On 11/25/2014 06:25 PM, Lennart Poettering wrote:
On Tue, 25.11.14 18:04, Florian Weimer (fweimer@xxxxxxxxxx) wrote:
On 11/25/2014 05:15 PM, Lennart Poettering wrote:
Really? if you want a UI that controls whether NTP server software is
running, why not call into the EnableUnitFiles() APIs directly?
Both chronyd and ntpd are often used as clients. Miroslav wasn't talking
about server usage scenarios, but replacing systemd's NTP client with either
ntpd or chronyd. But if you do that, GNOME currently does not report
correctly if the system uses NTP time, which is the bug Miroslav is trying
to solve.
Well, GNOME really shouldn't show an NTP check box in the first
place. Instead it NTP should be always on, but GNOME should provide a
way to manually set the time if no NTP synchronization could be
acquired. More specifically, the NTPSynchronized property of timedated
reflects the kernel's UNSYNC flag, and if that boolean is false, then
GNOME should provide a fallback UI for setting the clock manually, but
only then.
Some networks have bad NTP service in the sense that they hand out
incorrect time (not just off by a few seconds, but days or months,
enough to skew certificate validity). Your proposed solution would make
GNOME unusable on such networks. Other bad things might happen there,
but just pretending that everything this phenomenon does not exist and
that we know better than the user what the correct system time should be
in all cases seems very unhelpful.
Now if Fedora offered a high-availability cryptographic time service (we
actually do, sort of), things might be different—but not much, because
then we'd be having a discussion about phoning home instead.
--
Florian Weimer / Red Hat Product Security
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
