changeset 172:093198acf7d4

7018272 Move NTP to userland 7034365 NTP html docs is missing tickadj, has duplicate of Interleave Modes instead.
author Brian Utterback <Brian.Utterback@Oracle.COM>
date Fri, 08 Apr 2011 05:28:01 -0700
parents dbff1afe6b31
children 69315e61a221
files components/meta-packages/history/SUNWntp.p5m components/ntp/Makefile components/ntp/Solaris/RtNTPMngmnt.html components/ntp/Solaris/SmfNTPStates.html components/ntp/Solaris/SmfValueNTP.html components/ntp/Solaris/auth_attr components/ntp/Solaris/ntp.client components/ntp/Solaris/ntp.server components/ntp/Solaris/ntp.sh components/ntp/Solaris/ntp.xml components/ntp/Solaris/prof_attr components/ntp/manpages/ntp-keygen.1m components/ntp/manpages/ntp.conf.4 components/ntp/manpages/ntpd.1m components/ntp/manpages/ntpdate.1m components/ntp/manpages/ntpdc.1m components/ntp/manpages/ntpq.1m components/ntp/manpages/ntprc.4 components/ntp/manpages/ntptime.1m components/ntp/manpages/ntptrace.1m components/ntp/ntp.license components/ntp/ntp.p5m components/ntp/patches/etcfix.patch components/ntp/patches/ins-ntp-wait.patch components/ntp/patches/ins-ntpd.patch components/ntp/patches/mc.patch components/ntp/patches/mdns.patch components/ntp/patches/noextra.patch components/ntp/patches/ntpwait.patch components/ntp/patches/timing.patch make-rules/shared-macros.mk make-rules/shared-targets.mk transforms/defaults
diffstat 33 files changed, 4972 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/meta-packages/history/SUNWntp.p5m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,33 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+#
+
+#
+# Legacy package information for renamed SUNWntpr and SUNWntpu packages
+#
+
+set name=pkg.fmri value=pkg:/SUNWntp@4.2.5.172,5.11-0.133
+set name=pkg.renamed value=true
+
+set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
+
+depend fmri=service/network/ntp@4.2.5.172-0.133 type=require
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Makefile	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,65 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+#
+
+include ../../make-rules/shared-macros.mk
+
+COMPONENT_NAME=		ntp-dev
+COMPONENT_PATCH_VERSION=	200
+COMPONENT_VERSION=	4.2.5
+IPS_COMPONENT_VERSION=	$(COMPONENT_VERSION).$(COMPONENT_PATCH_VERSION)
+COMPONENT_SRC=		$(COMPONENT_NAME)-$(COMPONENT_VERSION)p$(COMPONENT_PATCH_VERSION)
+COMPONENT_ARCHIVE=	$(COMPONENT_SRC).tar.gz
+COMPONENT_ARCHIVE_HASH=	sha1:ff032582d66314ff2556a368162fd1fd15fbf9a6
+COMPONENT_ARCHIVE_URL=	http://archive.ntp.org/ntp4/ntp-dev/$(COMPONENT_ARCHIVE)
+PATCH_LEVEL = 0
+
+include ../../make-rules/prep.mk
+include ../../make-rules/configure.mk
+include ../../make-rules/ips.mk
+
+CONFIGURE_ENV +=	CFLAGS="$(CFLAGS) $(studio_C99_ENABLE) -D_XOPEN_SOURCE=600 -D__EXTENSIONS__"
+CONFIGURE_OPTIONS +=	--bindir=/usr/sbin
+CONFIGURE_OPTIONS +=	--with-binsubdir=sbin
+CONFIGURE_OPTIONS +=	--libexecdir=/usr/lib/inet
+CONFIGURE_OPTIONS +=	--sysconfdir=/etc/inet
+CONFIGURE_OPTIONS +=	--enable-all-clocks
+CONFIGURE_OPTIONS +=	--enable-debugging
+CONFIGURE_OPTIONS +=	--enable-debug-timing
+CONFIGURE_OPTIONS +=	--disable-optional-args
+CONFIGURE_OPTIONS +=	--enable-parse-clocks
+CONFIGURE_OPTIONS +=	--enable-ignore-dns-errors
+CONFIGURE_OPTIONS +=	--without-ntpsnmpd
+CONFIGURE_OPTIONS +=	--without-lineeditlibs
+CONFIGURE_OPTIONS +=	--with-openssl-libdir=/lib
+CONFIGURE_OPTIONS +=	--disable-getifaddrs
+
+BUILD_PKG_DEPENDENCIES =	$(BUILD_TOOLS)
+
+build:		$(BUILD_32)
+install:	$(INSTALL_32)
+test:
+	@echo "no tests available"
+
+include ../../make-rules/depend.mk
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/RtNTPMngmnt.html	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,35 @@
+<HTML>
+<!--
+    CDDL HEADER START
+
+    The contents of this file are subject to the terms of the
+    Common Development and Distribution License (the "License").
+    You may not use this file except in compliance with the License.
+
+    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+    or http://www.opensolaris.org/os/licensing.
+    See the License for the specific language governing permissions
+    and limitations under the License.
+
+    When distributing Covered Code, include this CDDL HEADER in each
+    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+    If applicable, add the following below this CDDL HEADER, with the
+    fields enclosed by brackets "[]" replaced with your own identifying
+    information: Portions Copyright [yyyy] [name of copyright owner]
+
+    CDDL HEADER END
+
+    Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+-->
+<HEAD>
+	<TITLE> </TITLE>
+	 
+	
+</HEAD>
+<BODY>
+When NTP Management is in the Rights Included column, it grants the right to manage the NTP SMF service.
+<p>
+If NTP Management is grayed, then you are not entitled to Add or Remove this right.
+<p>
+</BODY>
+</HTML>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/SmfNTPStates.html	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,36 @@
+<HTML>
+<!--
+    CDDL HEADER START
+
+    The contents of this file are subject to the terms of the
+    Common Development and Distribution License (the "License").
+    You may not use this file except in compliance with the License.
+
+    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+    or http://www.opensolaris.org/os/licensing.
+    See the License for the specific language governing permissions
+    and limitations under the License.
+
+    When distributing Covered Code, include this CDDL HEADER in each
+    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+    If applicable, add the following below this CDDL HEADER, with the
+    fields enclosed by brackets "[]" replaced with your own identifying
+    information: Portions Copyright [yyyy] [name of copyright owner]
+
+    CDDL HEADER END
+
+    Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+-->
+<!--
+   <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
+-->
+<BODY>
+When Manage NTP Service States is in the Authorizations Include
+column, it grants the authorization to enable, disable, or restart the
+ndmpd daemon.
+<p>
+If Manage NTP Service States is grayed, then you are not entitled to
+Add or Remove this authorization.
+<BR>&nbsp;
+</BODY>
+</HTML>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/SmfValueNTP.html	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,35 @@
+<HTML>
+<!--
+    CDDL HEADER START
+
+    The contents of this file are subject to the terms of the
+    Common Development and Distribution License (the "License").
+    You may not use this file except in compliance with the License.
+
+    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+    or http://www.opensolaris.org/os/licensing.
+    See the License for the specific language governing permissions
+    and limitations under the License.
+
+    When distributing Covered Code, include this CDDL HEADER in each
+    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+    If applicable, add the following below this CDDL HEADER, with the
+    fields enclosed by brackets "[]" replaced with your own identifying
+    information: Portions Copyright [yyyy] [name of copyright owner]
+
+    CDDL HEADER END
+
+    Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+-->
+<!--
+   <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
+-->
+<BODY>
+When <em>Value NTP Properties</em> is in the Authorizations Included
+column, it grants the the authorization to change NTP service property values.
+<P> 
+If <em>Value NTP Properties</em> is grayed, then you are not entitled to
+Add or Remove this authorization.
+<BR>&nbsp;
+</BODY>
+</HTML>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/auth_attr	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,2 @@
+solaris.smf.manage.ntp:::Manage NTP service states::help=SmfNTPStates.html
+solaris.smf.value.ntp:::Change NTP value properties::help=SmfValueNTP.html
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/ntp.client	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,107 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+
+# If you want to configure your client to listen for multicast, uncommnet
+# this line. This should only be used for casual time keeping, like keeping
+# a desktop system in sync. 
+
+#multicastclient 224.0.1.1
+
+# To configure NTP servers, replace the server_name with either the IP address
+# or hostname of the server you wish to use. If you just want to keep the time
+# in a causual way, one server may be enough for you. If you wish to keep it
+# to a more accurate level, 3 or more is recommended. Do not choose 2, because
+# 2 servers is an unstable configuration. By the same token 3 is only acceptable
+# if all are always available, since when a single one reboots or otherwise 
+# becomes unavailable, you have just 2.
+#
+# For a list of Internet NTP servers see 
+# http://support.ntp.org/bin/view/Servers/WebHome
+# If you use this list, be sure to read, understand and abide by the rules
+# each server has published for accessing themselves.
+#
+# There is also a DNS round-robin pool of public access NTP servers. The
+# instructions for accessing these are at http://www.pool.ntp.org
+# Please consider adding your own servers to the pool if possible.
+#
+# Many ISP's also provide NTP servers for use by their customers. 
+
+server server_name iburst
+
+# Always configure the drift file. It can take days for ntpd to completely 
+# stabilize and without the drift file, it has to start over on a reboot
+# of if ntpd restarts. 
+
+driftfile /var/ntp/ntp.drift
+
+# It is always wise to configure at least the loopstats and peerstats files. 
+# Otherwise when ntpd does something you don't expect there is no way to 
+# find out why. 
+
+statsdir /var/ntp/ntpstats/
+filegen peerstats file peerstats type day enable
+filegen loopstats file loopstats type day enable
+
+# To track the events regarding the system clock, the protostats file can be useful
+# as well. 
+#filegen protostats file protostats type day enable
+
+# To see the current state of the crypto authentication protocols, enable the
+# cryptostats file.
+#filegen cryptostats file cryptostats type day enable
+
+# The clockstats files are only useful if a hardware reference clock is 
+# configured. See the /etc/inet/ntp.server file for more information about 
+# that.
+#filegen clockstats file clockstats type day enable
+
+# The sysstats and rawstats output might be useful in debugging.
+#filegen sysstats file sysstats type day enable
+#filegen rawstats file rawstats type day enable
+
+# The timingstats file is probably not useful at all. It is designed for
+# perfomance debugging by the developers of NTP.
+#filegen timingstats file timingstats type day enable
+
+# There are several types on authentication supported by NTP. The easiest
+# to use is a set of passwords, called "keys". They should be stored
+# the /etc/inet/ntp.keys file. Each key in the ntp.keys file can be
+# assigned to certain types of trust levels. See ntpd(1m) for more
+# information on setting up key.
+
+#keys /etc/inet/ntp.keys
+#trustedkey 1
+#requestkey 1
+#controlkey 1
+
+#
+# To configure leap seconds processing, download the latest NIST leap seconds
+# file to /etc/inet, and then create a symbolic link to it from the ntp.leap
+# file. Without this file, NTP will still be able to accept leap announcements
+# from its upstream sources. If this file exists and is less than 6 months old
+# then the contents of this file will take precedence over the upstream servers.
+# The latest leap seconds file is always available at ftp://time.nist.gov/pub
+
+#leapfile /etc/inet/ntp.leap
+
+
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/ntp.server	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,95 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+
+# Since in general, all NTP servers can be NTP clients and vice
+# versa, all of the information in the /etc/inet/ntp.client file
+# applies to NTP server setup as well. However, a certain kind
+# NTP server, called a Stratum 1 server, has one or more devices
+# designed to provide very accurate time to the server. These 
+# devices are configured using the "server" keyword, just as the
+# servers used by the client are, but instead of a hostname or 
+# IP address, a format resembling an IP address is used. The first
+# two octets of "127.127" are used to designate that this 
+# line is referring to a clock and not an network NTP server. 
+# The next octet is used to designate which type of device is used. 
+# And the last octet is used to specify a unit number if more than
+# one is used. Notice that the resulting number looks like the 
+# localhost address, it is not the same. The real localhost
+# address (127.0.0.1) does not have the second octet of 127 as
+# the hardware clock designator does. 
+#
+# XType Device    RefID          Description
+# -------------------------------------------------------
+#  1    local     LCL            Undisciplined Local Clock
+#  3    pst       WWV            PSTI/Traconex WWV/WWVH Receiver
+#  4    wwvb      WWVB           Spectracom WWVB Receiver
+#  5    true      TRUE           TrueTime GPS/GOES Receivers
+#  6    irig      IRIG           IRIG Audio Decoder
+#  7    chu       CHU            Scratchbuilt CHU Receiver
+#  8    parse     ----           Generic Reference Clock Driver
+#  9    mx4200    GPS            Magnavox MX4200 GPS Receiver
+# 10    as2201    GPS            Austron 2201A GPS Receiver
+# 11    arbiter   GPS            Arbiter 1088A/B GPS Receiver
+# 12    tpro      IRIG           KSI/Odetics TPRO/S IRIG Interface
+# 13    leitch    ATOM           Leitch CSD 5300 Master Clock Controller
+# 17    datum     DATM           Datum Precision Time System
+# 18    acts      ACTS           NIST Automated Computer Time Service
+# 19    heath     WWV            Heath WWV/WWVH Receiver
+# 20    nmea      GPS            Generic NMEA GPS Receiver
+# 21    gpsvme                   GPS VME
+# 22    atom      PPS            PPS Clock Discipline
+# 26    hpgps     GPS            Hewlett Packard 58503A GPS Receiver
+# 27    arc       MSFa           Arcron MSF Receiver
+# 28    shm                      Shared memory driver
+# 29    palisade                 Palisade
+# 30    oncore                   Oncore
+# 31    jupiter                  Jupiter GPS
+# 32    chronolog                Chronolog
+# 33    dumbclock                Dumbclock
+# 34    ulink                    Ulink
+# 35    pcf                      PCF
+# 36    wwv                      WWV Audio
+# 37    fg                       FG
+# 38    hopfser                  HOPF Serial
+# 39    hopfpci                  HOPF PCI
+# 40    jjy                      JJY
+# 41    tt560                    TT560
+# 42    zyfer                    ZYFER
+# 43    ripencc                  RIPEENCC
+# 44    neoclock4x               NEOCLOCK 4X
+
+# While all the current refclock drivers are configured and compiled,
+# not all the actual hardware can be supported on all systems. The
+# gpsvme driver can only be expected to work on systems with a VME 
+# bus. The WWV audio driver can only be used on systems with audio
+# input. 
+#  
+# In general, refclock type 1, the LOCAL clock is not necessary and
+# should not be configured. It should only be used when either there
+# is some other process being used to synchronize the clock, such as
+# with hardware with vendor provided drivers, or when it is desired
+# that a server without access to a real NTP time source needs to 
+# act as a multicast or broadcast server. The LOCAL clock should not
+# be configured as a "backup" to other external servers. 
+
+# Some of the devices have tuning parameters, called "fudge" factors, 
+# that can be set on the server line.  See the ntpd documentation.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/ntp.sh	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,115 @@
+#!/sbin/sh
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+#
+
+# Standard prolog
+#
+. /lib/svc/share/smf_include.sh
+
+smf_is_globalzone || exit $SMF_EXIT_OK
+
+if [ -z $SMF_FMRI ]; then
+        echo "SMF framework variables are not initialized."
+        exit $SMF_EXIT_ERR
+fi
+
+#
+# Is NTP configured?
+#
+if [ ! -f /etc/inet/ntp.conf ]; then
+	echo "Error: Configuration file '/etc/inet/ntp.conf' not found." \
+	    "  See ntpd(1M)."
+	exit $SMF_EXIT_ERR_CONFIG
+fi
+
+# Disable globbing to prevent privilege escalations by users authorized
+# to set property values for the NTP service.
+set -f 
+
+#
+# Build the command line flags
+#
+shift $#
+set -- -p /var/run/ntp.pid
+# We allow a step large than the panic value of 17 minutes only 
+# once when ntpd starts up. If always_all_large_step is true, 
+# then we allow this each time ntpd starts. Otherwise, we allow
+# it only the very first time ntpd starts after a boot. We 
+# check that by making ntpd write its pid to a file in /var/run.
+
+val=`svcprop -c -p config/always_allow_large_step $SMF_FMRI`
+if [ "$val" = "true" ] || \
+    [ ! -f /var/run/ntp.pid ]; then
+        set -- "$@" -g
+fi
+
+# Auth was off by default in xntpd now the default is on. Better have a way
+# to turn it off again. Also check for the obsolete "authenitcation" keyword.
+val=`svcprop -c -p config/no_auth_required $SMF_FMRI`
+if [ ! "$val" = "true" ]; then
+        val=`/usr/bin/nawk '/^[ \t]*#/{next}
+            /^[ \t]*authentication[ \t]+no/ {
+                printf("true", $2)
+                next } ' /etc/inet/ntp.conf`
+fi
+[ "$val" = "true" ] && set -- "$@" --authnoreq
+
+# Set up logging if requested.
+logfile=`svcprop -c -p config/logfile $SMF_FMRI`
+val=`svcprop -c -p config/verbose_logging $SMF_FMRI`
+[ "$val" = "true" ] && [ -n "$logfile" ]  && set -- "$@" -l $logfile
+
+# Register with mDNS.
+val=`svcprop -c -p config/mdnsregister $SMF_FMRI`
+mdns=`svcprop -c -p general/enabled svc:/network/dns/multicast:default`
+[ "$val" = "true" ] && [ "$mdns" = "true" ] && set -- "$@" -m
+
+# We used to support the slewalways keyword, but that was a Sun thing
+# and not in V4. Look for "slewalways yes" and set the new slew option.
+val=`svcprop -c -p config/slew_always $SMF_FMRI`
+if [ ! "$val" = "true" ]; then
+	val=`/usr/bin/nawk '/^[ \t]*#/{next}
+	    /^[ \t]*slewalways[ \t]+yes/ {
+        	printf("true", $2)
+        	next } ' /etc/inet/ntp.conf`
+fi
+[ "$val" = "true" ] && set -- "$@" --slew
+
+# Set up debugging.
+deb=`svcprop -c -p config/debuglevel $SMF_FMRI`
+
+# Start the daemon. If debugging is requested, put it in the background, 
+# since it won't do it on it's own.
+if [ "$deb" -gt 0 ]; then
+	/usr/lib/inet/ntpd "$@" --set-debug-level=$deb >/var/ntp/ntp.debug &
+else
+	/usr/lib/inet/ntpd "$@"
+fi
+
+# Now, wait for the first sync, if requested.
+val=`svcprop -c -p config/wait_for_sync $SMF_FMRI`
+[ "$val" = "true" ] && /usr/lib/inet/ntp-wait
+
+exit $SMF_EXIT_OK
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/ntp.xml	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,164 @@
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<!--
+ CDDL HEADER START
+
+ The contents of this file are subject to the terms of the
+ Common Development and Distribution License (the "License").
+ You may not use this file except in compliance with the License.
+
+ You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ or http://www.opensolaris.org/os/licensing.
+ See the License for the specific language governing permissions
+ and limitations under the License.
+
+ When distributing Covered Code, include this CDDL HEADER in each
+ file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ If applicable, add the following below this CDDL HEADER, with the
+ fields enclosed by brackets "[]" replaced with your own identifying
+ information: Portions Copyright [yyyy] [name of copyright owner]
+
+ CDDL HEADER END
+
+ Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+
+ NOTE:  This service manifest is not editable; its contents will
+ be overwritten by package or patch operations, including
+ operating system upgrade.  Make customizations in a different
+ file.
+-->
+
+<service_bundle type='manifest' name='SUNWntpr:ntp'>
+
+<service
+	name='network/ntp'
+	type='service'
+	version='1'>
+	<single_instance />
+	<dependency 
+		name='network'
+		grouping='require_any'
+		restart_on='error'
+		type='service'>
+		<service_fmri value='svc:/network/service' />
+	</dependency>
+
+<!--	<dependent
+	    name='ntp_multi-user'
+	    grouping='optional_all'
+	    restart_on='none'>
+		<service_fmri value='svc:/milestone/multi-user' />
+	</dependent>
+-->
+
+	<exec_method
+	    type='method'
+    	    name='start'
+    	    exec='/lib/svc/method/ntp %m'
+    	    timeout_seconds='600'>
+		<method_context>
+			<method_credential
+			    user='root'
+			    group='root'
+			    privileges='basic,!file_link_any,!proc_info,!proc_session,net_privaddr,proc_lock_memory,sys_time'
+			/>
+		</method_context>
+	</exec_method>
+
+	<exec_method
+	    type='method'
+    	    name='restart'
+    	    exec='/lib/svc/method/ntp %m'
+    	    timeout_seconds='1800'>
+		<method_context>
+			<method_credential
+			    user='root'
+			    group='root'
+			    privileges='basic,!file_link_any,!proc_info,!proc_session,net_privaddr,proc_lock_memory,sys_time'
+			/>
+		</method_context>
+	</exec_method>
+
+	<exec_method
+    	    type='method'
+    	    name='stop'
+    	    exec=':kill'
+    	    timeout_seconds='60' />
+
+	<property_group name='general' type='framework'>
+		<!-- to start stop ntpd -->
+		<propval name='action_authorization' type='astring'
+		value='solaris.smf.manage.ntp' />
+		<propval name='value_authorization' type='astring'
+		value='solaris.smf.value.ntp' />
+	</property_group>
+
+	<instance name="default" enabled="false">
+		<property_group name='config' type='application' >
+			<!-- default property settings for ntpd(1M). -->
+		
+			<propval
+			    name='wait_for_sync'
+			    type='boolean'
+			    value='false' />
+		
+			<propval
+			    name='no_auth_required'
+			    type='boolean'
+			    value='false' />
+		
+			<propval
+			    name='verbose_logging'
+			    type='boolean'
+			    value='false' />
+	
+			<propval
+			    name='slew_always'
+			    type='boolean'
+			    value='false' />
+	
+			<propval
+			    name='always_allow_large_step'
+			    type='boolean'
+			    value='true' />
+	
+			<propval
+			    name='logfile'
+			    type='astring'
+			    value='/var/ntp/ntp.log' />
+		
+			<propval
+			    name='debuglevel'
+			    type='integer'
+			    value='0' />
+	
+			<propval
+			    name='mdnsregister'
+			    type='boolean'
+			    value='false' />
+	
+			<!-- to change properties -->
+			<propval
+			    name='value_authorization'
+			    type='astring'
+			    value='solaris.smf.value.ntp' />
+		
+		</property_group>
+	</instance>
+	<stability value='Unstable' />
+
+	<template>
+		<common_name>
+			<loctext xml:lang='C'>
+			Network Time Protocol (NTP) Version 4
+			</loctext>
+		</common_name>
+		<documentation>
+			<manpage title='ntpd' section='1M' />
+			<manpage title='ntp.conf' section='4' />
+			<manpage title='ntpq' section='1M' />
+		</documentation>
+	</template>
+</service>
+
+</service_bundle>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/Solaris/prof_attr	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,1 @@
+NTP Management:RO::Manage the NTP service:auths=solaris.smf.manage.ntp,solaris.smf.value.ntp
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntp-keygen.1m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,220 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntp-keygen" "1M" "" "" "System Administration Commands"
+.SH NAME
+ntp-keygen \- Generate Public and Private Keys for NTP
+.SH SYNOPSIS
+.LP
+.n
+\fB/usr/sbin/ntp-keygen\fR [\fB-deGgHIMPTv?!\fR] [\fB-i\fR \fIissuername\fR] [\fB-q\fR \fIpasswd1\fR]
+[\fB-p\fR \fIpasswd2\fR] [\fB-s\fR \fIsubjectname\fR] [\fB-V\fR \fInkeys\fR] [\fB-v\fR \fImvkeys\fR]
+[\fB-c [RSA-MD2 | RSA-MD5 | RSA-SHA | RSA=SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1]]\fR
+[\fB-S [ RSA | DSA]\fR]
+.fi
+.SH "OPTIONS"
+.TP
+.BR "-c [ RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 |"
+.BR " RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ]",
+.BR "--certificate [...]"
+.sp
+Select certificate and message digest/signature encryption scheme. Note that RSA schemes must be used with a RSA sign key and DSA schemes must be used with a DSA sign key. The default without this option is \fBRSA-MD5\fR.
+.TP
+.BR "-d, --debug-level"
+Enable debugging. This option displays the cryptographic data produced for eye-friendly billboards.
+.TP
+.BR "-D \fIdebug-level\fP, --debug-level=\fIdebug-level\fP"
+Enable debugging and set the debug level to \fIdebug-level\fP. 
+.TP
+.BR "-e, --id-key"
+Generate unencrypted IFF or GQ parameters file from existing key file \fBIFFkey\fR or \fBGQkey\fR  file, respectively. The file contents are sent to the standard output.
+.TP
+.BR "-G, --gq-params"
+Generate GQ key file \fBGQkey\fR and link \fBgqkey\fR for the Guillou-Quisquater (GQ) identity scheme.
+.TP
+.BR "-g, --gq-keys"
+Update the GQ keys.
+.TP
+.BR "-H, --host-key"
+Generate a new public/private host keys \fBRSAkey\fR, and link \fBhost\fR.  
+.TP
+.BR "-I, --iffkey"
+Generate a new encrypted IFF key file \fBIFFkey\fR and link \fBiffkey\fR for the Schnorr (IFF) identity scheme.
+.TP
+.BR "-i \fIissuername\fP, --issuer-name=\fIissuername\fP"
+Set the issuername name to \fIissuername\fR for generated identity files. This is useful only if the TA is not a group member and is generally considered not a good practice.
+.TP
+.BR "-M, --md5key"
+Generate a new MD5 key file.
+.TP
+.BR "-m \fImodulus\fP, --modulus=\fImodulus\fP"
+Set the modulus to \fImodulus\fR.
+.TP
+.BR "-P, --pvt-cert"
+Generate a new private certificate used by the PC identity scheme. By default, the program generates public certificates. Note: the PC identity scheme is not recommended for new installations.
+.TP
+.BR "-p \fIpasswd2\fP, --pvt-passwd=\fIpasswd2\fP"
+Set the password for writing encrypted files to \fIpasswd2\fR. By default, the write password is the read password.
+.TP
+.BR "-q \fIpasswd1\fP, --get-pvt-passwd=\fIpasswd1\fP"
+Set the password for reading encrypted files to \fIpasswd1\fR. By default,  the read password is the host name.
+.TP
+.BR "-S [ RSA | DSA ], --sign-key=[ RSA | DSA] "
+Generate a new sign key of the designated type. By default, the sign key is the host key.
+.TP
+.BR "-s \fIname\fP, --subject-name=\fIname\fP"
+Set the host name to \fIname\fR. This is used in the host and sign key file names, as well as the subject and issuer names in the certificate. It must match the host name specified in the \fBCRYPTO\fR configuration command. 
+.TP
+.BR "-T, --trusted-cert"
+Generate a trusted certificate. By default, the program generates nontrusted certificates.
+.TP
+.BR "-V \fInkeys\fP, --mv-params=\fInkeys\fP"
+Generate server parameters \fBMV\fR and \fInkeys\fR client keys for the Mu-Varadharajan (MV)  identity scheme. Note: support for this option should be considered a work in progress.
+.TP
+.BR \-v ", " \-\-version
+Output version of program and exit.
+.TP
+.BR "--mv-keys=\fImvkeys\fP"
+.TP
+.BR "-?, --help"
+Print program help information.
+.TP
+.BR "-!, --more-help"
+Extended usages information passed through a pager.
+.TP
+.BR \-> " \fIrcfile\fP," " \-\-save-opts" "=\fIrcfile\fP"
+Save the option state to \fIrcfile\fP. 
+.TP
+.BR \-< " \fIrcfile\fP," " \-\-load-opts" "=\fIrcfile\fP," " \-\-no-load-opts"
+Load options from \fIrcfile\fP.
+The \fIno-load-opts\fP form will disable the loading
+of earlier RC/INI files.  \fI--no-load-opts\fP is handled early,
+out of order.
+.SS OPTION PRESETS
+Most options may be preset by loading values from configuration file(s) and values from
+environment variables named:
+.nf
+  \fBNTP_KEYGEN_<option-name>\fP or \fBNTP_KEYGEN\fP
+.fi
+.aj
+The environmental presets take precedence (are processed later than)
+the configuration files. The option-name should be in all capital letters.
+For example, to set the --command option, you would set the NTP_KEYGEN_COMMAND environment
+variable.
+The users home directory and the current directory are searched for a file named .ntprc.
+.SH "DESCRIPTION"
+This program generates cryptographic data files used by the NTPv4 authentication and identity schemes. It generates MD5 keys used in symmetric key cryptography and generates encryption keys, certificates and identity keys used in the Autokey public key cryptography. All files are in PEM-encoded printable ASCII format so they can be embedded as MIME attachments in mail to other sites and certificate authorities.
