Debian Bug report logs - #1028149
bookworm: ntp has been replaced by ntpsec

Display info messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Bernhard Schmidt <berni@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: bookworm: ntp has been replaced by ntpsec

Date: Sat, 07 Jan 2023 20:53:22 +0100

Package: release-notes
Severity: minor

src:ntp (the ntp suite from ntp.org, including ntpd, ntpdate and sntp) has
been dropped from bookworm and superseded by src:ntpsec, the much improved fork
from ntpsec.org . Transitional packages are in place and for 99% of the users
this should have no impact, but it should be mentioned in the release notes.

Message #10 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Richard Lewis <richard.lewis.debian@googlemail.com>

To: 1028149@bugs.debian.org

Subject: Re: bookworm: ntp has been replaced by ntpsec

Date: Thu, 23 Mar 2023 12:12:04 +0000

On Sat, 07 Jan 2023 20:53:22 +0100 Bernhard Schmidt <berni@debian.org> wrote:

> src:ntp (the ntp suite from ntp.org, including ntpd, ntpdate and sntp) has
> been dropped from bookworm and superseded by src:ntpsec, the much improved fork
> from ntpsec.org . Transitional packages are in place and for 99% of the users
> this should have no impact, but it should be mentioned in the release notes.

Presumably the release notes should also say that most people should
consider systemd-timesyncd as this is priority:standard (since at
least buster, but i dont remember seeing this in release notes then)?
- i assume the idea is that if you dont have any special needs beyond
"set the clock" should use systemd-timesyncd, And people who need
extra features (like running their own ntp server) should install
ntpsec / chrony / opennntpd ?

Message #15 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Miroslav Lichvar <mlichvar0@gmail.com>

To: 1028149@bugs.debian.org

Subject: Re: bookworm: ntp has been replaced by ntpsec

Date: Mon, 27 Mar 2023 11:15:20 +0200

On Thu, 23 Mar 2023 12:12:04 +0000 Richard Lewis <richard.lewis.debian@googlemail.com> wrote:
> Presumably the release notes should also say that most people should
> consider systemd-timesyncd as this is priority:standard (since at
> least buster, but i dont remember seeing this in release notes then)?
> - i assume the idea is that if you dont have any special needs beyond
> "set the clock" should use systemd-timesyncd, And people who need
> extra features (like running their own ntp server) should install
> ntpsec / chrony / opennntpd ?

Recommending timesyncd as an NTP client to replace ntpd would not be a
good idea, especially if you consider the default configuration using
servers from pool.ntp.org.

The pool is very robust as a whole, but individual servers cannot be
relied on. They are run by volunteers. Some are well maintained, some
are not. Occasionally, servers drift away or step to a distant past or
future, e.g. due to GPS firmware bugs. The pool monitoring system
detects such servers and quickly removes them from the pool DNS, but
simple clients like timesyncd cannot recover from that. Once they got
the address from DNS, they will follow the server for as long as it
claims to be synchronized, no matter how wrong it is. A full-featured
NTP client is needed to detect and replace falsetickers. With
timesyncd the only option is to restart the service when you notice
the clock is wrong. I've seen many times users complaining about that
and getting this advice over the years.

timesyncd needs to be configured with a reliable server to work well.
Canonical maintains their own NTP servers and uses them by default in
Ubuntu. That makes senses. Debian uses pool.ntp.org, so it should
recommend a proper NTP client for a reliable service.

Message #20 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Antoine Beaupré <anarcat@debian.org>

To: Miroslav Lichvar <mlichvar0@gmail.com>, 1028149@bugs.debian.org, 1028149@bugs.debian.org

