Even with internet, we need to double check ntp is enabled.
But without internet, we have no source (but maybe the user) for a valid time. This causes some problems, for example shadow.service complains:
[root@beta] /home/operator # systemctl status shadow.service
* shadow.service - Verify integrity of password and group files
Loaded: loaded (/usr/lib/systemd/system/shadow.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2020-04-25 00:00:00 UTC; 2min 2s ago
TriggeredBy: * shadow.timer
Process: 433 ExecStart=/bin/sh -c /usr/bin/pwck -r || r=1; /usr/bin/grpck -r && exit $r (code=exited, status=1/FAILURE)
Main PID: 433 (code=exited, status=1/FAILURE)
Apr 25 00:00:00 beta sh[434]: user dhcpcd: last password change in the future
Apr 25 00:00:00 beta sh[434]: user dnsmasq: last password change in the future
Apr 25 00:00:00 beta sh[434]: user git: last password change in the future
Apr 25 00:00:00 beta sh[434]: user polkitd: last password change in the future
Apr 25 00:00:00 beta sh[434]: user operator: last password change in the future
Apr 25 00:00:00 beta sh[434]: pwck: no changes
(for now this doesn't seem to cause any problems).
Maybe to atleast avoid files from the future, lets change the date of all of them to unix time 0?
... lets change the date of all of them to unix time 0?
Bad idea!
How about changing the time to the last valid time (some file which gets written last on shutdown or has the 'latest' time in the image) instead?
Even with internet, we need to double check ntp is enabled.
But without internet, we have no source (but maybe the user) for a valid time. This causes some problems, for example
shadow.service
complains:(for now this doesn't seem to cause any problems).
Maybe to atleast avoid files from the future, lets change the date of all of them to unix time 0?