1. Prerequisites ---------------- You will need an entropy (randomness) source. If your OS has arc4random or getentropy then that is ideal. Otherwise, you can use the builtin arc4random implementation or the one built into LibreSSL. 2. Building / Installation -------------------------- To install OpenNTPD with default options: ./configure make make install This will install the OpenNTPD binary in /usr/local/sbin, configuration files in /usr/local/etc. To specify a different installation prefix, use the --prefix option to configure: ./configure --prefix=/opt make make install Will install OpenNTPD in /opt/{etc,sbin}. You can also override specific paths, for example: ./configure --prefix=/opt --sysconfdir=/etc/ntp make make install This will install the binaries in /opt/sbin, but will place the configuration files in /etc/ntp. OpenNTPD always uses Privilege Separation (ie the majority of the processing is done as a chroot'ed, unprivileged user). This requires that a user, group and directory to be created for it. The user should not be permitted to log in, and its home directory should be owned by root and be mode 755. If you do "make install", the Makefile will create the directory with the correct permissions and will prompt you for the rest if required. If, however, you need to perform all of these tasks yourself (eg if you are moving the built binaries to another system) then you will need to do something like the following (although the exact commands required for creating the user and group are system dependant): # groupadd _ntp # useradd -g _ntp -s /sbin/nologin -d /var/empty/ntp -c 'OpenNTP daemon' _ntp # mkdir -p /var/empty/ntp # chown 0 /var/empty/ntp # chgrp 0 /var/empty/ntp # chmod 0755 /var/empty/ntp There are a few options to the configure script in addition to the ones provided by autoconf itself: --with-privsep-user=[user] Specify unprivileged user used for privilege separation. The default is "_ntp". --with-privsep-path=path Normally ntpd will always use the home directory of the privsep user to chroot to, however use of this option will cause ntpd to always use the specified directory. If you need to pass special options to the compiler or linker, you can specify these as environment variables before running ./configure. For example: CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure 3. Configuration ---------------- The runtime configuration files are installed by in ${prefix}/etc or whatever you specified as your --sysconfdir (/usr/local/etc by default). If no configuration file exists, the default one is used. The default configuration file uses a selection of publicly accessible "pool" servers (see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers). 4. Problems? ------------ If you experience problems compiling, installing or running OpenNTPD, please report the problem to the address in the README file.