Subject: Re: Bug#1028149: bookworm: ntp has been replaced by ntpsec

Date: Tue, 28 Mar 2023 11:08:41 -0400

On 2023-03-27 11:15:20, Miroslav Lichvar wrote:
> On Thu, 23 Mar 2023 12:12:04 +0000 Richard Lewis <richard.lewis.debian@googlemail.com> wrote:
>> Presumably the release notes should also say that most people should
>> consider systemd-timesyncd as this is priority:standard (since at
>> least buster, but i dont remember seeing this in release notes then)?
>> - i assume the idea is that if you dont have any special needs beyond
>> "set the clock" should use systemd-timesyncd, And people who need
>> extra features (like running their own ntp server) should install
>> ntpsec / chrony / opennntpd ?
>
> Recommending timesyncd as an NTP client to replace ntpd would not be a
> good idea, especially if you consider the default configuration using
> servers from pool.ntp.org.
>
> The pool is very robust as a whole, but individual servers cannot be
> relied on. They are run by volunteers. Some are well maintained, some
> are not. Occasionally, servers drift away or step to a distant past or
> future, e.g. due to GPS firmware bugs. The pool monitoring system
> detects such servers and quickly removes them from the pool DNS, but
> simple clients like timesyncd cannot recover from that. Once they got
> the address from DNS, they will follow the server for as long as it
> claims to be synchronized, no matter how wrong it is. A full-featured
> NTP client is needed to detect and replace falsetickers. With
> timesyncd the only option is to restart the service when you notice
> the clock is wrong. I've seen many times users complaining about that
> and getting this advice over the years.
>
> timesyncd needs to be configured with a reliable server to work well.
> Canonical maintains their own NTP servers and uses them by default in
> Ubuntu. That makes senses. Debian uses pool.ntp.org, so it should
> recommend a proper NTP client for a reliable service.

It seems to me this should be reported as a bug against the
systemd-timesyncd package, at the very least.

Right now this is completely empty:

https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=systemd-timesyncd;dist=unstable

Now I agree that timesyncd might not be the best default NTP server: my
vote goes for chrony, personnally. But if we're going to object to it,
it should be at least properly documented in that package's bug list...

(To be fair, there *were* bugs reported agains the package before:

https://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=both;dist=unstable;package=systemd-timesyncd

... just not this specific one.)

a.

-- 
Si l'image donne l'illusion de savoir
C'est que l'adage pretend que pour croire,
L'important ne serait que de voir
                        - Lofofora

Message #25 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Miroslav Lichvar <mlichvar0@gmail.com>

To: 1028149@bugs.debian.org

Subject: Re: Bug#1028149: bookworm: ntp has been replaced by ntpsec

Date: Thu, 30 Mar 2023 09:44:15 +0200

On Tue, Mar 28, 2023 at 11:08:41AM -0400, Antoine Beaupré wrote:
> On 2023-03-27 11:15:20, Miroslav Lichvar wrote:
> > timesyncd needs to be configured with a reliable server to work well.
> > Canonical maintains their own NTP servers and uses them by default in
> > Ubuntu. That makes senses. Debian uses pool.ntp.org, so it should
> > recommend a proper NTP client for a reliable service.
> 
> It seems to me this should be reported as a bug against the
> systemd-timesyncd package, at the very least.

As I understand it, it's a feature, not a bug. From
systemd-timesyncd(8):

       The systemd-timesyncd service implements SNTP only. This minimalistic
       service will step the system clock for large offsets or slowly adjust
       it for smaller deltas. Complex use cases that require full NTP support
       (and where SNTP is not sufficient) are not covered by
       systemd-timesyncd.

Message #30 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Richard Lewis <richard.lewis.debian@googlemail.com>

To: 1028149@bugs.debian.org

Subject: Re: bookworm: ntp has been replaced by ntpsec

Date: Sat, 15 Apr 2023 16:31:45 +0100

On Mon, 27 Mar 2023 11:15:20 +0200 Miroslav Lichvar <mlichvar0@gmail.com> wrote:
> On Thu, 23 Mar 2023 12:12:04 +0000 Richard Lewis <richard.lewis.debian@googlemail.com> wrote:
> > Presumably the release notes should also say that most people should
> > consider systemd-timesyncd as this is priority:standard (since at
> > least buster, but i dont remember seeing this in release notes then)?
> > - i assume the idea is that if you dont have any special needs beyond
> > "set the clock" should use systemd-timesyncd, And people who need
> > extra features (like running their own ntp server) should install
> > ntpsec / chrony / opennntpd ?
>
> Recommending timesyncd as an NTP client to replace ntpd would not be a
> good idea, especially if you consider the default configuration using
> servers from pool.ntp.org.

Isnt that effectively what debian has done by setting systemd-timesync
to "standard" priority?

if that's a bad decision, you should make the case to debian to change
it i would think?
(standard = installed by default, per debian policy)

>  individual servers cannot be
> relied on. They are run by volunteers. Some are well maintained, some
> are not.

like debian packages :p

> timesyncd needs to be configured with a reliable server to work well.
> Canonical maintains their own NTP servers and uses them by default in
> Ubuntu. That makes senses. Debian uses pool.ntp.org, so it should
> recommend a proper NTP client for a reliable service.

sounds like something beyond the scope of release-notes...

if no-one else does,  i can draft some text that says
- ntp is dropped (do we know why?). ntpsec is a direct replacement,
but there is also chrony
- and, if you do not need the strong guarantees of correct clock,
systemd-timesyncd is part of a standard debian installation

thoughts?

Message #35 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Paul Gevers <elbrus@debian.org>

To: Richard Lewis <richard.lewis.debian@googlemail.com>, 1028149@bugs.debian.org

Subject: Re: Bug#1028149: bookworm: ntp has been replaced by ntpsec

Date: Sat, 15 Apr 2023 21:05:03 +0200

[Message part 1 (text/plain, inline)]

Hi,

On 15-04-2023 17:31, Richard Lewis wrote:
> if no-one else does,  i can draft some text that says
> - ntp is dropped (do we know why?). ntpsec is a direct replacement,
> but there is also chrony
> - and, if you do not need the strong guarantees of correct clock,
> systemd-timesyncd is part of a standard debian installation
> 
> thoughts?

IMVHO that sounds like a plan.

Paul

[OpenPGP_signature (application/pgp-signature, attachment)]

Message #42 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Miroslav Lichvar <mlichvar0@gmail.com>

To: 1028149@bugs.debian.org

Subject: Re: Bug#1028149: bookworm: ntp has been replaced by ntpsec

Date: Mon, 17 Apr 2023 10:27:13 +0200

On Sat, Apr 15, 2023 at 04:31:45PM +0100, Richard Lewis wrote:
> Isnt that effectively what debian has done by setting systemd-timesync
> to "standard" priority?
> 
> if that's a bad decision, you should make the case to debian to change
> it i would think?
> (standard = installed by default, per debian policy)

Isn't it too late to fix this in bookworm?

I can provide data showing problems that some pool.ntp.org servers had
in the past, but as the upstream maintainer of chrony I'm probably not
the best person to be proposing changes in the priority of NTP
packages in Debian.

Another option would be to change the default servers of timesyncd,
e.g. to time.cloudflare.com, which is very reliable and has a great
coverage around the world from what I have seen so far. I suspect
people would not find it acceptable to rely on a commercial providers.

> if no-one else does,  i can draft some text that says
> - ntp is dropped (do we know why?).

I think the main reason is very slow upstream development with a large
number of known unfixed security issues.

> ntpsec is a direct replacement,
> but there is also chrony

openntpd is another NTP client that I think should be recommended.
(Not as a server though.)

Message #47 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Richard Lewis <richard.lewis.debian@googlemail.com>

To: 1028149@bugs.debian.org, control@bugs.debian.org

Subject: Re: Bug#1028149: bookworm: ntp has been replaced by ntpsec

Date: Mon, 1 May 2023 14:12:38 +0100

control: tags -1 + patch
thanks

> On Sat, Apr 15, 2023 at 04:31:45PM +0100, Richard Lewis wrote:

> > if no-one else does,  i can draft some text that says
> > - ntp is dropped (do we know why?).
>
> I think the main reason is very slow upstream development with a large
> number of known unfixed security issues.
>
> > ntpsec is a direct replacement,
> > but there is also chrony
>
> openntpd is another NTP client that I think should be recommended.
> (Not as a server though.)

proposed text is at
https://salsa.debian.org/ddp-team/release-notes/-/merge_requests/156
(i included openntpd as an alternative but didn't try and explain the
differences - didn't think it was easy to do so clearly!)

Message #54 received at 1028149@bugs.debian.org (full text, mbox, reply):

From: Paul Gevers <elbrus@debian.org>

To: 1028149@bugs.debian.org, 1028149-submitter@bugs.debian.org

Subject: Re: Bug#1028149: bookworm: ntp has been replaced by ntpsec

Date: Sun, 7 May 2023 21:02:38 +0200

[Message part 1 (text/plain, inline)]

Control: close -1

Hi,

On 01-05-2023 15:12, Richard Lewis wrote:
> proposed text is at
> https://salsa.debian.org/ddp-team/release-notes/-/merge_requests/156

This was merged two weeks ago.

Paul

[OpenPGP_signature (application/pgp-signature, attachment)]

Send a report that this bug log contains spam.