On Sun, 14 Aug 2016 20:57:13 -0400 George george@queair.net wrote:
Alternately, run ntpdate via cron every few hours, to avoid running an unnecessary network service. (Recent security issues in ntp remain unpatched in some distributions.)
There's actually a technical problem with running ntpdate periodically. NTP works by slowly and carefully adjusting the time, accounting for any local gaps without breaking any precise-time requiring daemons or functions, like databases. ntpdate might be used on startup (or with ntpd_sync_on_start), but it's deprecated last I read. Tools like rdate are not replacements for an ntp daemon on a production system.
You might even notice the tor daemon isn't fond of abrupt time adjustments, and will bark in the log about it.
I do the same (ntpdate in crontab) and have never seen any issues with that. If you run ntpdate often enough (in my case I find every 6 hours suffices) your computer clock will never have the chance to drift far enough away, so that the ntpdate adjustment would disrupt anything.