diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/chrony.conf.adoc | 96 | ||||
| -rw-r--r-- | doc/chrony.conf.man.in | 111 | ||||
| -rw-r--r-- | doc/chronyc.adoc | 4 | ||||
| -rw-r--r-- | doc/chronyc.man.in | 12 | ||||
| -rw-r--r-- | doc/chronyd.adoc | 14 | ||||
| -rw-r--r-- | doc/chronyd.man.in | 20 |
6 files changed, 168 insertions, 89 deletions
diff --git a/doc/chrony.conf.adoc b/doc/chrony.conf.adoc index d72b943..d89b529 100644 --- a/doc/chrony.conf.adoc +++ b/doc/chrony.conf.adoc @@ -66,33 +66,40 @@ server, or its IP address. The *server* directive supports the following options: + *minpoll* _poll_::: -Although *chronyd* will trim the rate at which it samples the server during -normal operation, the user might want to constrain the minimum polling interval. -This is always defined as a power of 2, so *minpoll 5* would mean that the -polling interval cannot drop below 32 seconds. The default is 6 (64 seconds), -the minimum is -4 (1/16th of a second), and the maximum is 24 (6 months). Note -that intervals shorter than 6 (64 seconds) should generally not be used with -public servers on the Internet, because it might be considered abuse. +This option specifies the minimum interval between requests sent to the server +as a power of 2 in seconds. For example, *minpoll 5* would mean that the +polling interval should not drop below 32 seconds. The default is 6 (64 +seconds), the minimum is -4 (1/16th of a second), and the maximum is 24 (6 +months). Note that intervals shorter than 6 (64 seconds) should generally not +be used with public servers on the Internet, because it might be considered +abuse. *maxpoll* _poll_::: -In a similar way, the user might want to constrain the maximum polling interval. -Again this is specified as a power of 2, *maxpoll 9* indicates that the polling -interval must stay at or below 512 seconds. The default is 10 (1024 seconds), -the minimum is 0 (1 second), and the maximum is 24 (6 months). +This option specifies the maximum interval between requests sent to the server +as a power of 2 in seconds. For example, *maxpoll 9* indicates that the polling +interval should stay at or below 9 (512 seconds). The default is 10 (1024 +seconds), the minimum is 0 (1 second), and the maximum is 24 (6 months). *iburst*::: -If this option is set, the interval between the first four polls will be 2 -seconds instead of _minpoll_. This is useful to quickly get the first update of -the clock after *chronyd* is started. -*key* _id_::: +With this option, the interval between the first four requests sent to the +server will be 2 seconds instead of the interval specified by the *minpoll* +option, which allows *chronyd* to make the first update of the clock shortly +after start. +*burst*::: +With this option, *chronyd* will shorten the interval between up to four +requests to 2 seconds when it cannot get a good measurement from the server. +The number of requests in the burst is limited by the current polling interval +to keep the average interval at or above the minimum interval, i.e. the current +interval needs to be at least two times longer than the minimum interval in +order to allow a burst with two requests. +*key* _ID_::: The NTP protocol supports the inclusion of checksums in the packets, to prevent computers having their system time upset by rogue packets being sent to them. The checksums are generated as a function of a password, using the cryptographic hash function set in the key file, which is specified by the <<keyfile,*keyfile*>> directive. + -If the key option is present, *chronyd* will attempt to use authenticated -packets when communicating with this server. The key number used will be the -single argument to the key option (an unsigned integer in the range 1 through -2^32-1). The server must have the same password for this key number configured, +The *key* option specifies which key (with an ID in the range 1 through 2^32-1) +should *chronyd* use to authenticate requests sent to the server and verify its +responses. The server must have the same key for this number configured, otherwise no relationship between the computers will be possible. *maxdelay* _delay_::: *chronyd* uses the network round-trip delay to the server to determine how @@ -113,7 +120,7 @@ option. For example, *maxdelay 0.3* would indicate that measurements with a round-trip delay of 0.3 seconds or more should be ignored. The default value is 3 seconds and the maximum value is 1000 seconds. *maxdelayratio* _ratio_::: -This option is similar to the maxdelay option above. *chronyd* keeps a record +This option is