centos7-时间同步NTP安装,以及libopts.so.25问题解决
ntp时间同步服务器同来同步时间
文章目录
- centos7-时间同步NTP安装,以及libopts.so.25问题解决
- 安装
- 依赖包
- 安装步骤
- 使用
- /etc/ntp.conf 配置文件
- 问题
- 如果卸载了服务,查看服务状态,服务还在,请刷新systemctl的缓存
安装
依赖包
ntp服务安装需要三个包:
autogen-libopts-5.18-5.el7.x86_64.rpm
ntpdate-4.2.6p5-25.el7.centos.2.x86_64.rpm
ntp-4.2.6p5-25.el7.centos.2.x86_64.rpm
安装步骤
直接yum安装即可
yum -y install ntp
使用
有两种使用方法
- 执行命令来同步
ntpdate -u 202.120.2.101
- 设置为守护进程来同步
- 修改配置文件
vi /etc/ntp.conf
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server time7.aliyun.com prefer iburst //添加一个同步服务器设置即可
- 启动守护程序
systemctl start ntpd //启动
systemctl stop ntpd //停止
systemctl status ntpd //查看服务状态
systemctl enable ntpd //设置开机自启
/etc/ntp.conf 配置文件
# 系统时间与BIOS事件的偏差记录
driftfile /var/lib/ntp/drift
#restrict 控制相关权限。语法为: restrict IP地址 mask 子网掩码 参数
#其中IP地址也可以是default ,default 就是指所有的IP
#参数有以下几个:
#ignore :关闭所有的 NTP 联机服务
#nomodify:客户端不能更改服务端的时间参数,但是客户端可以通过服务端进行网络校时。
#notrust :客户端除非通过认证,否则该客户端来源将被视为不信任子网
#noquery :不提供客户端的时间查询:用户端不能使用ntpq,ntpc等命令来查询ntp服务器
#notrap :不提供trap远端登陆:拒绝为匹配的主机提供模式 6 控制消息陷阱服务。陷阱服务是 ntpdq 控制消息协议的子系统,用于远程事件#日志记录程序。
#nopeer :用于阻止主机尝试与服务器对等,并允许欺诈性服务器控制时钟
#kod : 访问违规时发送 KoD 包。
#restrict -6 表示IPV6地址的权限设置
restrict default nomodify notrap nopeer noquery
#确保localhost(这个常用的IP地址用来指Linux服务器本身)有足够权限.使用没有任何限制关键词的语法
restrict 127.0.0.1
restrict ::1
#
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
#设定NTP主机来源(其中prefer表示优先主机),192.168.7.49是本地的NTP服务器,所以优先指定从该主机同步时间。
server 0.centos.pool.ntp.org prefer
server 0.centos.pool.ntp.org iburst
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
#
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
问题
- 在启动ntpd后查看ntpd服务的状态,会发现,ntpd启动失败,报错如下
# systemctl status ntpd
ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2022-04-18 09:19:50 CST; 6min ago
Apr 18 09:19:50 172-16-23-219 systemd[1]: Starting Network Time Service...
Apr 18 09:19:50 172-16-23-219 ntpd[2778]: /usr/sbin/ntpd: error while loading shared libraries: libopts.so.25: can...ctory
Apr 18 09:19:50 172-16-23-219 systemd[1]: ntpd.service: control process exited, code=exited status=127
Apr 18 09:19:50 172-16-23-219 systemd[1]: Failed to start Network Time Service.
Apr 18 09:19:50 172-16-23-219 systemd[1]: Unit ntpd.service entered failed state.
Apr 18 09:19:50 172-16-23-219 systemd[1]: ntpd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
报错 libopts.so.25 这个文件的问题,可能是缺少这个文件,解决方法就是重装 autogen-libopts
- 卸载 ntp以及ntpdate
yum remove ntp
yum remove ntpdate
# 如果执行 systemctl status ntpd 后还是提示状态是失败的,则需要刷新一下systemctl 的缓存
# systemctl daemon-reload
# systemctl reset-failed
- 卸载重装 autogen-libopts
yum remove autogen-libopts
yum install -y autogen-libopts
- 重新安装 ntp以及重新设置配置
yum install -y ntp
vi /etc/ntp.conf
- 启动并设置为开机启动,查看状态就行了
systemctl start ntpd //启动
systemctl stop ntpd //停止
systemctl status ntpd //查看服务状态
systemctl enable ntpd //设置开机自启
- 报错没有用户 ntp或者没有用户组 ntp
- 报错
- 无用户/用户组
# systemctl status ntpd
ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2022-04-18 09:27:38 CST; 2s ago
Process: 16586 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 16587 (code=exited, status=255)
Apr 18 09:27:38 172-16-23-219 ntpd[16587]: Listen normally on 14 cali503f030177a fe80::ecee:eeff:feee:eeee UDP 123
Apr 18 09:27:38 172-16-23-219 ntpd[16587]: Listen normally on 15 eth0 fe80::f881:3eff:fed1:f300 UDP 123
Apr 18 09:27:38 172-16-23-219 ntpd[16587]: Listening on routing socket on fd #32 for interface updates
Apr 18 09:27:38 172-16-23-219 ntpd[16587]: 0.0.0.0 c016 06 restart
Apr 18 09:27:38 172-16-23-219 ntpd[16587]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
Apr 18 09:27:38 172-16-23-219 ntpd[16587]: 0.0.0.0 c011 01 freq_not_set
Apr 18 09:27:38 172-16-23-219 ntpd[16587]: Cannot find user `ntp'
Apr 18 09:27:38 172-16-23-219 systemd[1]: ntpd.service: main process exited, code=exited, status=255/n/a
Apr 18 09:27:38 172-16-23-219 systemd[1]: Unit ntpd.service entered failed state.
Apr 18 09:27:38 172-16-23-219 systemd[1]: ntpd.service failed.
## 或者是:
# systemctl status ntpd
ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: Listen normally on 12 caliae05d320986 fe80::ecee:eeff:feee:eeee UDP 123
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: Listen normally on 13 calib3c53cc58f8 fe80::ecee:eeff:feee:eeee UDP 123
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: Listen normally on 14 cali503f030177a fe80::ecee:eeff:feee:eeee UDP 123
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: Listen normally on 15 eth0 fe80::f881:3eff:fed1:f300 UDP 123
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: Listening on routing socket on fd #32 for interface updates
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: 0.0.0.0 c016 06 restart
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: 0.0.0.0 c011 01 freq_not_set
Apr 18 09:40:32 172-16-23-219 ntpd[5295]: Cannot find group `ntp'
Apr 18 09:40:32 172-16-23-219 systemd[1]: Started Network Time Service.
- 错误原因
- 卸载重装autogen-libopts前没把ntp卸载掉
- 卸载ntp没卸载干净,没把ntpdate卸载干净
- 解决方法
- 找一个成功安装ntp的服务器,对比/etc/passwd 以及/etc/group文件,将ntp相关的用户以及用户组,copy到错误的机器对应文件中
- /etc/passwd:
ntp:x:38:38::/etc/ntp:/sbin/nologin
- /etc/group
ntp:x:38:
- 重启ntp
systemctl restart ntpd
- 完全卸载ntp在重装
yum remove ntp
yum remove ntpdate
yum install -y ntp
vi /etc/ntp.conf
systemctl start ntpd //启动
systemctl stop ntpd //停止
systemctl status ntpd //查看服务状态
systemctl enable ntpd //设置开机自启
如果卸载了服务,查看服务状态,服务还在,请刷新systemctl的缓存
systemctl daemon-reload
systemctl reset-failed