Time, Date, and Time Zones for Red Hat Linux

A Practical Guide


Van Emery - March, 2003



Introduction:

I have had nothing but trouble with Red Hat's GUI tools for setting date, time, time zone, and ntpd configuration files. In some cases, this has been as extreme as the dateconfig tool refusing to execute, and in other cases the tool ran, but did not change the underlying configuration files. I decided to dig down into the details and find out how date, time, time zones, and ntpd work on a Linux system. Armed with this knowledge, I would be able to configure my systems properly once and for all! As it turns out, this was an informative little detour...


Environment:

Red Hat 8.0 on a Pentium III 667 MHz & a Pentium II 233 MHz
Red Hat 7.3 on a Dell
Optiplex GX-1 Pentium II running Red Hat 7.3


Objectives:

1. Set my Linux systems to the desired time zone
2. Set my Linux systems to the desired time and date
3. Get the NTP server running correctly
4. Make sure the hardware clock maintains the proper time
5. Find out as much as possible about the time and date configuration commands and files


Basic Command-line Tools:


The date command can be used as follows to display the time and date:


$ date

Fri Mar 28 16:01:50 CST 2003


To see UTC/GMT, you can do this:

$ date --utc
Fri Mar 28 08:04:32 UTC 2003


The date command also can be used to set the time and date. To set the time manually, do this:


# date -s "16:15:00"
Fri Mar 28 16:15:00 CST 2003

If you also need to adjust the date, and not just the time, you can do it like this:

# date -s "16:55:30 July 7, 1986"
Mon Jul  7 16:55:30 PDT 1986

There is also another way to set the date and time, which is not very pretty:

# date 033121422003.55
Mon Mar 31 21:42:55 PST 2003

The above command does not use the -s option, and the fields are arranged like this:  MMDDhhmmCCYY.ss
where MM = month, DD = day, hh = hour, mm = minute, CCYY = 4 digit year, and ss = seconds.

Please note that setting the clock with the date command must be done as root. This is a "savage" way to adjust the time. It adjusts the Linux kernel system time.

There is also a hardware clock (CMOS clock). You can look at the current hardware clock time with:


hwclock --show


I always keep my hardware clocks set to UTC/GMT. This maintains my clocks uniformly without any worries about "Daylight Savings Time". This is important, because when you set the hardware clock from the system clock (kept by the Linux kernel), you need to know if this is the case. To set the hardware clock from the system clock, leaving the hardware clock in UTC, enter the following:


# hwclock --systohc --utc
# hwclock --show
Fri 28 Mar 2003 04:23:52 PM CST -0.864036 seconds


Another interesting item is that the Linux system clock stores time in seconds since midnight on January 1st, 1970 (UTC). This is called UNIX time. Unfortunately, because this is a 32-bit value, there is a year-2038 problem. Hopefully, everyone will have moved to 64-bit architectures by then. In order to see the UNIX time, you can use the following command:

date +%s


There are many useful formatting options for the date command. See the date manpage for details.


Of course, there is another useful tool available related to date and time: cal


$ cal -3

    February 2003          March 2003            April 2003
Su Mo Tu We Th Fr Sa  Su Mo Tu We Th Fr Sa  Su Mo Tu We Th Fr Sa
                   1                     1         1  2  3  4  5
 2  3  4  5  6  7  8   2  3  4  5  6  7  8   6  7  8  9 10 11 12
 9 10 11 12 13 14 15   9 10 11 12 13 14 15  13 14 15 16 17 18 19
16 17 18 19 20 21 22  16 17 18 19 20 21 22  20 21 22 23 24 25 26
23 24 25 26 27 28     23 24 25 26 27 28 29  27 28 29 30
                      30 31


You can also specify "cal -y" for the entire year, "cal" by itself for the current month, or "cal 12 2005" to see the calendar for December, 2005.  



Time Zone Configuration:


Background - The Earth is divided into time zones that are 15 degrees of longitude each, for this corresponds to the amount of angular distance the Sun appears to travel in 1 hour. 0 degrees longitude runs through the Royal Observatory in Greenwich, England. This is the origin of Greenwich Mean Time, or GMT. For all practical purposes, GMT and UTC are the same. To complicate matters, some countries observe Daylight Savings Time (DST), while others do not. Even within some countries, some states or districts do not observe DST while the rest of the country does! DST can also begin and end on different days in different countries! What a mess...