similar to the *maxdelay* option above. *chronyd* keeps a record of the minimum round-trip delay amongst the previous measurements that it has buffered. If a measurement has a round trip delay that is greater than the maxdelayratio times the minimum delay, it will be rejected. @@ -123,14 +130,14 @@ minimum delay amongst the previous measurements to the standard deviation of the previous measurements that is greater than the specified ratio, it will be rejected. The default is 10.0. *mindelay* _delay_::: -This options specifies a fixed minimum round-trip delay to be used instead of +This option specifies a fixed minimum round-trip delay to be used instead of the minimum amongst the previous measurements. This can be useful in networks with static configuration to improve the stability of corrections for asymmetric jitter, weighting of the measurements, and the *maxdelayratio* and *maxdelaydevratio* tests. The value should be set accurately in order to have a positive effect on the synchronisation. *asymmetry* _ratio_::: -This options specifies the asymmetry of the network jitter on the path to the +This option specifies the asymmetry of the network jitter on the path to the source, which is used to correct the measured offset according to the delay. The asymmetry can be between -0.5 and +0.5. A negative value means the delay of packets sent to the source is more variable than the delay of packets sent from @@ -154,14 +161,15 @@ option can be specified. *chronyd* will not try to poll the server until it is enabled to do so (by using the <<chronyc.adoc#online,*online*>> command in *chronyc*). *auto_offline*::: -If this option is set, the server will be assumed to have gone offline when 2 +With this option, the server will be assumed to have gone offline when two requests have been sent to it without receiving a response. This option avoids the need to run the <<chronyc.adoc#offline,*offline*>> command from *chronyc* -when disconnecting the network link. (It will still be necessary to use the -<<chronyc.adoc#online,*online*>> command when the link has been established, to -enable measurements to start.) +when disconnecting the network link, if it is safe to assume that the requests +and responses will not be dropped in the network, e.g. in a trusted local +network. (It will still be necessary to use the <<chronyc.adoc#online,*online*>> +command when the link has been established, to enable measurements to start.) *prefer*::: -Prefer this source over sources without prefer option. +Prefer this source over sources without the *prefer* option. *noselect*::: Never select this source. This is particularly useful for monitoring. *trust*::: @@ -500,7 +508,7 @@ This option specifies the width of the pulses (in seconds). It is used to filter PPS samples when the driver provides samples for both rising and falling edges. Note that it reduces the maximum allowed error of the time source which completes the PPS samples. If the duty cycle is configurable, 50% should be -prefered in order to maximise the allowed error. +preferred in order to maximise the allowed error. *pps*::: This options forces *chronyd* to treat any refclock (e.g. SHM or PHC) as a PPS refclock. This can be useful when the refclock provides time with a variable @@ -516,6 +524,9 @@ is included in the maximum assumed error which is used in the source selection algorithm. Increasing the delay is useful to avoid having no majority in the source selection or to make it prefer other sources. The default is 1e-9 (1 nanosecond). +*stratum* _stratum_::: +This option sets the NTP stratum of the refclock. This can be useful when the +refclock provides time with a stratum other than 0. The default is 0. *precision* _precision_::: This option sets the precision of the reference clock (in seconds). The default value is the estimated precision of the system clock. @@ -546,6 +557,12 @@ but not very precise, reference clock to be safely combined with unauthenticated NTP sources in order to improve the accuracy of the clock. They can be selected and used for synchronisation only if they agree with the trusted and required source. +*tai*::: +This option indicates that the reference clock keeps time in TAI instead of UTC +and that *chronyd* should correct its offset by the current TAI-UTC offset. The +<<leapsectz,*leapsectz*>> directive must be used with this option and the +database must be kept up to date in order for this correction to work as +expected. This option does not make sense with PPS refclocks. *minsamples* _samples_::: Set the minimum number of samples kept for