+.LP
+Generated files are compatible with other OpenSSL applications and other Public Key Infrastructure (PKI) resources. Certificates or certificate requests generated by this or other programs should be compatible with extant industry practice, although some users might find the interpretation of X509v3 extension fields somewhat liberal. However, the identity keys files are probably not compatible with anything other than Autokey.
+.LP
+Most files written by this program are encrypted using a private password. The \fB-p\fR \fIpasswd2\fR option specifies the write password and the \fB-q\fR \fIpasswd2\fR option the read password for previously encrypted files. If no read password is specified, the host name returned by the Unix \fBgethostname()\fR function is used. If no write password is specified, the read password is used as the write password.
+.LP
+The \fBntpd\fR configuration command \fBcrypto pw\fR \fIpasswd\fR specifies the read password for previously encrypted files. This must match the write password used by this program. For convenience, if the \fBntpd\fR password is not specified, the host name returned by the Unix \fBgethostname()\fR function is used. Thus, if files are generated by this program without password, they can be read back by \fBntpd\fR without password, but only on the same host.
+.LP
+All files and links are installed by default in the keys directory \fB/etc/inet\fR, which is normally in a shared filesystem in NFS-mounted networks. The location of the keys directory can be changed by the \fBkeysdir\fR configuration command. Normally, encrypted  files for each host are generated by that host and used only by that host, although exceptions exist as noted later on this page.
+.LP
+This program directs commentary and error messages to the standard error stream \fBstderr\fR and some files to the standard output stream \fBstdout\fR where they can be piped to other aplications or redirected to a file. The names used for generated files and links all begin with the string \fBntpkey\fR and include the file type, generating host and filestamp, as described in the "Cryptographic Data Files" section below
+.SS "Running the Program"
+The safest way to run this program is log in as root and change to the keys directory, \fB/etc/inet.\fR When run for the first time, or if all files with names beginning \fBntpkey\fR have been removed, use the \fBntp-keygen \fRcommand without arguments to generate a default RSA host key file and matching RSA-MD5 certificate file. The file names and password default to the host name as described above. If run again with the same command line, the program uses the same host key file, but generates a new certificate file.
+.LP
+Run the command on as many hosts as necessary. Designate one of them as the trusted host (TH) using the \fB-T\fR option on the command line and configure it to synchronize via reliable paths. THs have trusted, self-signed certificates; all other hosts have nontrusted, self-signed certificates. Then configure the nontrusted hosts to synchronize to the TH directly or indirectly. A certificate trail is created by asking the immediately ascendant host towards the root to sign its certificate, which is then provided to the immediately descendant host on request. All group hosts should have acyclic certificate trails ending on the TH.
+.LP
+By default the name used in the subject and issuer fields in the certificate is the host name. A different name can be assigned using the \fB-s\fR \fIhost\fR option on the command line, but the name must match the host name specified by the \fBcrypto\fR configuration command.
+.LP
+The host key is used to encrypt the cookie when required and so must be RSA type. By default, the host key is also the sign key used to encrypt signatures. A different sign key file name can be assigned using the \fB-S\fR option and this can be either RSA or DSA type. By default, the message digest type is MD5, but any combination of sign key type and message digest type supported by the OpenSSL library can be specified.
+.SS "Trusted Hosts and Secure Groups"
+As described on the "Authentication Options" page at file:///usr/share/doc/ntp/authopt.html, an NTP secure group consists of one or more low-stratum THs as the root from which all other group hosts derive synchronization directly or indirectly. For authentication purposes all THs in a group must have the same host and group name; all other hosts have the same group name, but different host names. The host name and group name must match the names specified by the \fBcrypto\fR configuratrion command. Host and group names are used only for authentication purposes and have nothing to do with DNS names.
+.LP
+It is convenient to nominate a single TH acting as a trusted authority (TA) to generate a set of files and links that are then copied intact to all other THs in the group, most conveniently as a tar archive. This means that it doesn't matter which certificate trail ends at which TH, since the cryptographic media are the same.
+.LP
+To generate and install cryptographic media files, The TA uses the
+.IP
+.BR "ntp-keygen -q \fIpasswd1\fP -s \fIhost\fP -T"
+.LP
+command to specify the password, host/group name and trusted certificate. For THs the host and group names are the same and must match the host and group names specified on the \fBcrypto\fR configuration command. If run again with the same command line, the program uses the same host key file, but generates a new trusted certificate file. Group hosts other than the THs use the same command line, but with a different host name and without the \fB\fI-\fRT\fR option. On these hosts if the \fB-s\fR \fIhost\fR option is missing, the host name is the default described above.
+.SS "Identity Schemes"
+As described on the "Authentication Options" page, there are five identity schemes, three of which - IFF, GQ and MV - require files specific to each scheme and group. There are two files for each scheme, an encrypted keys file and a nonencrypted parameters file. THs need only the keys file; all the others need the parameters file. Other hosts expecting to support a client population also need the keys file; hosts acting only as clients need only the parameters file. Both files are generated by the TA on behalf of all servers and clients in the group.
+.LP
+The parameters files are public; they can be stored in a public place and sent in the clear. The keys files are encrypted with the host read password. To retrieve the keys file, a host sends a mail request to the TA including its private read password. The TA encrypts the keys file with this password and returns it as an attachment. The attachment is then copied intact to the keys directory with name given in the first line of the file, but all in lower case and with the filestamp deleted..
+.LP
+The TA can generate GQ keys, certificate and identity files for all TH's using the command
+.IP 
+.BR "ntp-keygen -q \fIpasswd1\fP -s \fIhost\fP -T -G -e >\fIparameters_file\fP"
+.LP
+where the the redirected \fIparameters_file\fR can be piped to a mail application or stored locally and renamed as above for later distribution. The procedure for IFF files is similar with \fB-G\fR replaced by \fB-I\fR.
+.LP
+The TA can generate an encrypted GQ keys file copy using the command
+.IP
+.BR "ntp-keygen -q \fIpasswd1\fP -p \fIpasswd2\fP -s \fIhost\fP >\fIkeys_file\fP"
+.LP
+where \fIpasswd1\fR is the read password for the TA, \fIpasswd2\fR is the read password for the requesting host and \fIkeys_file\fR is sent or stored as above. The program uses the keys and parameters of whatever scheme generated the keys file.
+.SS "Cryptographic Data Files"
+File and link names are in the form \fBntpkey_\fIkey\fR_\fIname\fR.\fIfstamp\fR\fR, where \fB\fIkey\fR\fR is the key or parameter type, \fB\fIname\fR\fR is the host or group name and \fB\fIfstamp\fR\fR is the filestamp (NTP seconds) when the file was created). By convention, key fields in generated file names include both upper and lower case alphanumeric characters, while key fields in generated link names include only lower case characters. The filestamp is not used in generated link names.
+.LP
+The key type is a string defining the cryptographic function. Key types include public/private keys \fBhost \fRand \fBsign\fR, certificate \fBcert\fR and several challenge/response key types. By convention, files used for challenges have a \fBpar\fR subtype, as in the IFF challenge \fBIFFpar\fR, while files for responses have a \fBkey\fR subtype, as in the GQ response \fBGQkey\fR.
+.LP
+All files begin with two nonencrypted lines. The first line contains the file name in the format \fBntpkey_\fIkey\fR_\fIhost\fR.\fIfstamp\fR\fR. The second line contains the datestamp in conventional Unix \fBdate\fR format. Lines beginning with \fB#\fR are ignored.
+.LP
+The remainder of the file contains cryptographic data encoded first using ASN.1 rules, then encrypted using the DES-CBC algorithm and given password and finally written in PEM-encoded printable ASCII text preceded and followed by MIME content identifier lines.
+.LP
+The format of the symmetric keys file is somewhat different than the other files in the interest of backward compatibility. Since DES-CBC is deprecated in NTPv4, the only key format of interest is MD5 alphanumeric strings. Following the header the keys are entered one per line in the format
+.IP
+\fIkeyno type key\fR
+.LP
+where \fIkeyno\fR is a positive integer in the range 1-65,535, \fItype\fR is the string \fBMD5\fR defining the key format and
+\fIkey\fR is the key itself, which is a printable ASCII string 16 characters or less in length. Each character is chosen from the 93 printable characters in the range 0x21 through 0x7f excluding space and the '#' character.
+.LP
+Note that the keys used by the \fBntpq\fR and \fBntpdc\fR programs are checked against passwords requested by the programs and entered by hand, so it is generally appropriate to specify these keys in human readable ASCII format.
+.LP
+The \fBntp-keygen\fR program generates a MD5 symmetric keys file \fBntpkey_MD5key_\fIhostname.filestamp\fR\fR. Since the file contains private shared keys, it should be visible only to root and distributed by secure means to other subnet hosts. The NTP daemon loads the file \fBntp.keys\fR, so \fBntp-keygen\fR installs a soft link from this name to the generated file. Subsequently, similar soft links must be installed by manual or automated means on the other subnet hosts. While this file is not used with the Autokey Version 2 protocol, it is needed to authenticate some remote configuration commands used by the \fBntpq\fR and \fBntpdc\fR utilities.
+.SH NOTES
+Source for \fBntp-keygen\fR is available on http://src.opensolaris.org.
+.LP
+The documentation available at /usr/share/doc/ntp is provided as is from the
+\fBNTP\fR distribution and may contain information that is not applicable to
+the software as provided in this partIcular distribution.
+.SH ATTRIBUTES
+.sp
+.LP
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+AttributeAttribute Value
+_
+AvailabilityT{
+.nf
+service/network/ntp
+.fi
+T}
+_
+Interface StabilityUncommitted
+.TE
+.PP
+.SH SEE ALSO
+.LP
+\fBntpd\fR(1M), \fBntprc\fR(4), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntp.conf.4	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,1298 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntp.conf" "4" "" "" "File Formats"
+.SH NAME
+ntp.conf \- Configuration file for the NTP Daemon.
+.SH DESCRIPTION
+.LP
+The \fB\&ntp.conf\fR file contains the directives used by the \fBntpd\fR to
+configure itself. 
+.SS "Configuration Commands"
+.sp 1.5
+.ne 2
+.mk
+.na
+\fBserver \fIaddress\fP \fR[options ...]\fP\fR
+.br
+\fBpeer \fIaddress\fP \fR[options ...]\fP\fR
+.br
+\fBbroadcast \fIaddress\fP \fR[options ...]\fP\fR
+.br
+\fBmanycastclient \fIaddress\fP \fR[options ...]\fP\fR
+.br
+\fR\fBpool \fIaddress\fP \fR[options ...]\fP\fR
+.ad
+.sp .25
+.RS 4n
+These commands specify the time server name or address to be used and the mode in which to operate. The \fIaddress\fP can be either a DNS name or a IPv4 or IPv6 address in standard notation. In general, multiple commands of each type can be used for different server and peer addresses or multicast groups.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBserver\fR
+.ad
+.sp .25
+.RS 4n
+For type s and r addresses (only), this command mobilizes a persistent client mode association with the specified remote server or local reference clock. If the \fBpreempt\fR flag is specified, a preemptable client mode association is mobilized instead.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBpeer\fR
+.ad
+.sp .25
+.RS 4n
+For type s addresses (only), this command mobilizes a persistent symmetric-active mode association with the specified remote peer.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBbroadcast\fR
+.ad
+.sp .25
+.RS 4n
+For type b and m ddresses (only), this command mobilizes a persistent broadcast or multicast server mode association. Note that type b messages go only to the interface specified, but type m messages go to all interfaces.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmanycastclient\fR
+.ad
+.sp .25
+.RS 4n
+For type m addresses (only), this command mobilizes a manycast client mode association for the multicast group address specified. In this mode the address must match the address specified on the \fBmanycastserver\fR command of one or more designated manycast servers.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBpool\fR
+.ad
+.sp .25
+.RS 4n
+For type s messages (only) this command mobilizes a client mode association for servers implementing the pool automatic server discovery scheme described on the Association Management page at file:///usr/share/doc/ntp/assoc.html. The address is a DNS name in the form \fB\fIarea\fP.pool.ntp.org\fR, where \fB\fIarea\fP\fR is a qualifier designating the server geographic area such as \fBus\fR or \fBeurope\fR.
+.SS "Command Options"
+Each of the above configuation commands takes zero or more options from the list below:
+.sp .3
+.ne 2
+.mk
+.na
+\fBautokey\fR
+.ad
+.sp .25
+.RS 4n
+Send and receive packets authenticated by the autokey scheme described in the Authentication Options page at file:///usr/share/doc/ntp/authopt.html. This option is valid only with \fBserver\fR and \fBpeer\fR commands and type s addresses. It is incompatible with the \fBkey\fR option.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBburst\fR
+.ad
+.sp .25
+.RS 4n
+When the server is reachable, send a burst of six packets instead of the usual one. The packet spacing is normally 2 s; however, the spacing between the first and second packets can be changed with the fBcalldelay\fR command to allow additional time for a modem or ISDN call to complete. This option is valid only with only the \fBserver\fR command and type s addressesa. It is a recommended option when the \fBmaxpoll\fR option is greater than 10 (1024 s).
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBiburst\fR
+.ad
+.sp .25
+.RS 4n
+When the server is unreachable, send a burst of eight packets instead of the usual one. The packet spacing is normally 2 s; however, the spacing between the first and second packets can be changed with the \fBcalldelay\fR command to allow additional time for a modem or ISDN call to complete. This option is valid only with the \fBserver\fR command and type s addresses. It is a recommended option with this command.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBkey\fR \fIkey\fP\fR
+.ad
+.sp .25
+.RS 4n
+Send and receive packets authenticated by the symmetric key scheme described in the Authentication Options page at file:///usr/share/doc/ntp/authopt.html. This option is valid only with \fBserver\fR and \fBpeer\fR commands and type s addresses. The \fIkey\fP specifies the key identifier with values from 1 to 65534, inclusive. This option is incompatible with the \fBautokey\fR option.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBminpoll \fIminpoll
+.br
+\fP\fR\fBmaxpoll \fImaxpoll\fP\fR
+.ad
+.sp .25
+.RS 4n
+These options specify the minimum and maximum poll intervals for NTP messages, in seconds as a power of two. The maximum poll interval defaults to 10 (1024 s), but can be increased by the \fBmaxpoll\fR option to an upper limit of 17 (36 h). The minimum poll interval defaults to 6 (64 s), but can be decreased by the \fBminpoll\fR option to a lower limit of 4 (16 s). These option are valid only with the \fBserver\fR and \fBpeer\fR commands and type s addresses.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmode \fIoption\fP\fR
+.ad
+.sp .25
+.RS 4n
+Pass the \fB\fIoption\fP\fR to a reference clock driver, where \fB\fIoption\fP\fR is an integer in the range from 0 to 255, inclusive. This option is valid only with the \fBserver\fR command and type r addresses.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBnoselect\fR
+.ad
+.sp .25
+.RS 4n
+Marks the server or peer to be ignored by the selection algorithm but visible to the monitoring program. This option is ignored with the \fBbroadcast\fR command.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBpreempt\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the association as preemptable rather than the default persistent. This option is ignored with the  \fBbroadcast\fR command and is most useful with the \fBmanycastclient\fR and \fBpool\fR commands.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBprefer\fR
+.ad
+.sp .25
+.RS 4n
+Mark the server as preferred. All other things being equal, this host will be chosen for synchronization among a set of correctly operating hosts. See the Mitigation Rules page at file:///usr/share/doc/ntp/prefer.html for further information. This option is valid only with the \fBserver\fR and \fBpeer\fR commands.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBtrue\fR
+.ad
+.sp .25
+.RS 4n
+Mark the association to assume truechimer status; that is, always survive the selection and clustering algorithms. This option can be used with any association, but is most useful for reference clocks with large jitter on the serial port and precision pulse-per-second (PPS) signals. Caution: this option defeats the algorithms designed to cast out falsetickers and can allow these sources to set the system clock. This option is valid only with the \fBserver\fR and \fBpeer\fR commands.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBttl \fIttl\fP\fR
+.ad
+.sp .25
+.RS 4n
+This option specifies the time-to-live \fIttl\fP for the \fBbroadcast\fR commmand and the maximum \fIttl\fP for the expanding ring search used by the \fBmanycastclient\fR command. Selection of the proper value, which defaults to 127, is something of a black art and should be coordinated with the network administrator.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBversion \fIversion\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the version number to be used for outgoing NTP packets. Versions 1-4 are the choices, with version 4 the default.
+.RE
+.SS "Auxilliary Commands"
+.sp .3
+.ne 2
+.mk
+.na
+\fBbroadcastclient [novolley]\fR
+.ad
+.sp .25
+.RS 4n
+Enable reception of broadcast server messages to any local interface (type b address). Ordinarily, upon receiving a message for the first time, the broadcast client measures the nominal server propagation delay using a brief client/server exchange, after which it continues in listen-only mode. If the \fBnovolley\fR keyword is present, the exchange is not used and the value specified in the \fBbroadcastdelay\fR command is used or, if the \fBbroadcastdelay\fR command is not used, the default 4.0 ms. Note that, in order to avoid accidental or malicious disruption in this mode, both the server and client should operate using symmetric key or public key authentication as described in the Authentication Options page at file:///usr/share/doc/ntp/authopt.html. Note that the \fBnovolley\fR keyword is incompatible with public key authentication.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmanycastserver \fIaddress\fP [...]\fR
+.ad
+.sp .25
+.RS 4n
+Enable reception of manycast client messages (type m)to the multicast group address(es) (type m) specified. At least one address is required. Note that, in order to avoid accidental or malicious disruption, both the server and client should operate using symmetric key or public key authentication as described in the Authentication Options page at file:///usr/share/doc/ntp/authopt.html.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmulticastclient \fIaddress\fP [...]\fR
+.ad
+.sp .25
+.RS 4n
+Enable reception of multicast server messages to the multicast group address(es) (type m) specified. Upon receiving a message for the first time, the multicast client measures the nominal server propagation delay using a brief client/server exchange with the server, then enters the broadcast client mode, in which it synchronizes to succeeding multicast messages. Note that, in order to avoid accidental or malicious disruption in this mode, both the server and client should operate using symmetric key or public key authentication as described in the Authentication Options page at file:///usr/share/doc/ntp/authopt.html.
+.RE
+.SS "Reference Clock Commands"
+.sp .3
+.ne 2
+.mk
+.na
+\fBserver 127.127.\fIt.u\fP [prefer] [mode \fIint\fP] [minpoll \fIint\fP] [maxpoll \fIint\fP]\fR
+.ad
+.sp .25
+.RS 4n
+This command can be used to configure reference clocks in special ways. The options are interpreted as follows:
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBprefer\fR
+.ad
+.sp .25
+.RS 4n
+Marks the reference clock as preferred. All other things being equal, this host will be chosen for synchronization among a set of correctly operating hosts. See the Mitigation Rules page at file:///usr/share/doc/ntp/prefer.html for further information.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmode \fIint\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies a mode number which is interpreted in a device-specific fashion. For instance, it selects a dialing protocol in the ACTS driver and a device subtype in the \fBparse\fR drivers.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBminpoll \fIint\fP\fR
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmaxpoll \fIint\fP\fR
+.ad
+.sp .25
+.RS 4n
+These options specify the minimum and maximum polling interval for reference clock messages in seconds, interpreted as dual logarithms (2 ^ x). For most directly connected reference clocks, both \fBminpoll\fR and \fBmaxpoll\fR default to 6 (2^16 = 64 s). For modem reference clocks, \fBminpoll\fR defaults to 10 (2^10 = 1024 s = 17.1 m) and \fBmaxpoll\fR defaults to 14 (2^14 = 16384 s = 4.25 h). The allowable range is 4 (16 s) to 17 (36.4 h) inclusive.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBfudge 127.127.\fIt.u\fP [time1 \fIsec\fP] [time2 \fIsec\fP] [stratum \fIint\fP] [refid \fIstring\fP] [mode \fIint\fP] [flag1 0|1] [flag2 0|1] [flag3 0|1] [flag4 0|1]\fR
+.ad
+.sp .25
+.RS 4n
+This command can be used to configure reference clocks in special ways. It must immediately follow the \fBserver\fR command which configures the driver. Note that the same capability is possible at run time using the \fBntpdc\fR program. The options are interpreted as follows:
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBtime1 \fIsec\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies a constant to be added to the time offset produced by the driver, a fixed-point decimal number in seconds. This is used as a calibration constant to adjust the nominal time offset of a particular clock to agree with an external standard, such as a precision PPS signal. It also provides a way to correct a systematic error or bias due to serial port or operating system latencies, different cable lengths or receiver internal delay. The specified offset is in addition to the propagation delay provided by other means, such as internal DIPswitches. Where a calibration for an individual system and driver is available, an approximate correction is noted in the driver documentation pages.
+.LP
+Note: in order to facilitate calibration when more than one radio clock or PPS signal is supported, a special calibration feature is available. It takes the form of an argument to the \fBenable\fR command and operates as described in the Reference Clock Drivers page at file:///usr/share/doc/ntp/refclock.html.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBtime2 \fIsecs\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies a fixed-point decimal number in seconds, which is interpreted in a driver-dependent way. See the descriptions of specific drivers in the Reference Clock Drivers page at file:///usr/share/doc/ntp/refclock.html.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBstratum \fIint\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the stratum number assigned to the driver, an integer between 0 and 15. This number overrides the default stratum number ordinarily assigned by the driver itself, usually zero.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBrefid \fIstring\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies an ASCII string of from one to four characters which defines the reference identifier used by the driver. This string overrides the default identifier ordinarily assigned by the driver itself.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmode \fIint\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies a mode number which is interpreted in a device-specific fashion. For instance, it selects a dialing protocol in the ACTS driver and a device subtype in the \fBparse\fR drivers.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBflag1 flag2 flag3 flag4\fR
+.ad
+.sp .25
+.RS 4n
+These four flags are used for customizing the clock driver. The interpretation of these values, and whether they are used at all, is a function of the particular clock driver. However, by convention \fBflag4\fR is used to enable recording monitoring data to the \fBclockstats\fR file configured with the \fBfilegen\fR command. 
+.RE
+.SS "Authentication Commands"
+.sp .3
+.ne 2
+.mk
+.na
+\fBautokey [\fIlogsec\fP]\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the interval between regenerations of the session key list used with the Autokey protocol. Note that the size of the key list for each association depends on this interval and the current poll interval. The default value is 12 (4096 s or about 1.1 hours). For poll intervals above the specified interval, a session key list with a single entry will be regenerated for every message sent.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBcontrolkey \fIkey\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the key identifier to use with the \fBntpq\fR utility, which uses the standard protocol defined in RFC-1305. The \fB\fIkey\fP\fR argument is the key identifier for a trusted key, where the value can be in the range 1 to 65,534, inclusive.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBcrypto [randfile \fIfile\fP] [host \fIname\fP] [ident \fIname\fP] [pw \fIpassword\fP]\fR
+.ad
+.sp .25
+.RS 4n
+This command requires the OpenSSL library. It activates public key cryptography and loads the required public/private encryption and sign kyes and public certificat. If one or more files are left unspecified, the default names are used as described below. Unless the complete path and name of the file are specified, the location of a file is relative to the keys directory specified in the \fBkeysdir\fR command or default \fB/etc/inet\fR. Following are the subcommands.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBhost \fIname\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the host name used in the host key link \fBntpkey_host_\fIname\fP\fR, sign key link \fBntpkey_sign_\fIname\fP\fR and certificate link \fBntpkey_cert_\fIname\fP\fR. The \fBntp-keygen\fR program automatically installs these links to the most recently generated files.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBident \fIname\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the group name used in the identity key link \fBntpkey_\fIkey\fP_\fIname\fP\fR, where \fB\fIkey\fP\fR identifies the key type described on the \fBntp-keygen\fR page. The \fBntp-keygen\fR program automatically installs these links to the most recently generated files.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBpw \fIpassword\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the password to decrypt files previously encrypted by the \fBntp-keygen\fR program.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBrandfile \fIfile\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the location of the random seed file used by the OpenSSL library. The defaults are described on the \fBntp-keygen(1m)\fR man page.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBkeys \fIkeyfile\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the complete path to the MD5 key file containing the keys and key identifiers used by \fBntpd\fR, \fBntpq\fR and \fBntpdc\fR when operating with symmetric key cryptography. This is the same operation as the \fB-k \fRcommand line option.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBkeysdir \fIpath\fP\fR
+.ad
+.sp .25
+.RS 4n
+This command specifies the default directory path for cryptographic keys, parameters and certificates. The default is \fB/etc/inet/\fR.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBrequestkey \fIkey\fP\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the key identifier to use with the \fBntpdc\fR utility program, which uses a proprietary protocol specific to this implementation of \fBntpd\fR. The \fB\fIkey\fP\fR argument is a key identifier for the trusted key, where the value can be in the range 1 to 65,534, inclusive.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBrevoke [\fIlogsec\fP]\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the interval between re-randomization of certain cryptographic values used by the Autokey scheme, as a power of 2 in seconds. These values need to be updated frequently in order to deflect brute-force attacks on the algorithms; however, updating some values is a relatively expensive operation. The default interval is 16 (65,536 s or about 18 hours). For poll intervals above the specified interval, the values will be updated for every message sent.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBtrustedkey \fIkey\fP [...]\fR
+.ad
+.sp .25
+.RS 4n
+Specifies the key identifiers which are trusted for the purposes of authenticating peers with symmetric key cryptography, as well as keys used by the \fBntpq\fR and \fBntpdc\fR programs. The authentication procedures require that both the local and remote servers share the same key and key identifier for this purpose, although different keys can be used with different servers. The \fB\fIkey\fP\fR arguments are 32-bit unsigned integers with values from 1 to 65,534.
+.RE
+.SS "Access Control Commands"
+.sp .3
+.ne 2
+.mk
+.na
+\fBdiscard [ average \fIavg\fP ][ minimum \fImin\fP ] [ monitor \fIprob\fP ]\fR
+.ad
+.sp .25
+.RS 4n
+Set the parameters of the \fBlimited\fR facility which protects the server from client abuse. The \fBaverage\fR subcommand specifies the minimum average packet spacing, while the \fBminimum\fR subcommand specifies the minimum packet spacing. Packets that violate these minima are discarded and a kiss-o'-death packet returned if enabled. The default minimum average and minimum are 5 and 2, respectively. The monitor subcommand specifies the probability of discard for packets that overflow the rate-control window.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBrestrict \fIaddress\fP [mask \fImask\fP] [\fIflag\fP][...]\fR
+.ad
+.sp .25
+.RS 4n
+The \fIaddress\fP argument expressed in dotted-quad form is the address of a host or network. Alternatively, the \fB\fIaddress\fP\fR argument can be a valid host DNS&nbsp;name. The \fImask\fP argument expressed in dotted-quad form defaults to \fB255.255.255.255\fR, meaning that the \fIaddress\fP is treated as the address of an individual host. A default entry (address \fB0.0.0.0\fR, mask \fB0.0.0.0\fR) is always included and is always the first entry in the list. Note that text string \fBdefault\fR, with no mask option, may be used to indicate the default entry.
