This is an old revision of the document!
Network Services Overview NTP
General Information
This page covers the Network Services objectives, specifically for NTP.
Network Services Objectives
- Install the packages needed to provide the service
- Configure SELinux to support the service
- Use SELinux port labeling to allow services to use non-standard ports
- Configure the service to start when the system is booted
- Configure the service for basic operation
- Configure host-based and user-based security for the service
Install the packages needed to provide the service
Install the service (default in RHEL 7)
yum install chrony
Configure SELinux to support the service
- Service agnostic → Ensure SELinux is running and enabled (RHCSA objective).
Use SELinux port labeling to allow services to use non-standard ports
Configuring the <service-name> with a non standard port and allowing port access with selinux.
NOTE: “man semanage-port” has examples for allowing non-standard ports!
Configure the service to start when the system is booted
Check Current Service Status
systemctl status chronyd
- Also displays if the service is enabled or disabled
Enabling a service to start on boot
systemctl enable chronyd
Configure the service for basic operation
Enable and Start the service
systemctl enable chronyd
systemctl start chronyd
Configure host-based and user-based security for the service
Firewall
Allow access through the firewall if you want other servers to sync to this system
firewall-cmd --permanent --add-service=ntp firewall-cmd --reload