this source. This overrides the <<minsamples,*minsamples*>> directive. @@ -862,6 +879,11 @@ It is also useful when the system clock is required to have correct TAI-UTC offset. Note that the offset is set only when leap seconds are handled by the kernel, i.e. <<leapsecmode,*leapsecmode*>> is set to *system*. + +The specified timezone is not used as an exclusive source of information about +leap seconds. If a majority of time sources announce on the last day of June or +December that a leap second should be inserted or deleted, it will be accepted +even if it is not included in the timezone. ++ An example of the directive is: + ---- @@ -1985,12 +2007,18 @@ format of the file is shown below: + Each line consists of an ID, name of an authentication hash function (optional), and a password. The ID can be any unsigned integer in the range 1 through -2^32-1. The default hash function is *MD5*. Depending on how *chronyd* -was compiled, other supported functions might be *SHA1*, *SHA256*, *SHA384*, -*SHA512*, *RMD128*, *RMD160*, *RMD256*, *RMD320*, *TIGER*, and *WHIRLPOOL*. The -password can be specified as a string of characters not containing white space -with an optional *ASCII:* prefix, or as a hexadecimal number with the *HEX:* -prefix. The maximum length of the line is 2047 characters. +2^32-1. The default hash function is *MD5*, which is always supported. ++ +If *chronyd* was built with enabled support for hashing using a crypto library +(nettle, nss, or libtomcrypt), the following functions are available: *MD5*, +*SHA1*, *SHA256*, *SHA384*, *SHA512*. Depending on which library and version is +*chronyd* using, some or all of the following functions may also be available: +*SHA3-224*, *SHA3-256*, *SHA3-384*, *SHA3-512*, *RMD128*, *RMD160*, *RMD256*, +*RMD320*, *TIGER*, *WHIRLPOOL*. ++ +The password can be specified as a string of characters not containing white +space with an optional *ASCII:* prefix, or as a hexadecimal number with the +*HEX:* prefix. The maximum length of the line is 2047 characters. + The password is used with the hash function to generate and verify a message authentication code (MAC) in NTP packets. It is recommended to use SHA1, or diff --git a/doc/chrony.conf.man.in b/doc/chrony.conf.man.in index accbe8f..9f65136 100644 --- a/doc/chrony.conf.man.in +++ b/doc/chrony.conf.man.in @@ -1,13 +1,13 @@ '\" t .\" Title: chrony.conf .\" Author: [see the "AUTHORS" section] -.\" Generator: Asciidoctor 1.5.4 -.\" Date: 2017-08-29 +.\" Generator: Asciidoctor 1.5.6.1 +.\" Date: 2018-03-15 .\" Manual: Configuration Files .\" Source: chrony @CHRONY_VERSION@ .\" Language: English .\" -.TH "CHRONY.CONF" "5" "2017-08-29" "chrony @CHRONY_VERSION@" "Configuration Files" +.TH "CHRONY.CONF" "5" "2018-03-15" "chrony @CHRONY_VERSION@" "Configuration Files" .ie \n(.g .ds Aq \(aq .el .ds Aq ' .ss \n[.ss] 0 @@ -60,31 +60,42 @@ options: .sp \fBminpoll\fP \fIpoll\fP .RS 4 -Although \fBchronyd\fP will trim the rate at which it samples the server during -normal operation, the user might want to constrain the minimum polling interval. -This is always defined as a power of 2, so \fBminpoll 5\fP would mean that the -polling interval cannot drop below 32 seconds. The default is 6 (64 seconds), -the minimum is \-4 (1/16th of a second), and the maximum is 24 (6 months). Note -that intervals shorter than 6 (64 seconds) should generally not be used with -public servers on the Internet, because it might be considered abuse. +This option specifies the minimum interval between requests sent to the server +as a power of 2 in seconds. For example, \fBminpoll 5\fP would mean that the +polling interval should not drop below 32 seconds. The default is 6 (64 +seconds), the minimum is \-4 (1/16th of a second), and the maximum is 24 (6 +months). Note that intervals shorter than 6 (64 seconds) should generally not +be used with public servers on the Internet, because it might be considered +abuse. .RE .sp \fBmaxpoll\fP \fIpoll\fP .RS 4 -In a similar way, the user might want to constrain the maximum polling interval. -Again this is specified as a power of 2, \fBmaxpoll 9\fP indicates that the polling -interval must stay at or below 512 seconds. The default is 10 (1024 seconds), -the minimum is 0 (1 second), and the maximum is 24 (6 months). +This option specifies the maximum interval between requests sent to the server +as a power of 2 in seconds. For example, \fBmaxpoll 9\fP indicates that the polling +interval should stay at or below 9 (512 seconds). The default is 10 (1024 +seconds), the minimum is 0 (1 second), and the maximum is 24 (6 