1834855 – Network Time Security

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1834855 - Network Time Security

Summary: Network Time Security

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Changes Tracking
Sub Component:
Version:	33
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Miroslav Lichvar
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1872624
Blocks:	F33Changes
TreeView+	depends on / blocked

Reported:	2020-05-12 14:26 UTC by Ben Cotton
Modified:	2020-12-21 16:39 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-10-27 14:47:46 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ben Cotton 2020-05-12 14:26:44 UTC

This is a tracking bug for Change: Network Time Security
For more details, see: https://fedoraproject.org/wiki/Changes/NetworkTimeSecurity

Support for the Network Time Security (NTS) authentication mechanism in the NTP client/server (chrony) and installer (anaconda).

Comment 1 Miroslav Lichvar 2020-07-16 09:37:12 UTC

Pull request for NTS support in anaconda: https://github.com/rhinstaller/anaconda/pull/2738

Comment 2 Ben Cotton 2020-08-11 14:42:27 UTC

Branching F33 Change Tracker bugs.

Today is the code complete (testable) deadline. All bugs should be at least in MODIFIED state by now to indicate they are testable.

Comment 3 Miroslav Lichvar 2020-08-11 14:50:26 UTC

A chrony 4.0 prerelease with enabled NTS support is in rawhide. It doesn't use the newly assigned port for NTS-KE (4460) by default yet. An update to another prerelease and then final release is expected before Fedora 33 is released.

NTS support in anaconda was added in version 33.24.

Comment 4 Miroslav Lichvar 2020-08-26 09:09:33 UTC

chrony was updated to the latest prerelease, which uses the new NTS-KE port by default. Everything should be working as expected.

selinux-policy needs an update to allow connecting and binding to the port (bug #1872624).

Comment 5 Ben Cotton 2020-08-27 01:11:57 UTC

Yesterday we reached the Code complete (100% code complete) deadline for Fedora 33 Changes. If your Change is complete, please set this tracking bug to ON_QA. If you need to defer this Change to Fedora 34, please let NEEDINFO me.

As a reminder, we are now in the Beta Freeze. If you need to land package updates, please propose it as a Freeze Exception at https://qa.fedoraproject.org/blockerbugs/propose_bug

Comment 6 Miroslav Lichvar 2020-10-08 09:14:02 UTC

The final chrony-4.0 is now in updates testing.

Comment 7 Ben Cotton 2020-10-27 14:47:46 UTC

Closing tracking bugs for F33. If your change didn't make it into F33 for some reason, please reopen this and NEEDINFO me.

Note You need to log in before you can comment on or make changes to this bug.