Bug 19115

Summary: fallback NTP server list for systemd-timesyncd must be configured at build time
Product: Mageia Reporter: Hartmut Goebel <h.goebel>
Component: RPM PackagesAssignee: Colin Guthrie <mageia>
Status: NEW --- QA Contact:
Severity: normal    
Priority: Normal CC: doktor5000, marja11, ouaurelien
Version: Cauldron   
Target Milestone: Mageia 9   
Hardware: All   
OS: Linux   
URL: https://github.com/systemd/systemd/issues/437
See Also: https://bugs.mageia.org/show_bug.cgi?id=19113
Whiteboard:
Source RPM: systemd CVE:
Status comment:

Description Hartmut Goebel 2016-08-01 12:41:58 CEST 
systemd-timesyncd contains a compiled-in list of fall-back NTP servers. These should be set to some sensible defaults. `./configure` without setting time-servers pass issues the warning:

  *** Using Google NTP servers.
      Do not ship OSes or devices with these default settings.
      See DISTRO_PORTING for details!

I checked <http://svnweb.mageia.org/packages/cauldron/systemd/releases/230/3.mga6/SPECS/systemd.spec?revision=1037339&view=markup> and did not find NTP servers to be configured there.

Proposed solution
====================

Mageia should register a "vendor" zone at ntp.org. (e.g 0.mageia.pool.ntp.org) CoreOS seams to have done this, <see https://github.com/systemd/systemd/issues/437#issuecomment-117430662>

From <http://www.pool.ntp.org/en/vendors.html#open-source>:

    Open Source projects are of course particularly welcome to use the pool
    in their default setup, but we ask that you get a vendor zone when
    using the pool as a default configuration.

Applying for a vendor zone seams to be *very* simple, see <http://www.pool.ntp.org/en/vendors.html#vendor-zone>

(Side-note: We could use this pool as default then in all NTP configurations, too)

Rational
==============

Related discussion about which NTP servers to use as default:
<https://github.com/systemd/systemd/issues/437>.

The discussion main points are:
- google does not permit using it's time server
- google time servers are not quite reliable anyway
- systemd was changed to require(?) some default time-servers to be set when
  compiling
- Open source projects can register a "vendor" pool at ntp.org.


This bug is related to bug 19113, which is about drakxconfig not configuring (non-fall-back) NTP servers for systemd-timesyncd.
Hartmut Goebel 2016-08-01 12:43:16 CEST

Version: 5 => Cauldron
Keywords: (none) => Junior_job

Hartmut Goebel 2016-08-01 12:44:51 CEST

See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=19113

Marja Van Waes 2016-08-01 12:46:26 CEST

Assignee: bugsquad => mageia
CC: (none) => marja11

David Walser 2017-01-16 19:27:31 CET

Source RPM: (none) => systemd
Severity: major => normal

Florian Hubold 2017-08-08 21:54:21 CEST

Summary: FallbackNTP für systemd-timesyncd must be configured at build time => fallback NTP server list for systemd-timesyncd must be configured at build time
CC: (none) => doktor5000
Keywords: Junior_job => (none)

Comment 1 Aurelien Oudelet 2021-02-07 00:24:49 CET 
This is still the case. /etc/systemd/timesyncd.conf has Google Time server as Fallback NTP server.

Note that systemd-timesyncd is not enabled by default...

Target Milestone: --- => Mageia 9
CC: (none) => ouaurelien