months). .RE .sp \fBiburst\fP .RS 4 -If this option is set, the interval between the first four polls will be 2 -seconds instead of \fIminpoll\fP. This is useful to quickly get the first update of -the clock after \fBchronyd\fP is started. +With this option, the interval between the first four requests sent to the +server will be 2 seconds instead of the interval specified by the \fBminpoll\fP +option, which allows \fBchronyd\fP to make the first update of the clock shortly +after start. .RE .sp -\fBkey\fP \fIid\fP +\fBburst\fP +.RS 4 +With this option, \fBchronyd\fP will shorten the interval between up to four +requests to 2 seconds when it cannot get a good measurement from the server. +The number of requests in the burst is limited by the current polling interval +to keep the average interval at or above the minimum interval, i.e. the current +interval needs to be at least two times longer than the minimum interval in +order to allow a burst with two requests. +.RE +.sp +\fBkey\fP \fIID\fP .RS 4 The NTP protocol supports the inclusion of checksums in the packets, to prevent computers having their system time upset by rogue packets being sent to them. @@ -92,10 +103,9 @@ The checksums are generated as a function of a password, using the cryptographic hash function set in the key file, which is specified by the \fBkeyfile\fP directive. .sp -If the key option is present, \fBchronyd\fP will attempt to use authenticated -packets when communicating with this server. The key number used will be the -single argument to the key option (an unsigned integer in the range 1 through -2^32\-1). The server must have the same password for this key number configured, +The \fBkey\fP option specifies which key (with an ID in the range 1 through 2^32\-1) +should \fBchronyd\fP use to authenticate requests sent to the server and verify its +responses. The server must have the same key for this number configured, otherwise no relationship between the computers will be possible. .RE .sp @@ -122,7 +132,7 @@ round\-trip delay of 0.3 seconds or more should be ignored. The default value is .sp \fBmaxdelayratio\fP \fIratio\fP .RS 4 -This option is similar to the maxdelay option above. \fBchronyd\fP keeps a record +This option is similar to the \fBmaxdelay\fP option above. \fBchronyd\fP keeps a record of the minimum round\-trip delay amongst the previous measurements that it has buffered. If a measurement has a round trip delay that is greater than the maxdelayratio times the minimum delay, it will be rejected. @@ -138,7 +148,7 @@ rejected. The default is 10.0. .sp \fBmindelay\fP \fIdelay\fP .RS 4 -This options specifies a fixed minimum round\-trip delay to be used instead of +This option specifies a fixed minimum round\-trip delay to be used instead of the minimum amongst the previous measurements. This can be useful in networks with static configuration to improve the stability of corrections for asymmetric jitter, weighting of the measurements, and the \fBmaxdelayratio\fP and @@ -148,7 +158,7 @@ positive effect on the synchronisation. .sp \fBasymmetry\fP \fIratio\fP .RS 4 -This options specifies the asymmetry of the network jitter on the path to the +This option specifies the asymmetry of the network jitter on the path to the source, which is used to correct the measured offset according to the delay. The asymmetry can be between \-0.5 and +0.5. A negative value means the delay of packets sent to the source is more variable than the delay of packets sent from @@ -187,17 +197,18 @@ enabled to do so (by using the \fBonline\fP command in .sp \fBauto_offline\fP .RS 4 -If this option is set, the server will be assumed to have gone offline when 2 +With this option, the server will be assumed to have gone offline when two requests have been sent to it without receiving a response. This option avoids the need to run the \fBoffline\fP command from \fBchronyc\fP -when disconnecting the network link. (It will still be necessary to use the -\fBonline\fP command when the link has been established, to -enable measurements to start.) +when disconnecting the network link, if it is safe to assume that the requests +and responses will not be dropped in the network, e.g. in a trusted local +network. (It will still be necessary to use the \fBonline\fP +command when the link has been established, to enable measurements to start.) .RE .sp \fBprefer\fP .RS 4 -Prefer this source over sources without prefer option. +Prefer this source over sources without the \fBprefer\fP option. .RE .sp \fBnoselect\fP @@ -669,7 +680,7 @@ This option specifies the width of