+.LP
+In the current implementation, \fIflag\fP always restricts access, i.e., an entry with no flags indicates that free access to the server is to be given. The flags are not orthogonal, in that more restrictive flags will often make less restrictive ones redundant. The flags can generally be classed into two catagories, those which restrict time service and those which restrict informational queries and attempts to do run-time reconfiguration of the server. One or more of the following flags may be specified:
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBignore\fR
+.ad
+.sp .25
+.RS 4n
+Deny packets of all kinds, including \fBntpq\fR and \fBntpdc\fR queries.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBkod\fR
+.ad
+.sp .25
+.RS 4n
+If this flag is set when an access violation occurs, a kiss-o'-death (KoD) packet is sent. KoD packets are rate limited to no more than one per second. If another KoD packet occurs within one second after the last one, the packet is dropped
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBlimited\fR
+.ad
+.sp .25
+.RS 4n
+Deny service if the packet spacing violates the lower limits specified in the \fBdiscard\fR command. A history of clients is kept using the monitoring capability of \fBntpd\fR. Thus, monitoring is always active as long as there is a restriction entry with the \fBlimited\fR flag.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBlowpriotrap\fR
+.ad
+.sp .25
+.RS 4n
+Declare traps set by matching hosts to be low priority. The number of traps a server can maintain is limited (the current limit is 3). Traps are usually assigned on a first come, first served basis, with later trap requestors being denied service. This flag modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBnomodify\fR
+.ad
+.sp .25
+.RS 4n
+Deny \fBntpq\fR and \fBntpdc\fR queries which attempt to modify the state of the server (i.e., run time reconfiguration). Queries which return information are permitted.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBnoquery\fR
+.ad
+.sp .25
+.RS 4n
+Deny \fBntpq\fR and \fBntpdc\fR queries. Time service is not affected.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBnopeer\fR
+.ad
+.sp .25
+.RS 4n
+Deny packets which would result in mobilizing a new association. &nbsp;This includes broadcast, symmetric-active and manycast client packets when a configured association does not exist.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBnoserve\fR
+.ad
+.sp .25
+.RS 4n
+Deny all packets except \fBntpq\fR and \fBntpdc\fR queries.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBnotrap\fR
+.ad
+.sp .25
+.RS 4n
+Decline to provide mode 6 control message trap service to matching hosts. The trap service is a subsystem of the \fBntpdq\fR control message protocol which is intended for use by remote event logging programs.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBnotrust\fR
+.ad
+.sp .25
+.RS 4n
+Deny packets unless the packet is cryptographically authenticated.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBntpport\fR
+.ad
+.sp .25
+.RS 4n
+This is actually a match algorithm modifier, rather than a restriction flag. Its presence causes the restriction entry to be matched only if the source port in the packet is the standard NTP UDP port (123). Both \fBntpport\fR and \fBnon-ntpport\fR may be specified. The \fBntpport\fR is considered more specific and is sorted later in the list.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBversion\fR
+.ad
+.sp .25
+.RS 4n
+Deny packets that do not match the current NTP version.
+.RE
+.SS "Monitoring Commands"
+.sp .3
+.ne 2
+.mk
+.na
+\fBstatistics \fIname\fP [...]\fR
+.ad
+.sp .25
+.RS 4n
+Enables writing of statistics records. Currently, six kinds of \fIname\fPstatistics are supported.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBclockstats\fR
+.ad
+.sp .25
+.RS 4n
+Enables recording of clock driver statistics information. Each update received from a clock driver appends a line of the following form to the file generation set named \fBclockstats\fR:
+.LP
+\fB49213 525.624 127.127.4.1 93 226 00:08:29.606 D\fR
+.LP
+The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next field shows the clock address in dotted-quad notation, The final field shows the last timecode received from the clock in decoded ASCII format, where meaningful. In some clock drivers a good deal of additional information can be gathered and displayed as well. See information specific to each clock for further details.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBcryptostats\fR
+.ad
+.sp .25
+.RS 4n
+This option requires the OpenSSL cryptographic software library. It enables recording of cryptographic public key protocol information. Each message received by the protocol module appends a line of the following form to the file generation set named \fBcryptostats\fR:
+.LP
+\fB49213 525.624 127.127.4.1 \fImessage\fP\fR
+.LP
+The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next field shows the peer address in dotted-quad notation, The final \fB\fImessage\fP\fR field includes the message type and certain ancillary information. See the Authentication Options page at file:///usr/share/doc/ntp/authopt.html for further information.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBloopstats\fR
+.ad
+.sp .25
+.RS 4n
+Enables recording of loop filter statistics information. Each update of the local clock outputs a line of the following form to the file generation set named \fBloopstats\fR:
+.LP
+\fB50935 75440.031 0.000006019 13.778190 0.000351733 0.0133806	6\fR
+.LP
+The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next five fields show time offset (seconds), frequency offset (parts per million - PPM), RMS jitter (seconds), Allan deviation (PPM) and clock discipline time constant.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBpeerstats\fR
+.ad
+.sp .25
+.RS 4n
+Enables recording of peer statistics information. This includes statistics records of all peers of a NTP server and of special signals, where present and configured. Each valid update appends a line of the following form to the current element of a file generation set named \fBpeerstats\fR:
+.LP
+\fB48773 10847.650 127.127.4.1 9714 -0.001605376 0.000000000 0.001424877 0.000958674\fR
+.LP
+The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next two fields show the peer address in dotted-quad notation and status, respectively. The status field is encoded in hex in the format described in Appendix B of the NTP specification RFC 1305. The final four fields show the offset, delay, dispersion and RMS jitter, all in seconds.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBrawstats\fR
+.ad
+.sp .25
+.RS 4n
+Enables recording of raw-timestamp statistics information. This includes statistics records of all peers of a NTP server and of special signals, where present and configured. Each NTP message received from a peer or clock driver appends a line of the following form to the file generation set named \fBrawstats\fR:
+.LP
+\fB50928 2132.2543 128.4.1.1 128.4.1.20 3102453281.2584327000 3102453281.258622800031 02453332.2540806000 3102453332.2541458000\fR
+.LP
+The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next two fields show the remote peer or clock address followed by the local address in dotted-quad notation, The final four fields show the originate, receive, transmit and final NTP timestamps in order. The timestamp values are as received and before processing by the various data smoothing and mitigation algorithms.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBsysstats\fR
+.ad
+.sp .25
+.RS 4n
+Enables recording of \fBntpd\fR statistics counters on a periodic basis. Each hour a line of the following form is appended to the file generation set named \fBsysstats\fR:
+.LP
+\fB50928 2132.2543 36000 81965 0 9546 56 71793 512 540 10 147\fR
+.LP
+The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The remaining ten fields show the statistics counter values accumulated since the last generated line.
+.sp .3
+.ne 2
+.mk
+.na
+Time since restart \fB36000\fR:
+Time in hours since the system was last rebooted.
+.sp .3
+.ne 2
+.mk
+.na
+Packets received \fB81965\fR:
+Total number of packets received.
+.sp .3
+.ne 2
+.mk
+.na
+Packets processed \fB0\fR:
+Number of packets received in response to previous packets sent
+.sp .3
+.ne 2
+.mk
+.na
+Current version \fB9546\fR:
+Number of packets matching the current NTP version.
+.sp .3
+.ne 2
+.mk
+.na
+Previous version \fB56\fR:
+Number of packets matching the previous NTP version.
+.sp .3
+.ne 2
+.mk
+.na
+Bad version \fB71793\fR:
+Number of packets matching neither NTP version.
+.sp .3
+.ne 2
+.mk
+.na
+Access denied \fB512\fR:
+Number of packets denied access for any reason.
+.sp .3
+.ne 2
+.mk
+.na
+Bad length or format \fB540\fR:
+Number of packets with invalid length, format or port number.
+.sp .3
+.ne 2
+.mk
+.na
+Bad authentication \fB10\fR:
+Number of packets not verified as authentic.
+.sp .3
+.ne 2
+.mk
+.na
+Rate exceeded \fB147\fR:
+Number of packets discarded due to rate limitation.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBstatsdir \fIdirectory_path\fP\fR
+.ad
+.sp .25
+.RS 4n
+Indicates the full path of a directory where statistics files should be created (see below). This keyword allows the (otherwise constant) \fBfilegen\fR filename prefix to be modified for file generation sets, which is useful for handling statistics logs.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBfilegen \fIname\fP [file \fIfilename\fP] [type \fItypename\fP] [link | nolink] [enable | disable]\fR
+.ad
+.sp .25
+.RS 4n
+Configures setting of generation file set \fIname\fP. Generation file sets provide a means for handling files that are continuously growing during the lifetime of a server. Server statistics are a typical example for such files. Generation file sets provide access to a set of files used to store the actual data. At any time at most one element of the set is being written to. The type given specifies when and how data will be directed to a new element of the set. This way, information stored in elements of a file set that are currently unused are available for administrational operations without the risk of disturbing the operation of \fBntpd\fR. (Most important: they can be removed to free space for new data produced.)
+.ad
+.sp .25
+Note that this command can be sent from the \fBntpdc\fR program running at a remote location.
+.sp .3
+.ne 2
+.mk
+.na
+.TP
+\fIname\fR
+This is the type of the statistics records, as shown in the \fBstatistics\fR command.
+.TP
+\fBfile \fIfilename\fP\fR
+This is the file name for the statistics records. Filenames of set members are built from three concatenated elements \fIprefix\fP, \fIfilename\fP and \fIsuffix\fP:
+.TP
+\fIprefix\fP
+This is a constant filename path. It is not subject to modifications via the \fBfilegen\fR option. It is defined by the server, usually specified as a compile-time constant. It may, however, be configurable for individual file generation sets via other commands. For example, the prefix used with \fBloopstats\fR and \fBpeerstats\fR generation can be configured using the \fBstatsdir\fR option explained above.
+.TP
+\fIfilename\fP
+This string is directly concatenated to the prefix mentioned above (no intervening \fB/\fR (slash)). This can be modified using the \fBfile\fR argument to the \fBfilegen\fR statement. No \fB..\fR elements are allowed in this component to prevent filenames referring to parts outside the filesystem hierarchy denoted by \fBprefix\fR.
+.TP
+\fIsuffix\fP
+This part is reflects individual elements of a file set. It is generated according to the type of a file set.
+.TP
+\fBtype \fItypename\fP\fR
+A file generation set is characterized by its type. The following types are supported:
+.RS 6n
+.TP
+\fBnone\fR
+The file set is actually a single plain file.
+.TP
+\fBpid\fR
+One element of file set is used per incarnation of a \fBntpd\fR server. This type does not perform any changes to file set members during runtime, however it provides an easy way of separating files belonging to different \fBntpd\fR server incarnations. The set member filename is built by appending a \fB.\fR (dot) to concatenated \fIprefix\fP and \fIfilename\fP strings, and appending the decimal representation of the process ID of the \fBntpd\fR server process.
+.TP
+\fBday\fR
+One file generation set element is created per day. A day is defined as the period between 00:00 and 24:00 UTC. The file set member suffix consists of a \fB.\fR (dot) and a day specification in the form \fBYYYYMMdd. YYYY\fR is a 4-digit year number (e.g., 1992). \fBMM\fR is a two digit month number. \fBdd\fR is a two digit day number. Thus, all information written at 10 December 1992 would end up in a file named \fB\fIprefix filename\fP.19921210\fR.
+.TP
+\fBweek\fR
+Any file set member contains data related to a certain week of a year. The term week is defined by computing day-of-year modulo 7. Elements of such a file generation set are distinguished by appending the following suffix to the file set filename base: A dot, a 4-digit year number, the letter \fBW\fR, and a 2-digit week number. For example, information from January, 10th 1992 would end up in a file with suffix \fB.1992W1\fR.
+.TP
+\fBmonth\fR
+One generation file set element is generated per month. The file name suffix consists of a dot, a 4-digit year number, and a 2-digit month.
+.TP
+\fByear\fR
+One generation file element is generated per year. The filename suffix consists of a dot and a 4 digit year number.
+.TP
+\fBage\fR
+This type of file generation sets changes to a new element of the file set every 24 hours of server operation. The filename suffix consists of a dot, the letter \fBa\fR, and an 8-digit number. This number is taken to be the number of seconds the server is running at the start of the corresponding 24-hour period. Information is only written to a file generation by specifying \fBenable\fR; output is prevented by specifying \fBdisable\fR.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+.TP
+\fBlink | nolink\fR
+It is convenient to be able to access the current element of a file generation set by a fixed name. This feature is enabled by specifying \fBlink\fR and disabled using \fBnolink\fR. If \fBlink\fR is specified, a hard link from the current file set element to a file without suffix is created. When there is already a file with this name and the number of links of this file is one, it is renamed appending a dot, the letter \fBC\fR, and the pid of the \fBntpd\fR server process. When the number of links is greater than one, the file is unlinked. This allows the current file to be accessed by a constant name.
+.TP
+\fBenable | disable\fR
+Enables or disables the recording function.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBbroadcastdelay \fIseconds\fP\fR
+.ad
+.sp .25
+.RS 4n
+The broadcast and multicast modes require a special calibration to determine the network delay between the local and remote servers. Ordinarily, this is done automatically by the initial protocol exchanges between the client and server. In some cases, the calibration procedure may fail due to network or server access controls, for example. This command specifies the default delay to be used under these circumstances. Typically (for Ethernet), a number between 0.003 and 0.007 seconds is appropriate. The default when this command is not used is 0.004 seconds.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBcalldelay \fIdelay\fP\fR
+.ad
+.sp .25
+.RS 4n
+This option controls the delay in seconds between the first and second packets sent in burst or iburst mode to allow additional time for a modem or ISDN call to complete.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBdriftfile \fIdriftfile\fP { \fItolerance\fP ]\fR
+.ad
+.sp .25
+.RS 4n
+This command specifies the complete path and name of the file used to record the frequency of the local clock oscillator. This is the same operation as the \fB-f\fR command linke option. If the file exists, it is read at startup in order to set the initial frequency and then updated once per hour with the current frequency computed by the daemon. If the file name is specified, but the file itself does not exist, the starts with an initial frequency of zero and creates the file when writing it for the first time. If this command is not given, the daemon will always start with an initial frequency of zero.
+.LP
+The file format consists of a single line containing a single floating point number, which records the frequency offset measured in parts-per-million (PPM). The file is updated by first writing the current drift value into a temporary file and then renaming this file to replace the old version. This implies that \fBntpd\fR must have write permission for the directory the drift file is located in, and that file system links, symbolic or otherwise, should be avoided.
+.LP
+The parameter \fBtolerance\fR is the wander threshold to skip writing the new value. If the value of wander computed from recent frequency changes is greater than this threshold the file will be updated once per hour. If below the threshold, the file will not be written.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBenable [ auth | bclient | calibrate | kernel | monitor | ntp | pps | stats]\fR
+.br
+\fBdisable [ auth | bclient | calibrate | kernel | monitor | ntp | pps | stats ]\fR
+.ad
+.sp .25
+.RS 4n
+Provides a way to enable or disable various system options. Flags not mentioned are unaffected. Note that all of these flags can be controlled remotely using the \fBntpdc\fR utility program.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBauth\fR
+.ad
+.sp .25
+.RS 4n
+Enables the server to synchronize with unconfigured peers only if the peer has been correctly authenticated using either public key or private key cryptography. The default for this flag is enable.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBbclient\fR
+.ad
+.sp .25
+.RS 4n
+Enables the server to listen for a message from a broadcast or multicast server, as in the \fBmulticastclient\fR command with default address. The default for this flag is disable.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBcalibrate\fR
+.ad
+.sp .25
+.RS 4n
+Enables the calibrate feature for reference clocks. The default for this flag is disable.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBkernel\fR
+.ad
+.sp .25
+.RS 4n
+Enables the kernel time discipline, if available. The default for this flag is enable if support is available, otherwise disable.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmonitor\fR
+.ad
+.sp .25
+.RS 4n
+Enables the monitoring facility. See the \fBntpdc\fR program and the \fBmonlist\fR command or further information. The default for this flag is enable.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBntp\fR
+.ad
+.sp .25
+.RS 4n
+Enables time and frequency discipline. In effect, this switch opens and closes the feedback loop, which is useful for testing. The default for this flag is enable.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBpps\fR
+.ad
+.sp .25
+.RS 4n
+Enables the pulse-per-second (PPS) signal when frequency and time is disciplined by the precision time kernel modifications. See the Kernel Model for Precision Timekeeping page at file:///usr/share/doc/ntp/kern.html for further information. The default for this flag is disable.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBstats\fR
+.ad
+.sp .25
+.RS 4n
+Enables the statistics facility. The default for this flag is disable
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBincludefile \fIincludefile\fP\fR
+.ad
+.sp .25
+.RS 4n
+This command allows additional configuration commands to be included from a separate file. Include files may be nested to a depth of five; upon reaching the end of any include file, command processing resumes in the previous configuration file. This option is useful for sites that run \fBntpd\fR on multiple hosts, with (mostly) common options (e.g., a restriction list).
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBlogconfig \fIconfigkeyword\fP\fR
+.ad
+.sp .25
+.RS 4n
+This command controls the amount and type of output written to the system \fBsyslog\fR facility or the alternate \fBlogfile\fR log file. All \fIconfigkeyword\fP keywords can be prefixed with \fB=\fR, \fB+\fR and \fB-\fR, where \fB=\fR sets the \fBsyslogmask\fR, \fB+\fR adds and \fB-\fR removes messages. \fBsyslog messages\fR can be controlled in four classes (\fBclock\fR, \fBpeer\fR, \fBsys\fR and \fBsync\fR). Within these classes four types of messages can be controlled: informational messages (\fBinfo\fR), event messages (\fBevents\fR), statistics messages (\fBstatistics\fR) and status messages (\fBstatus\fR).
+.LP
+Configuration keywords are formed by concatenating the message class with the event class. The \fBall\fR prefix can be used instead of a message class. A message class may also be followed by the \fBall\fR keyword to enable/disable all messages of the respective message class. By default, \fBlogconfig\fR output is set to \fBallsync\fR.
+.LP
+Thus, a minimal log configuration could look like this:
+.LP
+\fBlogconfig=syncstatus +sysevents\fR
+.LP
+This would just list the synchronizations state of \fBntpd\fR and the major system events. For a simple reference server, the following minimum message configuration could be useful:
+.LP
+\fBlogconfig=allsync +allclock\fR
+.LP
+This configuration will list all clock information and synchronization information. All other events and messages about peers, system events and so on is suppressed.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBlogfile \fIlogfile\fP\fR
+.ad
+.sp .25
+.RS 4n
+.LP
+This command specifies the location of an alternate log file to be used instead of the default system \fBsyslog\fR facility. This is the same operation as the \fB-l \fRcommand line option.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBphone \fIdial\fP1 \fIdial\fP2 ...\fR
+.ad
+.sp .25
+.RS 4n
+This command is used in conjunction with the ACTS modem driver (type 18). The arguments consist of a maximum of 10 telephone numbers used to dial USNO, NIST or European time services. The Hayes command ATDT&nbsp;is normally prepended to the number, which can contain other modem control codes as well.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBsetvar \fIvariable\fP [default]\fR
+.ad
+.sp .25
+.RS 4n
+This command adds an additional system variable. These variables can be used to distribute additional information such as the access policy. If the variable of the form \fB\fIname\fP = \fIvalue\fP\fR is followed by the \fBdefault\fR keyword, the variable will be listed as part of the default system variables (\fBntpq rv\fR command). These additional variables serve informational purposes only. They are not related to the protocol other that they can be listed. The known protocol variables will always override any variables defined via the \fBsetvar\fR mechanism. There are three special variables that contain the names of all variable of the same group. The \fBsys_var_list\fR holds the names of all system variables. The \fBpeer_var_list\fR holds the names of all peer variables and the \fBclock_var_list\fR holds the names of the reference clock variables.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBtinker [ allan \fIallan\fP | dispersion \fIdispersion\fP | freq \fIfreq\fP | huffpuff \fIhuffpuff\fP | panic \fIpanic\fP | step \fIstep\fP | stepout \fIstepout\fP ]\fR
+.ad
+.sp .25
+.RS 4n
+This command can be used to alter several system variables in very exceptional circumstances. It should occur in the configuration file before any other configuration options. The default values of these variables have been carefully optimized for a wide range of network speeds and reliability expectations. In general, they interact in intricate ways that are hard to predict and some combinations can result in some very nasty behavior. Very rarely is it necessary to change the default values; but, some folks can't resist twisting the knobs anyway and this command is for them. Emphasis added: twisters are on their own and can expect no help from the support group.
+.LP
+The variables operate as follows:
+.sp .3
+.ne 2
+.mk
+.na
+\fBallan \fIallan\fP\fR
+.ad
+.sp .25
+.RS 6n
+The argument becomes the new value for the Allan intercept, which is a parameter of the PLL/FLL clock discipline algorithm. The value is in  seconds with default 1500 s, which is appropriate for most computer clocks.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBdispersion \fIdispersion\fP\fR
+.ad
+.sp .25
+.RS 6n
+The argument becomes the new value for the dispersion increase rate, normally .000015 s/s.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBfreq \fIfreq\fP\fR
+.ad
+.sp .25
+.RS 6n
+The argument becomes the initial value of the frequency offset in parts-per-million. This overrides the value in the frequency file, if present, and avoids the initial training state if it is not.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBhuffpuff \fIhuffpuff\fP\fR
+.ad
+.sp .25
+.RS 6n
+The argument becomes the new value for the experimental huff-n'-puff filter span, which determines the most recent interval the algorithm will search for a minimum delay. The lower limit is 900 s (15 m), but a more reasonable value is 7200 (2 hours). There is no default, since the filter is not enabled unless this command is given.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBpanic \fIpanic\fP\fR
+.ad
+.sp .25
+.RS 6n
+The argument is the panic threshold, by default 1000 s. If set to zero, the panic sanity check is disabled and a clock offset of any value will be accepted.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBstep \fIstep\fP\fR
+.ad
+.sp .25
+.RS 6n
+The argument is the step threshold, by default 0.128 s. It can be set to any positive number in seconds. If set to zero, step adjustments will never occur. Note:&nbsp;The kernel time discipline is disabled if the step threshold is set to zero or greater than the default.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBstepout \fIstepout\fP\fR
+.ad
+.sp .25
+.RS 6n
+The argument is the stepout timeout, by default 900 s. It can be set to any positive number in seconds. If set to zero, the stepout pulses will not be suppressed.
+.RE
+.RE
+.sp 1
+.ne 2
+.mk
+.na
+\fBtos [ beacon \fIbeacon\fP | ceiling \fIceiling\fP | cohort {0 | 1} | floor \fIfloor\fP | orphan \fIorphan\fP | maxdistance \fImaxdistance\fP | minclock \fIminclock\fP | minsane \fIminsane\fP ]\fR
+.ad
+.sp .25
+.RS 4n
+This command affects the clock selection and clustering algorithms. It can be used to select the quality and quantity of peers used to synchronize the system clock and is most useful in manycast mode. The variables operate as follows:
+.sp .3
+.ne 2
+.mk
+.na
+\fBbeacon \fIbeacon\fP\fR
+.ad
+.sp .25
+.RS 6n
+The manycast server sends packets at intervals of 64 s if less than  \fImaxclock\fP servers are available. Otherwise, it sends packets at the \fIbeacon\fP interval in seconds. The default is 3600 s.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBceiling \fIceiling\fP\fR
+.ad
+.sp .25
+.RS 6n
+Servers with stratum at or above \fIceiling\fP will be discarded if there are at least \fIminclock\fP peers remaining. This value defaults to 15, but can be changed to any number from 1 to 15.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBcohort { 0 | 1 }\fR
+.ad
+.sp .25
+.RS 6n
+This is a binary flag which enables (0) or disables (1) manycast server replies to manycast clients with the same stratum level. This is useful to reduce implosions where large numbers of clients with the same stratum level are present. The default is to enable these replies.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBfloor \fIfloor\fP\fR
+.ad
+.sp .25
+.RS 6n
+Peers with strata below \fIfloor\fP will be discarded if there are at least \fIminclock\fP peers remaining. This value defaults to 1, but can be changed to any number from 1 to 15.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBorphan \fIstratum\fP\fR
+.ad
+.sp .25
+.RS 6n
+If \fB\fIstratum\fP\fR is set at some value less than 16 a special orphan mode is enterred when no outside source of synchronization is available. To use orphan mode a number of participants are identically configured both as broadcast client and as broadcast server. One or more participants are configured to use an outside source, either a reference clock or another Internet server. When the source or sources fail, the system stratum is set at \fB\fIstratum\fP\fR and a leader is elected to serve as the reference source. When an outside source of synchronization is again available, the orphan mode is disabled.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmindist \fImindistance\fP\fR
+.ad
+.sp .25
+.RS 6n
+The slection algorithm normally pads each intersection a minimum of one millisecond to avoid needless classification. In some cases, such as reference clocks with high jitter and a PPS signal, it is useful to increase the padding. This command can be used for that purpose. As a general rule, set the mindistance to the maximum expected offset plus the maxiumum expected jitter, in seconds.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBmaxdist \fImaxdistance\fP\fR
+.ad
+.sp .25
+.RS 6n
+The selection algorithm accumulates a number of packets before setting the clock in order to use the best data available. The number is determined by the synchronization distance for each association and a limit called the distance threshold. The synchronization distance starts at 16, then drops by a factor of about two as each packet is received. The default distance threshold is 1.0, which usually results in four packets. Setting maxdistance to some value between 1 and 16 can be used to change the number of packets required. For instance, setting it to 16 will set the clock on the first packet received; howver, setting it to this value essentially disables the mitigation and grooming algorithms.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBminclock \fIminclock\fP\fR
+.ad
+.sp .25
+.RS 6n
+The clustering algorithm repeatedly casts out outlyer associations until no more than \fIminclock\fP associations remain. This value defaults to 3, but can be changed to any number from 1 to the number of configured sources.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBminsane \fIminsane\fP\fR
+.ad
+.sp .25
+.RS 6n
+This is the minimum number of candidates available to the clock selection algorithm in order to produce one or more truechimers for the clustering algorithm. If fewer than this number are available, the clock is undisciplined and allowed to run free. The default is 1 for legacy purposes. However, according to principles of Byzantine agreement, \fIminsane\fP should be at least 4 in order to detect and discard a single falseticker.
+.RE
+.RE
+.sp 1
+.ne 2
+.mk
+.na
+\fBttl \fIhop\fP ...\fR
+.ad
+.sp .25
+.RS 4n
+This command specifies a list of TTL values in increasing order. up to 8 values can be specified. In manycast mode these values are used in turn in an expanding-ring search. The default is eight multiples of 32 starting at 31.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBtrap \fIhost_address\fP [port \fIport_number\fP] [interface \fIinterface_address\fP]\fR
+.ad
+.sp .25
+.RS 4n
+This command configures a trap receiver at the given host address and port number for sending messages with the specified local interface address. If the port number is unspecified, a value of 18447 is used. If the interface address is not specified, the message is sent with a source address of the local interface the message is sent through. Note that on a multihomed host the interface used may vary from time to time with routing changes.
+.LP
+The trap receiver will generally log event messages and other information from the server in a log file. While such monitor programs may also request their own trap dynamically, configuring a trap receiver will ensure that no messages are lost when the server is started.
+.RE
+.sp .3
+.ne 2
+.mk
+.na
+\fBttl \fIhop\fP ...\fR
+.ad
+.sp .25
+.RS 4n
+This command specifies a list of TTL values in increasing order. up to 8 values can be specified. In manycast mode these values are used in turn in an expanding-ring search. The default is eight multiples of 32 starting at 31.
+.RE
+.SH FILES
+.LP
+\fB\fB/etc/inet/ntp.conf\fR\fR
+.LP
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i)
+lw(2.75i) |lw(2.75i)
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilityservice/network/ntp
+=
+Interface StabilityUncommitted
+.TE
+.SH NOTES
+The documentation available at /usr/share/doc/ntp is provided as is from the 
+\fBNTP\fR distribution and may contain information that is not applicable to 
+the software as provided in this partIcular distribution.
+.SH SEE ALSO
+.LP
+\fBntpd\fR(1M)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntpd.1m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,342 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntpd" "1M" "" "" "System Administration Commands"
+.SH NAME
+ntpd \- Network Time Protocol daemon Version 4
+.SH SYNOPSIS
+.LP
+.nf
+\fB/usr/lib/inet/ntpd\fR [\fB-46aAbdDgLmnNqvx\fR] [\fB-c\fR \fIconffile\fR]
+    [\fB-f\fR \fIdriftfile\fR] [\fB-k\fR \fIkeyfile\fR] [\fB-l\fR \fIlogfile\fR] [\fB-p\fR \fIpidfile\fR]
+    [\fB-P\fR \fIpriority\fR] [\fB-r\fR \fIbroadcastdelay\fR] [\fB-s\fR \fIstatsdir\fR]
+    [\fB-t\fR \fItrustedkey\fR] [\fB-U\fR \fIinterface_update_time\fR]
+.fi
+
+.SH DESCRIPTION
+The \fBntpd\fR program is an operating system daemon that synchronises the system clock with remote NTP time servers or local reference clocks. It is a complete implementation of the Network Time Protocol (\fBNTP\fR) version 4, but also retains compatibility with version 3, as defined by \fIRFC 1305\fR, and versions 1 and 2, as defined by \fIRFC 1059\fR and \fIRFC 1119\fR, respectively.
+.SS How \fBNTP\fR Operates
+The \fBntpd\fR program operates by exchanging messages with one or more configured servers at designated intervals ranging from about one minute to about 17 minutes. When started, the program requires several exchanges while the algorithms accumulate and groom the data before setting the clock. The initial delay to set the clock can be reduced using options as described in the server options page  at file:///usr/share/doc/ntp/confopt.html.