There are several files and directories that are used for time zones, and several tools:

/etc/sysconfig/clock - this is a short text file that defines the timezone, whether or not the hardware clock is using UTC, and an ARC option that is only relevant to DEC systems.

/etc/localtime - this is a symbolic link to the appropriate time zone file in /usr/share/zoneinfo

/usr/share/zoneinfo - this directory contains the time zone files that were compiled by zic. These are binary files and cannot be viewed with a text viewer. The files contain information such as rules about DST. They allow the kernel to convert UTC UNIX time into appropriate local dates and times.

/etc/rc.d/rc.sysinit
- This script runs once, at boot time. A section of this script sets the system time from the hardware clock and applies the local time zone information.

/etc/init.d/halt - This script runs during system shutdown. A section of this script synchronizes the hardware clock from the system clock.

/etc/adjtime - This file is used by the adjtimex function, which can smoothly adjust system time while the system runs. settimeofday is a related function.


redhat-config-date or dateconfig - These commands start the Red Hat date/time/time zone configuration GUI. Both commands failed to change the timezone in two different stock Red Hat 8.0 systems. They also failed to create a working ntp.conf file for the NTP server. The timezone problem went away after upgrading from the installed RPM, redhat-config-date-1.5.2-10, to a newer RPM from a Red Hat beta release, redhat-config-date-1.5.9-6.

zic - (The time zone compiler) Zic creates the time conversion information files.

zdump - This utility prints the current time and date in the specified time zone. Example:


# zdump Japan
Japan Sat Mar 29 00:47:57 2003 JST
# zdump Iceland
Iceland Fri Mar 28 15:48:02 2003 GMT


In order to manually change the timezone, you can edit the
/etc/sysconfig/clock file and then make a new soft link to /etc/localtime. Here is an example of changing the timezone manually to "America/Denver":

1. Select the appropriate time zone from the /usr/share/zoneinfo directory. Time zone names are relative to that directory. In this case, we will select "America/Denver"

2. Edit the
/etc/sysconfig/clock text file so that it looks like this:

ZONE="America/Denver"
UTC=true
ARC=false


Of course, this assumes that your hardware clock is running UTC time...

3. Delete the following file: /etc/localtime

4. Create a new soft link for /etc/localtime. Here is an example of step 3 and step 4:


# cd /etc
# ls -al localtime
lrwxrwxrwx 1 root root 39 Mar 28 07:00 localtime -> /usr/share/zoneinfo/America/Los_Angeles

# rm /etc/localtime

# ln -s /usr/share/zoneinfo/America/Denver /etc/localtime
# ls -al localtime
lrwxrwxrwx 1 root root 34 Mar 28 08:59 localtime -> /usr/share/zoneinfo/America/Denver

# date
Fri Mar 28 09:00:04 MST 2003



NTP Configuration and Usage:


Background - Network Time Protocol (NTP) allows computers, servers, and network devices to synchronize their internal clock systems to an external reference source. In some cases, the reference source can be an atomic clock or GPS receiver. This is useful for a number of reasons. If you would like to automatically keep the time on your Linux system synchronized to standard world times, you have two built-in tools to do this:

ntpdate and ntpd (NTP Daemon)


ntpdate:

ntpdate was written by David L. Mills at the University of Delaware. For details on Dr. Mills, enter this:

$ finger David.L.Mills@udel.edu

ntpdate allows you to view or set system time from one or more NTP servers. The first thing you need to do is find a time server you can query. Here is a list of public time servers, or you can use one of the following:

clock.redhat.com
clock2.redhat.com
ns1.tuxfamily.org

time.nist.gov

For example, if you only want to query an NTP server and make sure that you can reach it, use the following command:

# ntpdate -q clock2.redhat.com
server 66.187.224.4, stratum 1, offset -0.067532, delay 0.38452
28 Mar 18:14:20 ntpdate[10724]: adjust time server 66.187.224.4 offset -0.067532 sec


Note that some firewall systems do not allow NTP traffic. NTP uses UDP port 123. If you would like to query more than one server and set your system clock with the result, use the following:

# ntpdate clock2.redhat.com clock.redhat.com
28 Mar 18:20:59 ntpdate[10754]: adjust time server 66.187.233.4 offset -0.043222 sec



You can add the -v flag for verbose output.

