之前安装过NTP相关的RPM软件包，正在使用中，由于版本低，有漏洞

现在要升级到最新版本,可以直接停服务，再下载相关NTP4.2.8p13.tar.gz源码包，执行下面命令安装，最后启动服务。

[root@webserver opt]#   service ntpd stop 

[root@webserver opt]#  yum install libcap-devel

[root@webserver opt]# tar zxvf ntp-4.2.8p13.tar.gz

[root@webserver opt]]  cd ntp-4.2.8p13

[root@webserver opt]#  ./configure CFLAGS="-O2 -g -fPIC"  --prefix=/usr --bindir=/usr/sbin --sysconfdir=/etc --enable-linuxcaps --with-lineeditlibs=readline --docdir=/usr/share/doc/ntp-4.2.8p13
[root@webserver opt]#  make

[root@webserver opt]#  make install && install -v -o ntp -g ntp -d /var/lib/ntp

[root@webserver opt]# /etc/init.d/ntpd start
正在启动 ntpd：                                            [确定]
[root@webserver opt]# 
[root@webserver opt]# 
[root@webserver opt]# ntpd -v
/usr/sbin/ntpd: illegal option -- v
ntpd - NTP daemon program - Ver. 4.2.8p13

最后确认ntp已经升级到最新版本了。

       ntp-4.2.8p13

Introduction to ntp

The ntp package contains a client and server to keep the time synchronized between various computers over a network. This package is the official reference implementation of the NTP protocol.

This package is known to build and work properly using an LFS-9.0 platform.

Package Information

• Download (HTTP): https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p13.tar.gz

• Download MD5 sum: ea040ab9b4ca656b5229b89d6b822f13

• Download size: 6.6 MB

• Estimated disk space required: 117 MB (with tests)

• Estimated build time: 0.8 SBU (with tests)

ntp Dependencies

Required

IO-Socket-SSL-2.066

Optional

libcap-2.27 with PAM, libevent-2.1.11, libedit, and libopts from AutoGen

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ntp

Installation of ntp

There should be a dedicated user and group to take control of the ntpd daemon after it is started. Issue the following commands as the root user:

groupadd -g 87 ntp && useradd -c "Network Time Protocol" -d /var/lib/ntp -u 87 \         -g ntp -s /bin/false ntp

The update-leap command needs to be fixed in order to run properly:

sed -e 's/"(\\S+)"/"?([^\\s"]+)"?/' \     -i scripts/update-leap/update-leap.in

Install ntp by running the following commands:

./configure CFLAGS="-O2 -g -fPIC" \             --prefix=/usr         \             --bindir=/usr/sbin    \             --sysconfdir=/etc     \             --enable-linuxcaps    \             --with-lineeditlibs=readline \             --docdir=/usr/share/doc/ntp-4.2.8p13 && make

To test the results, issue: make check.

Now, as the root user:

make install && install -v -o ntp -g ntp -d /var/lib/ntp

Command Explanations

CFLAGS="-O2 -g -fPIC": This environment variable is necessary to generate Position Independent Code needed for use in the package libraries.

--bindir=/usr/sbin: This parameter places the administrative programs in /usr/sbin.

--enable-linuxcaps: ntpd is run as user ntp, so use Linux capabilities for non-root clock control.

--with-lineeditlibs=readline: This switch enables Readline support for ntpdc and ntpq programs. If omitted, libedit will be used if installed, otherwise no readline capabilites will be compiled.

Configuring ntp

Config Files

/etc/ntp.conf

Configuration Information

The following configuration file first defines various ntp servers with open access from different continents. Second, it creates a drift file where ntpd stores the frequency offset and a pid file to store the ntpdprocess ID. Third, it defines the location for the leap-second definition file /etc/ntp.leapseconds, that the update-leap script checks and updates, when necessary. This script can be run as a cron job and the ntp developers recommend a frequency of about three weeks for the updates. Since the documentation included with the package is sparse, visit the ntp website at http://www.ntp.org/ and http://www.pool.ntp.org/ for more information.

cat > /etc/ntp.conf << "EOF" # Asia server 0.asia.pool.ntp.org # Australia server 0.oceania.pool.ntp.org # Europe server 0.europe.pool.ntp.org # North America server 0.north-america.pool.ntp.org # South America server 2.south-america.pool.ntp.org driftfile /var/lib/ntp/ntp.drift pidfile   /var/run/ntpd.pid leapfile  /etc/ntp.leapseconds EOF

You may wish to add a “Security session”. For explanations, see https://www.eecis.udel.edu/~mills/ntp/html/accopt.html#restrict.

cat >> /etc/ntp.conf << "EOF" # Security session restrict    default limited kod nomodify notrap nopeer noquery restrict -6 default limited kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict ::1 EOF

Synchronizing the Time

There are two options. Option one is to run ntpd continuously and allow it to synchronize the time in a gradual manner. The other option is to run ntpd periodically (using cron) and update the time each timentpd is scheduled.

If you choose Option one, then install the /etc/rc.d/init.d/ntp init script included in the blfs-bootscripts-20190908 package.

make install-ntpd

If you prefer to run ntpd periodically, add the following command to root's crontab:

ntpd -q

Execute the following command if you would like to set the hardware clock to the current system time at shutdown and reboot:

ln -v -sf ../init.d/setclock /etc/rc.d/rc0.d/K46setclock && ln -v -sf ../init.d/setclock /etc/rc.d/rc6.d/K46setclock

The other way around is already set up by LFS.

Contents

Installed Programs: calc_tickadj, ntp-keygen, ntp-wait, ntpd, ntpdate, ntpdc, ntpq, ntptime, ntptrace, sntp, tickadj and update-leapInstalled Libraries: NoneInstalled Directories: /usr/share/ntp, /usr/share/doc/ntp-4.2.8 and /var/lib/ntp

Short Descriptions