1. Chrony/ NTP - After Linux update, recent bug modifies “allow” lines in /etc/chrony.conf.

[marmar24012]

Chrony/ NTP - After Linux update, recent bug modifies “allow” lines in /etc/chrony.conf.

NOTE: Make sure allow lines are correct in /etc/chrony.conf file.

grep allow /etc/chrony.conf systemctl status chronyd date timedatectl netstat -an | grep 123 # NTP Port netstat -an | grep 323 # Chrony Port

ocialverapp1:/> grep allow /etc/chrony.conf allow 0/0 allow ::/0

ocialverapp1:/> netstat -an | grep 123 udp 0 0 0.0.0.0:123 0.0.0.0:*

ocialverapp1:/> netstat -an | grep 323 udp 0 0 127.0.0.1:323 0.0.0.0:*

sudo firewall-cmd --list-all sudo firewall-cmd --list-service # Look for NTP sudo firewall-cmd --list-ports # Ports 123 or 323, UDP or TCP

NOTE: Make sure the date timezone shows correct (ie local time vs UTC time)

NOTE: It’s possible for the OS time to be off as this bug could cause the VM/ instance to get its time from the physical host it’s running on (if its time is not sync’d to an NTP server).

If time is off by multiple minutes, it could take awhile for it to gradually slew back to correct time once NTP configuration is fixed. This could be a concern once users start using the applications. This happened with HOAG instances in AWS cloud.

Also if users complain of system slowness because Soft APP’s tries to use NTP, ALVER-02899.

systemctl status chronyd vi /etc/chrony.conf allow 0/0 (allow access by any IPv4 node) allow ::/0 (allow access by any IPv6 node)

systemctl restart chronyd systemctl status chronyd

date timedatectl chronyc tracking | grep System chronyc ntpdata | grep ^Offset