+.LP
+When the machine is booted, the hardware time of day (TOD) chip is used to initialize the operating system time. After the machine has synchronized to a \fBNTP\fR server, the operating system corrects the chip from time to time. During the course of operation if for some reason the system time is more than 1000s offset from the server time, \fBntpd\fR assumes something must be terribly wrong and exits with a panic message to the system log. If it was started via SMF, the ntp service is placed into maintainance mode and must be cleared manually. The -g option overrides this check at startup and allows \fBntpd\fR to set the clock to the server time regardless of the chip time, but only once.
+.LP
+Under ordinary conditions, \fBntpd\fR slews the clock so that the time is effectively continuous and never runs backwards. If due to extreme network congestion an error spike exceeds the \fIstep threshold\fR (128ms by default), the spike is discarded. However, if the error persists for more than the \fIstepout threshold\fR (900s by default) the system clock is stepped to the correct value. In practice the need for a step is extremely rare and almost always the result of a hardware failure. With the -x option the step threshold is increased to 600s. Other options are available using the \fItinker\fR command as described in the miscellaneous options page at file:///usr/share/doc/ntp/miscopt.html.
+.LP
+The issues should be carefully considered before using these options. The maximum slew rate possible is limited to 500 parts-per-million (PPM) by the Unix kernel. As a result, the clock can take 2000s for each second the clock is outside the acceptable range. During this interval the clock will not be consistent with any other network clock and the system cannot be used for distributed applications that require correctly synchronized network time.
+.LP
+.SS Frequency Discipline
+The frequency file, usually called ntp.drift, contains the latest estimate of clock frequency. If this file does not exist when ntpd is started, it enters a special mode designed to measure the particular frequency directly. The measurement takes 15 minutes, after which the frequency is set and ntpd resumes normal mode where the time and frequency are continuously adjusted. The frequency file is updated at intervals of an hour or more depending on the measured clock stability.
+.SS Operating Modes
+The \fBntpd\fR daemon can operate in any of several modes, including symmetric active/passive, client/server broadcast/multicast and manycast, as described in the Association Management page at file:///usr/share/doc/ntp/assoc.html. It normally operates continuously while monitoring for small changes in frequency and trimming the clock for the ultimate precision. However, it can operate in a one-time mode where the time is set from an external server and frequency is set from a previously recorded frequency file. A broadcast/multicast or manycast client can discover remote servers, compute server-client propagation delay correction factors and configure itself automatically. This makes it possible to deploy a fleet of workstations without specifying configuration details specific to the local environment.
+.LP
+By default, \fBntpd\fR runs in continuous mode where each of possibly several external servers is polled at intervals determined by an intricate phase/frequency-lock feedback loop. The feedback loop measures the incidental roundtrip delay jitter and oscillator frequency wander and determines the best poll interval using a heuristic algorithm. Ordinarily, and in most operating environments, the state machine will start with 64s intervals and eventually increase in steps to 1024s. A small amount of random variation is introduced in order to avoid bunching at the servers. In addition, should a server become unreachable for some time, the poll interval is increased in steps to 1024s in order to reduce network overhead. In general it is best not to force \fBntpd\fR to use specific poll intervals, allowing it to choose the best intervals based its current needs and the quality of the available servers and the clock.
+.LP
+In some cases it may not be practical for \fBntpd\fR to run continuously. In the past a common workaround has been to run the \fBntpdate\fR program from a cron job at designated times. However, \fBntpdate\fR does not have the crafted signal processing, error checking and mitigation algorithms of \fBntpd\fR. The \fBntpd\fR daemon with -q option is intended to replace \fBntpdate\fR when used in this manner. Setting this option will cause \fBntpd\fR to exit just after setting the clock for the first time. The procedure for initially setting the clock is the same as in continuous mode; most applications will probably want to specify the iburst keyword with the server configuration command. With this keyword a volley of messages are exchanged to groom the data and the clock is set in about 10s. If nothing is heard after a couple of minutes, the daemon times out and exits. Eventually the \fBntpdate\fR program may be retired.
+.SS Kernel Clock Discipline
+The kernel supports a method specific to \fBntpd\fR to discipline the clock frequency. First, \fBntpd\fR is run in continuous mode with selected servers in order to measure and record the intrinsic clock frequency offset in the frequency file. It may take some hours for the frequency and offset to settle down. Then \fBntpd\fR is run in normal mode as required. At each startup, the frequency is read from the file and initializes the kernel frequency, thus avoiding the settling period.
+When the kernel discipline is in use, the system's clock is adjusted at each system tick and thus the system clock is always as accurate as possible. When the kernel discipline is not used the clock is adjusted once each second. It is important to delete the ntp.drift file before starting \fBntpd\fR if the intrinsic frequency might have changed, such as by a motherboard swap.
+.SS Poll Interval Control
+The \fBntpd\fR program includes an intricate clock discipline to reduce the network 
+load while maintaining a quality of synchronization consistent with the observed 
+jitter and wander. There are a number of ways to tailor the operation in order to enhance 
+accuracy by reducing the interval or to reduce network overhead by increasing it. However, the user is advised to carefully consider the consequences of changing the poll adjustment range from the default. It is not the case that shorter poll intervals will necessarily 
+lead to more accuracy. Most device drivers will not operate properly if the poll interval is less than 64 s and that the broadcast server and manycast client associations will also use the default, unless overridden. In general, it is best to let \fBntpd\fR determine the best polling interval.
+.LP
+In some cases involving dial up or toll services, it may be useful to increase the minimum interval to a few tens of minutes and maximum interval to a day or so. Under normal operation conditions, once the clock discipline loop has stabilized the interval will be increased in steps from the minimum to the maximum. However, this assumes the intrinsic clock frequency error is small enough for the discipline loop correct it. The capture range of the loop is 500 PPM at an interval of 64s decreasing by a factor of two for each doubling of interval. At a minimum of 1,024 s, for example, the capture range is only 31 PPM. 
+.SS The Huff-n'-Puff Filter
+In scenarios where a considerable amount of data are to be downloaded or uploaded over bandwidth limited links, timekeeping quality can be seriously degraded due to the different delays in the two directions. In many cases the apparent time errors are so large as to exceed the step threshold and a step correction can occur during and after the data transfer is in progress.
+.LP
+The huff-n'-puff filter is designed to correct the apparent time offset in these cases. It depends on knowledge of the propagation delay when no other traffic is present. The filter maintains a shift register that remembers the minimum delay over the most recent interval measured usually in hours. Under conditions of severe delay, the filter corrects the apparent offset using the sign of the offset and the difference between the apparent delay and minimum delay. The name of the filter reflects the negative (huff) and positive (puff) correction, which depends on the sign of the offset.
+.LP
+The filter is activated by the tinker command and huffpuff keyword, as described in the Miscellaneous Options page at file:///usr/share/doc/ntp/miscopt.html.
+.SS Leap Second Processing
+As provided by international agreement, an extra second is sometimes inserted in Coordinated Universal Time (UTC) at the end of a selected month, usually June or December. The National Institutes of Standards and Technology (NIST) provides an historic leapseconds file at time.nist.gov for retrieval via FTP. This file, usually called ntp-leapseconds.list, is copied into the /etc/inet directory and the leapfile configuration command then specifies the path to this file. At startup, ntpd reads it and initializes three leapsecond values: the NTP seconds at the next leap event, the offset of UTC relative to International Atomic Time (TAI) after the leap and the NTP seconds when the leapseconds file expires and should be retrieved again.
+.LP
+If a host does not have the leapsecond values, they can be obtained over the net using the Autokey security protocol. Ordinarily, the leapseconds file is installed on the primary servers and the values flow from them via secondary servers to the clients. When multiple servers are involved, the values with the latest expiration time are used.
+.LP
+If the latest leap is in the past, nothing further is done other than to install the TAI offset. If the leap is in the future less than 28 days, the leap warning bits are set. If in the future less than 23 hours, the kernel is armed to insert one second at the end of the current day. Additional details are in the The NTP Timescale and Leap Seconds white paper at http://www.eecis.udel.edu/~mills/leap.html.
+.LP
+If none of the above provisions are available, dsependent servers and clients tally the leap warning bits of surviving servers and reference clocks. When a majority of the survivors show warning, a leap is programmed at the end of the current month. During the month and day of insertion, they operate as above. In this way the leap is is propagated at all dependent servers and clients.
+.LP
+.SH OPTIONS
+.TP
+.BR \-4 ", " \--ipv4
+Force DNS resolution of following host names on the command line
+to the IPv4 namespace. Cannot be used with the \fB--ipv6\fR option.
+.TP
+.BR \-6 ", " \--ipv6
+Force DNS resolution of following host names on the command line
+to the IPv6 namespace. Cannot be used with the \fB--ipv6\fR option.
+.TP
+.BR \-a ", " \--authreq
+Require cryptographic authentication for broadcast client,
+multicast client and symmetric passive associations.
+This is the default.
+This option must not appear with authnoreq option.
+.TP
+.BR \-A ", " \--authnoreq
+Do not require cryptographic authentication for broadcast client,
+multicast client and symmetric passive associations.
+This is almost never a good idea. This option must not appear with the authreq option.
+.TP
+.BR \-b ", " \--bcastsync
+Enable the client to sync to broadcast servers.
+.sp
+.TP
+.BR \-c " \fIstring\fP, " \--configfile "=" \fIstring\fP
+The name and path of the configuration file,
+/etc/inet/ntp.conf by default.
+.TP
+.BR \-d ", " \--debug-level
+Increase output debug message level.
+This option may appear an unlimited number of times.
+.TP
+.BR \-D " \fIstring\fP, " \--set-debug-level "=" \fIstring\fP
+Set the output debugging level.  Can be supplied multiple times,
+but each overrides the previous value(s).
+.TP
+.BR \-f " \fIstring\fP, " \--driftfile "=" \fIstring\fP
+The name and path of the frequency file,
+/var/ntp/ntp.drift by default.
+.TP
+.BR \-g ", " \--panicgate
+Allow the first adjustment to exceed the panic limit.
+.sp
+Normally,
+\fBntpd\fR
+exits with a message to the system log if the offset exceeds the panic threshold, which is 1000s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that,
+\fBntpd\fR
+will exit with a message to the system log. This option can be used with the
+-q
+and
+-x
+options.
+See the
+tinker
+configuration file directive for other options.
+.TP
+.BR \-k " \fIstring\fP, " \--keyfile "=" \fIstring\fP
+Specify the name and path of the symmetric key file.
+/etc/inet/ntp.keys
+is the default.
+.TP
+.BR \-l " \fIstring\fP, " \--logfile "=" \fIstring\fP
+Specify the name and path of the log file.
+The default is the system log file.
+.TP
+.BR \-L ", " \--novirtualips
+Do not listen to virtual IPs. The default is to listen.
+.TP
+.BR \-m ", " \--mdns
+Register as a NTP server with mDNS system. Implies that you are willing to serve time to others.
+.TP
+.BR \-n ", " \--nofork
+Do not fork.
+.sp
+.TP
+.BR \-N ", " \--nice
+To the extent permitted by the operating system, run
+\fBntpd\fR
+at the highest priority.
+.TP
+.BR \-p " \fIstring\fP, " \--pidfile "=" \fIstring\fP
+Specify the name and path of the file used to record
+\fBntpd\fR's
+process ID.
+.TP
+.BR \-P " \fInumber\fP, " \--priority "=" \fInumber\fP
+To the extent permitted by the operating system, run
+\fBntpd\fR
+at the specified
+sched_setscheduler(SCHED_FIFO)
+priority.
+.TP
+.BR \-q ", " \--quit
+Set the time and quit.
+\fBntpd\fR
+will exit just after the first time the clock is set. This behavior mimics that of the
+\fBntpdate\fR
+program, which is to be retired.
+The
+-g
+and
+-x
+options can be used with this option.
+Note: The kernel time discipline is disabled with this option.
+.TP
+.BR \-r " \fIstring\fP, " \--propagationdelay "=" \fIstring\fP
+Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol.
+.TP
+.BR \-s " \fIstring\fP, " \--statsdir "=" \fIstring\fP
+Specify the directory path for files created by the statistics facility. This is the same operation as the statsdir statsdir command.
+.TP
+.BR \-t " \fInumber\fP, " \--trustedkey "=" \fInumber\fP
+Add a key number to the trusted key list. This option can occur more than once. This is the same operation as the trustedkey key command. 
+.TP
+.BR \-U " \fInumber\fP, " \--updateinterval "=" \fInumber\fP
+interval in seconds between scans for new or dropped interfaces.
+This option takes an integer number as its argument.
+.sp
+Give the time in seconds between two scans for new or dropped interfaces.
+For systems with routing socket support the scans will be performed shortly after the interface change
+has been detected by the system.
+Use 0 to disable scanning. 60 seconds is the minimum time between scans.
+.TP
+.BR \--var "=" \fInvar\fP
+make ARG an ntp variable (RW).
+This option may appear an unlimited number of times.
+.sp
+.TP
+.BR \--dvar "=" \fIndvar\fP
+make ARG an ntp variable (RW|DEF).
+This option may appear an unlimited number of times.
+.sp
+.TP
+.BR \-x ", " \--slew
+Slew up to 600 seconds.
+.sp
+Normally, the time is slewed if the offset is less than the step threshold, which is 128 ms by default, and stepped if above the threshold.
+This option sets the threshold to 600 s, which is well within the accuracy window to set the clock manually.
+Note: Since the slew rate of typical Unix kernels is limited to 0.5 ms/s, each second of adjustment requires an amortization interval of 2000 s.
+Thus, an adjustment as much as 600 s will take almost 14 days to complete.
+This option can be used with the
+-g
+and
+-q
+options.
+See the
+tinker
+configuration file directive for other options.
+Note: The kernel time discipline is disabled with this option.
+.TP
+.BR \-? , " \--help"
+Display usage information and exit.
+.TP
+.BR \-! , " \--more-help"
+Extended usage information passed thru pager.
+.TP
+.BR " \--version"
+Output version of program and exit.  
+.SH OPTION PRESETS
+All of the above options except the last three may be preset
+by loading values from environment variables named:
+.nf
+  \fBNTPD_<option-name>\fP or \fBNTPD\fP
+.fi
+.aj
+The environmental presets take precedence (are processed later than)
+the configuration files. The option-name should be in all capital letters.
+For example, to set the --quit option, you would set the NTPD_QUIT environment
+variable.
+.SH AUTOMATIC SERVICE MANAGEMENT (SMF)
+\fBNTP\fR on Solaris is managed via the service management facility described in 
+ \fBsmf\fR(5). There are several options controlled by services properties which 
+can be set by the system administrator. The available options can be listed by
+executing the following command:
+.nf
+	svccfg -s svc:/network/ntp:default listprop config
+.fi
+.aj
+Each of these properties can be set using this command:
+.nf
+	svccfg -s  svc:/network/ntp:default setprop \fIpropname\fP = \fIvalue\fP
+.fi
+.aj
+The available options and there meaning are as follows:
+.TP
+.BR config/always_allow_large_step
+A boolean which when false, prevents ntpd from allowing step larger than 17 minutes except once
+when the system boots. The default is true, which allows such a large step once each time ntpd starts.
+.TP
+.BR config/debuglevel
+An integer specifying the level of debugging requested. A zero means no debugging. The default is zero.
+.TP
+.BR config/logfile
+A string specifying the location of the file used for log output. The defualt is /var/ntp/ntp.log
+.TP
+.BR config/no_auth_required
+A boolean which when true, specifies that anonymous servers such as broadcast, multicast and active peers 
+can be accepted without any pre-configured keys. This is very insecure and should only be used if
+the nework is secure and all the systems on it are trusted. The defualt is false.
+.TP 
+.BR config/slew_always
+A boolean which when true, instructs ntpd to slew the clock as much as possible, instead of stepping the clock. It 
+does not prevent all stepping, but increases the threshold above which stepping is used. It also disables the use
+of the kernel \fBNTP=fP facility, which is incompatible with long slew times. The default is false.
+.TP
+.BR config/wait_for_sync
+A boolean which when true, causes the \fBNTP\fP service to delay coming completely on-line until after the first 
+time the system clock is synchronized. This can potetially delay the system start up by a significant amount. The
+default is false.
+.TP
+.BR config/mdnsregister
+A boolean which when true, will cause the daemon to register with the network mDNS system. The default is false.
+.TP
+.BR config/verbose_logging
+A boolean which when true, cause the daemon to issue logging messages. The default is false.
+.SH NOTES
+The system clock must be set to within 68 years of the actual time before \fBntpd\fR is started.
+.LP
+The \fBntpd\fR service is managed by the service management facility, \fBsmf\fR(5), under the service identifier:
+.sp
+.in +2
+.nf
+svc:/network/ntp:default
+.fi
+.in -2
+.LP
+Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using \fBsvcadm\fR(1M). The service's status can
+be queried using the \fBsvcs\fR(1) command.
+.sp
+In contexts where a host name is expected, a -4 qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a -6 qualifier forces DNS resolution to the IPv6 namespace.
+.LP
+Various internal \fBntpd\fR variables can be displayed and configuration options altered while the \fBntpd\fR is running using the \fBntpq\fR and \fBntpdc\fR utility programs.
+.LP
+When \fBntpd\fR starts it looks at the value of umask, and if zero \fBntpd\fR will set the umask to 022.
+.LP
+Source for \fBntpd\fR is available on http://src.opensolaris.org.
+.LP
+The documentation available at /usr/share/doc/ntp is provided as is from the 
+\fBNTP\fR distribution and may contain information that is not applicable to 
+the software as provided in this partIcular distribution.
+.PP
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i)
+lw(2.75i) |lw(2.75i)
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilityservice/network/ntp
+=
+Interface StabilityUncommitted
+.TE 
+.PP
+.SH SEE ALSO
+.LP
+\fBsvcs\fR(1), \fBsntp\fR(1M), \fBntp-keygen\fR(1M), \fBntpdate\fR(1m), \fBntpq\fR(1M), \fBntptrace\fR(1M), \fBntptime\fR(1M), \fBsvcadm\fR(1M), \fBntpdc\fR(1M), \fBrename\fR(2), \fBattributes\fR(5), \fBsmf\fR(5)
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntpdate.1m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,108 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntpdate" "1M" "" "" "System Administration Commands"
+.SH NAME
+ntpdate \- set the date and time with NTP
+.SH SYNOPSIS
+.LP
+.B /usr/sbin/ntpdate
+[\fB-46bBdqsuv\fR] [\fB-a\fR \fIkey\fR] [\fB-e\fR \fIAuthdelay\fR] [\fB-k\fR \fIkeyfile\fR] [\fB-o\fR \fIversion\fR] [\fB-p\fR \fIsamples\fR] [\fB-t\fR \fItimeout\fR] \fIserver\fR [ ... ]
+.SH "OPTIONS"
+.TP
+.BR "-4"
+Force DNS resolution of following host names on the command line to the IPv4 namespace.
+.TP
+.BR "-6"
+Force DNS resolution of following host names on the command line to the IPv6 namespace.
+.TP
+.BR "-a \fIkey\fP"
+Enable authentication and specify the key identifier to be used for authentication as the argument \fIkey\fR. The keys and key identifiers must match in both the client and server key files. The default is to disable authentication.
+.TP
+.BR "-B"
+Force the time to always be slewed using the adjtime() system call, even if the measured offset is greater than 0.5 seconds. The default is to step the time using settimeofday() if the offset is greater than +-0.5s. Note that, if the offset is much greater than +-0.5s in this case, that it can take a long time (hours) to slew the clock to the correct value. During this time, the host should not be used to synchronize clients.
+.TP
+.BR "-b"
+Force the time to be stepped using the settimeofday() system call, rather than slewed (default) using the adjtime() system call. This option should be used when called from a startup file at boot time.
+.TP
+.BR "-d "
+Enable the debugging mode, in which \fBntpdate\fR will go through all the steps, but not adjust the local clock. Information useful for general debugging will also be printed.
+.TP
+.BR "-e \fIauthdelay\fP"
+Specify the processing delay to perform an authentication function as the value \fIauthdelay\fR, in seconds and fraction (see \fBntpd\fR for details). This number is usually small enough to be negligible for most purposes, though specifying a value may improve timekeeping on very slow CPU's.
+.TP
+.BR "-k \fIkeyfile\fP"
+Specify the path for the authentication key file as the string \fIkeyfile\fR. The default is \fB/etc/inet/ntp.keys\fR. This file should be in the format described in \fBntpd\fR.
+.TP
+.BR "-o \fIversion\fP"
+Specify the NTP version for outgoing packets as the integer \fIversion\fR, which can be 1 or 2. The default is 3. This allows \fBntpdate\fR to be used with older NTP versions.
+.TP
+.BR "-p \fIsamples\fP"
+Specify the number of samples to be acquired from each server as the integer \fIsamples\fR, with values from 1 to 8 inclusive. The default is 4.
+.TP
+.BR "-q"
+Query only - don't set the clock.
+.TP
+.BR "-s"
+Divert logging output from the standard output (default) to the system \fBsyslog\fR facility.
+.TP
+.BR "-t \fItimeout\fP"
+Specify the maximum time waiting for a server response as the value \fItimeout\fR, in seconds and fraction. The value is is rounded to a multiple of 0.2 seconds. The default is 1 second, a value suitable for polling across a LAN.
+.TP
+.BR "-u"
+Direct \fBntpdate\fR to use an unprivileged port or outgoing packets. This is most useful when behind a firewall that blocks incoming traffic to privileged ports, and you want to synchronise with hosts beyond the firewall. Note that the \fB-d\fR option always uses unprivileged ports.
+.TP
+.BR "-v"
+Print \fBntpdate\fR's version identification string during program startup.
+.SH "DESCRIPTION"
+\fBntpdate\fR sets the local date and time by polling the Network Time Protocol (NTP) server(s) given as the \fIserver\fR arguments to determine the correct time. It must be run as root unless the \fB-d\fR or \fB-q\fR options are used. A number of samples are obtained from each of the servers specified and a subset of the NTP clock filter and selection algorithms are applied to select the best of these. Note that the accuracy and reliability of \fBntpdate\fR depends on the number of servers, the number of polls each time it is run and the interval between runs.
+.LP
+\fBntpdate\fR can be run manually as necessary to set the host clock, or it can be run from the host startup script to set the clock at boot time. It is also possible to run \fBntpdate\fR from a \fBcron\fR script. However, it is important to note that \fBntpdate\fR with contrived \fBcron\fR scripts is no substitute for the NTP daemon, which uses sophisticated algorithms to maximize accuracy and reliability while minimizing resource use. Finally, since \fBntpdate\fR does not discipline the host clock frequency as does \fBntpd\fR, the accuracy using \fBntpdate\fR is limited.
+.LP
+Time adjustments are made by \fBntpdate\fR in one of two ways. If \fBntpdate\fR determines the clock is in error more than 0.5 second it will simply step the time by calling the system \fBsettimeofday()\fR routine. If the error is less than 0.5 seconds, it will slew the time by calling the system \fBadjtime()\fR routine. The latter technique is less disruptive and more accurate when the error is small, and works quite well when \fBntpdate\fR is run by \fBcron\fR every hour or two.
+\fBntpdate\fR will decline to set the date if an NTP server daemon (e.g., \fBntpd\fR) is running on the same host. When running \fBntpdate\fR on a regular basis from \fBcron\fR as an alternative to running a daemon, doing so once every hour or two will result in precise enough timekeeping to avoid stepping the clock.
+Note that in contexts where a host name is expected, a \fB-4\fR qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a \fB-6\fR qualifier forces DNS resolution to the IPv6 namespace.
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+box;
+cbp-1 | cbp-1
+l | l .
+ATTRIBUTE TYPE	ATTRIBUTE VALUE
+=
+Availability	service/network/ntp
+=
+Interface Stability	Uncommitted Obsolete
+.TE 
+.PP
+.SH NOTES
+Source for ntpdate is available on http://src.opensolaris.org.
+.LP
+Disclaimer: The functionality of this program is now available in the \fBntpd\fB program. See the \fB-q\fB command line option in the \fBntpd\fB - Network Time Protocol (NTP) daemon man page. After a suitable period, the \fBntpdate\fB program is to be retired from this distribution
+.TE
+.PP
+.SH SEE ALSO
+.LP
+\fBntpd\fR(1M), \fBntpdc\fR(1M), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntpdc.1m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,334 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntpdc" "1M" "" "" "System Administration Commands"
+.SH NAME
+ntpdc \- Network Time Protocol special query program
+.SH SYNOPSIS
+.LP
+.B /usr/sbin/ntpdc
+[\fB-46lpsidnv?!\fR] [\fB-c\fR \fIcommand\fR] [\fB-D\fR \fIdebuglvl\fR]
+[\fB-<\fR \fIoptfile\fR] [\fB->\fR \fIoptfile\fR]  [\fIhost\fR] [...]
+.fi
+.SH "OPTIONS"
+Specifying a command line option other than \fB-i\fP or \fB-n\fP will cause the specified query (queries) to be sent to the indicated host(s) immediately. Otherwise, \fBntpdc\fP will attempt to read interactive format commands from the standard input.
+.LP
+.TP
+.BR "-4"
+Force DNS resolution of following host names on the command line to the IPv4 namespace.
+.TP
+.BR "-6"
+Force DNS resolution of following host names on the command line to the IPv6 namespace.
+.TP
+.BR "-c \fIcommand\fP"
+The argument \fIcommand\fP is interpreted as an interactive command and is added to the list of commands to be executed on the specified host(s). Multiple -c options may be given.
+.TP
+.BR "-i"
+Force \fBntpdc\fP to operate in interactive mode. Prompts will be written to the standard output and commands read from the standard input.
+.TP
+.BR "-l"
+Obtain a list of peers which are known to the server(s). This switch is equivalent to \fB-c listpeers\fP.
+.TP
+.BR "-n"
+Output all host addresses in numeric format rather than converting to the canonical host names.
+.TP
+.BR "-p"
+Print a list of the peers known to the server as well as a summary of their state. This is equivalent to \fB-c peers\fP.
+.TP
+.BR "-s"
+Print a list of the peers known to the server as well as a summary of their state, but in a slightly different format than the -p switch. This is equivalent to \fB-c dmpeers\fP.
+.SH "DESCRIPTION"
+\fBntpdc\fP is used to query the \fBntpd\fP daemon about its current state and to request changes in that state. The program may be run either in interactive mode or controlled using command line arguments. Extensive state and statistics information is available through the \fBntpdc\fP interface. In addition, nearly all the configuration options which can be specified at startup using ntpd's configuration file may also be specified at run time using \fBntpdc\fP.
+If one or more request options are included on the command line when \fBntpdc\fP is executed, each of the requests will be sent to the NTP servers running on each of the hosts given as command line arguments, or on localhost by default. If no request options are given, \fBntpdc\fP will attempt to read commands from the standard input and execute these on the NTP server running on the first host given on the command line, again defaulting to localhost when no other host is specified. \fBntpdc\fP will prompt for commands if the standard input is a terminal device.
+.LP
+\fBntpdc\fP uses NTP mode 7 packets to communicate with the NTP server, and hence can be used to query any compatible server on the network which permits it. Note that since NTP is a UDP protocol this communication will be somewhat unreliable, especially over large distances in terms of network topology. \fBntpdc\fP makes no attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time.
+.LP
+The operation of \fBntpdc\fP are specific to the particular implementation of the \fBntpd\fP daemon and can be expected to work only with this and maybe some previous versions of the daemon. Requests from a remote \fBntpdc\fP program which affect the state of the local server must be authenticated, which requires both the remote program and local server share a common key and key identifier.
+.LP
+Note that in contexts where a host name is expected, a \fB-4\fP qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a \fB-6\fP qualifier forces DNS resolution to the IPv6 namespace.
+.LP
+.SS "Interactive Commands"
+Interactive format commands consist of a keyword followed by zero to four arguments. Only enough characters of the full keyword to uniquely identify the command need be typed. The output of a command is normally sent to the standard output, but optionally the output of individual commands may be sent to a file by appending a \fB>\fP, followed by a file name, to the command line.
+.LP
+A number of interactive format commands are executed entirely within the \fBntpdc\fP program itself and do not result in NTP mode 7 requests being sent to a server. These are described following.
+.LP
+.TP
+.BR "? [ \fIcommand_keyword\fP ], help [ \fIcommand_keyword\fP ]"
+A \fB?\fP by itself will print a list of all the command keywords known to this incarnation of \fBntpq\fP. A \fB?\fP followed by a command keyword will print function and usage information about the command. This command is probably a better source of information about \fBntpq\fP than this manual page.
+.TP
+.BR "delay \fImilliseconds\fP"
+Specify a time interval to be added to timestamps included in requests which require authentication. This is used to enable (unreliable) server reconfiguration over long delay network paths or between machines whose clocks are unsynchronized. Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete.
+.TP
+.BR "host \fIhostname\fP"
+Set the host to which future queries will be sent. Hostname may be either a host name or a numeric address.
