|
|
- 1. Prerequisites
- ----------------
-
- You will need an entropy (randomness) source. If your OS has arc4random or
- getentropy then that is ideal. Otherwise, you can use the builtin arc4random
- implementation or the one built into LibreSSL.
-
- 2. Building / Installation
- --------------------------
-
- To install OpenNTPD with default options:
-
- ./configure
- make
- make install
-
- This will install the OpenNTPD binary in /usr/local/sbin, configuration
- files in /usr/local/etc. To specify a different installation prefix,
- use the --prefix option to configure:
-
- ./configure --prefix=/opt
- make
- make install
-
- Will install OpenNTPD in /opt/{etc,sbin}. You can also override
- specific paths, for example:
-
- ./configure --prefix=/opt --sysconfdir=/etc/ntp
- make
- make install
-
- This will install the binaries in /opt/sbin, but will place the
- configuration files in /etc/ntp.
-
- OpenNTPD always uses Privilege Separation (ie the majority of the
- processing is done as a chroot'ed, unprivileged user).
-
- This requires that a user, group and directory to be created for it.
- The user should not be permitted to log in, and its home directory
- should be owned by root and be mode 755.
-
- If you do "make install", the Makefile will create the directory with
- the correct permissions and will prompt you for the rest if required.
- If, however, you need to perform all of these tasks yourself (eg if you
- are moving the built binaries to another system) then you will need to
- do something like the following (although the exact commands required
- for creating the user and group are system dependant):
-
- # groupadd _ntp
- # useradd -g _ntp -s /sbin/nologin -d /var/empty/ntp -c 'OpenNTP daemon' _ntp
- # mkdir -p /var/empty/ntp
- # chown 0 /var/empty/ntp
- # chgrp 0 /var/empty/ntp
- # chmod 0755 /var/empty/ntp
-
- There are a few options to the configure script in addition to the ones
- provided by autoconf itself:
-
- --with-privsep-user=[user]
- Specify unprivileged user used for privilege separation. The default
- is "_ntp".
-
- --with-privsep-path=path
- Normally ntpd will always use the home directory of the privsep user
- to chroot to, however use of this option will cause ntpd to always
- use the specified directory.
-
- If you need to pass special options to the compiler or linker, you
- can specify these as environment variables before running ./configure.
- For example:
-
- CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure
-
-
- 3. Configuration
- ----------------
-
- The runtime configuration files are installed by in ${prefix}/etc or
- whatever you specified as your --sysconfdir (/usr/local/etc by default).
-
- If no configuration file exists, the default one is used. The default
- configuration file uses a selection of publicly accessible "pool" servers
- (see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers).
-
-
- 4. Problems?
- ------------
-
- If you experience problems compiling, installing or running OpenNTPD,
- please report the problem to the address in the README file.
|