====== Network Services Overview NTP ======
**General Information**
This page covers the Network Services objectives, specifically for NTP.
**Network Services Objectives**
* Install the packages needed to provide the service
* Configure SELinux to support the service
* Use SELinux port labeling to allow services to use non-standard ports
* Configure the service to start when the system is booted
* Configure the service for basic operation
* Configure host-based and user-based security for the service
----
====== Lab Setup ======
The following virtual machines will be used:
* ipa.example.com (192.168.1.152) -> Central Time Server
* server1.example.com (192.168.1.150) -> NTP Server1 syncs with central (also peers with server2)
* server2.example.com (192.168.1.151) -> NTP Server2 syncs with central (also peers with server1)
----
====== Install the packages needed to provide the service ======
Install the service (default in RHEL 7)
yum install chrony
----
====== Configure SELinux to support the service ======
* Service agnostic -> [[linux_wiki:set_enforcing_and_permissive_modes_for_selinux|Ensure SELinux is running and enabled (RHCSA objective)]].
----
====== Use SELinux port labeling to allow services to use non-standard ports ======
Configuring the with a non standard port and allowing port access with selinux.
**NOTE**: "man semanage-port" has examples for allowing non-standard ports!
----
====== Configure the service to start when the system is booted ======
Check Current Service Status
systemctl status chronyd
* Also displays if the service is enabled or disabled
\\
Enabling a service to start on boot
systemctl enable chronyd
----
====== Configure the service for basic operation ======
Enable and Start the service
systemctl enable chronyd
systemctl start chronyd
----
====== Configure host-based and user-based security for the service ======
===== Firewall =====
Allow access through the firewall if you want other servers to sync to this system
firewall-cmd --permanent --add-service=ntp
firewall-cmd --reload
===== Host Based =====
===== User Based =====
----