ntp servers should be configurable on snappy

This is actually pretty important for me. Any idea when this will be possible?

Please also add the option to disable timesyncd ntp synchronization alltogether. It is insecure as it has no means to verify the correctness of the time (eg. by using TLS handshakes).

Agree on the importance, is it something you'd be willing to wait for
the LTS for?

Mark

Closing the ubuntu-core-config task, the other task is still valid

Assigning the snappy task to ogra based on IRC conversation. Thanks Oliver! :)

snap set core service.systemd-timesyncd.disable=true
and respectively:
snap set core service.systemd-timesyncd.disable=false

are working now in the latest edge build of the core snap should also be usable from a gadget.yaml config now)
what we are now missing is write access in the core-support interface to be allowed to modify /etc/systemd/timesyncd.conf, then i can add script snippets to teh hook to actually manage the file.

Will we have some sort of yaml representation of the desired NTP config,
rather than just "write access to the file"?

Mark

@mark: there will be "snap set core timeserver=123.456.7.89" (or some different option name, i'll discuss that in the team first), i just need the infrastructure in place first before being able to add a function to the configure hook for it.

i belive that autmatically translates to something like:

config:
  core:
    timeserver: 123.456.7.89

in yaml then (at least as i understood the config implementation)

That's right, but I think you want to do a slightly deeper analysis of
NTP config, and make sure that the schema you start with can evolve to
be more complete in future.

I think a list of timeservers is a fine starting point. I also think the
default behaviour should be to use a pool backed by ntp.ubuntu.com.

So I think you want to start with something a little more like:

  config:
    core:
      ntp:
        enabled: auto | off | custom # auto uses pool+ubuntu in addition
to any time servers configured
        timeservers: [ list, of, custom, servers ]

The default would be auto. If I add time servers then those get added to
pool+ntp.ubuntu.com, if I say custom then I only get the servers I
explicitly list.

That's a quick starting point and can definitely be improved so consider
it a straw man and feel free to poke at it.

And if you want to get fancy, I have a personal interest in enabling
hardware devices like GPS and PPS pins on weekend time :)

Mark

well, we currently dont have ntpd/ntpdate installed at all, time syncing is done by systemd-timesyncd. what i want to provide as first stop-gap is that a manufacturer can provide his own ntp snap bundled with the image and for this timesyncd needs to be disabled (that covers simons use-case above).

additionally i planned to add the ability to configure time servers ...

i didnt think about "auto" though, since that makes our existing service management implementation more complex but will try to come up with something here.

we should not call the config option ntp to not add confusion about the used technology though.

to be a little more clear with the existing implementation it would be like:

config:
  core:
    service:
      systemd-timesyncd:
        disable: true
      rsyslog:
        disable: true
      ssh:
        disable: false
    systemd-timesyncd:
      timeserver: 123.456.7.89

i.e. the service management is already in its own global "service" category ...
if we want that more task based (all timesyncd bits in one group instead of global service mgmt) we need to change some things in the hook.

OK, auto would make sense with your schema as well. off | servername |
ip | auto.

Good point on keeping ntp as a separate snap.

Mark

Discussing here:

https://forum.snapcraft.io/t/allow-disabling-system-services-on-ubuntu-core/531/2