[CentOS] What besides Postfix should not start until system time set?
Alice Wonder
alice at domblogger.net
Thu Apr 20 21:10:05 UTC 2017
On 04/20/2017 02:00 PM, Robert Moskowitz wrote:
> So I have learned that Postfix should delay until Chronyd has moved the
> system time from 0 to current.
>
> What other services need to be delayed?
>
>
> Apache?
> Bind?
>
> Of course if this is a nameserver, Chronyd will probably not be able to
> resolve the NTP server addresses until Bind is running!
>
> thanks
I use unbound on all my servers listening only on the localhost, not
sure if it needs the current time to be accurate when it starts or not
but it never seems to be an issue.
I'm of the opinion every server should have locally provided DNSSEC
enforcing DNS services simply because it takes away a potential attack
vector to have local DNS queries stay local.
More information about the CentOS
mailing list