+.TP
+.BR "hostnames [ yes | no ]"
+If \fByes\fP is specified, host names are printed in information displays. If \fBno\fP is specified, numeric addresses are printed instead. The default is \fByes\fP, unless modified using the command line \fB-n\fP switch.
+.TP
+.BR "keyid \fIkeyid\fP"
+This command allows the specification of a
+key number to be used to authenticate configuration
+requests from ntpdc to the host(s). This must
+correspond to a key number which the host/server has
+been configured to use for this purpose (server
+options: \fBtrustedkey\fP, and
+\fBrequestkey\fP).  If authentication is not
+enabled on the host(s) for ntpdc
+commands, the command
+\fB"keyid 0"\fP should be given; otherwise the
+\fIkeyid\fP of the next subsequent \fBaddpeer/addserver/broadcast
+\fP command will
+be used.  
+.TP
+.BR "quit"
+.TP
+.BR "exit"
+Exit \fBntpdc\fP.
+.TP
+.BR "debug [ no | more | less ]"
+With no parameter displays the current \fBntpdc\fP debug level. The \fBno\fP flag turns off all debugging, 
+while \fBmore\fP and \fBless\fP increase and decrease the level respectively.
+.TP
+.BR "passwd"
+This command prompts you to type in a password (which will not be echoed) which will be used to authenticate configuration requests. The password must correspond to the key configured for use by the NTP server for this purpose if such requests are to be successful.
+.TP
+.BR "timeout \fImilliseconds\fP"
+Specify a timeout period for responses to server queries. The default is about 8000 milliseconds. Note that since \fBntpdc\fP retries each query once after a timeout, the total waiting time for a timeout will be twice the timeout value set.
+.TP
+.BR "version"
+Display the version of the \fBntpdc\fP command.
+.SS "Control Message Commands"
+Query commands result in NTP mode 7 packets containing requests for information being sent to the server. These are read-only commands in that they make no modification of the server configuration state.
+.LP
+.TP
+.BR "listpeers"
+Obtains and prints a brief list of the peers for which the server is maintaining state. These should include all configured peer associations as well as those peers whose stratum is such that they are considered by the server to be possible future synchronization candidates.
+.TP
+.BR "peers"
+Obtains a list of peers for which the server is maintaining state, along with a summary of that state. Summary information includes the address of the remote peer, the local interface address (0.0.0.0 if a local address has yet to be determined), the stratum of the remote peer (a stratum of 16 indicates the remote peer is unsynchronized), the polling interval, in seconds, the reachability register, in octal, and the current estimated delay, offset and dispersion of the peer, all in seconds.
+The character in the left margin indicates the mode this peer entry is operating in. A \fB+\fP denotes symmetric active, a \fB-\fP indicates symmetric passive, a \fB=\fP means the remote server is being polled in client mode, a \fB^\fP indicates that the server is broadcasting to this address, a \fB~\fP denotes that the remote peer is sending broadcasts and a \fB*\fP marks the peer the server is currently synchronizing to.
+The contents of the host field may be one of four forms. It may be a host name, an IP address, a reference clock implementation name with its parameter or
+.BR "REFCLK(\fIimplementation number\fP, \fIparameter\fP)"
+On \fBhostnames no\fP only IP-addresses will be displayed.
+.LP
+.TP
+.BR "dmpeers"
+A slightly different peer summary list. Identical to the output of the \fBpeers\fP command, except for the character in the leftmost column. Characters only appear beside peers which were included in the final stage of the clock selection algorithm. A \fB.\fP indicates that this peer was cast off in the falseticker detection, while a \fB+\fP indicates that the peer made it through. A \fB*\fP denotes the peer the server is currently synchronizing with.
+.TP
+.BR "showpeer \fIpeer_address\fP [...]"
+Shows a detailed display of the current peer variables for one or more peers. Most of these values are described in the NTP Version 2 specification.
+.TP
+.BR "pstats \fIpeer_address\fP [...]"
+Show per-peer statistic counters associated with the specified peer(s).
+.TP
+.BR "clockstat \fIclock_peer_address\fP [...]"
+Obtain and print information concerning a peer clock. The values obtained provide information on the setting of fudge factors and other clock performance information.
+.TP
+.BR "kerninfo"
+Obtain and print kernel phase-lock loop operating parameters. This information is available if the host supports the \fBntp_adjtime\fP system call.
+.TP
+.BR "loopinfo [ oneline | multiline ]"
+Print the values of selected loop filter variables. The loop filter is the part of NTP which deals with adjusting the local system clock. The \fBoffset\fP is the last offset given to the loop filter by the packet processing code. The \fBfrequency\fP is the frequency error of the local clock in parts-per-million (ppm). The \fBtime_const\fP controls the stiffness of the phase-lock loop and thus the speed at which it can adapt to oscillator drift. The \fBwatchdog timer\fP value is the number of seconds which have elapsed since the last sample offset was given to the loop filter. The \fBoneline\fP and \fBmultiline\fP options specify the format in which this information is to be printed, with \fBmultiline\fP as the default.
+.TP
+.BR "sysinfo"
+Print a variety of system state variables, i.e., state related to the local server. All except the last four lines are described in the NTP Version 3 specification, RFC-1305.
+The \fBsystem flags\fP show various system flags, some of which can be set and cleared by the \fBenable\fP and \fBdisable\fP configuration commands, respectively. These are the \fBauth\fP, \fBbclient\fP, \fBmonitor\fP, \fBpll\fP, \fBpps\fP and \fBstats\fP flags. See the \fBntpd\fP documentation for the meaning of these flags. There are two additional flags which are read only, the \fBkernel_pll\fP and \fBkernel_pps\fP. These flags indicate the synchronization status when the precision time kernel modifications are in use. The \fBkernel_pll\fP indicates that the local clock is being disciplined by the kernel, while the kernel_pps indicates the kernel discipline is provided by the PPS signal.
+The \fBstability\fP is the residual frequency error remaining after the system frequency correction is applied and is intended for maintenance and debugging. In most architectures, this value will initially decrease from as high as 500 ppm to a nominal value in the range .01 to 0.1 ppm. If it remains high for some time after starting the daemon, something may be wrong with the local clock, or the value of the kernel variable \fBtick\fP may be incorrect.
+The \fBbroadcastdelay\fP shows the default broadcast delay, as set by the \fBbroadcastdelay\fP configuration command.
+The \fBauthdelay\fP shows the default authentication delay, as set by the \fBauthdelay\fP configuration command.
+.TP
+.BR "sysstats"
+Print statistics counters maintained in the protocol module.
+.TP
+.BR "ctlstats"
+Print statistics counters maintained in the control module.
+.TP
+.BR "memstats"
+Print statistics counters related to memory allocation code.
+.TP
+.BR "iostats"
+Print statistics counters maintained in the input-output module.
+.TP
+.BR "timerstats"
+Print statistics counters maintained in the timer/event queue support code.
+.TP
+.BR "reslist"
+Obtain and print the server's restriction list. This list is (usually) printed in sorted order and may help to understand how the restrictions are applied.
+.TP
+.BR "ifstats"
+List interface statistics for interfaces used by ntpd for network communication.
+.TP
+.BR "ifreload"
+Force rescan of current system interfaces. Outputs interface statistics for interfaces that could possibly change. Marks unchanged interfaces with \fB.\fP, added interfaces with \fB+\fP and deleted interfaces with \fB-\fP.
+.TP
+.BR "monlist [ \fIversion\fP ]"
+Obtain and print traffic counts collected and maintained by the monitor facility. The version number should not normally need to be specified.
+.TP
+.BR "clkbug \fIclock_peer_address\fP [...]"
+Obtain debugging information for a reference clock driver. This information is provided only by some clock drivers and is mostly undecodable without a copy of the driver source in hand.
+.SS "Runtime Configuration Requests"
+All requests which cause state changes in the server are authenticated by the server using a configured NTP key (the facility can also be disabled by the server by not configuring a key). The key number and the corresponding key must also be made known to \fBntpdc\fP. This can be done using the \fBkeyid\fP and \fBpasswd\fP commands, the latter of which will prompt at the terminal for a password to use as the encryption key. You will also be prompted automatically for both the key number and password the first time a command which would result in an authenticated request to the server is given. Authentication not only provides verification that the requester has permission to make such changes, but also gives an extra degree of protection against transmission errors.
+.LP
+Authenticated requests always include a timestamp in the packet data, which is included in the computation of the authentication code. This timestamp is compared by the server to its receive time stamp. If they differ by more than a small amount the request is rejected. This is done for two reasons. First, it makes simple replay attacks on the server, by someone who might be able to overhear traffic on your LAN, much more difficult. Second, it makes it more difficult to request configuration changes to your server from topologically remote hosts. While the reconfiguration facility will work well with a server on the local host, and may work adequately between time-synchronized hosts on the same LAN, it will work very poorly for more distant hosts. As such, if reasonable passwords are chosen, care is taken in the distribution and protection of keys and appropriate source address restrictions are applied, the run time reconfiguration facility should provide an adequate level of security.
+.LP
+The following commands all make authenticated requests.
+.LP
+.TP
+.BR "addpeer \fIpeer_address\fP [ \fIkeyid\fP ] [ \fIversion\fP ] "
+.BR "[ \fIminpoll#\fP | prefer | iburst  | burst | minpoll \fIN\fP | \fBmaxpoll\fP \fIN\fP [ \fIdynamic\fP ] [...] ]\fP"
+.TP
+.BR "addpeer \fIpeer_address\fP [ \fBprefer | iburst | burst | minpoll \fIN\fP"
+.BR "| \fBmaxpoll\fP \fIN\fP | \fBkeyid\fP \fIN\fP | \fBversion\fP \fIN\fP [...] ]"
+.sp
+Add a configured peer association at the
+given address and operating in symmetric
+active mode. Note that an existing association
+with the same peer may be deleted when this
+command is executed, or may simply be
+converted to conform to the new configuration,
+as appropriate. If the \fBkeyid\fP
+is nonzero, all outgoing packets to
+the remote server will have an authentication
+field attached encrypted with this key. If the
+value is 0 (or not given) no authentication
+will be done. If ntpdc's key number has not
+yet been set (\fIe.g.,\fP by the keyid
+command), it will be set to this value.
+The \fBversion#\fP can be 1 through 4 and defaults to 3.  The remaining
+options are either a numeric value for \fIminpoll#\fP or
+literals \fBprefer\fP, \fBiburst\fP, 
+\fBburst\fP, \fBminpoll  \fP\fIN\fP,
+\fBkeyid \fP\fIN\fP, \fBversion \fP \fIN\fP, or
+\fBmaxpoll  \fP\fIN\fP (where \fIN\fP is a numeric value), and have the action as specified in the
+\fBpeer\fP configuration file command of
+ntpd.  See the  server options page  at file:///usr/share/doc/ntp/confopt.html for further information.
+Each flag (or its absence) replaces the
+previous setting. The \fBprefer\fP keyword indicates a preferred peer (and thus will be used primarily for clock synchronisation if possible). The preferred peer also determines the validity of the PPS signal - if the preferred peer is suitable for synchronisation so is the PPS signal.
+The \fBdynamic\fP keyword allows association configuration even when no suitable network interface is found at configuration time. The dynamic interface update mechanism may complete the configuration when new interfaces appear (e.g. WLAN/PPP interfaces) at a later time and thus render the association operable.
+.TP
+.BR "addserver \fIpeer_address\fP [ \fIkeyid\fP ] [ \fIversion\fP ] [\fIminpoll#\fP"
+.BR "| prefer | iburst  | burst | minpoll \fIN\fP | maxpoll \fIN\fP [...] ]"
+.TP
+.BR "addserver \fIpeer_address\fP [ \fBprefer | iburst | burst | minpoll \fIN\fP"
+.BR "| maxpoll \fIN\fP | keyid \fIN\fP | version \fIN\fP [...] [ dynamic ] ]"
+.sp
+Identical to the addpeer command, except that the operating mode is client.
+.TP
+.BR "addrefclock \fIclock_address\fP [  \fImode\fP [ \fBprefer | burst | minpoll \fIN\fP"
+.BR "| \fBmaxpoll\fP \fIN\fP  ...]]"
+.sp
+Identical to the addpeer command, except that the address is a REFCLOCK designator and it configures a hardware refclock
+instead of a remote server.
+.TP
+.BR "broadcast \fIpeer_address\fP [ \fIkeyid\fP ] [ \fIversion\fP ] [ prefer ]"
+Identical to the addpeer command, except
+that the operating mode is broadcast. In this
+case a valid non-zero key identifier and key are required. The \fBpeer_address\fP parameter can be the broadcast address of the local network or a multicast group address assigned to NTP. If a multicast address, a multicast-capable kernel is required.
+.TP
+.BR "unconfig \fIpeer_address\fP [...]"
+This command causes the configured bit to be removed from the specified peer(s). In many cases this will cause the peer association to be deleted. When appropriate, however, the association may persist in an unconfigured mode if the remote peer is willing to continue on in this fashion.
+.TP
+.BR "fudge \fIpeer_address\fP [ \fItime1\fP ] [ \fItime2\fP ] [ \fIstratum\fP ] [ \fIrefid\fP ]"
+This command provides a way to set certain data for a reference clock. See the source listing for further information.
+.TP
+.BR "enable [ auth | bclient | calibrate | kernel | monitor | ntp | pps | stats]"
+.TP
+.BR "disable [ auth | bclient | calibrate | kernel | monitor | ntp | pps | stats]"
+These commands operate in the same way as the \fBenable\fP and \fBdisable\fP configuration file commands of \fBntpd\fP. See the <a href="miscopt.html">Miscellaneous Options</a> page for further information.
+.TP
+.BR "restrict \fIaddress mask flag\fP [ \fIflag\fP ]"
+This command operates in the same way as the \fBrestrict\fP configuration file commands of \fBntpd\fP.
+.TP
+.BR "unrestrict \fIaddress mask flag\fP [ \fIflag\fP ]"
+Unrestrict the matching entry from the restrict list.
+.TP
+.BR "delrestrict \fIaddress mask [ ntpport ]\fP"
+Delete the matching entry from the restrict list.
+.TP
+.BR "readkeys"
+Causes the current set of authentication keys to be purged and a new set to be obtained by rereading the keys file (which must have been specified in the \fBntpd\fP configuration file). This allows encryption keys to be changed without restarting the server.
+.TP
+.BR "trustedkey \fIkeyid\fP [...]"
+.TP
+.BR "untrustedkey \fIkeyid\fP [...]"
+.TP
+.BR "controlkey \fIkeyid\fP [...]"
+.TP
+.BR "requestkey \fIkeyid\fP [...]"
+These commands operate in the same way as the corresponding configuration file commands of \fBntpd\fP.
+.TP
+.BR "keytype md5"
+This command specifies the default keytype. Since the only type currently support is md5, this is a nop.
+.TP
+.BR "authinfo"
+Returns information concerning the authentication module, including known keys and counts of encryptions and decryptions which have been done.
+.TP
+.BR "traps"
+Display the traps set in the server. See the source listing for further information.
+.TP
+.BR "addtrap [ \fIaddress\fP [ \fIport\fP ] [ \fIinterface\fP ]"
+Set a trap for asynchronous messages. See the source listing for further information.
+.TP
+.BR "clrtrap [ \fIaddress\fP [ \fIport\fP ] [ \fIinterface\fP]"
+Clear a trap for asynchronous messages. See the source listing for further information.
+.TP
+.BR "reset"
+Clear the statistics counters in various modules of the server. See the source listing for further information.
+.TP
+.BR "preset [\fIpeer_address\fP [...]]"
+Clear the statistics counters in various modules of the server with respect to the indicated peers.
+.SS OPTION PRESETS
+Most options may be preset by loading values from configuration file(s) and values from
+environment variables named:
+.nf
+  \fBNTPDC_<option-name>\fP or \fBNTPDC\fP
+.fi
+.aj
+The environmental presets take precedence (are processed later than)
+the configuration files. The option-name should be in all capital letters.
+For example, to set the --command option, you would set the NTPDC_COMMAND environment
+variable.
+The users home directory and the current directory are searched for a file named .ntprc.
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+box;
+cbp-1 | cbp-1
+l | l .
+ATTRIBUTE TYPE	ATTRIBUTE VALUE
+=
+Availability	service/network/ntp
+=
+Interface Stability	Uncommitted Obsolete
+.TE 
+.PP
+.SH NOTES
+Source for ntpdc is available on http://src.opensolaris.org.
+.TE
+.PP
+.SH SEE ALSO
+.LP
+\fBntpd\fR(1M), \fBntpq\fR(1M), \fBntprc\fR(4), \fBattributes\fR(5)
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntpq.1m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,537 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntpq" "1M" "" "" "System Administration Commands"
+.SH NAME
+ntpq \- Network Time Protocol query program
+.SH SYNOPSIS
+.LP
+.n
+\fB/usr/sbin/ntpq\fR [\fB-46dpinv?!\fR] [\fB-c\fR \fIcommand\fR]
+    [\fB-D\fR \fIdebuglvl\fR] [\fB-<\fR \fIoptfile\fR] [\fB->\fR \fIoptfile\fR]  [\fIhost\fR] [...]
+.fi
+.SH "DESCRIPTION"
+.LP
+The \fBntpq\fR utility program is used to monitor NTP daemon \fBntpd\fR operations and determine performance. It uses the standard NTP mode 6 control message formats defined in Appendix B of the NTPv3 specification RFC1305. The same formats are used in NTPv4, although some
+of the variables have changed and new ones added. The description on this page is for the NTPv4 variables.
+.LP
+The program can be run either in interactive mode or controlled using command line arguments. Requests to read and write arbitrary variables can be assembled, with raw and pretty-printed output options being available. The \fBntpq\fR utility can also obtain and print a list of peers in a common format by sending multiple queries to the server.
+.LP
+If one or more request options are included on the command line when \fBntpq\fR is executed, each of the requests will be sent to the NTP
+servers running on each of the hosts given as command line arguments, or on the localhost by default. If no request options are given, \fBntpq\fR will attempt to read commands from the standard input and execute these on the NTP server running on the first host given on the command line, again defaulting to localhost when no other host is specified. \fBntpq\fR will prompt for commands if the standard input is a terminal device.
+.LP
+The \fBntpq\fR utility uses NTP mode 6 packets to communicate with the NTP server, and hence can be used to query any compatible server on the network which permits it. Note that since NTP is a UDP protocol this communication will be somewhat unreliable, especially over large distances in terms of network topology. The \fBntpq\fR program makes one attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time.
+.LP
+In contexts where a host name is expected, a \fB-4\fR qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a \fB-6\fR qualifier forces DNS resolution to the IPv6 namespace. On the command line, only one of the two  can be given.
+.LP
+For examples of usage of \fBntpq\fR, see the NTP Debugging Techniques page at file:///usr/share/doc/ntp/debug.html.
+.SH OPTIONS
+Specifying a command line option other than \fB-i\fR or \fB-n\fR
+will
+cause the specified query (queries) to be sent to the indicated
+host(s) immediately.
+Otherwise,
+\fBntpq\fR  
+will attempt to read
+interactive format commands from the standard input.
+.TP
+.BR \-4 ", " \-\-ipv4
+Force DNS resolution of following host names on the command line
+to the IPv4 namespace. Cannot be used with the \fB--ipv6\fR option.
+.TP
+.BR \-6 ", " \-\-ipv6
+Force DNS resolution of following host names on the command line
+to the IPv6 namespace. Cannot be used with the \fB--ipv4\fR option.
+.TP
+.BR \-c " \fIcmd\fP, " \-\-command "=" \fIcmd\fP
+The following argument is interpreted as an interactive format command
+and is added to the list of commands to be executed on the specified
+host(s).
+This option may appear an unlimited number of times. After all such 
+commands are executed against all listed hosts, the program exits.
+.TP
+.BR \-d ", " \-\-debug-level
+Increase output debug message level.
+This option may appear an unlimited number of times.
+.TP
+.BR \-D " \fInumber\fP, " \-\-set-debug-level "=" \fIstring\fP
+Set the output debug message level.
+This option may appear an unlimited number of times, but only the last
+one will be used.
+.TP
+.BR \-p ", " \-\-peers
+Print a list of the peers known to the server as well as a summary
+of their state. This is equivalent to the 'peers' interactive command.
+.TP
+.BR \-i ", " \-\-interactive
+Force ntpq to operate in interactive mode.  Prompts will be written
+to the standard output and commands read from the standard input.
+This option must not appear in combination with either the \fB--command\fR or 
+\fB--peers\fR options.
+.TP
+.BR \-n ", " \-\-numeric
+Output all host addresses in numeric format rather than
+converting to the host names. 
+.TP
+.BR \-? , " \-\-help"
+Display usage information and exit.
+.TP
+.BR \-! , " \-\-more-help"
+Extended usage information passed thru a pager.
+.TP
+.BR \-> " \fIrcfile\fP," " \-\-save-opts" "=\fIrcfile\fP"
+Save the option state to \fIrcfile\fP. 
+.TP
+.BR \-< " \fIrcfile\fP," " \-\-load-opts" "=\fIrcfile\fP," " \-\-no-load-opts"
+Load options from \fIrcfile\fP.
+The \fIno-load-opts\fP form will disable the loading
+of earlier RC/INI files.  \fI--no-load-opts\fP is handled early,
+out of order.
+.TP
+.BR \-v ", " \-\-version
+Output version of program and exit.
+.SS OPTION PRESETS
+Most options may be preset by loading values from configuration file(s) and values from
+environment variables named:
+.nf
+  \fBNTPQ_<option-name>\fP or \fBNTPQ\fP
+.fi
+.aj
+The environmental presets take precedence (are processed later than)
+the configuration files. The option-name should be in all capital letters.
+For example, to set the --command option, you would set the NTPQ_COMMAND environment
+variable.
+The users home directory and the current directory are searched for a file named .ntprc.
+.SH USAGE
+Interactive format commands consist of a keyword followed by zero
+to four arguments.
+Only enough characters of the full keyword to uniquely identify the command need be typed.  
+The output of a command is normally sent to the standard output, but optionally the output of 
+individual commands may be sent to a file by appending a \fB>\fR, followed by a file name, to the command line.
+.SS "Internal Commands"
+A number of interactive commands are executed entirely within
+the \fBntpq\fR
+utility itself and do not result in requests being sent to a server. These commands are as follows:
+
+
+                                                                    
+                                                                    
+                                                                    
+cl                                                                  
+                                                                    
+clocklist                                                           
+                                                   timeout          
+                                                   version          
+                                  poll                              
+                                                                    
+                                                   
+                                           
+
+
+.TP
+.BR ? " [\fIcommand_keyword\fP]," "  help "[\fIcommand_keyword\fP]
+Prints a list of all the command keywords known to \fBntpq\fR. Followed by a command keyword will print function and usage
+information about the command.
+.TP 
+.BR addvars " \fIvariable_name\fP[=\fIvalue\fP]" "  ...
+.TP 
+.BR "rmvars \fIvariable_name\fP ..."
+.TP 
+.BR showvars
+.TP
+.BR "clearvars"
+The data carried by NTP mode 6 messages consists of a list of
+items of the form \fIvariable_name=value\fP. In requests to read variable, the \fI=value\fP is ignored, and can be omitted.
+The \fBntpq\fR utility maintains an internal list in which data to be included in control
+messages can be assembled, and sent using the \fBreadlist\fP and \fBwritelist\fP
+commands described below.
+The \fBaddvars\fP command allows variables and their optional values to be added to
+the list.
+If more than one variable is to be added, the list should
+be comma-separated and not contain white space. The \fBshowvars\fP command lists the
+current variable list.
+The \fBrmvars\fP command can be used to remove individual variables from the list,
+while the \fBclearlist\fP command removes all variables from the
+list.
+.TP 
+.BR "authenticate [ yes | no ]"
+Normally
+\fBntpq\fR
+only sends authentication with  write requests.
+The command \fBauthenticate yes\fP causes
+\fBntpq\fR
+to send authentication with all requests it
+makes.  The command \fBauthenticate\fP with no keyword
+causes
+\fBntpq\fR
+to display whether or not
+\fBntpq\fR
+is currently authenticating requests.
+.TP
+.BR ":config \fIconfig_command\fP"
+Sends the entire line after \fB:config\fP to the \fBntpd\fP daemon to be interpreted as a configuration file 
+command. Multiple commands may be separated by semi-colons.
+.TP
+.BR "config-from-file \fIconfig_file\fP"
+Sends the entire file \fIconfig_file\fP to the \fBntpd\fP daemon to be interpreted as configuration file 
+commands.
+.TP
+.BR cooked
+Causes output from query commands to be "cooked", so that
+variables which are recognized by
+\fBntpq\fR
+will have their
+values reformatted for human consumption.
+Variables which
+\fBntpq\fR
+thinks should have a decodable value but didn't are
+marked with a trailing ?.
+.TP
+.BR "debug [ more | less | off ]"
+With no argument, displays the current debug level.
+Otherwise, the debug level is changed by the indicated amount.
+.TP
+.BR delay " \fImilliseconds\fP"
+Specify a time interval to be added to timestamps included in
+requests which require authentication.
+This is used to enable
+(unreliable) server reconfiguration over long delay network paths
+or between machines whose clocks are unsynchronized.
+Actually the
+server does not now require timestamps in authenticated requests,
+so this command may be obsolete.
+.TP
+.BR "host [ [ -4 | -6 ] \fIhostname\fP ]"
+Set the host to which future queries will be sent.
+The hostname may
+be either a host name or a numeric address. With no argument, prints the 
+current host.
+.TP
+.BR "hostnames [ yes | no ]"
+If yes is specified, host names are printed in
+information displays.  If no is specified, numeric
+addresses are printed instead. With no argument, prints the current
+setting.  The default is yes, unless modified using the command line
+\-n switch.
+.TP
+.BR "keyid [ \fIkeyid#\fP ]"
+This command specifies the key number to be
+used to authenticate configuration requests.  This must correspond
+to a key number the server has been configured to use for this
+purpose.
+.TP
+.BR "keytype [ md5 ]"
+Prints or sets the type of key used for authentication. Currently
+only \fBmd5\fP is accepted.
+.TP
+.BR "ntpversion [ 1 | 2 | 3 | 4 ]"
+Sets the NTP version number which
+\fBntpq\fR
+claims in packets.
+Defaults to 2. Note that mode 6 control messages 
+didn't exist in NTP version 1.
+Luckily there appear
+to be no servers left which demand version 1.
+With no argument, displays the current NTP version that will be used
+when communicating with servers.
+.TP
+.BR "passwd"
+This command prompts you to type in a password (which will not
+be echoed) which will be used to authenticate configuration
+requests.
+The password must correspond to the key configured for
+use by the NTP server for this purpose.
+.TP
+.BR "quit"
+Exit
+\fBntpq\fR .
+.TP
+.BR "raw"
+Causes all output from query commands is printed as received
+from the remote server.
+The only formating/interpretation done on
+the data is to transform nonascii data into a printable (but barely
+understandable) form.
+.TP
+.BR "timeout \fImilliseconds\fP"
+Specify a timeout period for responses to server queries.
+The default is about 5000 milliseconds.
+Note that since
+\fBntpq\fR
+retries each query once after a timeout, the total waiting time for
+a timeout will be twice the timeout value set.
+.SS "Control Message Commands"
+Each association known to an NTP server has a 16 bit integer association identifier. NTP control messages which carry peer variables must identify the peer the values correspond to by including its association ID. An association ID of 0 is special, and indicates the variables are system variables, whose names are drawn from a separate name space.
+.LP
+Control message commands result in one or more NTP mode 6 messages being sent to the server, and cause the data returned to be printed in some format. Most commands currently implemented send a single message and expect a single response. The current exceptions are the peers command, which will send a preprogrammed series of messages to obtain the data it needs, and the mreadlist and mreadvar commands, which will iterate over a range of associations.
+.TP
+.BR associations
+Obtains and prints a list of association identifiers and peer statuses for in-spec peers of the server being queried. The list is printed in columns. The first of these is an index numbering the associations from 1 for internal use, the second the actual association identifier returned by the server and the third the status word for the peer. This is followed by a number of columns containing data decoded from the status word. See the peers command for a decode of the \fBcondition\fR field. The data returned by the \fBassociations\fR command is cached internally in \fBntpq\fR and used in subsequent commands.  After the first \fBassociations\fP command the index can be used in place of the association identifier by specifing the identifier in the form &\fIindex\fP.
+.TP
+.BR "clocklist [\fIassocID\fP]"
+.TP
+.BR "cl  [\fIassocID\fP]"
+Read the values of the clock variables included in the variable list
+.TP
+.BR "clockvar [\fIassocID\fP] [\fIvariable_name\fP [ = \fIvalue\fP [...]] [...]"
