The -p 1 option is still desirable for standard ntpd. The default is to do 4 probes which is overkill for xymon.
I have just checked a fresh install of ntpsec from source and can't see ntpdate being installed. Found this on the ntpsec site under Security Improvements:
* The deprecated and vulnerability-prone ntpdate program has been
replaced with a shell wrapper around ntpdig. Its -e and -p options
are not implemented. It is no longer documented, but can be found in
the attic/ directory of the source distribution.
I notice that in the script the behaviour when it finds the -p option is to simply warn and ignore it:
p) echo "ntpdate: -p is no longer supported." >&2;;
So it's just a neatness thing. The script is undocumented (debian may have pinched their man page from standard ntp) and unlikely to ever be updated.
Not sure where this leaves us. I know others had similar problems when distros moved to chrony for ntp. Maybe we need a more generalised approach to different ntp implementations going forward.
Cheers,
Brian Scott
On 12/2/2024 1:14 am, Roland Rosenfeld wrote:Hi!
In Debian ntpdate from ntpsec package throws a warning that "-p is no
longer supported". So it may be a good idea to remove the "-p 1" from
NTPDATEOPTS="-u -q -p 1" # Standard options to ntpdate
in xymond/etcfiles/xymonserver.cfg.DIST.
The attached patch solves this issue.
Greetings
Roland