2008年2月25日 星期一

Linux Command - ntp

setup the local time manually
# date -s 20080226
# date -s 09:22:10

display the local time
# date
Tue Feb 26 10:09:19 CST 2008
Another method to show the detail date (according to the system time hardware colock)
# hwclock --show
Fri 14 Mar 2008 11:23:32 AM CST -0.508117 seconds

use ntpupdate to sync your localtime correctly
# ntpdate time.stdtime.gov.tw
26 Feb 09:52:01 ntpdate[27524]: step time server 220.130.158.52 offset -210.262890 sec

Ther are also other ntp server in Taiwan as the following
* tock.stdtime.gov.tw
* time.stdtime.gov.tw
* clock.stdtime.gov.tw
* freq_f.stdtime.gov.tw
* tick.stdtime.gov.tw

other ntp servers
clock.redhat.com
clock2.redhat.com
ns1.tuxfamily.org

National Institute of Standards and Technology
time.nist.gov
Set Your Computer Clock Via the Internet NIST Internet Time Service (ITS)
http://tf.nist.gov/timefreq/service/its.htm

use zdump to print the time information

[root@localhost ~]# zdump Singapore
Singapore Tue Feb 26 10:52:33 2008 SGT ==> correct
[root@localhost ~]# zdump Japan
Japan Tue Feb 26 11:52:39 2008 JST ==> correct
[root@localhost ~]# zdump Taipei
Taipei Tue Feb 26 02:55:15 2008 Taipei ==> not correct, you need to plus the GMT difference
[root@localhost ~]# zdump NewYork
NewYork Tue Feb 26 02:55:22 2008 NewYork ==> not correct, you need to plus the GMT difference

I am looking for the zdump valid-argument list....
still looking forward...


Excellent Reference
http://www.vanemery.com/Linux/RH-Linux-Time.html

How to change the timezone in the Linux
1. Logged in as root, check which timezone your machine is currently using by executing `date`. You'll see something like Mon 17 Jan 2005 12:15:08 PM PST, PST in this case is the current timezone.
2. Change to the directory /usr/share/zoneinfo here you will find a list of time zone regions. Choose the most appropriate region, if you live in Canada or the US this directory is the "America" directory.
3. If you wish, backup the previous timezone configuration by copying it to a different location. Such as

mv /etc/localtime /etc/localtime-old

4. Create a symbolic link from the appropiate timezone to /etc/localtime. Example:

ln -sf /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime

5. If you have the utility rdate, update the current system time by executing

/usr/bin/rdate -s time.nist.gov

6. Set the ZONE entry in the file /etc/sysconfig/clock file (e.g. "America/Los_Angeles")
7. Set the hardware clock by executing:

/sbin/hwclock --systohc




Time, Date, and Time Zones for Red Hat Linux
A Practical Guide

Van Emery - March, 2003

Introduction:

I have had nothing but trouble with Red Hat's GUI tools for setting date, time, time zone, and ntpd configuration files. In some cases, this has been as extreme as the dateconfig tool refusing to execute, and in other cases the tool ran, but did not change the underlying configuration files. I decided to dig down into the details and find out how date, time, time zones, and ntpd work on a Linux system. Armed with this knowledge, I would be able to configure my systems properly once and for all! As it turns out, this was an informative little detour...


Environment:
Red Hat 8.0 on a Pentium III 667 MHz & a Pentium II 233 MHz
Red Hat 7.3 on a Dell Optiplex GX-1 Pentium II running Red Hat 7.3


Objectives:
1. Set my Linux systems to the desired time zone
2. Set my Linux systems to the desired time and date
3. Get the NTP server running correctly
4. Make sure the hardware clock maintains the proper time
5. Find out as much as possible about the time and date configuration commands and files


Basic Command-line Tools:

The date command can be used as follows to display the time and date:


$ date
Fri Mar 28 16:01:50 CST 2003


To see UTC/GMT, you can do this:

$ date --utc
Fri Mar 28 08:04:32 UTC 2003


The date command also can be used to set the time and date. To set the time manually, do this:


# date -s "16:15:00"
Fri Mar 28 16:15:00 CST 2003

If you also need to adjust the date, and not just the time, you can do it like this:

# date -s "16:55:30 July 7, 1986"
Mon Jul 7 16:55:30 PDT 1986

There is also another way to set the date and time, which is not very pretty:

# date 033121422003.55
Mon Mar 31 21:42:55 PST 2003

The above command does not use the -s option, and the fields are arranged like this: MMDDhhmmCCYY.ss
where MM = month, DD = day, hh = hour, mm = minute, CCYY = 4 digit year, and ss = seconds.

Please note that setting the clock with the date command must be done as root. This is a "savage" way to adjust the time. It adjusts the Linux kernel system time.

There is also a hardware clock (CMOS clock). You can look at the current hardware clock time with:


hwclock --show


I always keep my hardware clocks set to UTC/GMT. This maintains my clocks uniformly without any worries about "Daylight Savings Time". This is important, because when you set the hardware clock from the system clock (kept by the Linux kernel), you need to know if this is the case. To set the hardware clock from the system clock, leaving the hardware clock in UTC, enter the following:


# hwclock --systohc --utc
# hwclock --show
Fri 28 Mar 2003 04:23:52 PM CST -0.864036 seconds


Another interesting item is that the Linux system clock stores time in seconds since midnight on January 1st, 1970 (UTC). This is called UNIX time. Unfortunately, because this is a 32-bit value, there is a year-2038 problem. Hopefully, everyone will have moved to 64-bit architectures by then. In order to see the UNIX time, you can use the following command:

date +%s


There are many useful formatting options for the date command. See the date manpage for details.


Of course, there is another useful tool available related to date and time: cal


$ cal -3

February 2003 March 2003 April 2003
Su Mo Tu We Th Fr Sa Su Mo Tu We Th Fr Sa Su Mo Tu We Th Fr Sa
1 1 1 2 3 4 5
2 3 4 5 6 7 8 2 3 4 5 6 7 8 6 7 8 9 10 11 12
9 10 11 12 13 14 15 9 10 11 12 13 14 15 13 14 15 16 17 18 19
16 17 18 19 20 21 22 16 17 18 19 20 21 22 20 21 22 23 24 25 26
23 24 25 26 27 28 23 24 25 26 27 28 29 27 28 29 30
30 31


You can also specify "cal -y" for the entire year, "cal" by itself for the current month, or "cal 12 2005" to see the calendar for December, 2005.



Time Zone Configuration:


Background - The Earth is divided into time zones that are 15 degrees of longitude each, for this corresponds to the amount of angular distance the Sun appears to travel in 1 hour. 0 degrees longitude runs through the Royal Observatory in Greenwich, England. This is the origin of Greenwich Mean Time, or GMT. For all practical purposes, GMT and UTC are the same. To complicate matters, some countries observe Daylight Savings Time (DST), while others do not. Even within some countries, some states or districts do not observe DST while the rest of the country does! DST can also begin and end on different days in different countries! What a mess...

There are several files and directories that are used for time zones, and several tools:

/etc/sysconfig/clock - this is a short text file that defines the timezone, whether or not the hardware clock is using UTC, and an ARC option that is only relevant to DEC systems.

/etc/localtime - this is a symbolic link to the appropriate time zone file in /usr/share/zoneinfo

/usr/share/zoneinfo - this directory contains the time zone files that were compiled by zic. These are binary files and cannot be viewed with a text viewer. The files contain information such as rules about DST. They allow the kernel to convert UTC UNIX time into appropriate local dates and times.

/etc/rc.d/rc.sysinit - This script runs once, at boot time. A section of this script sets the system time from the hardware clock and applies the local time zone information.

/etc/init.d/halt - This script runs during system shutdown. A section of this script synchronizes the hardware clock from the system clock.

/etc/adjtime - This file is used by the adjtimex function, which can smoothly adjust system time while the system runs. settimeofday is a related function.


redhat-config-date or dateconfig - These commands start the Red Hat date/time/time zone configuration GUI. Both commands failed to change the timezone in two different stock Red Hat 8.0 systems. They also failed to create a working ntp.conf file for the NTP server. The timezone problem went away after upgrading from the installed RPM, redhat-config-date-1.5.2-10, to a newer RPM from a Red Hat beta release, redhat-config-date-1.5.9-6.

zic - (The time zone compiler) Zic creates the time conversion information files.

zdump - This utility prints the current time and date in the specified time zone. Example:


# zdump Japan
Japan Sat Mar 29 00:47:57 2003 JST
# zdump Iceland
Iceland Fri Mar 28 15:48:02 2003 GMT

In order to manually change the timezone, you can edit the /etc/sysconfig/clock file and then make a new soft link to /etc/localtime. Here is an example of changing the timezone manually to "America/Denver":

1. Select the appropriate time zone from the /usr/share/zoneinfo directory. Time zone names are relative to that directory. In this case, we will select "America/Denver"

2. Edit the /etc/sysconfig/clock text file so that it looks like this:

ZONE="America/Denver"
UTC=true
ARC=false

Of course, this assumes that your hardware clock is running UTC time...

3. Delete the following file: /etc/localtime

4. Create a new soft link for /etc/localtime. Here is an example of step 3 and step 4:

# cd /etc
# ls -al localtime
lrwxrwxrwx 1 root root 39 Mar 28 07:00 localtime -> /usr/share/zoneinfo/America/Los_Angeles

# rm /etc/localtime

# ln -s /usr/share/zoneinfo/America/Denver /etc/localtime
# ls -al localtime
lrwxrwxrwx 1 root root 34 Mar 28 08:59 localtime -> /usr/share/zoneinfo/America/Denver

# date
Fri Mar 28 09:00:04 MST 2003


NTP Configuration and Usage:

Background - Network Time Protocol (NTP) allows computers, servers, and network devices to synchronize their internal clock systems to an external reference source. In some cases, the reference source can be an atomic clock or GPS receiver. This is useful for a number of reasons. If you would like to automatically keep the time on your Linux system synchronized to standard world times, you have two built-in tools to do this:

ntpdate and ntpd (NTP Daemon)


ntpdate:
ntpdate was written by David L. Mills at the University of Delaware. For details on Dr. Mills, enter this:

$ finger David.L.Mills@udel.edu

ntpdate allows you to view or set system time from one or more NTP servers. The first thing you need to do is find a time server you can query. Here is a list of public time servers, or you can use one of the following:

clock.redhat.com
clock2.redhat.com
ns1.tuxfamily.org
time.nist.gov

For example, if you only want to query an NTP server and make sure that you can reach it, use the following command:

# ntpdate -q clock2.redhat.com
server 66.187.224.4, stratum 1, offset -0.067532, delay 0.38452
28 Mar 18:14:20 ntpdate[10724]: adjust time server 66.187.224.4 offset -0.067532 sec


Note that some firewall systems do not allow NTP traffic. NTP uses UDP port 123. If you would like to query more than one server and set your system clock with the result, use the following:

# ntpdate clock2.redhat.com clock.redhat.com
28 Mar 18:20:59 ntpdate[10754]: adjust time server 66.187.233.4 offset -0.043222 sec


You can add the -v flag for verbose output.

This command is very similar to the rdate command. The ntpdate command can be used in startup scripts or cron jobs to automatically set the system time without running a dedicated server process. You will definitely want to try to retrieve the time from an NTP server with ntpdate before setting up your own NTP server. This will ensure that (a) you have connectivity (b) your firewall does not block NTP. Another thing to note about the ntpdate command is that it will not work in update mode if you are running a local NTP server process. It will work in query mode.


NTP Server:
The NTP server (ntpd) can be setup to run continuously. This will keep the system clock synchronized. You will also be able to server NTP clients on your LAN, if you wish. I had problems with the Red Hat configuration GUI not setting the NTP server up correctly.

The configuration file is /etc/ntp.conf, and there is also an /etc/ntp directory which contains keys and the drift file. I will show you a working configuration file, with comments:

# Prohibit general access to this service.
restrict default ignore

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1


# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems to modify the
# configuration of this service. Also, do not use those
# systems as peers for synchronization.

# This is my internal LAN network address
restrict 192.168.212.0 mask 255.255.255.0 notrust nomodify notrap


# --- OUR TIMESERVERS -----
# or remove the default restrict line
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.

# The statements below limit what the servers can do to your server
# I am using IP instead of DNS name because the "restrict" construct
# requires IP addresses

restrict 66.187.224.4 mask 255.255.255.255 nomodify notrap noquery
restrict 80.67.177.2 mask 255.255.255.255 nomodify notrap noquery

# The server listed below is clock2.redhat.com
server 66.187.224.4

# The server listed below is ns1.tuxfamily.org
server 80.67.177.2


# --- NTP MULTICASTCLIENT ---
#multicastclient # listen on default 224.0.1.1
# restrict 224.0.1.1 mask 255.255.255.255 notrust nomodify notrap
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
# I don't want to use multicast for my NTP server



# --- GENERAL CONFIGURATION ---
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
# If you un-comment the two statements below, you could run an NTP server
# off of your local (and inaccurate) system clock.
#restrict 127.127.1.0
#server 127.127.1.0
fudge 127.127.1.0 stratum 10

#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#
driftfile /etc/ntp/drift
broadcastdelay 0.008

#
# Authentication delay. If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff
# directory and figure out what this number should be on your machine.
#
# I am not using any authentication for this simple setup.
authenticate no

#
# Keys file. If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
keys /etc/ntp/keys


After you install this new version of the config file, you can start the service with /etc/init.d/ntpd start

To monitor the service, you can run the following command: ntpdc -p or ntpdc -p -n
If you are really impatient, you can use this command to watch the system until it synchronizes: watch nptdc -p -n
The ntpdc command can be run interactively as well. There are a number of informative ntpdc commands, such as iostats, sysstats, and peers.

When enough time has gone by, one of the servers will have an * placed in front of it to tell you that your system is synchronized to it. The lower the stratum number, the more accurate the server.




To see that your NTP server is listening on UDP port 123, use the following command: netstat -tuna

Please note that the NTP server makes NTP queries from a UDP source port of 123. Some firewalls will not allow this, even if ntpdate worked (ntpdate uses a source port > 1023.)

You can also use the ntpq utility, and the ntptrace utility for additional diagnostic support. For complete documentation on setting up and using NTP servers, see www.ntp.org.


Conclusion:
Changing the date, time, and time zone on a Red Hat Linux system can be done easily once all of the files and commands are identified. NTP clock synchronization is also fairly straightforward. Hopefully, future time and date configuration tools will work well enough that the average user/administrator does not have to resort to manual work-arounds.

沒有留言: