By default, GreenRADIUS uses the hardware clock to provide the system time.
The date command allows you to access and edit the system time relative to the current timezone:
~$ date Mon Jun 10 22:10:31 UTC 2019
The timezone can be changed using the timedatectl command:
sudo timedatectl set-timezone <timezone>
A complete list of timezone specifiers can be obtained by running:
sudo timedatectl list-timezones | less
Once the timezone has been correctly set, use these commands to edit the system date and time.
sudo timedatectl set-time YYYY-MM-DD
sudo timedatectl set-time HH:MM:SS
(Time synchronization may be enabled, which may prevent manually updating the date and time. This can be disabled with this command:
sudo timedatectl set-ntp 0. To re-enable time synchronization:
sudo timedatectl set-ntp 1.)
If the system clock is already set when the timezone is changed, setting the timezone adjusts the system clock to remain temporally consistent. For example, the UTC tiemzone is 7 hours ahead of PDT. Therefore if the system clock registers ‘08:15 UTC’ and then timezone is changed to PDT, the system will now display ‘01:15 PDT’, which is the equivalent time.
Setting the clock back in time often has disastrous consequences for long-running programs which depend on the clock always moving forward. This should be avoided whenever possible.
NTP (Network Time Protocol) allows you to synchronize the clocks of multiple servers to a single canonical source over the network. NTP is designed to correct for network latency and ensure that all server clocks are synchronized and monotonic (they never move backwards while adjusting to synchronize with each other.) This section explains how to configure the NTP client on your GreenRADIUS instances, providing greater consistency in timestamps and logging data.
Out of the box, GreenRADIUS comes with NTP synchronization available but not
activated. To use NTP, first ensure that NTP is enabled with the
sudo timedatectl set-ntp true command. Next, configure NTP sources by
You can add NTP servers by adding lines of the form
NTP=<IP address or hostname of server> at the marked location
in the file. Once the file is edited and saved, you'll need to restart the
time server by running
sudo systemctl restart systemd-timesyncd.
If NTP servers are configured and NTP is enabled,
sudo timedatectl show-timesync --all will
display detailed synchronization info for the configured NTP providers.
© 2023 Green Rocket Security Inc. All rights reserved.