Enable the NTP Daemon (al2023)

Description

Run the following command to determine the current status of the chronyd service:

$ sudo systemctl is-active chronyd

If the service is running, it should return the following:

active

Note: The chronyd daemon is enabled by default.

Run the following command to determine the current status of the ntpd service:

$ sudo systemctl is-active ntpd

If the service is running, it should return the following:

active

Note: The ntpd daemon is not enabled by default. Though as mentioned in the previous sections in certain environments the ntpd daemon might be preferred to be used rather than the chronyd one. Refer to:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-configuring_ntp_using_the_chrony_suite

for guidance which NTP daemon to choose depending on the environment used.

Rationale

Enabling some of chronyd or ntpd services ensures that the NTP daemon will be running and that the system will synchronize its time to any servers specified. This is important whether the system is configured to be a client (and synchronize only its own clock) or it is also acting as an NTP server to other systems. Synchronizing time is essential for authentication services such as Kerberos, but it is also important for maintaining accurate logs and auditing possible security breaches.

The chronyd and ntpd NTP daemons offer all of the functionality of ntpdate, which is now deprecated.

PREVIEWING: safchain/fix-custom-agent