General Information

This page covers the Network Services objectives, specifically for NTP.

Network Services Objectives

• Install the packages needed to provide the service
• Configure SELinux to support the service
• Use SELinux port labeling to allow services to use non-standard ports
• Configure the service to start when the system is booted
• Configure the service for basic operation
• Configure host-based and user-based security for the service

The following virtual machines will be used:

• ipa.example.com (192.168.1.152) → Central Time Server
• server1.example.com (192.168.1.150) → NTP Server1 syncs with central (also peers with server2)
• server2.example.com (192.168.1.151) → NTP Server2 syncs with central (also peers with server1)

Install the service (default in RHEL 7)

yum install chrony

• Service agnostic → Ensure SELinux is running and enabled (RHCSA objective).

Configuring the <service-name> with a non standard port and allowing port access with selinux.

NOTE: “man semanage-port” has examples for allowing non-standard ports!

Check Current Service Status

systemctl status chronyd

• Also displays if the service is enabled or disabled

Enabling a service to start on boot

systemctl enable chronyd

Enable and Start the service

systemctl enable chronyd
systemctl start chronyd

Allow access through the firewall if you want other servers to sync to this system

firewall-cmd --permanent --add-service=ntp
firewall-cmd --reload