9/4/2023 0 Comments Code blocks xterm uxterm![]() We use the ‘iburst’ configuration option, for a similar reason, to update the clock really soon after boot, useful for ARM devices that don’t have a battery-backed RTC.Last time I looked, timesyncd had code to monitor network connectivity and behave accordingly, but it made the assumption that everyone uses systemd-networkd for network management. Whenever a network connection is established, we restart ntpd this is to get an accurate system time as quickly as possible when an intermittently-connected machine gets back online.Should we consider Chrony instead, which seems to be the RH/Fedora preference?.Security - does timesyncd only implement SNTP (simplified NTP?) which is a less secure version of the NTP protocol that may be prone to MITM attacks? An attacker could setup a malicious NTP server and fiddle with a target’s clock, which would then expose the target to other attacks (preventing the download of security updates, for example)?.Here’s what I found, would definitely appreciate any research you are interested in doing! Did some digging around the issues and discussions we’ve had in the past. ![]() Yeah it would be nice to advance there too. So yes it seems like the right decision to ignore that label and decide for ourselves (via our standard metapackage) what we view as important & expected. If the expectation is that an experienced Unix person who found it missing would say “What on earth is going on, where is foo ?”, it must be an important package. Important programs, including those which one would expect to find on any Unix-like system. The packages now dropped are: cron, ifupdown, init, isc-dhcp-client, isc-dhcp-common, libdns-export1110, libestr0, libfastjson4, libisc-export1105, liblognorm5, logrotate, rsyslog, tasksel, tasksel-dataĭan also pointed out that does not actually describe the Priority field, it describes something different. We have pushed this change to use mmdebstrap -variant=required. $ grep-aptavail -n -s Package -F Priority important ![]() $ grep-aptavail -n -s Package -F Priority required Like, can you boot without udev and systemd? Sure, but that’s definitely not the experience we’re going for in Endless.īTW, here’s how you can get the same info straight from the apt lists using dctrl-tools: $ grep-aptavail -n -s Package -F Essential yes They’re a bit more like Recommends in the sense that they’re things you’d probably expect to be installed. You definitely don’t need the important packages to boot. Just like when we dropped Recommends and you put together a system to make sure we acknowledged what was in there. It really just needs someone to analyze what’s there, determine what we want, and ensure it’s in our own metapackage. However, we did discuss this around roughly 2017. Installing Priority: Important goes back to the beginning of Endless likely because that’s the default that debootstrap does. Indeed! Thanks for the lists! I hadn’t looked at this in a while.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |