View Single Post
  #1   (View Single Post)  
Old 28th November 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default Starting ntpd in cron for machines not always connected to the Net

One of the OpenBSD machines I work on is not always connected to the Internet. But if it connected, I want it to synchronize the clock with ntpd.

To deal with this automatically, yes laziness is a virtue for system administrators, I wrote a simple script to be run by cron every five minutes:

Code:
$ cat /usr/local/sbin/start-ntpd

#!/bin/sh
# ---- to be used in root's crontab for machines not always connected

GATEWAY=192.168.222.10
date

if pgrep ntpd >/dev/null 2>&1 ; then
    echo ntpd already running 
    exit 0
fi

if ping -c3 $GATEWAY >&2 ;  then
   # connection to gateway exists
   echo Starting ntpd ....
   ntpd -s
   exit 0
else
   echo "Gateway not alive, cannot run ntpd"
   exit  1
fi
The logic:
  • If the command pgrep ntpd returns a true as result code then the scripts just exits.
  • If ntpd is not running, we test Internet connectivity by pinging the OpenBSD gateway.
    If these pings are succesful, we start ntpd with the -s option.
    Code:
         -s          Set the time immediately at startup.  Allows for a large time
                     correction, eliminating the need to run rdate(8).
    If they fail, there is no connectivity so we just exit.

The crontab entry:
Code:
root@hercules[~]crontab -l | egrep '(#minute|ntpd)'
#minute hour    mday    month   wday    command
*/5     *       *       *       *       /usr/local/sbin/start-ntpd
Note that the complete PATH to the script has been specified. The reason is the very limited PATH which is specified at the beginning of the crontab:
Code:
SHELL=/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
MAILTO=""
As /usr/local/sbin is not part of the PATH it needs to be specified.
BTW the proper way in OpenBSD to modify the system or root crontab is
Code:
# crontab -e
Important note for FreeBSD users:
Please read carefully http://www.freebsd.org/doc/en_US.ISO...ning-cron.html
REASON: In FreeBSD the system or root crontab contains an extra field, the who field.
The script can be tested from the command line and it informs what it is doing and why. If one would change the MAILTO variable to your own user name, you would get an email message.

Code:
From: root@hercules.utp.xnet (Cron Daemon)
To: j65nko@hercules.utp.xnet
Subject: Cron <root@hercules> /usr/local/sbin/start-ntpd 
Auto-Submitted: auto-generated
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <PATH=/bin:/sbin:/usr/bin:/usr/sbin>
X-Cron-Env: <HOME=/var/log>
X-Cron-Env: <MAILTO=j65nko>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>

Sat Nov 28 04:15:01 CET 2009
ntpd already running
After pkill -TERM ntpd:
Code:
From: root@hercules.utp.xnet (Cron Daemon)
To: j65nko@hercules.utp.xnet
Subject: Cron <root@hercules> /usr/local/sbin/start-ntpd 
Auto-Submitted: auto-generated
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <PATH=/bin:/sbin:/usr/bin:/usr/sbin>
X-Cron-Env: <HOME=/var/log>
X-Cron-Env: <MAILTO=j65nko>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>

Sat Nov 28 04:20:01 CET 2009
PING 192.168.222.10 (192.168.222.10): 56 data bytes
64 bytes from 192.168.222.10: icmp_seq=0 ttl=255 time=0.221 ms
64 bytes from 192.168.222.10: icmp_seq=1 ttl=255 time=0.160 ms
64 bytes from 192.168.222.10: icmp_seq=2 ttl=255 time=0.150 ms
^M--- 192.168.222.10 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.150/0.177/0.221/0.031 ms
Starting ntpd ....
An email when there is no connectivity:
Code:
From: root@hercules.utp.xnet (Cron Daemon)
To: j65nko@hercules.utp.xnet
Subject: Cron <root@hercules> /usr/local/sbin/start-ntpd 
Auto-Submitted: auto-generated
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <PATH=/bin:/sbin:/usr/bin:/usr/sbin>
X-Cron-Env: <HOME=/var/log>
X-Cron-Env: <MAILTO=j65nko>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>

Sat Nov 28 04:30:01 CET 2009
--- 192.168.222.10 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
Gateway not alive, cannot run ntpd
Other useful info can be found in /var/cron/log:
Code:
Nov 28 04:05:01 hercules cron[16409]: (root) CMD (/usr/local/sbin/start-ntpd )
Nov 28 04:10:01 hercules cron[8375]: (root) CMD (/usr/local/sbin/start-ntpd )
Nov 28 04:13:40 hercules crontab[28714]: (root) REPLACE (root)
Nov 28 04:13:40 hercules cron[11319]: (root) RELOAD (tabs/root)
Nov 28 04:13:40 hercules crontab[28714]: (root) END EDIT (root)
Nov 28 04:15:01 hercules cron[24748]: (root) CMD (/usr/local/sbin/start-ntpd )
Nov 28 04:20:01 hercules cron[32238]: (root) CMD (/usr/local/sbin/start-ntpd )
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

Last edited by J65nko; 28th November 2009 at 05:53 PM. Reason: Some boldfacing ;)
Reply With Quote