the pulses (in seconds). It is used to filter PPS samples when the driver provides samples for both rising and falling edges. Note that it reduces the maximum allowed error of the time source which completes the PPS samples. If the duty cycle is configurable, 50% should be -prefered in order to maximise the allowed error. +preferred in order to maximise the allowed error. .RE .sp \fBpps\fP @@ -696,6 +707,12 @@ source selection or to make it prefer other sources. The default is 1e\-9 (1 nanosecond). .RE .sp +\fBstratum\fP \fIstratum\fP +.RS 4 +This option sets the NTP stratum of the refclock. This can be useful when the +refclock provides time with a stratum other than 0. The default is 0. +.RE +.sp \fBprecision\fP \fIprecision\fP .RS 4 This option sets the precision of the reference clock (in seconds). The default @@ -747,6 +764,15 @@ can be selected and used for synchronisation only if they agree with the trusted and required source. .RE .sp +\fBtai\fP +.RS 4 +This option indicates that the reference clock keeps time in TAI instead of UTC +and that \fBchronyd\fP should correct its offset by the current TAI\-UTC offset. The +\fBleapsectz\fP directive must be used with this option and the +database must be kept up to date in order for this correction to work as +expected. This option does not make sense with PPS refclocks. +.RE +.sp \fBminsamples\fP \fIsamples\fP .RS 4 Set the minimum number of samples kept for this source. This overrides the @@ -1144,6 +1170,11 @@ It is also useful when the system clock is required to have correct TAI\-UTC offset. Note that the offset is set only when leap seconds are handled by the kernel, i.e. \fBleapsecmode\fP is set to \fBsystem\fP. .sp +The specified timezone is not used as an exclusive source of information about +leap seconds. If a majority of time sources announce on the last day of June or +December that a leap second should be inserted or deleted, it will be accepted +even if it is not included in the timezone. +.sp An example of the directive is: .sp .if n \{\ @@ -3363,12 +3394,18 @@ format of the file is shown below: .sp Each line consists of an ID, name of an authentication hash function (optional), and a password. The ID can be any unsigned integer in the range 1 through -2^32\-1. The default hash function is \fBMD5\fP. Depending on how \fBchronyd\fP -was compiled, other supported functions might be \fBSHA1\fP, \fBSHA256\fP, \fBSHA384\fP, -\fBSHA512\fP, \fBRMD128\fP, \fBRMD160\fP, \fBRMD256\fP, \fBRMD320\fP, \fBTIGER\fP, and \fBWHIRLPOOL\fP. The -password can be specified as a string of characters not containing white space -with an optional \fBASCII:\fP prefix, or as a hexadecimal number with the \fBHEX:\fP -prefix. The maximum length of the line is 2047 characters. +2^32\-1. The default hash function is \fBMD5\fP, which is always supported. +.sp +If \fBchronyd\fP was built with enabled support for hashing using a crypto library +(nettle, nss, or libtomcrypt), the following functions are available: \fBMD5\fP, +\fBSHA1\fP, \fBSHA256\fP, \fBSHA384\fP, \fBSHA512\fP. Depending on which library and version is +\fBchronyd\fP using, some or all of the following functions may also be available: +\fBSHA3\-224\fP, \fBSHA3\-256\fP, \fBSHA3\-384\fP, \fBSHA3\-512\fP, \fBRMD128\fP, \fBRMD160\fP, \fBRMD256\fP, +\fBRMD320\fP, \fBTIGER\fP, \fBWHIRLPOOL\fP. +.sp +The password can be specified as a string of characters not containing white +space with an optional \fBASCII:\fP prefix, or as a hexadecimal number with the +\fBHEX:\fP prefix. The maximum length of the line is 2047 characters. .sp The password is used with the hash function to generate and verify a message authentication code (MAC) in NTP packets. It is recommended to use SHA1, or diff --git a/doc/chronyc.adoc b/doc/chronyc.adoc index 9c5ac5c..c987907 100644 --- a/doc/chronyc.adoc +++ b/doc/chronyc.adoc @@ -1128,6 +1128,10 @@ running. The *rekey* command causes *chronyd* to re-read the key file specified in the configuration file by the <<chrony.conf.adoc#keyfile,*keyfile*>> directive. +[[rekey]]*shutdown*:: +The *shutdown* command causes *chronyd* to exit. This is equivalent to sending +the process the SIGTERM signal. + === Client commands [[dns]]*dns* _option_:: diff --git a/doc/chronyc.man.in b/doc/chronyc.man.in index 40d24b9..581fa00 100644 --- a/doc/chronyc.man.in +++ b/doc/chronyc.man.in @@ -1,13 +1,13 @@ '\" t .\" Title: chronyc .\" Author: [see the "AUTHORS" section] -.\" Generator: Asciidoctor 1.5.4 -.\" Date: 2017-08-29 +.\" Generator: Asciidoctor 1.5.6.1 +.\" Date: 2018-03-15 .\" Manual: User manual .\" Source: chrony @CHRONY_VERSION@ .\" Language: English .\" -.TH "CHRONYC" "1" "2017-08-29" "chrony @CHRONY_VERSION@" "User manual" +.TH "CHRONYC" "1" "2018-03-15" "chrony @CHRONY_VERSION@" "User manual" .ie \n(.g .ds Aq \(aq .el .ds Aq ' .ss \n[.ss] 0 @@ -1787,6 +1787,12 @@ running. The \fBrekey\fP command causes \fBchronyd\fP to re\-read the key file specified in the configuration file by the \fBkeyfile\fP directive. .RE +.sp +\fBshutdown\fP +.RS 4 +The \fBshutdown\fP command causes \fBchronyd\fP to exit. This is equivalent to sending +the process the SIGTERM signal. +.RE .SS "Client commands" .sp \fBdns\fP \fIoption\fP diff --git a/doc/chronyd.adoc b/doc/chronyd.adoc index 7b00865..fc79078 100644 --- a/doc/chronyd.adoc +++ b/doc/chronyd.adoc @@ -135,7 +135,7 @@ range of privileged system calls on behalf of the parent. *-F* _level_:: This option configures a system call filter when *chronyd* is compiled with support for the Linux secure computing (seccomp) facility. In level 1 the -process is killed when a forbidden system call is made, in level -1 the SYSSIG +process is killed when a forbidden system call is made, in level -1 the SIGSYS signal is thrown instead and in level 0 the filter is disabled (default 0). + It's recommended to enable the filter only when it's known to work on the @@ -157,11 +157,13 @@ This option will lock *chronyd* into RAM so that it will never be paged out. This mode is only supported on Linux. *-x*:: -This option disables the control of the system clock. *chronyd* will not make -any adjustments of the clock, but it will still track its offset and frequency -relative to the estimated true time, and be able to operate as an NTP server. -This allows *chronyd* to run without the capability to adjust or set the system -clock (e.g. in some containers). +This option disables the control of the system clock. *chronyd* will not try to +make any adjustments of the clock. It will assume the clock is free running and +still track its offset and frequency relative to the estimated true time. This +option allows *chronyd* to run without the capability to adjust or set the +system clock (e.g. in some containers) in order to operate as an NTP server. It +is not recommended to run *chronyd* (with or without *-x*) when another process +is controlling the system clock. *-v*:: With this option *chronyd* will print version number to the terminal and exit. diff --git a/doc/chronyd.man.in b/doc/chronyd.man.in index 04b6701..f1f7c90 100644 --- a/doc/chronyd.man.in +++ b/doc/chronyd.man.in @@ -1,13 +1,13 @@ '\" t .\" Title: chronyd .\" Author: [see the "AUTHORS" section] -.\" Generator: Asciidoctor 1.5.4 -.\" Date: 2017-08-29 +.\" Generator: Asciidoctor 1.5.6.1 +.\" Date: 2018-03-15 .\" Manual: System Administration .\" Source: chrony @CHRONY_VERSION@ .\" Language: English .\" -.TH "CHRONYD" "8" "2017-08-29" "chrony @CHRONY_VERSION@" "System Administration" +.TH "CHRONYD" "8" "2018-03-15" "chrony @CHRONY_VERSION@" "System Administration" .ie \n(.g .ds Aq \(aq .el .ds Aq ' .ss \n[.ss] 0 @@ -155,7 +155,7 @@ range of privileged system calls on behalf of the parent. .RS 4 This option configures a system call filter when \fBchronyd\fP is compiled with support for the Linux secure computing (seccomp) facility. In level 1 the -process is killed when a forbidden system call is made, in level \-1 the SYSSIG +process is killed when a forbidden system call is made, in level \-1 the SIGSYS signal is thrown instead and in level 0 the filter is disabled (default 0). .sp It\(cqs recommended to enable the filter only when it\(cqs known to work on the @@ -183,11 +183,13 @@ This mode is only supported on Linux. .sp \fB\-x\fP .RS 4 -This option disables the control of the system clock. \fBchronyd\fP will not make -any adjustments of the clock, but it will still track its offset and frequency -relative to the estimated true time, and be able to operate as an NTP server. -This allows \fBchronyd\fP to run without the capability to adjust or set the system -clock (e.g. in some containers). +This option disables the control of the system clock. \fBchronyd\fP will not try to +make any adjustments of the clock. It will assume the clock is free running and +still track its offset and frequency relative to the estimated true time. This +option allows \fBchronyd\fP to run without the capability to adjust or set the +system clock (e.g. in some containers) in order to operate as an NTP server. It +is not recommended to run \fBchronyd\fP (with or without \fB\-x\fP) when another process +is controlling the system clock. .RE .sp \fB\-v\fP |