# net/ntp startup twice or more? in boot time.



## epopen (May 17, 2021)

Hi all

I have a question, can help debug? 

I using net/ntp for time synchronization.
rc script file /usr/local/etc/rc.conf.d/ntpd added as below


```
ntpd_enable="YES"
ntpd_program="/usr/local/sbin/ntpd"     # path to ntpd, if you want a different one.
ntpd_config="/usr/local/etc/ntp.conf"   # ntpd(8) configuration file
ntpd_sync_on_start="YES"                # Sync time on ntpd startup, even if offset is high
```

Content of /usr/local/etc/ntp.conf

```
tos minclock 3 maxclock 6

pool 0.freebsd.pool.ntp.org iburst maxpoll 9
pool 1.freebsd.pool.ntp.org iburst maxpoll 9
pool pool.ntp.org iburst maxpoll 9
server time.nist.gov iburst maxpoll 9
server clock.stdtime.gov.tw iburst maxpoll 9

restrict default limited kod nomodify notrap noquery nopeer
restrict source  limited kod nomodify notrap noquery

restrict default ignore
restrict -6 default ignore

restrict 0.freebsd.pool.ntp.org nomodify nopeer noquery notrap
restrict 1.freebsd.pool.ntp.org nomodify nopeer noquery notrap
restrict pool.ntp.org nomodify nopeer noquery notrap
restrict time.nist.gov nomodify nopeer noquery notrap
restrict clock.stdtime.gov.tw nomodify nopeer noquery notrap

restrict 127.0.0.1
restrict ::1

leapfile "/var/db/ntpd.leap-seconds.list"
```

And reboot and got message as below.

```
May 17 09:36:03 epopen ntpd[48704]: ntpd 4.2.8p15@1.3728-o Sat Apr 17 17:18:14 UTC 2021 (1): Starting
May 17 09:36:03 epopen ntpd[48704]: Command line: /usr/local/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /usr/local/etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
May 17 09:36:03 epopen ntpd[48704]: ----------------------------------------------------
May 17 09:36:03 epopen ntpd[48704]: ntp-4 is maintained by Network Time Foundation,
May 17 09:36:03 epopen ntpd[48704]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
May 17 09:36:03 epopen ntpd[48704]: corporation.  Support and training for ntp-4 are
May 17 09:36:03 epopen ntpd[48704]: available at https://www.nwtime.org/support
May 17 09:36:03 epopen ntpd[48704]: ----------------------------------------------------
May 17 09:36:03 epopen ntpd[76188]: Cannot set RLIMIT_MEMLOCK: Operation not permitted
May 17 09:36:10 epopen ntpd[93739]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 17 09:36:10 epopen ntpd[93739]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 17 09:36:11 epopen ntpd[76188]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 17 09:36:11 epopen ntpd[76188]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 17 09:36:11 epopen ntpd[76188]: unable to bind to wildcard address :: - another process may be running - EXITING
May 17 09:36:11 epopen ntpd[48704]: daemon child exited with code 1
May 17 09:36:11 epopen root[33]: /etc/rc: WARNING: failed to start ntpd
```

Twice/more daemon started and got error message.

One of ntpd daemon started as below

```
ntpd      93739   0.0  0.1  21392   4844  -  Ss   09:36    0:00.09 /usr/local/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /usr/local/etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
```

I tried to

Trace by `sh -x /etc/rc.d/ntpd start`, only one start-up.
View file /etc/rc.d/ntpd, can not find problem.
Use base version of `ntpd` (ntpd_program="/usr/sbin/ntpd" @  /usr/local/etc/rc.conf.d/ntpd), and reboot, work fine(only one start-up) *EDIT:Same issue*.
I had no idea how to troubleshoot, can help me?
Thanks a lot.


----------



## bakul (May 17, 2021)

I think you just need the four variables you quoted in /etc/rc.conf. Nothing else.


----------



## gpw928 (May 17, 2021)

I suspect that you are starting ntpd from both /etc/rc.d/ntpd and /usr/local/etc/rc.conf.d/ntpd.

If so, what happens if you remove /usr/local/etc/rc.conf.d/ntpd?


----------



## gpw928 (May 17, 2021)

If this works, it begs the question why you have two NTP daemons configured. 
 Normally you would just `pkg install ntp`, which would install /usr/sbin/ntpd, and you would use this configuration:
	
	



```
[ritz.204] $ grep ntp /etc/rc.conf
ntpd_enable="YES"
ntpd_sync_on_start="YES"
```
You can remove the port with `make deinstall` (from  the directory /usr/ports/net/ntp).


----------



## SirDice (May 17, 2021)

gpw928 said:


> Normally you would just `pkg install ntp`, which would install /usr/sbin/ntpd,


net/ntp installs /usr/local/sbin/ntpd, /usr/sbin/ntpd is part of the base OS.


----------



## epopen (May 17, 2021)

gpw928 said:


> I suspect that you are starting ntpd from both /etc/rc.d/ntpd and /usr/local/etc/rc.conf.d/ntpd.
> 
> If so, what happens if you remove /usr/local/etc/rc.conf.d/ntpd?


Thanks your answer. 

I had been remove /usr/local/etc/rc.conf.d/ntpd
Result: `ntpd` daemon won't start after reboot.


----------



## epopen (May 17, 2021)

SirDice said:


> net/ntp installs /usr/local/sbin/ntpd, /usr/sbin/ntpd is part of the base OS.


Yes, Thanks your answer.


----------



## epopen (May 17, 2021)

bakul said:


> I think you just need the four variables you quoted in /etc/rc.conf. Nothing else.


Thanks your answer 

Migrated into /etc/rc.conf and reboot, result as below

```
May 17 16:13:48 epopen ntpd[88630]: ntpd 4.2.8p15@1.3728-o Sat Apr 17 17:18:14 UTC 2021 (1): Starting
May 17 16:13:48 epopen ntpd[88630]: Command line: /usr/local/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /usr/local/etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
May 17 16:13:48 epopen ntpd[88630]: ----------------------------------------------------
May 17 16:13:48 epopen ntpd[88630]: ntp-4 is maintained by Network Time Foundation,
May 17 16:13:48 epopen ntpd[88630]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
May 17 16:13:48 epopen ntpd[88630]: corporation.  Support and training for ntp-4 are
May 17 16:13:48 epopen ntpd[88630]: available at https://www.nwtime.org/support
May 17 16:13:48 epopen ntpd[88630]: ----------------------------------------------------
May 17 16:13:48 epopen ntpd[34]: Cannot set RLIMIT_MEMLOCK: Operation not permitted
May 17 16:13:55 epopen ntpd[35]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 17 16:13:55 epopen ntpd[35]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 17 16:13:56 epopen ntpd[34]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 17 16:13:56 epopen ntpd[34]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 17 16:13:56 epopen ntpd[34]: unable to bind to wildcard address :: - another process may be running - EXITING
May 17 16:13:56 epopen ntpd[88630]: daemon child exited with code 1
May 17 16:13:56 epopen root[50717]: /etc/rc: WARNING: failed to start ntpd
```

Same twice startup.


----------



## covacat (May 17, 2021)

chmod -x one of /etc/rc.d/ntpd  and /usr/local/etc/rc.d/ntpd, kill all ntpd daemons and try to start manually the remaining one (which is still +x)
you need to repeat the chmod after updating the port/base


----------



## SirDice (May 17, 2021)

There is no /usr/local/etc/rc.d/ntpd with net/ntp. It uses /etc/rc.d/ntpd to start, that's why `ntpd_program` needs to be set.



epopen said:


> ```
> ntpd_config="/usr/local/etc/ntp.conf"
> ```


I would suggest using /etc/ntp.conf and not setting this.


----------



## epopen (May 17, 2021)

covacat said:


> chmod -x one of /etc/rc.d/ntpd  and /usr/local/etc/rc.d/ntpd, kill all ntpd daemons and try to start manually the remaining one (which is still +x)
> you need to repeat the chmod after updating the port/base


Thanks your answer 
Both files status as below
`ls -l /etc/rc.d/ntpd
-r-xr-xr-x  1 root  wheel  7280  May  9 03:44 /etc/rc.d/ntpd`
`ls -l /usr/local/etc/rc.d/ntpd
ls: /usr/local/etc/rc.d/ntpd: No such file or directory`
Version of ports does not install /usr/local/etc/rc.d/ntpd


----------



## bakul (May 17, 2021)

I just tried this in a VM running freebsd-13.0 and it worked fine. I am guessing you’re missing something. There should be nothing ntp related in /usr/local/etc. `grep ntp /etc/rc.conf`. You should see 3 variables. Remove the `ntpd_config` variable if there. Also `sudo killall ntpd` just to make sure there is no running instance and then do `sudo service ntpd start`.


----------



## epopen (May 18, 2021)

bakul said:


> I just tried this in a VM running freebsd-13.0 and it worked fine. I am guessing you’re missing something. There should be nothing ntp related in /usr/local/etc. `grep ntp /etc/rc.conf`. You should see 3 variables. Remove the `ntpd_config` variable if there. Also `sudo killall ntpd` just to make sure there is no running instance and then do `sudo service ntpd start`.


Thanks your answer 

ntp related in /usr/local/etc
Cleared, /usr/local/etc/ntp.conf move to /etc/ntp.conf
`grep ntp /etc/rc.conf`

```
# grep ntp /etc/rc.conf
ntpd_enable="YES"
ntpd_program="/usr/local/sbin/ntpd"  # path to ntpd, if you want a different one.
ntpd_sync_on_start="YES"             # Sync time on ntpd startup, even if offset is high
```

Reboot
`less /var/log/messages`

```
May 18 09:58:29 epopen ntpd[38]: ntpd 4.2.8p15@1.3728-o Sat Apr 17 17:18:14 UTC 2021 (1): Starting
May 18 09:58:29 epopen ntpd[38]: Command line: /usr/local/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
May 18 09:58:29 epopen ntpd[38]: ----------------------------------------------------
May 18 09:58:29 epopen ntpd[38]: ntp-4 is maintained by Network Time Foundation,
May 18 09:58:29 epopen ntpd[38]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
May 18 09:58:29 epopen ntpd[38]: corporation.  Support and training for ntp-4 are
May 18 09:58:29 epopen ntpd[38]: available at https://www.nwtime.org/support
May 18 09:58:29 epopen ntpd[38]: ----------------------------------------------------
May 18 09:58:29 epopen ntpd[79840]: Cannot set RLIMIT_MEMLOCK: Operation not permitted
May 18 09:58:32 epopen ntpd[79840]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 18 09:58:32 epopen ntpd[79840]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 18 09:58:37 epopen ntpd[63233]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 18 09:58:37 epopen ntpd[63233]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 18 09:58:37 epopen ntpd[63233]: unable to bind to wildcard address :: - another process may be running - EXITING
May 18 09:58:37 epopen ntpd[21270]: daemon child exited with code 1
May 18 09:58:37 epopen root[64443]: /etc/rc.d/ntpd: WARNING: failed to start ntpd
```

Sorry, got same problem


----------



## gpw928 (May 18, 2021)

There is still something odd about your configuration, and something we can't see.  Here is what an unmolested working setup looks like (ntp.conf has some local changes):
	
	



```
[sherman.129] $ uname -r
12.2-RELEASE-p6
[sherman.130] $ ls -lad /etc/ntp.conf /usr/sbin/ntpd
-rw-r--r--  1 root  wheel    4837 Jan  6 16:16 /etc/ntp.conf
-r-xr-xr-x  1 root  wheel  861120 Jan  6 16:17 /usr/sbin/ntpd
[sherman.131] $ grep ntp /etc/rc.conf
ntpdate_enable="YES"
ntpd_enable="YES"
```
As SirDice pointed out, ntp is part of the base release.  You don't need to add any ports, packages, or configuration files.  They all pre-exist.
Get rid of everything related to ntp in /usr/local and start again.


----------



## SirDice (May 18, 2021)

epopen said:


> ```
> May 18 09:58:37 epopen ntpd[63233]: unable to bind to wildcard address :: - another process may be running - EXITING
> ```


Maybe we're looking at it all wrong. This just says there's something else listening on the port. That doesn't necessarily mean it's being started twice. After you booted, what does `sockstat -46` tell you is listening on port 123?


----------



## bakul (May 18, 2021)

There are quite a few instance of ntpd running, with pids 38, 79840, 63233, 21270. and at least two read ntp.leap-seconds.list. There also seem to be far too many processes running after reboot. 

I'd also recommend running `lsof -i udp:ntp` to see which process is holding 123. May be epopen needs to show us the full /etc/rc.conf (after anonymizing ip addresses).


----------



## covacat (May 18, 2021)

turn off build option WITH_FORK_BOMB


----------



## epopen (May 18, 2021)

SirDice said:


> Maybe we're looking at it all wrong. This just says there's something else listening on the port. That doesn't necessarily mean it's being started twice. After you booted, what does `sockstat -46` tell you is listening on port 123?


Thanks your answer 

Now, either base or ports version of `ntpd` same issue, therefore use base version only as below
`grep ntp /etc/rc.conf`

```
ntpd_enable="YES"
ntpd_sync_on_start="YES"        # Sync time on ntpd startup, even if offset is high
```

/etc/ntp.conf and output of `less /var/log/messages` same #1 so don't show again.

Listen port by `sockstat -46|grep 123`

```
ntpd     ntpd       64863 20 udp6   *:123                 *:*
ntpd     ntpd       64863 21 udp4   *:123                 *:*
ntpd     ntpd       64863 22 udp6   ::1:123               *:*
ntpd     ntpd       64863 23 udp6   fe80::1%lo0:123       *:*
ntpd     ntpd       64863 24 udp4   127.0.0.1:123         *:*

NIC#1
ntpd     ntpd       64863 25 udp6   fe80::d8d1:8b4b:9c62:b853%ng0:123 *:*
ntpd     ntpd       64863 26 udp4   122.117.86.253:123    *:*
ntpd     ntpd       64863 27 udp6   2001:b011:a480:67b9:d8d1:8b4b:9c62:b853:123 *:*
ntpd     ntpd       64863 28 udp6   2001:b011:a480:67b9:f5ee:ffd:7714:277b:123 *:*
ntpd     ntpd       64863 29 udp6   fd00::ffff:a00:3fe:123 *:*

NIC#2
ntpd     ntpd       64863 30 udp6   fe80::ac:95ff:fec4:e19e%ng_vimage0:123 *:*
ntpd     ntpd       64863 31 udp4   10.0.3.254:123        *:*
```

All of interface listening.
I had been tried directive "interface listen wildcard" @ /etc/ntp.conf and got result

```
ntpd     ntpd       42    20 udp6   *:123                 *:*
ntpd     ntpd       42    21 udp4   *:123                 *:*
ntpd     ntpd       42    22 udp6   ::1:123               *:*
ntpd     ntpd       42    23 udp4   127.0.0.1:123         *:*
```

But issue same.


----------



## epopen (May 18, 2021)

bakul said:


> I just tried this in a VM running freebsd-13.0 and it worked fine. I am guessing you’re missing something. There should be nothing ntp related in /usr/local/etc. `grep ntp /etc/rc.conf`. You should see 3 variables. Remove the `ntpd_config` variable if there. Also `sudo killall ntpd` just to make sure there is no running instance and then do `sudo service ntpd start`.


Thanks your answer
Yes, I had been removed `ntpd_config` variable as below
`grep ntp /etc/rc.conf`

```
ntpd_enable="YES"
ntpd_sync_on_start="YES"        # Sync time on ntpd startup, even if offset is high
```

Reboot and got message as below

```
May 18 23:01:05 epopen ntpd[88511]: ntpd 4.2.8p15-a (1): Starting
May 18 23:01:05 epopen ntpd[88511]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
May 18 23:01:05 epopen ntpd[88511]: ----------------------------------------------------
May 18 23:01:05 epopen ntpd[88511]: ntp-4 is maintained by Network Time Foundation,
May 18 23:01:05 epopen ntpd[88511]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
May 18 23:01:05 epopen ntpd[88511]: corporation.  Support and training for ntp-4 are
May 18 23:01:05 epopen ntpd[88511]: available at https://www.nwtime.org/support
May 18 23:01:05 epopen ntpd[88511]: ----------------------------------------------------
May 18 23:01:08 epopen ntpd[94891]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 18 23:01:08 epopen ntpd[94891]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 18 23:01:12 epopen ntpd[63294]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 18 23:01:12 epopen ntpd[63294]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 18 23:01:12 epopen ntpd[63294]: unable to bind to wildcard address :: - another process may be running - EXITING
```

Next, service ntpd stop as 
`# service ntpd stop
Stopping ntpd.
Waiting for PIDS: 94891.`

Make sure nothing listen ntp port as below.
`# sockstat -46 | grep :123
#`

Start service ntpd as `# service ntpd start`

Result as below

```
May 18 23:17:12 epopen ntpd[44]: ntpd 4.2.8p15-a (1): Starting
May 18 23:17:12 epopen ntpd[44]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
May 18 23:17:12 epopen ntpd[44]: ----------------------------------------------------
May 18 23:17:12 epopen ntpd[44]: ntp-4 is maintained by Network Time Foundation,
May 18 23:17:12 epopen ntpd[44]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
May 18 23:17:12 epopen ntpd[44]: corporation.  Support and training for ntp-4 are
May 18 23:17:12 epopen ntpd[44]: available at https://www.nwtime.org/support
May 18 23:17:12 epopen ntpd[44]: ----------------------------------------------------
May 18 23:17:19 epopen ntpd[65042]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 18 23:17:19 epopen ntpd[65042]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
```

Behavior of service ntpd start at boot time/manually different


----------



## epopen (May 18, 2021)

bakul said:


> There are quite a few instance of ntpd running, with pids 38, 79840, 63233, 21270. and at least two read ntp.leap-seconds.list. There also seem to be far too many processes running after reboot.
> 
> I'd also recommend running `lsof -i udp:ntp` to see which process is holding 123. May be epopen needs to show us the full /etc/rc.conf (after anonymizing ip addresses).


Thanks your answer 
Result of `# lsof -i udp:ntp`

```
lsof: WARNING: no ZFS support has been defined.
      See 00FAQ for more information.
COMMAND   PID USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
ntpd    65042 ntpd   20u  IPv6 0xfffff80019bc6e40      0t0  UDP *:ntp
ntpd    65042 ntpd   21u  IPv4 0xfffff80019bc6e60      0t0  UDP *:ntp
ntpd    65042 ntpd   22u  IPv6 0xfffff80019bc6e20      0t0  UDP localhost:ntp
ntpd    65042 ntpd   23u  IPv6 0xfffff80019bc6e00      0t0  UDP [fe80:2::1]:ntp
ntpd    65042 ntpd   24u  IPv4 0xfffff80019bc6de0      0t0  UDP localhost:ntp
ntpd    65042 ntpd   25u  IPv6 0xfffff80019bc6dc0      0t0  UDP [fe80:5::44bf:146f:862f:e31c]:ntp
ntpd    65042 ntpd   26u  IPv4 0xfffff80019bc6da0      0t0  UDP mail.epopen.com:ntp
ntpd    65042 ntpd   27u  IPv6 0xfffff80019bc6d80      0t0  UDP 2001-b011-a480-2642-44bf-146f-862f-e31c.dynamic-ip6.hinet.net:ntp
ntpd    65042 ntpd   28u  IPv6 0xfffff80019bc6d40      0t0  UDP 2001-b011-a480-2642-1d03-5eea-5e06-7ce4.dynamic-ip6.hinet.net:ntp
ntpd    65042 ntpd   29u  IPv6 0xfffff80019bc6d60      0t0  UDP host.epopen.com:ntp
ntpd    65042 ntpd   30u  IPv6 0xfffff80019bc6d20      0t0  UDP [fe80:6::ac:95ff:fec4:e19e]:ntp
ntpd    65042 ntpd   31u  IPv4 0xfffff80019bc6d00      0t0  UDP host.epopen.com:ntp
```

About /etc/rc.conf, full version as below(line of comment removed)

```
kld_list="/boot/modules/i915kms.ko"
keymap="us.iso"
cursor="blink"
ipv6_cpe_wanif="ng0"
zfs_enable="YES"
ntpd_enable="YES"
ntpd_sync_on_start="YES"                # Sync time on ntpd startup, even if offset is high
```

Addition, result of `# grep ntpd -irs /etc`

```
/etc/rc.d/rpcbind:# REQUIRE: NETWORKING ntpdate syslogd
/etc/rc.d/ntpdate:# PROVIDE: ntpdate
...
/etc/rc.d/ntpdate:        ${ntpdate_program:-ntpdate} $rc_flags $ntpdate_hosts
/etc/rc.d/syslogd:    #    If running named(8) or ntpd(8) chrooted, added appropriate
/etc/rc.d/ntpd:# PROVIDE: ntpd
...
/etc/rc.d/ntpd:    if ntpd_needfetch_leapfile ; then
/etc/ntp.conf:# Don't forget to enable ntpd in /etc/rc.conf with:
...
/etc/ntp.conf:leapfile "/var/db/ntpd.leap-seconds.list"
/etc/passwd:ntpd:*:123:123:NTP Daemon:/var/db/ntp:/usr/sbin/nologin
Binary file /etc/spwd.db matches
/etc/periodic/daily/480.leapfile-ntpd:case "$daily_ntpd_leapfile_enable" in
/etc/periodic/daily/480.leapfile-ntpd:    if service ntpd oneneedfetch; then
/etc/periodic/daily/480.leapfile-ntpd:        service ntpd onefetch
/etc/periodic/daily/480.status-ntpd:case "$daily_status_ntpd_enable" in
/etc/inetd.conf:#nntp    stream    tcp    nowait    news    /usr/local/libexec/nntpd    nntpd
/etc/ftpusers:ntpd
/etc/mtree/BSD.var.dist:        ntp             uname=ntpd gname=ntpd
/etc/group:ntpd:*:123:
/etc/defaults/rc.conf:ntpdate_enable="NO"        # Run ntpdate to sync time on boot (or NO).
...
/etc/defaults/rc.conf:ntp_db_leapfile="/var/db/ntpd.leap-seconds.list"
/etc/defaults/periodic.conf:# 480.leapfile-ntpd
/etc/defaults/periodic.conf:daily_ntpd_leapfile_enable="YES"            # Fetch NTP leapfile
/etc/defaults/periodic.conf:# 480.status-ntpd
/etc/defaults/periodic.conf:daily_status_ntpd_enable="NO"                # Check NTP status
/etc/rc.conf:ntpd_enable="YES"
/etc/rc.conf:ntpd_sync_on_start="YES"        # Sync time on ntpd startup, even if offset is high
Binary file /etc/pwd.db matches
/etc/master.passwd:ntpd:*:123:123::0:0:NTP Daemon:/var/db/ntp:/usr/sbin/nologin
/etc/periodic.conf:daily_status_ntpd_enable="YES"            # Check NTP status
```


----------



## bakul (May 18, 2021)

One more guess: you have one or more jails and you running ntpd on the host as well as a jail!


----------



## epopen (May 18, 2021)

covacat said:


> turn off build option WITH_FORK_BOMB


Thanks your answer

Sorry, I does not found it by `git grep -i WITH_FORK_BOMB` in /usr/ports, /usr/src and /etc
Can help to find it?

Thanks a lot.


----------



## epopen (May 18, 2021)

bakul said:


> One more guess: you have one or more jails and you running ntpd on the host as well as a jail!


Thanks you a lot
Yes, I have 4 jails, but only one ntpd service at host.


----------



## SirDice (May 18, 2021)

epopen said:


> Sorry, I does not found it by `git grep -i WITH_FORK_BOMB` in /usr/ports, /usr/src and /etc
> Can help to find it?


It's a nerd joke  Basically the UNIX equivalent of adding `NO_SMOKE=ON` to good ol' config.sys after your PSU released its magic smoke (in other words, it blew up).  


> A basic implementation of a fork bomb is an infinite loop that repeatedly launches new copies of itself.











						Fork bomb - Wikipedia
					






					en.wikipedia.org


----------



## epopen (May 18, 2021)

SirDice said:


> It's a nerd joke
> 
> 
> 
> ...



Thanks your explain, it is hard as non-native English guy as me, but it is very interest


----------



## bakul (May 19, 2021)

epopen said:


> Yes, I have 4 jails, but only one ntpd service at host.


The symptom matches starting two ntpd that bind to the same interfaces (or where IP address is wildcarded). That, coupled with observation of a very low pid (38) and very high pid (79840) made me think that the latter must have been started from a jail. I would double check what jails do.

fork-bomb is not english. It is unix-nerd-speak


----------



## epopen (May 19, 2021)

bakul said:


> The symptom matches starting two ntpd that bind to the same interfaces (or where IP address is wildcarded). That, coupled with observation of a very low pid (38) and very high pid (79840) made me think that the latter must have been started from a jail. I would double check what jails do.
> 
> fork-bomb is not english. It is unix-nerd-speak


Thanks your answser 

About jail...
I had been disable all of jail and it's NIC.
Result same issue as below

```
May 19 09:39:20 epopen ntpd[47923]: ntpd 4.2.8p15-a (1): Starting
May 19 09:39:20 epopen ntpd[47923]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
May 19 09:39:20 epopen ntpd[47923]: ----------------------------------------------------
May 19 09:39:20 epopen ntpd[47923]: ntp-4 is maintained by Network Time Foundation,
May 19 09:39:20 epopen ntpd[47923]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
May 19 09:39:20 epopen ntpd[47923]: corporation.  Support and training for ntp-4 are
May 19 09:39:20 epopen ntpd[47923]: available at https://www.nwtime.org/support
May 19 09:39:20 epopen ntpd[47923]: ----------------------------------------------------
May 19 09:39:20 epopen ntpd[75109]: ntpd 4.2.8p15-a (1): Starting
May 19 09:39:20 epopen ntpd[75109]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift -g
May 19 09:39:20 epopen ntpd[75109]: ----------------------------------------------------
May 19 09:39:20 epopen ntpd[75109]: ntp-4 is maintained by Network Time Foundation,
May 19 09:39:20 epopen ntpd[75109]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
May 19 09:39:20 epopen ntpd[75109]: corporation.  Support and training for ntp-4 are
May 19 09:39:20 epopen ntpd[75109]: available at https://www.nwtime.org/support
May 19 09:39:20 epopen ntpd[75109]: ----------------------------------------------------
May 19 09:39:29 epopen ntpd[49888]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 19 09:39:29 epopen ntpd[49888]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 19 09:39:32 epopen ntpd[34]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
May 19 09:39:32 epopen ntpd[34]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
May 19 09:39:32 epopen ntpd[34]: unable to bind to wildcard address :: - another process may be running - EXITING
```

Result of `sockstat -46 | grep :123` as below

```
ntpd     ntpd       49888 20 udp6   *:123                 *:*
ntpd     ntpd       49888 21 udp4   *:123                 *:*
ntpd     ntpd       49888 22 udp6   ::1:123               *:*
ntpd     ntpd       49888 23 udp6   fe80::1%lo0:123       *:*
ntpd     ntpd       49888 24 udp4   127.0.0.1:123         *:*
ntpd     ntpd       49888 25 udp6   fe80::a196:bb67:934e:3450%ng0:123 *:*
ntpd     ntpd       49888 26 udp4   122.117.86.253:123    *:*
ntpd     ntpd       49888 27 udp6   2001:b011:a480:47a3:a196:bb67:934e:3450:123 *:*
ntpd     ntpd       49888 28 udp6   2001:b011:a480:47a3:490d:4322:4c0f:d56d:123 *:*
```


----------



## epopen (May 21, 2021)

Hi All.

Have debug method similar `sh -x /etc/rc.d/ntpd start` at boot time?

Thanks a lot.


----------

