git.ipfire.org Git - thirdparty/chrony.git/commit

]> git.ipfire.org Git - thirdparty/chrony.git/commit

projects / thirdparty / chrony.git / commit

author	Luca Boccassi <bluca@debian.org>
	Wed, 21 Aug 2024 18:54:47 +0000 (19:54 +0100)
committer	Miroslav Lichvar <mlichvar@redhat.com>
	Thu, 22 Aug 2024 12:24:49 +0000 (14:24 +0200)
commit	e30f937f6a6f2e098fdadb274024a6d98a34299f
tree	e17d3378704273068e222568017afcd014eb367d	tree \| snapshot
parent	08b67dba98b5dbc0184c38b3c1963dd2f00d2bd9	commit \| diff

doc: explain how to disable DNSSEC validation with sd-resolved in FAQ

DNSSEC requires the system time to be synced in order to work,
as the signature date and expiration need to be checked by
resolvers. But it is possible that syncing the times requires
doing DNS queries. Add a paragraph to the FAQ explaining how
to break this cycle by asking nss-resolved to always avoid
DNSSEC when chronyd tries to resolve hostnames.

doc/faq.adoc

diff | blob | blame | history

Mirror of https://git.tuxfamily.org/chrony/chrony.git

RSS Atom