Re: Retiring ntp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Nov 2, 2020 at 9:33 AM Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
>
> I think we should consider retiring the ntp package. The upstream
> project is not in a good shape and it doesn't seem to be improving.
> Contributors left long time ago. The development is slow and happens
> behind closed doors. They still use bitkeeper.
>
> The main problem is that they don't fix all known security issues. In
> the CVE list I see about 10 issues that were not fixed at all or only
> partially, some exploitable in default configuration. This was one of
> the reasons why we dropped it from RHEL.
>
> I'm not sure how many users of ntp are there. As a replacement, we
> could package ntpsec. It is an actively maintained fork of ntp which
> has removed a lot of code and fixed or avoided most of the issues in
> ntp. What I don't like much about it is that they kept the mode-6
> protocol of NTP, which allows traffic amplification and is still
> causing problems on Internet, but I think the code and the project are
> definitely in a better shape than ntp. I can help with the packaging
> or review, and as a comaintainer if there is a volunteer for the
> role of the primary maintainer.
>
> In Fedora, there seems to be only one package that has a dependency on
> ntp: nagios-plugins-ntp-perl. It's a monitoring plugin using the
> problematic mode-6 protocol. It should work with ntpsec.
>
> Thoughts?
>

That sounds fine to me. The only thing I really get concerned about is
whether we have the "ntpdate" tool, which comes from the ntp package.
As far as I know, ntpsec also includes it, so we should be fine.




--
真実はいつも一つ!/ Always, there's only one truth!
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux