Bu arzimas ish bir juma kuni tushdan keyin paydo bo'ldi va 2-3 daqiqa vaqt olishi kerak edi. Umuman olganda, har doimgidek.
Bir hamkasbim o'z serveridagi skriptni tuzatishimni so'radi. Men buni qildim, uni unga berdim va beixtiyor tashlab qo'ydim: "Vaqt 5 daqiqa tez." Sinxronizatsiyani serverga o'zi boshqarishiga ruxsat bering. Yarim soat, bir soat o'tdi, u hamon puflab, jimgina la'natladi.
“Ahmoq! — Men server konsoliga o‘tib, o‘yladim — mayli, yana bir necha daqiqa tanaffus qilaman.
Ko'raylikchi ntp, rdate, sdwdate o'rnatilmagan vaqt sinxronlashi o'chirilgan va ishlamaydi.
# timedatectl
Local time: Sun 2019-08-25 20:44:39 +03
Universal time: Sun 2019-08-25 17:44:39 UTC
RTC time: Sun 2019-08-25 17:39:52
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: no
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Bu erda men darhol apparat vaqti to'g'ri ekanligini ta'kidlayman: keyingi harakat qilish osonroq bo'ladi.
Xatolar ketma-ketligi shu erda boshlandi.
Birinchi xato. O'zini o'zi ishonch
Klik-klik...
# systemctl enable systemd-timesyncd.service && systemctl start systemd-timesyncd.service && ntpdate 0.ru.pool.ntp.org && timedatectl set-ntp on && timedatectl
25 Aug 21:00:10 ntpdate[28114]: adjust time server 195.210.189.106 offset -249.015251 sec
Local time: Sun 2019-08-25 21:00:10 +03
Universal time: Sun 2019-08-25 18:00:10 UTC
RTC time: Sun 2019-08-25 18:00:10
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
Hammasi yaxshi, vaqt sinxronlashtirildi, tizim vaqti apparatga mos keladi. “Oling,” dedim va ishimga qaytdim.
“Nima oling? - g'azablandi hamkasbi. "Bu bir xil vaqt!"
Qanchalik odatiy masalalarni yechsangiz, fikringiz shunchalik ko'p miltillaydi va endi yuzinchi yoki minginchi vaziyat boshqacha bo'ladi, deb o'ylamaysiz, lekin bu safar emas.
# timedatectl
Local time: Sun 2019-08-25 21:09:15 +03
Universal time: Sun 2019-08-25 18:09:15 UTC
RTC time: Sun 2019-08-25 18:05:04
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Tizim vaqti yana noto'g'ri.
Keling, yana urinib ko'ramiz:
# ntpdate 0.ru.pool.ntp.org && timedatectl && sleep 1 && timedatectl
25 Aug 21:07:37 ntpdate[30350]: step time server 89.175.20.7 offset -249.220828 sec
Local time: Sun 2019-08-25 21:07:37 +03
Universal time: Sun 2019-08-25 18:07:37 UTC
RTC time: Sun 2019-08-25 18:07:37
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
Local time: Sun 2019-08-25 21:11:46 +03
Universal time: Sun 2019-08-25 18:11:46 UTC
RTC time: Sun 2019-08-25 18:07:37
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Keling, buni boshqacha qilaylik:
# date -s "2019-08-25 21:10:30" && date && sleep 1 && timedatectl
Sun Aug 25 21:10:30 +03 2019
Sun Aug 25 21:10:30 +03 2019
Local time: Sun 2019-08-25 21:14:36 +03
Universal time: Sun 2019-08-25 18:14:36 UTC
RTC time: Sun 2019-08-25 18:10:30
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Va shunga o'xshash:
# hwclock --hctosys && timedatectl && sleep 1 && timedatectl
Local time: Sun 2019-08-25 21:11:31 +03
Universal time: Sun 2019-08-25 18:11:31 UTC
RTC time: Sun 2019-08-25 18:11:31
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
Local time: Sun 2019-08-25 21:15:36 +03
Universal time: Sun 2019-08-25 18:15:36 UTC
RTC time: Sun 2019-08-25 18:11:32
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Vaqt bir soniya uchun o'rnatiladi va darhol yana "shoshilish" boshlanadi.
Shu bilan birga, jurnallarda, bunday qo'lda o'zgartirish vaqtida, biz faqat tizim hisobotlarini ko'ramiz, vaqt mos ravishda, to'g'ri/noto'g'ri yo'nalishda va vaqti-vaqti bilan o'zgargan. Qayta sinxronlash systemd-timesyncd dan.
Aug 25 21:18:51 wisi systemd[1]: Time has been changed
Aug 25 21:18:51 wisi systemd-timesyncd[29258]: System time changed. Resyncing.
Aug 25 21:18:51 wisi systemd[1187]: Time has been changed
Aug 25 21:18:51 wisi systemd[1]: Time has been changed
Aug 25 21:18:51 wisi systemd[1187]: Time has been changed
shu yerda
# ps afx | grep "[1]187"
1187 ? Ss 0:02 /lib/systemd/systemd --user
Shu nuqtada, buning sababini izlash kerak edi, ammo 18 yillik boshqaruv davomida miya "vaqt" xatolari bo'yicha statistik ma'lumotlarni to'pladi va odat bo'yicha yana sinxronizatsiyani ayblaydi.
Keling, uni butunlay o'chirib qo'yaylik.
# timedatectl set-ntp off && systemctl stop systemd-timesyncd.service
# hwclock --hctosys && timedatectl && sleep 1 && timedatectl
Local time: Sun 2019-08-25 21:25:40 +03
Universal time: Sun 2019-08-25 18:25:40 UTC
RTC time: Sun 2019-08-25 18:25:40
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: no
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Local time: Sun 2019-08-25 21:29:31 +03
Universal time: Sun 2019-08-25 18:29:31 UTC
RTC time: Sun 2019-08-25 18:25:41
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: no
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
va jurnallarda
Aug 25 21:25:40 wisi systemd[1]: Time has been changed
Aug 25 21:25:40 wisi systemd[1187]: Time has been changed
Aug 25 21:29:30 wisi systemd[1]: Time has been changed
Aug 25 21:29:30 wisi systemd[1187]: Time has been changed
Qayta sinxronlash g'oyib bo'ldi va aks holda jurnallar toza.
Xulosalarni tekshirish tcpdump barcha interfeyslarda 123-portda. Hech qanday so'rov yo'q, lekin vaqt hali ham o'tmoqda.
Ikkinchi xato. Shoshqin
Ish haftasi tugashiga bir soat qoldi, men arzimagan hal qilinmagan muammo bilan hafta oxiriga ketishni istamayman (koddagi vaqtga e'tibor bermang, maqola keyingi kunlarda yozilgan. ).
Va bu erda yana sababni izlash o'rniga, men natijani tushuntirishga harakat qila boshladim. Men "ixtiro qilish" deyman, chunki natijani tushuntirish qanchalik mantiqiy bo'lmasin, bu muammoni hal qilishda noto'g'ri yondashuv.
Ushbu server oqimli server bo'lib, DVB-S2 oqimini IP ga o'zgartiradi. DVB-S oqimi vaqt belgilarini o'z ichiga oladi, shuning uchun qabul qiluvchilar, multipleksorlar, skramblerlar va televizorlar ko'pincha tizim soatini sinxronlashtirish uchun ulardan foydalanadilar. DVB-S platasi drayverlari yadroga o'rnatilgan, shuning uchun DVB-S2 oqimini olib tashlashni ta'minlashning eng tezkor usuli "plastinkalar" dan keladigan kabellarni ajratishdir. Yaxshiyamki, server devor orqasida, shuning uchun ham shunday bo'lsin.
Albatta, agar jurnallar u erda bo'lishi kerak bo'lgan narsalarni o'z ichiga olgan bo'lsa, bu sodir bo'lmagan bo'lardi, lekin bu haqda yana maqolaning oxirida.
Xo'sh, biz barcha sun'iy yo'ldosh signallarini o'chirib tashlaganimiz sababli, biz er usti signallarini ham olib tashlaymiz - shu bilan birga biz barcha tarmoq kabellarini tortib olamiz. Server tashqi dunyodan uzilib qoladi va to'liq avtonom ishlaydi, lekin tizim soati hali ham shoshilmoqda.
Ish haftasi tugadi va sana/vaqt masalasining o'zi muhim emas, shuning uchun siz shunchaki uyga borishingiz mumkin, lekin bu erda men yangi xatoga yo'l qo'ydim.
Uchinchi xato. Maslahatchilar
Hech qachon! Hech qachon forumlarda va umumiy ixtisoslashgan (a la stackoverflow) saytlarda savol bermang, agar unga javob Google-ning birinchi sahifasini o'rganish va bitta odam sahifasini o'qishdan ko'proq narsani talab qilsa.
Ular sizni Google'ga qaytarib yuboradilar, o'sha odamni o'qiydilar va forum/sayt qoidalarini ommaga tushuntiradilar, lekin sizga javob bermaydilar.
Bu erda bir nechta ob'ektiv omillar mavjud:
- muammoni sizdan boshqa hech kim bila olmaydi;
- hech kim siz bilan bir xil sharoitlarda test o'tkaza olmaydi
va sub'ektiv:
- muammoni hal qilish uchun siz hamma narsani bera olmasligingiz mumkin, chunki siz allaqachon "to'g'ri" yo'nalishni o'ylab topgansiz va unga e'tibor qaratilayotgan masala mohiyatini taqdim etasiz;
- prorab (moderator, qariya, admin) har doim haq, agar usta nohaq bo'lsa... yaxshi bilasiz...
Agar sharhlarga javob berayotganda, siz tsenzura qilingan lug'at chegarasida qolgan bo'lsangiz, unda sizda kuchli asab bor.
qaror
Vazifalarni oddiy va murakkabga ajratishning hojati yo'q.
Biz tajribamizga, statistikamizga, maslahatchilarimizga tayanishni to'xtatamiz va yakuniy natijani "tushuntirishni" emas, balki doimiy ravishda sababni izlashni boshlaymiz.
Kimdir vaqtni belgilaganligi sababli, tegishli tizim qo'ng'irog'i sodir bo'lishi kerak.
Dasturiy ta'minot hujjatlarida eng yaxshi hujjatlar manbalar bo'lgani kabi, tizim boshqaruvida ham eng yaxshi yordamchi bu auditdir, bizning holatlarimizda. auditd.
Bir daqiqa shubhaMen manadan o'tdim, lekin Linuxda vaqtni faqat belgilash mumkinligiga to'liq ishonchim komil emas edi clock_set time и kunning vaqti, shuning uchun birinchi sinov uchun barcha "mos" qo'ng'iroqlarni tanladim:
# man syscalls | col | grep -F '(2)' | grep -vE '(:|;)' | grep -E '(time|date|clock)' | sed "s/(2).*//" | xargs -I SYSCALL echo "-S SYSCALL " | xargs echo
-S adjtimex -S clock_adjtime -S clock_getres -S clock_gettime -S clock_nanosleep -S clock_settime -S futimesat -S getitimer -S gettimeofday -S mq_timedreceive -S mq_timedsend -S rt_sigtimedwait -S s390_runtime_instr -S setitimer -S settimeofday -S stime -S time -S timer_create -S timer_delete -S timer_getoverrun -S timer_gettime -S timer_settime -S timerfd_create -S timerfd_gettime -S timerfd_settime -S times -S utime -S utimensat -S utimes
va tashlab yuborish s390_runtime_instr, stime, timerfd_create, qaysi auditctl uni tanimadi, dastlab quyidagi shaklda auditni boshladi:
auditctl -a exit,always -S adjtimex -S clock_adjtime -S clock_getres -S clock_nanosleep -S clock_settime -S futimesat -S getitimer -S gettimeofday -S mq_timedreceive -S mq_timedsend -S rt_sigtimedwait -S semtimedop -S setitimer -S settimeofday -S time -S timer_create -S timer_delete -S timer_getoverrun -S timer_gettime -S timer_settime -S timerfd_gettime -S timerfd_settime -S times -S utime -S utimensat -S utimesMen qiziqqan jurnallar joylarida boshqa jurnallar yo'qligiga ishonch hosil qilgandan so'ng syscall Bu ikkisidan tashqari, men faqat ulardan foydalanardim.
Tizim chaqiruvi auditini ishga tushirish clock_set time и kunning vaqti va sanani o'zgartirishga harakat qiling:
# auditctl -a exit,always -S clock_settime -S settimeofday && date -s "2019-08-22 12:10:00" && sleep 5 && auditctl -D
Bizning "parazitimiz" vaqtni to'g'rilash uchun kafolatlangan bo'lishi uchun besh soniya kechikish qo'shiladi.
Keling, hisobotni ko'rib chiqaylik:
# aureport -s -i
Syscall Report
=======================================
# date time syscall pid comm auid event
=======================================
Warning - freq is non-zero and incremental flushing not selected.
1. 08/22/2019 12:10:00 settimeofday 3088 chkcache_proces root 479630
2. 08/26/2019 09:37:06 clock_settime 1538 date root 479629
Bu erda biz o'zimizni ko'ramiz sana va bizga noma'lum chkcache_processes. Bu yuqoridagi hisobotda tugadi, chunki aureport ikkilikdan konvertatsiya qilishda chiqishni sana bo'yicha saralagan va voqea biz belgilagan vaqtda sodir bo'lgan. sana -s "2019-08-22 12:10:00".
Uni kim tug'di?
# ausearch -sc settimeofday --comm "chkcache_proces"
----
time->Thu Aug 22 12:10:00 2019
type=PROCTITLE msg=audit(1566465000.000:479630): proctitle="/usr/local/bin/oscam"
type=SYSCALL msg=audit(1566465000.000:479630): arch=c000003e syscall=164 success=yes exit=0 a0=7fde0dfc6e60 a1=0 a2=136cf a3=713ba56 items=0 ppid=3081 pid=3088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts20 ses=68149 comm="chkcache_proces" exe="/usr/local/bin/oscam" key=(null)
/usr/local/bin/oscam - bizning parazitimiz topildi. "Zararli" xatti-harakatlariga qaramay, shartli kirish tizimidan voz kechish mumkin emas, lekin men hali ham bilishni xohlayman oscam, WTF?
Javob tezda topiladi :
#if defined(CLOCKFIX)
if (tv.tv_sec > lasttime.tv_sec || (tv.tv_sec == lasttime.tv_sec && tv.tv_usec >= lasttime.tv_usec)) // check for time issues!
{
lasttime = tv; // register this valid time
}
else
{
tv = lasttime;
settimeofday(&tv, NULL); // set time back to last known valid time
//fprintf(stderr, "*** WARNING: BAD TIME AFFECTING WHOLE OSCAM ECM HANDLING, SYSTEMTIME SET TO LAST KNOWN VALID TIME **** n");
}
Bu erda qanchalik yoqimli ko'rinadi izoh berdi chiziq ogohlantirish...
Manba: www.habr.com