+.TP
+.BR "cv [\fIassocID\fP] [\fIvariable_name\fP [ = \fIvalue\fP [...] ][...]"
+Requests that a list of the server's clock variables be sent. Servers which have a radio clock or other external synchronization will respond positively to this. If the association identifier is omitted or zero the request is for the variables of the \fBsystem clock\fR and will generally get a positive response from all servers with a clock. If the server treats clocks as pseudo-peers, and hence can possibly have more than one clock connected at once, referencing the appropriate peer association ID will show the variables of a particular clock. Omitting the variable list will cause the server to return a default variable display.
+.TP
+.BR lassociations
+Obtains and prints a list of association identifiers and peer statuses for all associations for which the server is maintaining state. This command differs from the \fBassociations\fR command only for servers which retain state for out-of-spec client associations (i.e., fuzzballs). Such associations are normally omitted from the display when the \fBassociations\fR command is used, but are included in the output of \fBlassociations\fR. When used with the \fBntpd\fP in this distribution, this command is idenitical to \fBassociations\fP. 
+.TP
+.BR lpassociations
+Print data for all associations, including out-of-spec client associations, from the internally cached list of associations.
+.TP
+.BR lopeers
+Same as \fBopeers\fP but from the internally cached data.
+.TP
+.BR lpeers
+Like \fBpeers\fP, except a summary of all associations for which the server is maintaining state is printed. This can produce a much longer list of peers from fuzzball servers, but for most servers this is identical with \fBpeers\fP.
+.TP
+.BR "mreadlist \fIassocID\fP \fIassocID\fP"
+.TP
+.BR "mrl \fIassocID\fP \fIassocID\fP"
+Like the \fBreadlist\fR command, except the query is done for each of a range of (nonzero) association IDs. This range is determined from the association list cached by the most recent \fBassociations\fR command. An \fIassocID\fPs may be either an association identify or the equivilant &\fIindex\fP form.
+.TP
+.BR "mreadvar \fIassocID\fP \fIassocID\fP [ \fIvariable_name\fP [ = \fIvalue\fP[ ... ]"
+.TP
+.BR "mrv \fIassocID\fP \fIassocID\fP [ \fIvariable_name\fP [ = \fIvalue\fP[ ... ]"
+Like the \fBreadvar\fR command, except the query is done for each of a range of (nonzero) association IDs. This range is determined from the association list cached by the most recent \fBassociations\fR command.
+.TP
+.BR opeers
+An old form of the \fBpeers\fR command with the reference ID replaced by the local interface address.
+.TP
+.BR passociations
+Displays association data concerning in-spec peers from the internally cached list of associations. This command performs identically to the \fBassociations\fR except that it displays the internally stored data rather than making a new query.
+.TP
+.BR peers
+Obtains a current list peers of the server, along with a summary of each peer's state. Summary information includes the address of the remote peer, the reference ID (0.0.0.0 if this is unknown), the stratum of the remote peer, the type of the peer (local, unicast, multicast or broadcast), when the last packet was received, the polling interval, in seconds, the reachability register, in octal, and the current estimated delay, offset and dispersion of the peer, all in milliseconds. The character at the left margin of each line shows the synchronization status of the association and is a valuable diagnostic tool. The encoding and meaning of this character, called the tally code, is given later in this page.
+.TP
+.BR "pstatus \fIassocID\fP"
+Sends a read status request to the server for the given association. The names and values of the peer variables returned will be printed. Note that the status word from the header is displayed preceding the variables, both in hexadecimal and in pidgeon English.
+.TP
+.BR "readlist [ \fIassocID\fP ]
+.TP
+.BR "rl [ \fIassocID\fP ]"
+Requests that the values of the variables in the internal variable list be returned by the server. If the association ID is omitted or is 0 the variables are assumed to be system variables. Otherwise they are treated as peer variables. If the internal variable list is empty a request is sent without data, which should induce the remote server to return a default display.
+.TP
+.BR "readvar \fIassocID\fP \fIvariable_name\fP [ = \fIvalue\fP ] [ ...]"
+.TP
+.BR "rv \fIassocID\fP [ \fIvariable_name\fP [ = \fIvalue\fP ] [...]"
+Requests that the values of the specified variables be returned by the server by sending a read variables request. If the association ID is omitted or is given as zero the variables are system variables, otherwise they are peer variables and the values returned will be those of the corresponding peer. Omitting the variable list will send a request with no data which should induce the server to return a default display. The encoding and meaning of the variables derived from NTPv3 is given in RFC-1305; the encoding and meaning of the additional NTPv4 variables are given later in this page.
+.TP
+.BR "writevar \fIassocID\fP \fIvariable_name\fP [ = \fIvalue\fP [ ...]"
+Like the readvar request, except the specified variables are written instead of read.
+.TP
+.BR "writelist [ \fIassocID\fP ]"
+Like the readlist request, except the internal list variables are written instead of read.
+.SS "Tally Codes"
+.LP
+The character in the left margin in the \fBpeers\fR billboard, called the tally code, shows the fate of each association in the clock selection process. Following is a list of these characters, the pidgeon used in the \fBrv\fR command, and a short explanation of the condition revealed.
+.TP
+.BR "space \fRreject\fP"
+The peer is discarded as unreachable, synchronized to this server (synch loop) or outrageous synchronization distance.
+.TP
+.BR "x \fRfalseticker\fP"
+The peer is discarded by the intersection algorithm as a falseticker.
+.TP
+.BR ". \fRexcess\fP"
+The peer is discarded as not among the first ten peers sorted by synchronization distance and so is probably a poor candidate for further consideration.
+.TP
+.BR "- \fRoutlyer\fP"
+The peer is discarded by the clustering algorithm as an outlyer.
+.TP
+.BR "+ \fRcandidate\fP"
+The peer is a survivor and a candidate for the combining algorithm.
+.TP
+.BR "# \fRselected\fP"
+The peer is a survivor, but not among the first six peers sorted by synchronization distance. If the association is ephemeral, it may be demobilized to conserve resources.
+.TP
+.BR "* \fRsys.peer\fP"
+The peer has been declared the system peer and lends its variables to the system variables.
+.TP
+.BR "o \fRpps.peer\fP"
+The peer has been declared the system peer and lends its variables to thesystem variables. However, the actual system synchronization is derived from a pulse-per-second (PPS) signal, either indirectly via the PPS reference clock driver or directly via kernel interface.
+.SS "System Variables"
+.LP
+The \fBstatus, leap, stratum, precision, rootdelay, rootdispersion, refid, reftime, poll, offset, and frequency\fR variables are described in RFC-1305 specification. Additional NTPv4 system variables include the following:
+.TP
+.BR "version"
+Everything you might need to know about the software version and generation time.
+.TP
+.BR "processor"
+The processor and kernel identification string.
+.TP
+.BR "system"
+The operating system version and release identifier.
+.TP
+.BR "state"
+The state of the clock discipline state machine. The values are described in the architecture briefing on the NTP Project page linked from www.ntp.org.
+.TP
+.BR "peer"
+The internal integer used to identify the association currently designated the system peer.
+.TP
+.BR "jitter"
+The estimated time error of the system clock measured as an exponential average of RMS time differences.
+.TP
+.BR "stability"
+The estimated frequency stability of the system clock measured as an exponential average of RMS frequency differences.
+.LP
+In addition, some or all of the following system variables related to the crypto authentication are displayed, depending on the state of the particular crypto dance in use:
+.TP
+.BR "hostname"
+The name of the host as returned by the Unix \fBgethostname()\fR library function.
+.TP
+.BR "hostkey"
+The NTP filestamp of the host key file.
+.TP
+.BR "flags"
+The current flags word bits and message digest algorithm identifier (NID) in hex format. The high order 16 bits of the four-byte word contain the NID from the OpenSSL ligrary, while the low-order bits are interpreted as follows:
+0x01: autokey enabled, 0x02: NIST leapseconds file loaded, 0x10: PC identity scheme, 0x20: IFF identity scheme, 0x40: GQ identity scheme. 
+.TP
+.BR "cert"
+A list of certificates held by the host. Each entry includes the subject, issuer, flags and NTP filestamp in order. The bits are interpreted as follows:
+0x01: signed by the server, 0x02: trusted, 0x04: private, 0x08: contains errors and is not trusted.
+.TP
+.BR "leapseconds"
+The NTP filestamp of the NIST leapseconds file.
+.TP
+.BR "refresh"
+The NTP timestamp when the host public cryptographic values were refreshed and signed.
+.TP
+.BR "signature"
+The host digest/signature scheme name from the OpenSSL library.
+.TP
+.BR "tai"
+The TAI-UTC offset in seconds obtained from the NIST leapseconds table.
+.SS "Peer Variables"
+.LP
+The \fBstatus, srcadr, srcport, dstadr, dstport, leap, stratum, precision, rootdelay, rootdispersion, readh, hmode, pmode, hpoll, ppoll, offset, delay, dspersion, reftime\fR variables are described in the RFC-1305 specification, as are the timestamps \fBorg, rec and xmt\fR. Additional NTPv4 system variables include the following.
+.TP
+.BR "flash"
+The flash code for the most recent packet received. The encoding and meaning of these codes is given later in this page.
+.TP
+.BR "jitter"
+The estimated time error of the peer clock measured as an exponential average of RMS time differences.
+.TP
+.BR "unreach"
+The value of the counter which records the number of poll intervals since the last valid packet was received.
+.LP
+In addition, some or all of the following  peer variables are displayed related to the crypto auithentication:
+.TP
+.BR "flags"
+The current flag bits. This word is the server host status word with additional bits used by the Autokey state machine. See the source code for the bit encoding.
+.TP
+.BR "hostname"
+The server host name.
+.TP
+.BR "initkey \fIkey\fP"
+The initial key used by the key list generator in the Autokey protocol.
+.TP
+.BR "initsequence \fIindex\fP"
+The initial index used by the key list generator in the Autokey protocol.
+.TP
+.BR "signature"
+The server message digest/signature scheme name from the OpenSSL software library.
+.TP
+.BR "timestamp \fItime\fP"
+The NTP timestamp when the last Autokey key list was generated and signed.
+.SS "Flash Codes"
+.LP
+The \fBflash\fR code is a valuable debugging aid displayed in the peer variables list. It shows the results of the original sanity checks defined in the NTP specification RFC-1305 and additional ones added in NTPv4. There are 12 tests designated \fBTEST1\fR through \fBTEST12\fR. The tests are performed in a certain order designed to gain maximum diagnostic information while protecting against accidental or malicious errors. The \fBflash\fR variable is initialized to zero as each packet is received. If after each set of tests one or more bits are set, the packet is discarded.
+.LP
+Tests \fBTEST1\fR through \fBTEST3\fR check the packet timestamps from which the offset and delay are calculated. If any bits are set, the packet is discarded; otherwise, the packet header variables are saved. \fBTEST4\fR and \fBTEST5\fR are associated with access control and cryptographic authentication. If any bits are set, the packet is discarded immediately with nothing changed.
+.LP
+Tests \fBTEST6\fR through \fBTEST8\fR check the health of the server. If any bits are set, the packet is discarded; otherwise, the offset and delay relative to the server are calculated and saved. \fBTEST9\fR checks the health of the association itself. If any bits are set, the packet is discarded; otherwise, the saved variables are passed to the clock filter and mitigation algorithms.
+.LP
+Tests \fBTEST10\fR through \fBTEST12\fR check the authentication state using Autokey public-key cryptography, as described in the Authentication Options page at file:///usr/share/doc/ntp/authopt.html. If any bits are set and the association has previously been marked reachable, the packet is discarded; otherwise, the originate and receive timestamps are saved, as required by the NTP protocol, and processing continues.
+.LP
+The \fBflash\fR bits for each test are defined as follows.
+.TP
+.BR "0x001 TEST1"
+Duplicate packet. The packet is at best a casual retransmission and at worst a malicious replay.
+.TP
+.BR "0x002 TEST2"
+Bogus packet. The packet is not a reply to a message previously sent. This can happen when the NTP daemon is restarted and before somebody else notices.
+.TP
+.BR "0x004 TEST3"
+Unsynchronized. One or more timestamp fields are invalid. This normally happens when the first packet from a peer is received.
+.TP
+.BR "0x008 TEST4"
+Access is denied. See the Access Control Options page at file:///usr/share/doc/ntp/accopt.html.
+.TP
+.BR "0x010 TEST5"
+Cryptographic authentication fails. See the Authentication Options page referenced above.
+.TP
+.BR "0x020TEST6"
+The server is unsynchronized. Wind up its clock first.
+.TP
+.BR "0x040 TEST7"
+The server stratum is at the maximum of 15. It is probably unsynchronized and its clock needs to be wound up.
+.TP
+.BR "0x080 TEST8"
+Either the root delay or dispersion is greater than one second, which is highly unlikely unless the peer is unsynchronized to Mars.
+.TP
+.BR "0x100 TEST9"
+Either the peer delay or dispersion is greater than one second, which is higly unlikely unless the peer is on Mars.
+.TP
+.BR "0x200 TEST10"
+The autokey protocol has detected an authentication failure. See the Authentication Options page.
+.TP
+.BR "0x400 TEST11"
+The autokey protocol has not verified the server or peer is proventic and has valid public key credentials. See the Authentication Options page.
+.TP
+.BR "0x800 TEST12"
+A protocol or configuration error has occurred in the public key algorithms or a possible intrusion event has been detected. See the Authentication Options page.
+.SH NOTES
+.LP
+Source for \fBntpq\fR is available on http://src.opensolaris.org.
+.LP
+The documentation available at /usr/share/doc/ntp is provided as is from the
+\fBNTP\fR distribution and may contain information that is not applicable to
+the software as provided in this partIcular distribution.
+.LP
+The output of the \fBntpq\P in version 4 differs from that in version 3 by the 
+replacement of the \fBdispersion\fP value with the \fBjitter\fP value in the
+\fBpeers\fP output.
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i)
+lw(2.75i) |lw(2.75i)
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilityservice/network/ntp
+=
+Interface StabilityUncommitted
+.TE
+.PP
+.SH SEE ALSO
+.LP
+\fBntpd\fR(1M), \fBntpdc\fR(1M), \fBntprc\fR(4), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntprc.4	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,97 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntprc" "4" "" "" "File Formats"
+.SH NAME
+ntprc \- file to initialize perferences for NTP programs
+.SH DESCRIPTION
+.LP
+The \fB\&.ntprc\fR file contains data used to initialize certain parameters 
+for various NTP related programs. When these programs are started, the current
+directory is searched for the existence of the \fB\&.ntprc\fR file.
+If found, the file is read and searched for a section header that specifies
+the program being run. If such a section is found, then the lines in that section are used to initialize the program. If such a section is not found and no
+other sections are found, then the whole file is used do the initialization.
+If the file is not found in the current directory, the users home directory is
+searched if found then it is processed as above.
+.LP
+The \fB.ntprc\fR file is a text file, with each line specifying the settings of a command line flag. The flags
+are indicated by the use of the flag's long name. Anything after the long name on the line is used to 
+set the value of the flag if it takes a value. The same file is used by several \fBNTP\fR programs, so to separate
+which lines go with which programs, the file is split into sections. Each section is marked with the name
+of the corresponding program in all capital letters and inside square brackets.  Comments can be given in the
+file by beginning the comment line with a "#" in the first column. 
+.LP 
+The best way to set the lines in the file is to run the command in question with all of the flags the way 
+you want them and to give the \fB--save-opts\fR \fIfilename\fR flag at the end to save the parameters to a
+file. After that, simply edit the resulting file to remove the comments and add the section header and
+then append the file to the \fB.ntprc\fR file.  
+.SH EXAMPLES
+.LP
+\fBExample 1 \fRA Sample \fB\&.ntprc\fR File
+.LP
+A \fB\&.ntprc\fR file containing the following lines:
+.sp
+.in +2
+.nf
+[NTPQ]
+numeric
+command rv 0
+[NTPDC]
+peers
+.fi
+.in -2
+
+.LP
+will force the \fBntpq\fR program to always execute the "rv 0" command and print the results
+with IP addresses and not hostname. It will also cause the \fBntpdc\fR program to always run
+as if the \fB--peers\fR option was given.
+.SH FILES
+.sp
+.ne 2
+.mk
+.na
+\fB\fB~/.ntprc\fR\fR
+.ad
+.RS 12n
+.rt  
+
+.RE
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i)
+lw(2.75i) |lw(2.75i)
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilityservice/network/ntp
+=
+Interface StabilityUncommitted
+.TE
+.SH SEE ALSO
+.LP
+\fBntpq\fR(1M), \fBntpdc\fR(1M), \fBntp-keygen\fR(1M)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntptime.1m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,92 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntptime" "1M" "" "" "System Administration Commands"
+.SH NAME
+ntptime \- Display Kernel Time Variables.
+.SH SYNOPSIS
+.LP
+.n
+\fB/usr/sbin/ntptime\fR [\fB-chr\fR] [\fB-e\fR \fIest_error\fR] [\fB-f\fR \fIfrequency\fR]
+ [\fB-m\fR \fImax_error\fR] [\fB-o\fR \fIoffset\fR] [\fB-s\fR \fIstatus\fR] [\fB-t\fR \fItime_constant\fR]
+.fi
+.SH "DESCRIPTION"
+This program is used to display or set the kernel variables used by NTP as described in the documentation at 
+file:///usr/share/doc/ntp/kern.html entitled "A Kernel Model for Precision Timekeeping". A similar display can 
+be obtained using the \fBntpdc\fP program and \fBkerninfo\fP command. The actual meaning of these variables
+is rather difficult to understand, but the \fBntptime\fP program is primarily useful to determine if the variables
+are set at all or to clear them if they are.
+.SH "OPTIONS"
+.TP
+.BR "-c"
+Display the time taken to call ntp_gettime (us)
+.TP
+.BR "-e \fIesterror\fP"
+Set the estimated error, in microseconds.
+.TP
+.BR "-f \fIfrequency\fP"
+Set the frequency error (-500 .. 500), in parts per million.
+.TP
+.BR "-h"
+Display help information.
+.TP
+.BR "-m \fImaxerror\fP"
+Set the maximum possible error, in microseconds.
+.TP
+.BR "-o \fIoffset\fP"
+Set the offset in microseconds.
+.TP
+.BR "-r"
+Print the unix and NTP time raw
+.TP
+.BR "-s \fIstatus\fP"
+Set the status bits. Do not use this unless you know what you are doing.
+.TP
+.BR "-t \fItimeconstant\fP"
+Set the log2 of PLL time constant, an integer in the range 0-10.
+.SH NOTES
+.LP
+Source for \fBntptime\fR is available on http://src.opensolaris.org.
+.LP
+The documentation available at /usr/share/doc/ntp is provided as is from the
+\fBNTP\fR distribution and may contain information that is not applicable to
+the software as provided in this partIcular distribution.
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i)
+lw(2.75i) |lw(2.75i)
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilityservice/network/ntp
+=
+Interface StabilityVolatile
+.TE
+.PP
+.SH SEE ALSO
+.LP
+\fBntpd\fR(1M), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/manpages/ntptrace.1m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,136 @@
+'\" te
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH "ntptrace" "1M" "" "" "System Administration Commands"
+.SH NAME
+ntptrace \- trace a chain of NTP hosts back to their master time source
+.SH SYNOPSIS
+.LP
+.nf
+\fB/usr/sbin/ntptrace\fR [\fB-n\fR] [\fB-m\fR \fImaxhosts\fR] [\fIserver\fR]
+.fi
+.SH DESCRIPTION
+.LP
+\fBntptrace\fR determines from where a given Network Time Protocol (\fBNTP\fR) server gets its time, and follows the chain of  \fBNTP\fR servers back to their master time source. If given no arguments, it starts with  \fIlocalhost\fR.
+.SH OPTIONS
+.LP
+The following options are supported:
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-n\fR\fR
+.ad
+.RS 14n
+.rt  
+Turns off the printing of host names; instead, host IP addresses are given.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-m\fR \fImaxhosts\fR\fR
+.ad
+.RS 14n
+.rt  
+Sets the maximum number of levels up the chain that will be followed.
+.RE
+
+.SH EXAMPLES
+.LP
+\fBExample 1 \fRSample Output From the \fBntptrace\fR Command
+.LP
+The following example shows the output from the \fBntptrace\fR command:
+
+.sp
+.in +2
+.nf
+% \fBntptrace\fR
+
+
+ localhost: stratum 4, offset 0.0019529, synch distance 0.144135
+ server2.bozo.com: stratum 2, offset 0.0124263, synch distance 0.115784
+ usndh.edu: stratum 1, offset 0.0019298, synch distance 0.011993, refid 'WWVB'
+.fi
+.in -2
+.sp
+
+.LP
+On each line, the fields are (left to right):
+
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The server's host name
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The server's stratum
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The time offset between that server and the local host (as measured by \fBntptrace\fR; this is why it is not always zero for  \fIlocalhost\fR)
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The host's synchronization distance
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The reference clock \fBID\fR (only for stratum-1 servers)
+.RE
+.LP
+All times are given in seconds. Synchronization distance is a measure of the goodness of the clock's time.
+.SH NOTES
+.LP
+Source for \fBntptrace\fR is available on http://src.opensolaris.org.
+.SH ATTRIBUTES
+See
+.BR attributes (5)
+for descriptions of the following attributes:
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i)
+lw(2.75i) |lw(2.75i)
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilityservice/network/ntp
+=
+Interface StabilityVolatile
+.TE 
+.PP
+.SH SEE ALSO
+.LP
+\fBntpq\fR(1M), \fBntpd\fR(1M), \fBntpdc\fR(1M), \fBattributes\fR(5))
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/ntp.license	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,175 @@
+  Copyright Notice
+  
+   Last update: 15:19 UTC Sunday, March 02, 2008
+     _________________________________________________________________
+   
+   The following copyright notice applies to all files collectively
+   called the Network Time Protocol Version 4 Distribution. Unless
+   specifically declared otherwise in an individual file, this notice
+   applies as if the text was explicitly included in the file.
+***********************************************************************
+*                                                                     *
+* Copyright (c) University of Delaware 1992-2009                      *
+*                                                                     *
+* Permission to use, copy, modify, and distribute this software and   *
+* its documentation for any purpose with or without fee is hereby     *
+* granted, provided that the above copyright notice appears in all    *
+* copies and that both the copyright notice and this permission       *
+* notice appear in supporting documentation, and that the name        *
+* University of Delaware not be used in advertising or publicity      *
+* pertaining to distribution of the software without specific,        *
+* written prior permission. The University of Delaware makes no       *
+* representations about the suitability this software for any         *
+* purpose. It is provided "as is" without express or implied          *
+* warranty.                                                           *
+*                                                                     *
+***********************************************************************
+
+   The following individuals contributed in part to the Network Time
+   Protocol Distribution Version 4 and are acknowledged as authors of
+   this work.
+    1. [1]Mark Andrews <mark_andrews@isc.org> Leitch atomic clock
+       controller
+    2. [2]Bernd Altmeier <altmeier@atlsoft.de> hopf Elektronik serial
+       line and PCI-bus devices
+    3. [3]Viraj Bais <vbais@mailman1.intel.com> and [4]Clayton Kirkwood
+       <kirkwood@striderfm.intel.com> port to WindowsNT 3.5
+    4. [5]Michael Barone <michael,barone@lmco.com> GPSVME fixes
+    5. [6]Jean-Francois Boudreault
+       <Jean-Francois.Boudreault@viagenie.qc.ca>IPv6 support
+    6. [7]Karl Berry <karl@owl.HQ.ileaf.com> syslog to file option
+    7. [8]Greg Brackley <greg.brackley@bigfoot.com> Major rework of WINNT
+       port. Clean up recvbuf and iosignal code into separate modules.
+    8. [9]Marc Brett <Marc.Brett@westgeo.com> Magnavox GPS clock driver
+    9. [10]Piete Brooks <Piete.Brooks@cl.cam.ac.uk> MSF clock driver,
+       Trimble PARSE support
+   10. [11]Reg Clemens <reg@dwf.com> Oncore driver (Current maintainer)
+   11. [12]Steve Clift <clift@ml.csiro.au> OMEGA clock driver
+   12. [13]Casey Crellin <casey@csc.co.za> vxWorks (Tornado) port and
+       help with target configuration
+   13. [14]Sven Dietrich <sven_dietrich@trimble.com> Palisade reference
+       clock driver, NT adj. residuals, integrated Greg's Winnt port.
