Ntpd Centos7 mouseCLOCK USB II

Aus Gude Systems GmbH
Zur Navigation springen Zur Suche springen

This HOWTO was generated by a user trying to use the generic ntpd Howto when using [Centos7]


install NTP

sudo apt-get install ntp

or 

sudo yum install ntp


generate persistent symlink

If your system is using udevd, it is recommended to configure udevd to create the right symlink once a device appears. Try to insert one the following rules to /etc/udev/rules.d/ : 

KERNEL=="ttyUSB*", ATTRS{idProduct}=="e88a", SYMLINK+="refclock-%m"

integrate in NTP

To tell ntpd which hardware is connected to which serial interface, add the following to /etc/ntp.conf and uncomment (remove preceeding #-sign). 

#################################
# local clock as fallback
server 127.127.1.0 
fudge 127.127.1.0 stratum 10

#################################
# Expert mouseCLOCK USB II
server 127.127.8.0 mode 19

# logging
logfile /var/log/ntp
logconfig =all
  • Note: Lines beginning with # are remarks, so un-remark the # server line to match your hardware.
  • Extra info : Server 127.127.8.0 mode 14 means :
    • 127.127 : use hardware parse driver
    • .8 : use parse driver 8
    • .0 : use reflock-0 to poll this device
    • mode 14 : use driver 8's clock type 14

Now reboot your machine, wait for at least 3 minutes and check /var/log/ntp for errors. If the last line says SYNCHRONIZED, your device is up and running.

common errors

INCOMPLETE DATA

Make sure you waited at least 3 minutes and your device is well aligned to receive it's signal.

no such file

When systemd is used, it is likely that ntpd is started before symlink is created. In this case, simply restart ntpd after symlink is created. Open crontab 

sudo crontab -e

add 

@reboot sleep 60; systemctl restart ntpd

and save changes.

permission denied

If your system is running AppArmor or SELinux, it is likely that ntpd is not allowed to access your clock.

AppArmor

known NTP issues with AppArmor

You can use Yast2.

  • Open Yast2 -> Novell AppArmor -> Edit Profile
  • Select profile /usr/sbin/ntpd
  • Add entry: /dev/ttyS0 (or /dev/ttyUSB0 depending on your device)
  • Mark allow for: Read, Write, Link

This generates a new entry in the AppArmor profile file.

SELinux

known NTP issues with SELinux

By default SELinux runs in "enforced" mode which inhibits access to resources which have not explicitely been configured. In order to find out which kind of access shall be granted to a process SELinux can be temporarily switched to "permissive" mode which does not inhibit access but logs all accesses which would be inhibited in "enforced" mode: 

setenforce Permissive

Now start or restart the NTP daemon so it tries to access the required resources: 

service ntpd restart

Wait some time until the NTP daemon has opened all devices, created all log files, etc. The relevant log messages can then be found at the end of the SELinux logfile, and can be extracted using grep: 

grep ntpd /var/log/audit/audit.log > ntpd-audit.log

Finally set SELinux back to enforcing mode: 

setenforce Enforcing

The relevant log entries are now in our file ntpd-audit.log, and you may edit this file to see whether there are old/duplicate entries which can be removed.

The following three commands are required to parse the log entries and create a .pp file which can be supplied to SELinux. In the example below we assume the basename of the generated files is ntpd, so the final target file is ntpd.pp: 

audit2allow -m ntpd <ntpd-audit.log >ntpd.te
checkmodule -M -m -o ntpd.mod ntpd.te
semodule_package -o ntpd.pp -m ntpd.mod

If all the commands above have been finished without error the new profile can be installed and loaded: 

semodule -i ntpd.pp

After this has been done once ntpd should run fine.

Abgerufen von „https://wiki.gude-systems.com/index.php?title=Ntpd_Centos7_mouseCLOCK_USB_II&oldid=426