[Pool] Isn't monlist a violation of privacy rights?

Matt Wagner mwaggy at gmail.com
Sat Feb 1 23:25:13 UTC 2014


On Sat, Feb 1, 2014 at 6:05 AM, Andreas Krüger <timekeeper at famsik.de> wrote:

> Hello, Mouse,
>
> talking about monlist, you say:
>
> > (b) I really do not like shutting off a useful facility just
> > because it's being abused and a lot of other people don't/can't
> > prevent the abuse any other way.
>
> Just for curiosity: Have you ever used other ntp-server's monlist
> for anything particular?  Why do you consider that facility
> useful?
>

With apologies if he answer is "Yes" and I've overlooked it in the
documentation, is it possible to configure ntpd to allow some ntpq/ntpdc
commands and not others?

I don't find monlist useful on other peoples' servers. While I could think
up some contrived examples of where it could be useful, they would be,
well, contrived examples.

I _do_ find a list of its peers (a la ntpq -p) very useful, though. And
some of the other statistics exposed are interesting, even if not
explicitly useful to me in configuring associations. (For example, iostats
on a busy server, or some of the clock stats.)

Note that I'm not trying to argue that some of the other data being useful
means that monlist privacy concerns should be ignored. I'm just wondering
if, as a server administrator, the two things can be separated or not right
now. Can I turn off monlist but still allow other forms of query? I don't
see a way, but it wouldn't be the first time I overlooked something obvious.


More information about the pool mailing list