port=htons(123), 
> sin_addr=inet_addr("10.1.1.51")}, 
> msg_iov(1)=[{"\333\0\21\372\0\0\0\0\0\1\3\376\0\0\0\0\321F\r\5V\273\1\311\0\0\0\0\0\0\0\0\0"..., 
> 1000}], msg_controllen=32, {cmsg_len=32, cmsg_level=SOL_SOCKET, 
> cmsg_type=0x1d /* SCM_??? */, ...}, msg_flags=0}, 0) = 48
> recvmsg(20, 0x7fff02af4ec0, 0)          = -1 EAGAIN (Resource 
> temporarily unavailable)
> clock_gettime(CLOCK_REALTIME, {1302103886, 371661025}) = 0
> sendto(20, 
> "\334\3\21\363\0\0!L\0\0\262\300EA(\35\321G\5\311}>Lc\321G\5\316\352/\2763\321"..., 
> 48, 0, {sa_family=AF_INET, sin_port=htons(123), 
> sin_addr=inet_addr("10.1.1.51")}, 16) = 48
>

>
> On 4/6/2011 11:54 PM, Andrew Bartlett wrote:
>> On Wed, 2011-04-06 at 14:06 -0400, Mark Rutherford wrote:
>>> I am rehashing this problem of never getting s4 and ntpd working.
>>>
>>> I have the following in ntp.conf:
>>> ntpsigndsocket /usr/local/samba/var/run/ntp_signd/
>>> restrict default mssntp
>>>
>>> ntpd is compiled with --enable-ntp-signd
>>> How can I tell if this is a client misconfiguration or a server
>>> misconfiguration?
>>> Can anyone provide some guidance on troubleshooting and debugging this?
>>> Fresh installs in a VM doing nothing more than joining the domain also
>>> behave this way.
>>> I am fresh out of ideas and things to try.
>> My best guess is that the problem is with ntpd, and that somehow it
>> isn't compiled correctly.
>>
>> It is almost certain that the Windows client is sending the correct NTP
>> packet, but to be sure I'll need to see a trace.
>>
>> Andrew Bartlett
>>
>


-- 
Matthieu Patou
Samba Team        http://samba.org
Private repo      http://git.samba.org/?p=mat/samba.git;a=summary




More information about the samba-technical mailing list