+   14. [15]John A. Dundas III <dundas@salt.jpl.nasa.gov> Apple A/UX port
+   15. [16]Torsten Duwe <duwe@immd4.informatik.uni-erlangen.de> Linux
+       port
+   16. [17]Dennis Ferguson <dennis@mrbill.canet.ca> foundation code for
+       NTP Version 2 as specified in RFC-1119
+   17. [18]John Hay <jhay@@icomtek.csir.co.za> IPv6 support and testing
+   18. [19]Glenn Hollinger <glenn@herald.usask.ca> GOES clock driver
+   19. [20]Mike Iglesias <iglesias@uci.edu> DEC Alpha port
+   20. [21]Jim Jagielski <jim@jagubox.gsfc.nasa.gov> A/UX port
+   21. [22]Jeff Johnson <jbj@chatham.usdesign.com> massive prototyping
+       overhaul
+   22. [23]Hans Lambermont <Hans.Lambermont@nl.origin-it.com> or
+       [24]<H.Lambermont@chello.nl> ntpsweep
+   23. [25]Poul-Henning Kamp <phk@FreeBSD.ORG> Oncore driver (Original
+       author)
+   24. [26]Frank Kardel [27]<kardel (at) ntp (dot) org> PARSE <GENERIC>
+       driver (>14 reference clocks), STREAMS modules for PARSE, support
+       scripts, syslog cleanup, dynamic interface handling
+   25. [28]William L. Jones <jones@hermes.chpc.utexas.edu> RS/6000 AIX
+       modifications, HPUX modifications
+   26. [29]Dave Katz <dkatz@cisco.com> RS/6000 AIX port
+   27. [30]Craig Leres <leres@ee.lbl.gov> 4.4BSD port, ppsclock, Magnavox
+       GPS clock driver
+   28. [31]George Lindholm <lindholm@ucs.ubc.ca> SunOS 5.1 port
+   29. [32]Louis A. Mamakos <louie@ni.umd.edu> MD5-based authentication
+   30. [33]Lars H. Mathiesen <thorinn@diku.dk> adaptation of foundation
+       code for Version 3 as specified in RFC-1305
+   31. [34]Danny Mayer <mayer@ntp.org>Network I/O, Windows Port, Code
+       Maintenance
+   32. [35]David L. Mills <mills@udel.edu> Version 4 foundation: clock
+       discipline, authentication, precision kernel; clock drivers:
+       Spectracom, Austron, Arbiter, Heath, ATOM, ACTS, KSI/Odetics;
+       audio clock drivers: CHU, WWV/H, IRIG
+   33. [36]Wolfgang Moeller <moeller@gwdgv1.dnet.gwdg.de> VMS port
+   34. [37]Jeffrey Mogul <mogul@pa.dec.com> ntptrace utility
+   35. [38]Tom Moore <tmoore@fievel.daytonoh.ncr.com> i386 svr4 port
+   36. [39]Kamal A Mostafa <kamal@whence.com> SCO OpenServer port
+   37. [40]Derek Mulcahy <derek@toybox.demon.co.uk> and [41]Damon
+       Hart-Davis <d@hd.org> ARCRON MSF clock driver
+   38. [42]Rainer Pruy <Rainer.Pruy@informatik.uni-erlangen.de>
+       monitoring/trap scripts, statistics file handling
+   39. [43]Dirce Richards <dirce@zk3.dec.com> Digital UNIX V4.0 port
+   40. [44]Wilfredo Sánchez <wsanchez@apple.com> added support for
+       NetInfo
+   41. [45]Nick Sayer <mrapple@quack.kfu.com> SunOS streams modules
+   42. [46]Jack Sasportas <jack@innovativeinternet.com> Saved a Lot of
+       space on the stuff in the html/pic/ subdirectory
+   43. [47]Ray Schnitzler <schnitz@unipress.com> Unixware1 port
+   44. [48]Michael Shields <shields@tembel.org> USNO clock driver
+   45. [49]Jeff Steinman <jss@pebbles.jpl.nasa.gov> Datum PTS clock
+       driver
+   46. [50]Harlan Stenn <harlan@pfcs.com> GNU automake/autoconfigure
+       makeover, various other bits (see the ChangeLog)
+   47. [51]Kenneth Stone <ken@sdd.hp.com> HP-UX port
+   48. [52]Ajit Thyagarajan <ajit@ee.udel.edu>IP multicast/anycast
+       support
+   49. [53]Tomoaki TSURUOKA <tsuruoka@nc.fukuoka-u.ac.jp>TRAK clock
+       driver
+   50. [54]Paul A Vixie <vixie@vix.com> TrueTime GPS driver, generic
+       TrueTime clock driver
+   51. [55]Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> corrected and
+       validated HTML documents according to the HTML DTD
+   52. [56]Rob Neal <neal@ntp.org> Bancomm refclock and config/parse code
+       maintenance
+     _________________________________________________________________
+
+References
+
+   1. mailto:%20mark_andrews@isc.org
+   2. mailto:%20altmeier@atlsoft.de
+   3. mailto:%20vbais@mailman1.intel.co
+   4. mailto:%20kirkwood@striderfm.intel.com
+   5. mailto:%20michael.barone@lmco.com
+   6. mailto:%20Jean-Francois.Boudreault@viagenie.qc.ca
+   7. mailto:%20karl@owl.HQ.ileaf.com
+   8. mailto:%20greg.brackley@bigfoot.com
+   9. mailto:%20Marc.Brett@westgeo.com
+  10. mailto:%20Piete.Brooks@cl.cam.ac.uk
+  11. mailto:%20reg@dwf.com
+  12. mailto:%20clift@ml.csiro.au
+  13. mailto:casey@csc.co.za
+  14. mailto:%20Sven_Dietrich@trimble.COM
+  15. mailto:%20dundas@salt.jpl.nasa.gov
+  16. mailto:%20duwe@immd4.informatik.uni-erlangen.de
+  17. mailto:%20dennis@mrbill.canet.ca
+  18. mailto:%20jhay@icomtek.csir.co.za
+  19. mailto:%20glenn@herald.usask.ca
+  20. mailto:%20iglesias@uci.edu
+  21. mailto:%20jagubox.gsfc.nasa.gov
+  22. mailto:%20jbj@chatham.usdesign.com
+  23. mailto:Hans.Lambermont@nl.origin-it.com
+  24. mailto:H.Lambermont@chello.nl
+  25. mailto:%20phk@FreeBSD.ORG
+  26. http://www4.informatik.uni-erlangen.de/%7ekardel
+  27. mailto:%20kardel(at)ntp(dot)org
+  28. mailto:%20jones@hermes.chpc.utexas.edu
+  29. mailto:%20dkatz@cisco.com
+  30. mailto:%20leres@ee.lbl.gov
+  31. mailto:%20lindholm@ucs.ubc.ca
+  32. mailto:%20louie@ni.umd.edu
+  33. mailto:%20thorinn@diku.dk
+  34. mailto:%20mayer@ntp.org
+  35. mailto:%20mills@udel.edu
+  36. mailto:%20moeller@gwdgv1.dnet.gwdg.de
+  37. mailto:%20mogul@pa.dec.com
+  38. mailto:%20tmoore@fievel.daytonoh.ncr.com
+  39. mailto:%20kamal@whence.com
+  40. mailto:%20derek@toybox.demon.co.uk
+  41. mailto:%20d@hd.org
+  42. mailto:%20Rainer.Pruy@informatik.uni-erlangen.de
+  43. mailto:%20dirce@zk3.dec.com
+  44. mailto:%20wsanchez@apple.com
+  45. mailto:%20mrapple@quack.kfu.com
+  46. mailto:%20jack@innovativeinternet.com
+  47. mailto:%20schnitz@unipress.com
+  48. mailto:%20shields@tembel.org
+  49. mailto:%20pebbles.jpl.nasa.gov
+  50. mailto:%20harlan@pfcs.com
+  51. mailto:%20ken@sdd.hp.com
+  52. mailto:%20ajit@ee.udel.edu
+  53. mailto:%20tsuruoka@nc.fukuoka-u.ac.jp
+  54. mailto:%20vixie@vix.com
+  55. mailto:%20Ulrich.Windl@rz.uni-regensburg.de
+  56. mailto:%20neal@ntp.org
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/ntp.p5m	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,304 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+#
+
+<transform file path=usr/share/doc/ntp/(.+$) -> \
+	set action.hash html/%<\1> >
+set name=pkg.fmri value=pkg:/service/network/ntp@$(IPS_COMPONENT_VERSION),$(BUILD_VERSION)
+set name=pkg.summary value="Network Time Protocol Daemon v4"
+set name=pkg.description value="Network Time Protocol v4, NTP Daemon and Utilities"
+set name=info.classification value="org.opensolaris.category.2008:System/Services"
+set name=info.upstream_url value="http://www.ntp.org/"
+set name=info.source_url value=$(COMPONENT_ARCHIVE_URL)
+set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
+
+license ntp.license license="ntp license"
+
+dir path=etc
+dir path=etc/inet
+dir path=etc/security
+dir path=etc/security/auth_attr.d
+dir path=etc/security/prof_attr.d
+dir path=lib
+dir path=lib/svc
+dir path=lib/svc/manifest
+dir path=lib/svc/manifest/network
+dir path=lib/svc/method
+dir path=usr
+dir path=usr/lib
+dir path=usr/lib/help
+dir path=usr/lib/help/auths
+dir path=usr/lib/help/auths/locale
+dir path=usr/lib/help/auths/locale/C
+dir path=usr/lib/inet
+dir path=usr/sbin
+dir path=usr/share
+dir path=usr/share/doc
+dir path=usr/share/doc/ntp
+dir path=usr/share/doc/ntp/description_files
+dir path=usr/share/doc/ntp/drivers
+dir path=usr/share/doc/ntp/drivers/icons
+dir path=usr/share/doc/ntp/drivers/scripts
+dir path=usr/share/doc/ntp/hints
+dir path=usr/share/doc/ntp/icons
+dir path=usr/share/doc/ntp/pic
+dir path=usr/share/doc/ntp/scripts
+dir path=usr/share/man
+dir path=usr/share/man/man1m
+dir path=usr/share/man/man4
+dir path=var
+dir path=var/ntp group=sys
+dir path=var/ntp/ntpstats group=sys
+file Solaris/ntp.client group=sys path=etc/inet/ntp.client
+file Solaris/ntp.server group=sys path=etc/inet/ntp.server
+file Solaris/auth_attr path=etc/security/auth_attr.d/ntp
+file Solaris/prof_attr path=etc/security/prof_attr.d/ntp
+file Solaris/ntp.xml path=lib/svc/manifest/network/ntp.xml
+file Solaris/ntp.sh path=lib/svc/method/ntp
+file Solaris/RtNTPMngmnt.html path=usr/lib/help/auths/locale/C/RtNTPMngmnt.html
+file Solaris/SmfNTPStates.html path=usr/lib/help/auths/locale/C/SmfNTPStates.html
+file Solaris/SmfValueNTP.html path=usr/lib/help/auths/locale/C/SmfValueNTP.html
+file path=usr/lib/inet/ntp-wait
+file path=usr/lib/inet/ntpd
+file path=usr/sbin/ntp-keygen
+file path=usr/sbin/ntpdate
+file path=usr/sbin/ntpdc
+file path=usr/sbin/ntpq
+file path=usr/sbin/ntptime
+file path=usr/sbin/ntptrace
+file path=usr/share/doc/ntp/accopt.html
+file path=usr/share/doc/ntp/assoc.html
+file path=usr/share/doc/ntp/audio.html
+file path=usr/share/doc/ntp/authopt.html
+file path=usr/share/doc/ntp/bugs.html
+file path=usr/share/doc/ntp/build.html
+file path=usr/share/doc/ntp/clockopt.html
+file path=usr/share/doc/ntp/comdex.html
+file path=usr/share/doc/ntp/config.html
+file path=usr/share/doc/ntp/confopt.html
+file path=usr/share/doc/ntp/copyright.html
+file path=usr/share/doc/ntp/debug.html
+file path=usr/share/doc/ntp/decode.html
+file path=usr/share/doc/ntp/description_files/description.jpg
+file path=usr/share/doc/ntp/drivers/driver1.html
+file path=usr/share/doc/ntp/drivers/driver10.html
+file path=usr/share/doc/ntp/drivers/driver11.html
+file path=usr/share/doc/ntp/drivers/driver12.html
+file path=usr/share/doc/ntp/drivers/driver16.html
+file path=usr/share/doc/ntp/drivers/driver18.html
+file path=usr/share/doc/ntp/drivers/driver19.html
+file path=usr/share/doc/ntp/drivers/driver2.html
+file path=usr/share/doc/ntp/drivers/driver20.html
+file path=usr/share/doc/ntp/drivers/driver22.html
+file path=usr/share/doc/ntp/drivers/driver26.html
+file path=usr/share/doc/ntp/drivers/driver27.html
+file path=usr/share/doc/ntp/drivers/driver28.html
+file path=usr/share/doc/ntp/drivers/driver29.html
+file path=usr/share/doc/ntp/drivers/driver3.html
+file path=usr/share/doc/ntp/drivers/driver30.html
+file path=usr/share/doc/ntp/drivers/driver31.html
+file path=usr/share/doc/ntp/drivers/driver32.html
+file path=usr/share/doc/ntp/drivers/driver33.html
+file path=usr/share/doc/ntp/drivers/driver34.html
+file path=usr/share/doc/ntp/drivers/driver35.html
+file path=usr/share/doc/ntp/drivers/driver36.html
+file path=usr/share/doc/ntp/drivers/driver37.html
+file path=usr/share/doc/ntp/drivers/driver38.html
+file path=usr/share/doc/ntp/drivers/driver39.html
+file path=usr/share/doc/ntp/drivers/driver4.html
+file path=usr/share/doc/ntp/drivers/driver40.html
+file path=usr/share/doc/ntp/drivers/driver42.html
+file path=usr/share/doc/ntp/drivers/driver43.html
+file path=usr/share/doc/ntp/drivers/driver44.html
+file path=usr/share/doc/ntp/drivers/driver5.html
+file path=usr/share/doc/ntp/drivers/driver6.html
+file path=usr/share/doc/ntp/drivers/driver7.html
+file path=usr/share/doc/ntp/drivers/driver8.html
+file path=usr/share/doc/ntp/drivers/driver9.html
+file path=usr/share/doc/ntp/drivers/icons/home.gif
+file path=usr/share/doc/ntp/drivers/icons/mail2.gif
+file path=usr/share/doc/ntp/drivers/mx4200data.html
+file path=usr/share/doc/ntp/drivers/oncore-shmem.html
+file path=usr/share/doc/ntp/drivers/scripts/footer.txt
+file path=usr/share/doc/ntp/drivers/scripts/style.css
+file path=usr/share/doc/ntp/drivers/tf582_4.html
+file path=usr/share/doc/ntp/extern.html
+file path=usr/share/doc/ntp/gadget.html
+file path=usr/share/doc/ntp/hints.html
+file path=usr/share/doc/ntp/hints/a-ux
+file path=usr/share/doc/ntp/hints/aix
+file path=usr/share/doc/ntp/hints/bsdi
+file path=usr/share/doc/ntp/hints/changes
+file path=usr/share/doc/ntp/hints/decosf1
+file path=usr/share/doc/ntp/hints/decosf2
+file path=usr/share/doc/ntp/hints/freebsd
+file path=usr/share/doc/ntp/hints/hpux
+file path=usr/share/doc/ntp/hints/linux
+file path=usr/share/doc/ntp/hints/mpeix
+file path=usr/share/doc/ntp/hints/notes-xntp-v3
+file path=usr/share/doc/ntp/hints/parse
+file path=usr/share/doc/ntp/hints/refclocks
+file path=usr/share/doc/ntp/hints/rs6000
+file path=usr/share/doc/ntp/hints/sco.html
+file path=usr/share/doc/ntp/hints/sgi
+file path=usr/share/doc/ntp/hints/solaris-dosynctodr.html
+file path=usr/share/doc/ntp/hints/solaris.html
+file path=usr/share/doc/ntp/hints/solaris.xtra.4023118
+file path=usr/share/doc/ntp/hints/solaris.xtra.4095849
+file path=usr/share/doc/ntp/hints/solaris.xtra.S99ntpd
+file path=usr/share/doc/ntp/hints/solaris.xtra.patchfreq
+file path=usr/share/doc/ntp/hints/sun4
+file path=usr/share/doc/ntp/hints/svr4-dell
+file path=usr/share/doc/ntp/hints/svr4_package
+file path=usr/share/doc/ntp/hints/todo
+file path=usr/share/doc/ntp/hints/vxworks.html
+file path=usr/share/doc/ntp/hints/winnt.html
+file path=usr/share/doc/ntp/howto.html
+file path=usr/share/doc/ntp/icons/home.gif
+file path=usr/share/doc/ntp/icons/mail2.gif
+file path=usr/share/doc/ntp/index.html
+file path=usr/share/doc/ntp/kern.html
+file path=usr/share/doc/ntp/kernpps.html
+file path=usr/share/doc/ntp/keygen.html
+file path=usr/share/doc/ntp/manyopt.html
+file path=usr/share/doc/ntp/miscopt.html
+file path=usr/share/doc/ntp/monopt.html
+file path=usr/share/doc/ntp/msyslog.html
+file path=usr/share/doc/ntp/ntp_conf.html
+file path=usr/share/doc/ntp/ntpd.html
+file path=usr/share/doc/ntp/ntpdate.html
+file path=usr/share/doc/ntp/ntpdc.html
+file path=usr/share/doc/ntp/ntpdsim.html
+file path=usr/share/doc/ntp/ntpdsim_new.html
+file path=usr/share/doc/ntp/ntpq.html
+file path=usr/share/doc/ntp/ntptime.html
+file path=usr/share/doc/ntp/ntptrace.html
+file path=usr/share/doc/ntp/parsedata.html
+file path=usr/share/doc/ntp/parsenew.html
+file path=usr/share/doc/ntp/pic/9400n.jpg
+file path=usr/share/doc/ntp/pic/alice11.gif
+file path=usr/share/doc/ntp/pic/alice13.gif
+file path=usr/share/doc/ntp/pic/alice15.gif
+file path=usr/share/doc/ntp/pic/alice23.gif
+file path=usr/share/doc/ntp/pic/alice31.gif
+file path=usr/share/doc/ntp/pic/alice32.gif
+file path=usr/share/doc/ntp/pic/alice35.gif
+file path=usr/share/doc/ntp/pic/alice38.gif
+file path=usr/share/doc/ntp/pic/alice44.gif
+file path=usr/share/doc/ntp/pic/alice47.gif
+file path=usr/share/doc/ntp/pic/alice51.gif
+file path=usr/share/doc/ntp/pic/alice61.gif
+file path=usr/share/doc/ntp/pic/barnstable.gif
+file path=usr/share/doc/ntp/pic/beaver.gif
+file path=usr/share/doc/ntp/pic/boom3.gif
+file path=usr/share/doc/ntp/pic/boom3a.gif
+file path=usr/share/doc/ntp/pic/boom4.gif
+file path=usr/share/doc/ntp/pic/broad.gif
+file path=usr/share/doc/ntp/pic/bustardfly.gif
+file path=usr/share/doc/ntp/pic/c51.jpg
+file path=usr/share/doc/ntp/pic/description.jpg
+file path=usr/share/doc/ntp/pic/dogsnake.gif
+file path=usr/share/doc/ntp/pic/driver29.gif
+file path=usr/share/doc/ntp/pic/driver43_1.gif
+file path=usr/share/doc/ntp/pic/driver43_2.jpg
+file path=usr/share/doc/ntp/pic/fg6021.gif
+file path=usr/share/doc/ntp/pic/fg6039.jpg
+file path=usr/share/doc/ntp/pic/flatheads.gif
+file path=usr/share/doc/ntp/pic/freq1211.gif
+file path=usr/share/doc/ntp/pic/gadget.jpg
+file path=usr/share/doc/ntp/pic/gps167.jpg
+file path=usr/share/doc/ntp/pic/hornraba.gif
+file path=usr/share/doc/ntp/pic/igclock.gif
+file path=usr/share/doc/ntp/pic/neoclock4x.gif
+file path=usr/share/doc/ntp/pic/offset1211.gif
+file path=usr/share/doc/ntp/pic/oncore_evalbig.gif
+file path=usr/share/doc/ntp/pic/oncore_remoteant.jpg
+file path=usr/share/doc/ntp/pic/oncore_utplusbig.gif
+file path=usr/share/doc/ntp/pic/oz2.gif
+file path=usr/share/doc/ntp/pic/panda.gif
+file path=usr/share/doc/ntp/pic/pd_om006.gif
+file path=usr/share/doc/ntp/pic/pd_om011.gif
+file path=usr/share/doc/ntp/pic/peer.gif
+file path=usr/share/doc/ntp/pic/pogo.gif
+file path=usr/share/doc/ntp/pic/pogo1a.gif
+file path=usr/share/doc/ntp/pic/pogo3a.gif
+file path=usr/share/doc/ntp/pic/pogo4.gif
+file path=usr/share/doc/ntp/pic/pogo5.gif
+file path=usr/share/doc/ntp/pic/pogo6.gif
+file path=usr/share/doc/ntp/pic/pogo7.gif
+file path=usr/share/doc/ntp/pic/pogo8.gif
+file path=usr/share/doc/ntp/pic/pzf509.jpg
+file path=usr/share/doc/ntp/pic/pzf511.jpg
+file path=usr/share/doc/ntp/pic/rabbit.gif
+file path=usr/share/doc/ntp/pic/radio2.jpg
+file path=usr/share/doc/ntp/pic/sheepb.jpg
+file path=usr/share/doc/ntp/pic/stack1a.jpg
+file path=usr/share/doc/ntp/pic/thunderbolt.jpg
+file path=usr/share/doc/ntp/pic/tonea.gif
+file path=usr/share/doc/ntp/pic/tribeb.gif
+file path=usr/share/doc/ntp/pic/wingdorothy.gif
+file path=usr/share/doc/ntp/pps.html
+file path=usr/share/doc/ntp/prefer.html
+file path=usr/share/doc/ntp/quick.html
+file path=usr/share/doc/ntp/rate.html
+file path=usr/share/doc/ntp/rdebug.html
+file path=usr/share/doc/ntp/refclock.html
+file path=usr/share/doc/ntp/release.html
+file path=usr/share/doc/ntp/scripts/accopt.txt
+file path=usr/share/doc/ntp/scripts/audio.txt
+file path=usr/share/doc/ntp/scripts/authopt.txt
+file path=usr/share/doc/ntp/scripts/clockopt.txt
+file path=usr/share/doc/ntp/scripts/command.txt
+file path=usr/share/doc/ntp/scripts/config.txt
+file path=usr/share/doc/ntp/scripts/confopt.txt
+file path=usr/share/doc/ntp/scripts/external.txt
+file path=usr/share/doc/ntp/scripts/footer.txt
+file path=usr/share/doc/ntp/scripts/install.txt
+file path=usr/share/doc/ntp/scripts/manual.txt
+file path=usr/share/doc/ntp/scripts/misc.txt
+file path=usr/share/doc/ntp/scripts/miscopt.txt
+file path=usr/share/doc/ntp/scripts/monopt.txt
+file path=usr/share/doc/ntp/scripts/refclock.txt
+file path=usr/share/doc/ntp/scripts/style.css
+file path=usr/share/doc/ntp/sitemap.html
+file path=usr/share/doc/ntp/sntp.html
+file path=usr/share/doc/ntp/tickadj.html
+file path=usr/share/doc/ntp/xleave.html
+file manpages/ntp-keygen.1m  path=usr/share/man/man1m/ntp-keygen.1m
+file manpages/ntpd.1m  path=usr/share/man/man1m/ntpd.1m
+file manpages/ntpdc.1m  path=usr/share/man/man1m/ntpdc.1m
+file manpages/ntpq.1m  path=usr/share/man/man1m/ntpq.1m
+file manpages/ntpdate.1m  path=usr/share/man/man1m/ntpdate.1m
+file manpages/ntptime.1m  path=usr/share/man/man1m/ntptime.1m
+file manpages/ntptrace.1m  path=usr/share/man/man1m/ntptrace.1m
+file manpages/ntprc.4  path=usr/share/man/man4/ntprc.4
+file manpages/ntp.conf.4  path=usr/share/man/man4/ntp.conf.4
+link path=usr/sbin/xntpdc target=ntpdc
+
+legacy  pkg=SUNWntpr \
+        name="Network Time Protocol Daemon v4 (root)" \
+        desc="Network Time Protocol v4, NTP Daemon and Utilities (4.2.5) (root)"
+
+legacy  pkg=SUNWntpu \
+        name="Network Time Protocol Daemon v4 (usr)" \
+        desc="Network Time Protocol v4, NTP Daemon and Utilities (4.2.5) (usr)"
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/etcfix.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,81 @@
+--- sntp/header.h.orig	Thu May 14 06:34:41 2009
++++ sntp/header.h	Thu May 14 06:15:12 2009
+@@ -19,10 +19,10 @@
+ #define MAX_SOCKETS        10          /* Maximum number of addresses */
+ 
+ #ifndef LOCKNAME
+-#    define LOCKNAME "/etc/sntp.pid"  /* Stores the pid */
++#    define LOCKNAME "/var/run/sntp.pid"  /* Stores the pid */
+ #endif
+ #ifndef SAVENAME
+-#    define SAVENAME "/etc/sntp.state" /* Stores the recovery state */
++#    define SAVENAME "/var/ntp/sntp.state" /* Stores the recovery state */
+ #endif
+ 
+ 
+--- include/ntp_config.h.orig	Thu May 14 06:34:41 2009
++++ include/ntp_config.h	Thu May 14 06:15:12 2009
+@@ -10,7 +10,7 @@
+  */
+ #ifndef CONFIG_FILE
+ # ifndef SYS_WINNT
+-#  define	CONFIG_FILE "/etc/ntp.conf"
++#  define	CONFIG_FILE "/etc/inet/ntp.conf"
+ # else /* SYS_WINNT */
+ #  define	CONFIG_FILE	"%windir%\\system32\\drivers\\etc\\ntp.conf"
+ #  define	ALT_CONFIG_FILE "%windir%\\ntp.conf"
+--- libntp/audio.c.orig	Thu May 14 06:34:41 2009
++++ libntp/audio.c	Thu May 14 06:15:12 2009
+@@ -53,7 +53,7 @@
+ static struct audio_device device; /* audio device ident */
+ #endif /* HAVE_SYS_AUDIOIO_H */
+ #ifdef PCM_STYLE_SOUND
+-# define INIT_FILE "/etc/ntp.audio"
++# define INIT_FILE "/etc/inet/ntp.audio"
+ int agc =	SOUND_MIXER_WRITE_RECLEV; /* or IGAIN or LINE */
+ int monitor =	SOUND_MIXER_WRITE_VOLUME; /* or OGAIN */
+ int devmask = 0;
+--- ntpdate/ntpdate.c.orig	Thu May 14 06:34:41 2009
++++ ntpdate/ntpdate.c	Thu May 14 06:15:12 2009
+@@ -192,7 +192,7 @@
+ 
+ #ifndef KEYFILE
+ # ifndef SYS_WINNT
+-#define KEYFILE 	"/etc/ntp.keys"
++#define KEYFILE 	"/etc/inet/ntp.keys"
+ # else
+ #define KEYFILE 	"%windir%\\ntp.keys"
+ # endif /* SYS_WINNT */
+--- ntpdate/ntptimeset.c.orig	Thu May 14 06:34:41 2009
++++ ntpdate/ntptimeset.c	Thu May 14 06:15:12 2009
+@@ -270,7 +270,7 @@
+ 
+ #ifndef KEYFILE
+ # ifndef SYS_WINNT
+-#define KEYFILE 	"/etc/ntp.keys"
++#define KEYFILE 	"/etc/inet/ntp.keys"
+ # else
+ #define KEYFILE 	"%windir%\\ntp.keys"
+ # endif /* SYS_WINNT */
+--- ntpdate/ntptime_config.c.orig	Thu May 14 06:34:41 2009
++++ ntpdate/ntptime_config.c	Thu May 14 06:15:12 2009
+@@ -37,7 +37,7 @@
+  */
+ #ifndef CONFIG_FILE
+ # ifndef SYS_WINNT
+-#  define	CONFIG_FILE "/etc/ntp.conf"
++#  define	CONFIG_FILE "/etc/inet/ntp.conf"
+ # else /* SYS_WINNT */
+ #  define	CONFIG_FILE 	"%windir%\\ntp.conf"
+ #  define	ALT_CONFIG_FILE "%windir%\\ntp.ini"
+--- ntpd/refclock_oncore.c.orig	Thu May 14 06:34:41 2009
++++ ntpd/refclock_oncore.c	Thu May 14 06:15:12 2009
+@@ -1188,7 +1188,7 @@
+ 
+ 	FILE	*fd;
+ 	char	*cp, *cc, *ca, line[100], units[2], device[20], Msg[160], **cpp;
+-	char	*dirs[] = { "/etc/ntp", "/etc", 0 };
++	char	*dirs[] = { "/etc/inet", "/etc", 0 };
+ 	int	i, sign, lat_flg, long_flg, ht_flg, mode, mask;
+ 	double	f1, f2, f3;
+ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/ins-ntp-wait.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,97 @@
+--- scripts/Makefile.in.fcs	Mon Mar 28 10:55:26 2011
++++ scripts/Makefile.in	Mon Mar 28 11:00:55 2011
+@@ -58,11 +58,11 @@
+ CONFIG_HEADER = $(top_builddir)/config.h
+ CONFIG_CLEAN_FILES = calc_tickadj checktime freq_adj html2man mkver \
+ 	ntp-wait ntpsweep ntptrace ntpver plot_summary summary
+ am__installdirs = "$(DESTDIR)$(bindir)"
+ binSCRIPT_INSTALL = $(INSTALL_SCRIPT)
+-SCRIPTS = $(bin_SCRIPTS) $(noinst_SCRIPTS)
++SCRIPTS = $(bin_SCRIPTS) $(lib_SCRIPTS) $(noinst_SCRIPTS)
+ SOURCES =
+ DIST_SOURCES =
+ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ ACLOCAL = @ACLOCAL@
+ AMDEP_FALSE = @AMDEP_FALSE@
+@@ -194,11 +194,12 @@
+ sbindir = @sbindir@
+ sharedstatedir = @sharedstatedir@
+ subdirs = @subdirs@
+ sysconfdir = @sysconfdir@
+ target_alias = @target_alias@
+-bin_SCRIPTS = ntp-wait ntptrace
++bin_SCRIPTS = ntptrace
++lib_SCRIPTS = ntp-wait
+ noinst_SCRIPTS = calc_tickadj checktime freq_adj html2man mkver ntpsweep ntpver plot_summary summary
+ EXTRA_DIST = VersionName fixautomakedepsmagic genCommitLog genver	\
+ 	hpadjtime.sh monitoring ntp-close ntp-groper ntp-restart	\
+ 	ntp-status rc1 rc2 stats
+ 
+@@ -274,10 +275,30 @@
+ 	  f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
+ 	  echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \
+ 	  rm -f "$(DESTDIR)$(bindir)/$$f"; \
+ 	done
+ 
++install-libSCRIPTS: $(lib_SCRIPTS)
++	@$(NORMAL_INSTALL)
++	test -z "$(libexecdir)" || $(mkdir_p) "$(DESTDIR)$(libexecdir)"
++	@list='$(lib_SCRIPTS)'; for p in $$list; do \
++	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
++	  if test -f $$d$$p; then \
++	    f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
++	    echo " $(binSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \
++	    $(binSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(libexecdir)/$$f"; \
++	  else :; fi; \
++	done
++
++uninstall-libSCRIPTS:
++	@$(NORMAL_UNINSTALL)
++	@list='$(lib_SCRIPTS)'; for p in $$list; do \
++	  f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
++	  echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \
++	  rm -f "$(DESTDIR)$(libexecdir)/$$f"; \
++	done
++
+ mostlyclean-libtool:
+ 	-rm -f *.lo
+ 
+ clean-libtool:
+ 	-rm -rf .libs _libs
+@@ -368,11 +389,11 @@
+ 
+ info-am:
+ 
+ install-data-am:
+ 
+-install-exec-am: install-binSCRIPTS
++install-exec-am: install-binSCRIPTS install-libSCRIPTS
+ 
+ install-info: install-info-am
+ 
+ install-man:
+ 
+@@ -392,20 +413,20 @@
+ 
+ ps: ps-am
+ 
+ ps-am:
+ 
+-uninstall-am: uninstall-binSCRIPTS uninstall-info-am
++uninstall-am: uninstall-binSCRIPTS uninstall-libSCRIPTS uninstall-info-am
+ 
+ .PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ 	distclean distclean-generic distclean-libtool distdir dvi \
+ 	dvi-am html html-am info info-am install install-am \
+-	install-binSCRIPTS install-data install-data-am install-exec \
++	install-binSCRIPTS install-libSCRIPTS install-data install-data-am install-exec \
+ 	install-exec-am install-info install-info-am install-man \
+ 	install-strip installcheck installcheck-am installdirs \
+ 	maintainer-clean maintainer-clean-generic mostlyclean \
+ 	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+-	uninstall uninstall-am uninstall-binSCRIPTS uninstall-info-am
++	uninstall uninstall-am uninstall-binSCRIPTS uninstall-libSCRIPTS uninstall-info-am
+ 
+ # Tell versions [3.59,3.63) of GNU make to not export all variables.