This command is very similar to the rdate command. The ntpdate command can be used in startup scripts or cron jobs to automatically set the system time without running a dedicated server process. You will definitely want to try to retrieve the time from an NTP server with ntpdate before setting up your own NTP server. This will ensure that (a) you have connectivity (b) your firewall does not block NTP. Another thing to note about the ntpdate command is that it will not work in update mode if you are running a local NTP server process. It will work in query mode.


NTP Server:

The NTP server (ntpd) can be setup to run continuously. This will keep the system clock synchronized. You will also be able to server NTP clients on your LAN, if you wish. I had problems with the Red Hat configuration GUI not setting the NTP server up correctly.

The configuration file is /etc/ntp.conf, and there is also an /etc/ntp directory which contains keys and the drift file. I will show you a working configuration file, with comments:


# Prohibit general access to this service.
restrict default ignore

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1


# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems to modify the
# configuration of this service. Also, do not use those
# systems as peers for synchronization.

# This is my internal LAN network address
restrict 192.168.212.0 mask 255.255.255.0 notrust nomodify notrap


# --- OUR TIMESERVERS -----
# or remove the default restrict line
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.

# The statements below limit what the servers can do to your server
# I am using IP instead of DNS name because the "restrict" construct
# requires IP addresses

restrict 66.187.224.4 mask 255.255.255.255 nomodify notrap noquery
restrict 80.67.177.2 mask 255.255.255.255 nomodify notrap noquery

# The server listed below is clock2.redhat.com
server 66.187.224.4

# The server listed below is ns1.tuxfamily.org
server 80.67.177.2


# --- NTP MULTICASTCLIENT ---
#multicastclient # listen on default 224.0.1.1
# restrict 224.0.1.1 mask 255.255.255.255 notrust nomodify notrap
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
# I don't want to use multicast for my NTP server



# --- GENERAL CONFIGURATION ---
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
# If you un-comment the two statements below, you could run an NTP server
# off of your local (and inaccurate) system clock.
#restrict 127.127.1.0
#server 127.127.1.0
fudge 127.127.1.0 stratum 10

#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#
driftfile /etc/ntp/drift
broadcastdelay 0.008

#
# Authentication delay. If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff
# directory and figure out what this number should be on your machine.
#
# I am not using any authentication for this simple setup.
authenticate no

#
# Keys file. If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
keys /etc/ntp/keys




After you install this new version of the config file, you can start the service with /etc/init.d/ntpd start

To monitor the service, you can run the following command: ntpdc -p or ntpdc -p -n
If you are really impatient, you can use this command to watch the system until it synchronizes: watch nptdc -p -n
The ntpdc command can be run interactively as well. There are a number of informative ntpdc commands, such as iostats, sysstats, and peers.

When enough time has gone by, one of the servers will have an * placed in front of it to tell you that your system is synchronized to it. The lower the stratum number, the more accurate the server.

If you want to have the NTP server start up automatically, you can use the checkconfig command as follows:

# chkconfig --level 345 ntpd on
# chkconfig --level 0126 ntpd off
# chkconfig --list | grep ntpd
ntpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off



To see that your NTP server is listening on UDP port 123, use the following command: netstat -tuna

Please note that the NTP server makes NTP queries from a UDP source port of 123. Some firewalls will not allow this, even if ntpdate worked (ntpdate uses a source port > 1023.)

You can also use the ntpq utility, and the ntptrace utility for additional diagnostic support. For complete documentation on setting up and using NTP servers, see www.ntp.org.


Conclusion:

Changing the date, time, and time zone on a Red Hat Linux system can be done easily once all of the files and commands are identified. NTP clock synchronization is also fairly straightforward. Hopefully, future time and date configuration tools will work well enough that the average user/administrator does not have to resort to manual work-arounds.







Back...