ntpd sync fails on boot
Craig White
craigwhite at azapple.com
Fri Jan 9 23:38:23 UTC 2009
On Fri, 2009-01-09 at 23:04 +0000, Mike -- EMAIL IGNORED wrote:
> On Fri, 09 Jan 2009 15:21:42 -0500, Todd Denniston wrote:
>
> [...]
> > any ntpd messages in /var/log/messages during boot? If ntpd detects what
> > the problem is, it often gives a clue there.
> >
> > do you see any messages on boot where network is being delayed?
> >
> > Is it only the ntpdate failing or is ntpd also not finding hosts on
> > boot? if only ntpdate, then I would suspect the /etc/ntp/ntpservers or
> > /etc/ntp/step-tickers to have a bad name. if it is both ntpdate and ntpd
> > failing, then I would suspect some problem with DNS, but that usually
> > leaves traces in /var/log/messages.
> >
> > --
> > Todd Denniston
> > Crane Division, Naval Surface Warfare Center (NSWC Crane) Harnessing the
> > Power of Technology for the Warfighter
>
> Here are some excerpts from /var/log/messages:
>
> This is a failure on boot:
>
> Jan 9 17:30:24 mbrc32 automount[2112]: lookup_read_master: lookup
> (nisplus): couldn't locat nis+ table auto.master
> Jan 9 17:30:25 mbrc32 nscd: 2137 Access Vector Cache (AVC) started
> Jan 9 17:30:25 mbrc32 hpiod: 1.7.4a accepting connections at 2208...
> Jan 9 17:30:26 mbrc32 ntpdate[2223]: sendto(mbrc21): Operation not
> permitted
> Jan 9 17:30:27 mbrc32 setroubleshoot: SELinux is preventing the /
> usr/sbin/nscd from using potentially mislabeled files (/etc/hosts).
> For complete SELinux messages. r
> un sealert -l d4747998-8ff4-4f42-8688-abbbb3671216
> Jan 9 17:30:27 mbrc32 ntpdate[2223]: sendto(mbrc21): Operation not
> permitted
> Jan 9 17:30:29 mbrc32 last message repeated 2 times
> Jan 9 17:30:30 mbrc32 ntpdate[2223]: no server suitable for
> synchronization found
> Jan 9 17:30:30 mbrc32 ntpd[2228]: ntpd 4.2.4p2 at 1.1495-o Thu Jun 21
> 10:53:04 UTC 2007 (1)
>
>
>
> Ihis is a successful command line restart of ntp:
>
> Jan 9 17:31:34 mbrc32 setroubleshoot: SELinux is preventing /usr/
> sbin/openvpn (openvpn_t) "write" to /etc/openvpn/openvpn-status.log
> (openvpn_etc_t). For complete SELinux messages. run sealert -l
> c3e4092f-9526-45a2-9eaf-effe3284ee2c
> Jan 9 17:31:42 mbrc32 setroubleshoot: SELinux is preventing the /
> usr/sbin/nscd from using potentially mislabeled files (/etc/hosts).
> For complete SELinux messages. run sealert -l d4747998-8ff4-4f42-8688-
> abbbb3671216
> Jan 9 17:32:47 mbrc32 ntpd[2229]: ntpd exiting on signal 15
> Jan 9 17:32:47 mbrc32 ntpdate[3264]: step time server 192.168.9.21
> offset 0.110985 sec
> Jan 9 17:32:47 mbrc32 ntpd[3266]: ntpd 4.2.4p2 at 1.1495-o Thu Jun 21
> 10:53:04 UTC 2007 (1)
> Jan 9 17:32:47 mbrc32 ntpd[3267]: precision = 1.000 usec
> Jan 9 17:32:47 mbrc32 ntpd[3267]: Listening on interface #0 wildcard,
> 0.0.0.0#123 Disabled
>
> Could selinux be interfering even though
> /etc/selinux/config (comments removed):
> SELINUX=permissive
> SELINUXTYPE=targeted
> SETLOCALDEFS=0
>
> When I first looked at messages per your suggestion, it looked
> like openvpn might be related to the problem. I therefore
> changed /etc/init.d/openvpn so openvpn would start after ntpd.
> No difference.
----
1 - you're using mbrc32 in /etc/ntp/step-tickers but 192.168.9.21
in /etc/ntp.conf
2 - You really need to relabel your disk for selinux...
as root...
# fixfiles onboot
# shutdown now -r
Go to lunch...rebooting/relabeling could take a while
Craig
More information about the fedora-list
mailing list