Package: ntp
Version: 1:4.2.2+dfsg-1
in 4.2.0* if you specified -L you could stop ntp from listening on virtual
interfaces.
sometime since then the upstream has added "-L interface" to specify the
interface... but ntpd still insists on listening on every interface it
finds!
check out this reasoning from ntpd/ntp_io.c:
/*
* Check to see if we are going to use the interface
* If we don't use it we mark it to drop any packet
* received but we still must create the socket and
* bind to it. This prevents other apps binding to it
* and potentially causing problems with more than one
* process fiddling with the clock
*/
honestly i don't think listening on a socket is going to stop a determined
*root* app from "fiddling with the clock".
i consider this a regression against 4.2.0* versions ... not sure what you
think. i perused a couple of the upstream bugs and they make it seem like
it's rocket science to listen only on specified addresses. weird.
-dean
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
