Select Page

OS X 10.9 and ntpd

There is a problem with time in Mavericks (OS X 10.9). The various software tools that make sure your clock is accurate seem to break down in certain situations, and the result is that the clock can lose or gain time in the order of hundreds of seconds on a machine left to run for a long time without a restart. There is a lot of discussion in various forums that talk of a tangle between ntpd and pacemaker -these are components in the operating system that do time keeping. ntpd communicates with time servers and estimates the current time based on delays, reliability of the servers involved, etc. It then updates information used to correct the time on the Mac -the version that comes with Mavericks DOES NOT DIRECTLY ADJUST THE TIME. pacemaker reads the information provided by ntpd, and then adjusts the clock to correct time. Rather than make large changes, pacemaker nudges the clock in the right direction, so over a period of time, the clock will float around what is considered the correct time. In OS X 10.8, the offset between the clock on the Mac and accurate time servers was in the order of +/-.003 seconds. Mavericks sees deviations of up to 2 seconds, even when there is an accurate local time server. A simple check can be run in the terminal:

$ sntp 0.nz.pool.ntp.org 2014 Jul 30 22:25:28.139003 +0.002787 +/- 0.114212 secs

sntp communicates with the time server(s) specified (0.nz.pool.ntp.org) and reports the difference between the local clock and that on the remote system (in the example above the local clock is +0.002787 ahead of the time server), as well as an indication of the accuracy of the remote clock (+/- 0.114212 secs). This is the command OS X runs at start up before starting the ntpd process. For machines running without restarting for long periods of time, we have seen errors up to 150 seconds

Time servers

The University of Auckland maintains a pool of time servers (aka NTP servers, NTP = network time protocol) that can be accessed through the address

ntp.auckland.ac.nz

These provide accurate time using a mix of sources including, GPS, satellite, and peers in Waikato University. Unfortunately, this service can no longer be accessed from off the campus network -bludgeoning NTP servers with specially crafted requests could be used as an attack. This has further exacerbated the issue. Macs working off campus, needing time updates, are hanging waiting for ntp.auckland.ac.nz to respond (and not timing out!). Fortunately, there are a number of publicly accessible time services that can be used instead. The fix below changes the default ntp.auckland.ac.nz to a pool address (a name that resolves to a number of time server addresses randomly selected from a pool), 0.nz.pool.ntp.org.

Our patch

Borrowing from http://www.atmythoughts.com/living-in-a-tech-family-blog/2014/2/28/what-time-is-it and following the discussions on various forums, we have created a simple patch for Mavericks. Presently this can be downloaded through the self service tool installed as part of University’s Casper implementation. A version (1.1) can also be downloaded from NTPfix4109-1-1.dmg

Folders and files

The patch contains a new set of the binaries (executable code) associated with the NTP services, compiled on a current Mac (10.9.4, etc.) using the current stable release of the source code available at http://ntp.org/downloads.html. These are installed in

/usr/local/bin

rather than /usr/sbin, so do not replace the versions that come with OS X.

An updated version of

/usr/libexec/ntpd-wrapper

is installed -this is called by the operating system to start the ntpd service, and has been modified to use the new version of ntpd in /usr/local/bin. Any update to the operating system potentially reverts this file so that it uses the OS X supplied binaries. It may be necessary to reapply this patch after future updates to 10.9.x.

/etc/ntp.conf

is also updated so that ntpd will use the following time servers

o.nz.pool.ntp.org time.apple.com

 

NTP copyright

Pertains to the software included in this patch.

Copyright (c) University of Delaware 1992-2011

Permission to use, copy, modify, and distribute this software and its documentation for any purpose with or without fee is hereby granted, provided that the above copyright notice appears in all copies and that both the copyright notice and this permission notice appear in supporting documentation, and that the name University of Delaware not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. The University of Delaware makes no representations about the suitability this software for any purpose. It is provided “as is” without express or implied warranty.

Skip to toolbar