+ # Otherwise a system limit (for SysV at least) may be exceeded.
+ .NOEXPORT:
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/ins-ntpd.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,15 @@
+--- ntpd/Makefile.in.fcs	Mon Mar 28 10:52:07 2011
++++ ntpd/Makefile.in	Mon Mar 28 10:54:13 2011
+@@ -243,11 +243,11 @@
+ am__include = @am__include@
+ am__leading_dot = @am__leading_dot@
+ am__quote = @am__quote@
+ am__tar = @am__tar@
+ am__untar = @am__untar@
+-bindir = ${exec_prefix}/${BINSUBDIR}
++bindir = @libexecdir@
+ build = @build@
+ build_alias = @build_alias@
+ build_cpu = @build_cpu@
+ build_os = @build_os@
+ build_vendor = @build_vendor@
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/mc.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,19 @@
+*** ntpd/ntp_io.c.orig	Fri Jul 30 06:57:58 2010
+--- ntpd/ntp_io.c	Fri Jul 30 06:58:46 2010
+***************
+*** 1869,1875 ****
+  
+  	case AF_INET:
+  		if (setsockopt(iface->fd, IPPROTO_IP, IP_MULTICAST_IF,
+! 			       (char *)NSRCADR(&iface->sin),
+  			       sizeof(NSRCADR(&iface->sin)))) {
+  
+  			msyslog(LOG_ERR,
+--- 1869,1875 ----
+  
+  	case AF_INET:
+  		if (setsockopt(iface->fd, IPPROTO_IP, IP_MULTICAST_IF,
+! 			       (void *)&NSRCADR(&iface->sin),
+  			       sizeof(NSRCADR(&iface->sin)))) {
+  
+  			msyslog(LOG_ERR,
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/mdns.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,317 @@
+--- ntpd/ntpd-opts.c.orig	Thu Jul 29 09:29:51 2010
++++ ntpd/ntpd-opts.c	Thu Jul 29 09:43:40 2010
+@@ -243,6 +243,24 @@
+ #define NOVIRTUALIPS_FLAGS       (OPTST_DISABLED)
+ 
+ /*
++ *  Mdns option description:
++ */
++#ifdef HAVE_DNSREGISTRATION
++tSCC    zMdnsText[] =
++        "Register with mDNS as a NTP server";
++tSCC    zMdns_NAME[]               = "MDNS";
++tSCC    zMdns_Name[]               = "mdns";
++#define MDNS_FLAGS       (OPTST_DISABLED)
++
++#else   /* disable Mdns */
++#define VALUE_OPT_MDNS NO_EQUIVALENT
++#define MDNS_FLAGS       (OPTST_OMITTED | OPTST_NO_INIT)
++#define zMdnsText       NULL
++#define zMdns_NAME      NULL
++#define zMdns_Name      NULL
++#endif  /* HAVE_DNSREGISTRATION */
++
++/*
+  *  Modifymmtimer option description:
+  */
+ #ifdef SYS_WINNT
+@@ -673,10 +691,22 @@
+      /* desc, NAME, name */ zNovirtualipsText, zNovirtualips_NAME, zNovirtualips_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 15, VALUE_OPT_MODIFYMMTIMER,
+-     /* equiv idx, value */ 15, VALUE_OPT_MODIFYMMTIMER,
++  {  /* entry idx, value */ 15, VALUE_OPT_MDNS,
++     /* equiv idx, value */ 15, VALUE_OPT_MDNS,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
++     /* opt state flags  */ MDNS_FLAGS, 0,
++     /* last opt argumnt */ { NULL },
++     /* arg list/cookie  */ NULL,
++     /* must/cannot opts */ NULL, NULL,
++     /* option proc      */ NULL,
++     /* desc, NAME, name */ zMdnsText, zMdns_NAME, zMdns_Name,
++     /* disablement strs */ NULL, NULL },
++
++  {  /* entry idx, value */ 16, VALUE_OPT_MODIFYMMTIMER,
++     /* equiv idx, value */ 16, VALUE_OPT_MODIFYMMTIMER,
++     /* equivalenced to  */ NO_EQUIVALENT,
++     /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ MODIFYMMTIMER_FLAGS, 0,
+      /* last opt argumnt */ { NULL },
+      /* arg list/cookie  */ NULL,
+@@ -685,8 +715,8 @@
+      /* desc, NAME, name */ zModifymmtimerText, zModifymmtimer_NAME, zModifymmtimer_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 16, VALUE_OPT_NOFORK,
+-     /* equiv idx, value */ 16, VALUE_OPT_NOFORK,
++  {  /* entry idx, value */ 17, VALUE_OPT_NOFORK,
++     /* equiv idx, value */ 17, VALUE_OPT_NOFORK,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ NOFORK_FLAGS, 0,
+@@ -697,8 +727,8 @@
+      /* desc, NAME, name */ zNoforkText, zNofork_NAME, zNofork_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 17, VALUE_OPT_NICE,
+-     /* equiv idx, value */ 17, VALUE_OPT_NICE,
++  {  /* entry idx, value */ 18, VALUE_OPT_NICE,
++     /* equiv idx, value */ 18, VALUE_OPT_NICE,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ NICE_FLAGS, 0,
+@@ -709,8 +739,8 @@
+      /* desc, NAME, name */ zNiceText, zNice_NAME, zNice_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 18, VALUE_OPT_PIDFILE,
+-     /* equiv idx, value */ 18, VALUE_OPT_PIDFILE,
++  {  /* entry idx, value */ 19, VALUE_OPT_PIDFILE,
++     /* equiv idx, value */ 19, VALUE_OPT_PIDFILE,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ PIDFILE_FLAGS, 0,
+@@ -721,8 +751,8 @@
+      /* desc, NAME, name */ zPidfileText, zPidfile_NAME, zPidfile_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 19, VALUE_OPT_PRIORITY,
+-     /* equiv idx, value */ 19, VALUE_OPT_PRIORITY,
++  {  /* entry idx, value */ 20, VALUE_OPT_PRIORITY,
++     /* equiv idx, value */ 20, VALUE_OPT_PRIORITY,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ PRIORITY_FLAGS, 0,
+@@ -733,8 +763,8 @@
+      /* desc, NAME, name */ zPriorityText, zPriority_NAME, zPriority_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 20, VALUE_OPT_QUIT,
+-     /* equiv idx, value */ 20, VALUE_OPT_QUIT,
++  {  /* entry idx, value */ 21, VALUE_OPT_QUIT,
++     /* equiv idx, value */ 21, VALUE_OPT_QUIT,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ QUIT_FLAGS, 0,
+@@ -745,8 +775,8 @@
+      /* desc, NAME, name */ zQuitText, zQuit_NAME, zQuit_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 21, VALUE_OPT_PROPAGATIONDELAY,
+-     /* equiv idx, value */ 21, VALUE_OPT_PROPAGATIONDELAY,
++  {  /* entry idx, value */ 22, VALUE_OPT_PROPAGATIONDELAY,
++     /* equiv idx, value */ 22, VALUE_OPT_PROPAGATIONDELAY,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ PROPAGATIONDELAY_FLAGS, 0,
+@@ -757,8 +787,8 @@
+      /* desc, NAME, name */ zPropagationdelayText, zPropagationdelay_NAME, zPropagationdelay_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 22, VALUE_OPT_STATSDIR,
+-     /* equiv idx, value */ 22, VALUE_OPT_STATSDIR,
++  {  /* entry idx, value */ 23, VALUE_OPT_STATSDIR,
++     /* equiv idx, value */ 23, VALUE_OPT_STATSDIR,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ STATSDIR_FLAGS, 0,
+@@ -769,8 +799,8 @@
+      /* desc, NAME, name */ zStatsdirText, zStatsdir_NAME, zStatsdir_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 23, VALUE_OPT_TRUSTEDKEY,
+-     /* equiv idx, value */ 23, VALUE_OPT_TRUSTEDKEY,
++  {  /* entry idx, value */ 24, VALUE_OPT_TRUSTEDKEY,
++     /* equiv idx, value */ 24, VALUE_OPT_TRUSTEDKEY,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, NOLIMIT, 0,
+      /* opt state flags  */ TRUSTEDKEY_FLAGS, 0,
+@@ -781,8 +811,8 @@
+      /* desc, NAME, name */ zTrustedkeyText, zTrustedkey_NAME, zTrustedkey_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 24, VALUE_OPT_USER,
+-     /* equiv idx, value */ 24, VALUE_OPT_USER,
++  {  /* entry idx, value */ 25, VALUE_OPT_USER,
++     /* equiv idx, value */ 25, VALUE_OPT_USER,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ USER_FLAGS, 0,
+@@ -793,8 +823,8 @@
+      /* desc, NAME, name */ zUserText, zUser_NAME, zUser_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 25, VALUE_OPT_UPDATEINTERVAL,
+-     /* equiv idx, value */ 25, VALUE_OPT_UPDATEINTERVAL,
++  {  /* entry idx, value */ 26, VALUE_OPT_UPDATEINTERVAL,
++     /* equiv idx, value */ 26, VALUE_OPT_UPDATEINTERVAL,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ UPDATEINTERVAL_FLAGS, 0,
+@@ -805,8 +835,8 @@
+      /* desc, NAME, name */ zUpdateintervalText, zUpdateinterval_NAME, zUpdateinterval_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 26, VALUE_OPT_VAR,
+-     /* equiv idx, value */ 26, VALUE_OPT_VAR,
++  {  /* entry idx, value */ 27, VALUE_OPT_VAR,
++     /* equiv idx, value */ 27, VALUE_OPT_VAR,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, NOLIMIT, 0,
+      /* opt state flags  */ VAR_FLAGS, 0,
+@@ -817,8 +847,8 @@
+      /* desc, NAME, name */ zVarText, zVar_NAME, zVar_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 27, VALUE_OPT_DVAR,
+-     /* equiv idx, value */ 27, VALUE_OPT_DVAR,
++  {  /* entry idx, value */ 28, VALUE_OPT_DVAR,
++     /* equiv idx, value */ 28, VALUE_OPT_DVAR,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, NOLIMIT, 0,
+      /* opt state flags  */ DVAR_FLAGS, 0,
+@@ -829,8 +859,8 @@
+      /* desc, NAME, name */ zDvarText, zDvar_NAME, zDvar_Name,
+      /* disablement strs */ NULL, NULL },
+ 
+-  {  /* entry idx, value */ 28, VALUE_OPT_SLEW,
+-     /* equiv idx, value */ 28, VALUE_OPT_SLEW,
++  {  /* entry idx, value */ 29, VALUE_OPT_SLEW,
++     /* equiv idx, value */ 29, VALUE_OPT_SLEW,
+      /* equivalenced to  */ NO_EQUIVALENT,
+      /* min, max, act ct */ 0, 1, 0,
+      /* opt state flags  */ SLEW_FLAGS, 0,
+@@ -967,7 +997,7 @@
+       NO_EQUIVALENT, /* '-#' option index */
+       NO_EQUIVALENT /* index of default opt */
+     },
+-    34 /* full option count */, 31 /* user option count */,
++    35 /* full option count */, 32 /* user option count */,
+     ntpd_full_usage, ntpd_short_usage,
+     NULL, NULL
+ };
+--- ntpd/ntpd.c.orig	Wed Aug 12 04:07:05 2009
++++ ntpd/ntpd.c	Thu Jul 29 09:48:44 2010
+@@ -166,7 +166,7 @@
+  * after we have synched the first time. If the attempt fails, then try again once per 
+  * minute for up to 5 times. After all, we may be starting before mDNS.
+  */
+-int mdnsreg = 1;
++int mdnsreg = 0;
+ int mdnstries = 5;
+ #endif  /* HAVE_DNSREGISTRATION */
+ 
+@@ -540,6 +540,9 @@
+ 	if (HAVE_OPT( NOVIRTUALIPS ))
+ 		listen_to_virtual_ips = 0;
+ 
++	if (HAVE_OPT( MDNS ))
++		mdnsreg = 1;
++
+ 	/*
+ 	 * Limit specific interfaces
+ 	 */
+--- ntpd/ntpd-opts.h.orig	Wed Aug 12 04:42:23 2009
++++ ntpd/ntpd-opts.h	Thu Jul 29 09:39:13 2010
+@@ -67,28 +67,29 @@
+     INDEX_OPT_KEYFILE           = 12,
+     INDEX_OPT_LOGFILE           = 13,
+     INDEX_OPT_NOVIRTUALIPS      = 14,
+-    INDEX_OPT_MODIFYMMTIMER     = 15,
+-    INDEX_OPT_NOFORK            = 16,
+-    INDEX_OPT_NICE              = 17,
+-    INDEX_OPT_PIDFILE           = 18,
+-    INDEX_OPT_PRIORITY          = 19,
+-    INDEX_OPT_QUIT              = 20,
+-    INDEX_OPT_PROPAGATIONDELAY  = 21,
+-    INDEX_OPT_STATSDIR          = 22,
+-    INDEX_OPT_TRUSTEDKEY        = 23,
+-    INDEX_OPT_USER              = 24,
+-    INDEX_OPT_UPDATEINTERVAL    = 25,
+-    INDEX_OPT_VAR               = 26,
+-    INDEX_OPT_DVAR              = 27,
+-    INDEX_OPT_SLEW              = 28,
+-    INDEX_OPT_USEPCC            = 29,
+-    INDEX_OPT_PCCFREQ           = 30,
+-    INDEX_OPT_VERSION           = 31,
+-    INDEX_OPT_HELP              = 32,
+-    INDEX_OPT_MORE_HELP         = 33
++    INDEX_OPT_MDNS              = 15,
++    INDEX_OPT_MODIFYMMTIMER     = 16,
++    INDEX_OPT_NOFORK            = 17,
++    INDEX_OPT_NICE              = 18,
++    INDEX_OPT_PIDFILE           = 19,
++    INDEX_OPT_PRIORITY          = 20,
++    INDEX_OPT_QUIT              = 21,
++    INDEX_OPT_PROPAGATIONDELAY  = 22,
++    INDEX_OPT_STATSDIR          = 23,
++    INDEX_OPT_TRUSTEDKEY        = 24,
++    INDEX_OPT_USER              = 25,
++    INDEX_OPT_UPDATEINTERVAL    = 26,
++    INDEX_OPT_VAR               = 27,
++    INDEX_OPT_DVAR              = 28,
++    INDEX_OPT_SLEW              = 29,
++    INDEX_OPT_USEPCC            = 30,
++    INDEX_OPT_PCCFREQ           = 31,
++    INDEX_OPT_VERSION           = 32,
++    INDEX_OPT_HELP              = 33,
++    INDEX_OPT_MORE_HELP         = 34
+ } teOptIndex;
+ 
+-#define OPTION_CT    34
++#define OPTION_CT    35
+ #define NTPD_VERSION       "4.2.5p200"
+ #define NTPD_FULL_VERSION  "ntpd - NTP daemon program - Ver. 4.2.5p200"
+ 
+@@ -177,6 +178,10 @@
+ #  warning undefining NOVIRTUALIPS due to option name conflict
+ #  undef   NOVIRTUALIPS
+ # endif
++# ifdef    MDNS
++#  warning undefining MDNS due to option name conflict
++#  undef   MDNS
++# endif
+ # ifdef    MODIFYMMTIMER
+ #  warning undefining MODIFYMMTIMER due to option name conflict
+ #  undef   MODIFYMMTIMER
+@@ -257,6 +262,7 @@
+ # undef KEYFILE
+ # undef LOGFILE
+ # undef NOVIRTUALIPS
++# undef MDNS
+ # undef MODIFYMMTIMER
+ # undef NOFORK
+ # undef NICE
+@@ -302,6 +308,9 @@
+ #define VALUE_OPT_KEYFILE        'k'
+ #define VALUE_OPT_LOGFILE        'l'
+ #define VALUE_OPT_NOVIRTUALIPS   'L'
++#ifdef HAVE_DNSREGISTRATION
++#define VALUE_OPT_MDNS           'm'
++#endif /* HAVE_DNSREGISTRATION */
+ #ifdef SYS_WINNT
+ #define VALUE_OPT_MODIFYMMTIMER  'M'
+ #endif /* SYS_WINNT */
+@@ -319,8 +328,8 @@
+ #endif /* HAVE_DROPROOT */
+ #define VALUE_OPT_UPDATEINTERVAL 'U'
+ #define OPT_VALUE_UPDATEINTERVAL (DESC(UPDATEINTERVAL).optArg.argInt)
+-#define VALUE_OPT_VAR            26
+-#define VALUE_OPT_DVAR           27
++#define VALUE_OPT_VAR            27
++#define VALUE_OPT_DVAR           28
+ #define VALUE_OPT_SLEW           'x'
+ #ifdef SYS_WINNT
+ #define VALUE_OPT_USEPCC         29
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/noextra.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,50 @@
+--- configure.orig	Thu May 14 06:34:41 2009
++++ configure	Thu May 14 06:15:13 2009
+@@ -459,8 +459,6 @@
+ #endif"
+ 
+ ac_subdirs_all="$ac_subdirs_all arlib"
+-ac_subdirs_all="$ac_subdirs_all sntp"
+-ac_subdirs_all="$ac_subdirs_all gsoc_sntp"
+ ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar build build_cpu build_vendor build_os host host_cpu host_vendor host_os CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE CPP EGREP YACC VPATH_HACK_TRUE VPATH_HACK_FALSE LIBOPTS_DIR INSTALL_LIBOPTS_TRUE INSTALL_LIBOPTS_FALSE NEED_LIBOPTS_TRUE NEED_LIBOPTS_FALSE LIBOPTS_LDADD LIBOPTS_CFLAGS BINSUBDIR subdirs ARLIB_DIR LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB LIBTOOL PATH_SH PATH_PERL PATH_NET_SNMP_CONFIG EDITLINE_LIBS HAVE_INLINE LIBPARSE MAKE_LIBPARSE MAKE_LIBPARSE_KERNEL MAKE_CHECK_Y2K OPENSSL OPENSSL_INC OPENSSL_LIB LCRYPTO EF_PROGS EF_LIBS MAKE_CHECK_LAYOUT TESTDCF DCFD MAKE_PARSEKMODULE PROPDELAY CHUTEST CLKTEST MAKE_ADJTIMED MAKE_NTPTIME MAKE_TICKADJ MAKE_TIMETRIM MAKE_LIBNTPSIM MAKE_NTPDSIM SNMP_LIBS SNMP_CPPFLAGS SNMP_CFLAGS MAKE_NTPSNMPD LSCF LIBOBJS LTLIBOBJS'
+ ac_subst_files=''
+ 
+@@ -48060,11 +48058,9 @@
+ 
+ 
+ 
+-subdirs="$subdirs sntp"
+ 
+ 
+ 
+-subdirs="$subdirs gsoc_sntp"
+ 
+ 
+ cat >confcache <<\_ACEOF
+--- Makefile.in.orig	Thu May 14 06:34:41 2009
++++ Makefile.in	Thu May 14 06:15:13 2009
+@@ -217,8 +217,8 @@
+ ACLOCAL_AMFLAGS = -I m4 -I libopts/m4
+ NULL = 
+ SUBDIRS = scripts include ElectricFence $(am__append_1) @ARLIB_DIR@ \
+-	libntp libparse ntpd ntpdate ntpdc ntpq ntpsnmpd parseutil \
+-	adjtimed clockstuff kernel gsoc_sntp sntp util $(NULL)
++	libntp libparse ntpd ntpdate ntpdc ntpq parseutil \
++	adjtimed clockstuff kernel util $(NULL)
+ DIST_SUBDIRS = \
+ 	scripts		\
+ 	include		\
+@@ -231,13 +231,10 @@
+ 	ntpdate		\
+ 	ntpdc		\
+ 	ntpq		\
+-	ntpsnmpd	\
+ 	parseutil	\
+ 	adjtimed	\
+ 	clockstuff	\
+ 	kernel		\
+-	gsoc_sntp	\
+-	sntp		\
+ 	util		\
+ 	$(NULL)
+ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/ntpwait.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,13 @@
+--- scripts/ntp-wait.in.orig	Thu May 14 06:34:42 2009
++++ scripts/ntp-wait.in	Thu May 14 06:15:13 2009
+@@ -20,8 +20,8 @@
+     while(<Q>) {
+       chomp;
+       # the first line should be similar to:
+-      # associd=0 status=0645 leap_none, sync_ntp, ...
+-      if (/^associd=0 status=(\S{4}) (\S+), (\S+),/) {
++      # status=0645 leap_none, sync_ntp, ...
++      if (/status=(\S{4}) (\S+), (\S+),/) {
+ 	my $status = $1;
+ 	my $leap = $2;
+ 	my $sync = $3;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ntp/patches/timing.patch	Fri Apr 08 05:28:01 2011 -0700
@@ -0,0 +1,19 @@
+--- ntpd/ntp_proto.c.orig	Thu May 14 06:34:42 2009
++++ ntpd/ntp_proto.c	Thu May 14 06:15:13 2009
+@@ -1629,6 +1629,16 @@
+ 	char	*fmri;
+ #endif /* HAVE_LIBSCF_H */
+ 
++#ifdef DEBUG_TIMING
++{
++        char buf[2048];
++
++        snprintf(buf, sizeof(buf), "%lu %lu %d %d epoch",
++                 sys_epoch,peer->epoch,peer->epoch-sys_epoch,current_time - peer->epoch);
++        record_timing_stats(buf);
++}
++#endif
++
+ 	/*
+ 	 * Update the system state variables. We do this very carefully,
+ 	 * as the poll interval might need to be clamped differently.
--- a/make-rules/shared-macros.mk	Thu Apr 07 22:51:51 2011 -0700
+++ b/make-rules/shared-macros.mk	Fri Apr 08 05:28:01 2011 -0700
@@ -78,22 +78,30 @@
 BINDIR =	/bin
 LIBDIR =	/lib
 USRBINDIR =	$(USRDIR)/bin
+USRSBINDIR =	$(USRDIR)/sbin
 USRLIBDIR =	$(USRDIR)/lib
 USRSHAREDIR =	$(USRDIR)/share
 USRSHAREMANDIR =	$(USRSHAREDIR)/man
+USRSHAREDOCDIR =	$(USRSHAREDIR)/doc
 USRSHAREMAN1DIR =	$(USRSHAREMANDIR)/man1
+USRSHAREMAN1MDIR =	$(USRSHAREMANDIR)/man1m
 USRSHAREMAN3DIR =	$(USRSHAREMANDIR)/man3
 USRSHAREMAN4DIR =	$(USRSHAREMANDIR)/man4
 USRSHAREMAN5DIR =	$(USRSHAREMANDIR)/man5
 USRLIBDIR64 =	$(USRDIR)/lib/$(MACH64)
 PROTOETCDIR =	$(PROTO_DIR)/$(ETCDIR)
+PROTOETCSECDIR = $(PROTO_DIR)/$(ETCDIR)/security
 PROTOUSRDIR =	$(PROTO_DIR)/$(USRDIR)
+PROTOLIBDIR =	$(PROTO_DIR)/$(LIBDIR)
 PROTOUSRBINDIR =	$(PROTO_DIR)/$(USRBINDIR)
+PROTOUSRSBINDIR =	$(PROTO_DIR)/$(USRSBINDIR)
 PROTOUSRLIBDIR =	$(PROTO_DIR)/$(USRLIBDIR)
 PROTOUSRLIBDIR64 =	$(PROTO_DIR)/$(USRLIBDIR64)
 PROTOUSRSHAREDIR =	$(PROTO_DIR)/$(USRSHAREDIR)
 PROTOUSRSHAREMANDIR =	$(PROTO_DIR)/$(USRSHAREMANDIR)
+PROTOUSRSHAREDOCDIR =	$(PROTO_DIR)/$(USRSHAREDOCDIR)
 PROTOUSRSHAREMAN1DIR =	$(PROTO_DIR)/$(USRSHAREMAN1DIR)
+PROTOUSRSHAREMAN1MDIR =	$(PROTO_DIR)/$(USRSHAREMAN1MDIR)
 PROTOUSRSHAREMAN3DIR =	$(PROTO_DIR)/$(USRSHAREMAN3DIR)
 PROTOUSRSHAREMAN4DIR =	$(PROTO_DIR)/$(USRSHAREMAN4DIR)
 PROTOUSRSHAREMAN5DIR =	$(PROTO_DIR)/$(USRSHAREMAN5DIR)
--- a/make-rules/shared-targets.mk	Thu Apr 07 22:51:51 2011 -0700
+++ b/make-rules/shared-targets.mk	Fri Apr 08 05:28:01 2011 -0700
@@ -26,9 +26,12 @@
 #
 
 PROTOMAN1FILES=$(MAN1FILES:%=$(PROTOUSRSHAREMAN1DIR)/%)
+PROTOMAN1MFILES=$(MAN1MFILES:%=$(PROTOUSRSHAREMAN1MDIR)/%)
 PROTOMAN3FILES=$(MAN3FILES:%=$(PROTOUSRSHAREMAN3DIR)/%)
+PROTOMAN4FILES=$(MAN4FILES:%=$(PROTOUSRSHAREMAN4DIR)/%)
 
-$(PROTOUSRSHAREMAN1DIR)/% $(PROTOUSRSHAREMAN3DIR)/%:    manpages/%
+$(PROTOUSRSHAREMAN1DIR)/% $(PROTOUSRSHAREMAN1MDIR)/% $(PROTOUSRSHAREMAN3DIR)/% \
+$(PROTOUSRSHAREMAN4DIR)/%:    manpages/%
 	$(INS.file)
 
 PROTOSFWLINKS= $(SFWPROGS:%=$(PROTOSFWBIN)/%)
@@ -53,15 +56,26 @@
 
 
 $(PROTOETCDIR) \
+$(PROTOETCSECDIR) \
+$(PROTOLIBDIR) \
 $(PROTOUSRSHAREMAN1DIR) \
+$(PROTOUSRSHAREMAN1MDIR) \
 $(PROTOUSRSHAREMAN3DIR) \
+$(PROTOUSRSHAREMAN4DIR) \
+$(PROTOUSRSHAREDOCDIR) \
 $(PROTOGNUBIN) \
 $(PROTOGNUSHAREMAN1) \
 $(PROTOSFWBIN) \
 $(PROTOSFWSHAREMAN1) \
+$(PROTOUSRSBINDIR) \
 $(PROTOUSRBINDIR):
 	$(MKDIR) $@
 
+
+$(PROTOMAN1FILES): $(PROTOUSRSHAREMAN1DIR)
+
+$(PROTOMAN1MFILES): $(PROTOUSRSHAREMAN1MDIR)
+
 $(PROTOMAN3FILES): $(PROTOUSRSHAREMAN3DIR)
 
-$(PROTOMAN1FILES): $(PROTOUSRSHAREMAN1DIR)
+$(PROTOMAN4FILES): $(PROTOUSRSHAREMAN4DIR)
--- a/transforms/defaults	Thu Apr 07 22:51:51 2011 -0700
+++ b/transforms/defaults	Fri Apr 08 05:28:01 2011 -0700
@@ -24,6 +24,7 @@
 #
 
 <transform dir path=etc$ -> default group sys>
+<transform dir path=etc/inet$ -> default group sys>
 <transform dir path=var$ -> default group sys>
 
 #
@@ -50,6 +51,10 @@
 <transform dir path=etc/security$ -> default group sys>
 <transform dir path=etc/security/exec_attr.d$ -> default group sys>
 <transform file path=etc/security/exec_attr.d/.* -> default group sys>
+<transform dir path=etc/security/prof_attr.d$ -> default group sys>
+<transform file path=etc/security/prof_attr.d/.* -> default group sys>
+<transform dir path=etc/security/auth_attr.d$ -> default group sys>
+<transform file path=etc/security/auth_attr.d/.* -> default group sys>
 
 #
 # SMF directories and files
@@ -76,6 +81,7 @@
 #
 <transform file path=.*lib/.*\.so.* -> default mode 0555>
 <transform file path=.*bin/.* -> default mode 0555>
+<transform file path=.*lib/inet/.* -> default mode 0555>
 
 #
 # For what's left, go with root:bin 0444 for files, 0755 for directories