[Bug?] whonix-ws clock out of synch after suspend (R4.0)
40 views
Skip to first unread message
Dimitri
May 15, 2018, 1:57:10 PM5/15/18
to qubes-users
Hi,
I noticed that the clock in whonix-ws based VMs is not synchronized after sleep mode. If I have my computer in sleep mode for 2h then the VMs clock is 2h in the past.
I noticed that the clock in whonix-ws based VMs is not synchronized after sleep mode. If I have my computer in sleep mode for 2h then the VMs clock is 2h in the past.
To me this looks like a bug.
Large clock skews can potentially harm anonymity.
799
May 15, 2018, 4:47:56 PM5/15/18
to Dimitri, qubes-users
Hello,
I have the same problem.
I have set the time manually using the following command in sys-whonix and my anon-whonix AppVM:
user@host:~$ sudo date +%T -s "22:18:00"
which sets the time to my current local time (germany).
Strangely I still get an error message when running whonixcheck.
Why is there a message "NTP synchronized: no" ?
Shouldn't the time always be synchronized as we're running virtual machines?
user@host:~$ whonixcheck
[INFO] [whonixcheck] sys-whonix | Whonix-Gateway | whonix-gw Template-Based ProxyVM | Tue May 15 22:29:23 UTC 2018
dmesg: read kernel buffer failed: Operation not permitted
[INFO] [whonixcheck] Connected to Tor.
[ERROR] [whonixcheck] Systemd Clock Check Result:
Unexpected results by timedatectl.
timedatectl_output_pretty:
Local time: Tue 2018-05-15 22:29:25 UTC
Universal time: Tue 2018-05-15 22:29:25 UTC
RTC time: n/a
Time zone: Etc/UTC (UTC, +0000)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
It is generally recommended to keep the default as per Whonix Design. [1]
If you did not change timezone related settings, please report this Whonix bug.
If you know what you are doing and changed this on purpose, feel free to
disable this check. [2]
[1] https://www.whonix.org/wiki/Dev/Design-Shared#timezone
[2] Create a file /etc/whonix.d/50_whonixcheck_user and add:
whonixcheck_skip_functions+=" check_systemd_clock "
[799]
I have set the time manually using the following command in sys-whonix and my anon-whonix AppVM:
user@host:~$ sudo date +%T -s "22:18:00"
which sets the time to my current local time (germany).
Strangely I still get an error message when running whonixcheck.
Why is there a message "NTP synchronized: no" ?
Shouldn't the time always be synchronized as we're running virtual machines?
user@host:~$ whonixcheck
[INFO] [whonixcheck] sys-whonix | Whonix-Gateway | whonix-gw Template-Based ProxyVM | Tue May 15 22:29:23 UTC 2018
dmesg: read kernel buffer failed: Operation not permitted
[INFO] [whonixcheck] Connected to Tor.
[ERROR] [whonixcheck] Systemd Clock Check Result:
Unexpected results by timedatectl.
timedatectl_output_pretty:
Local time: Tue 2018-05-15 22:29:25 UTC
Universal time: Tue 2018-05-15 22:29:25 UTC
RTC time: n/a
Time zone: Etc/UTC (UTC, +0000)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
It is generally recommended to keep the default as per Whonix Design. [1]
If you did not change timezone related settings, please report this Whonix bug.
If you know what you are doing and changed this on purpose, feel free to
disable this check. [2]
[1] https://www.whonix.org/wiki/Dev/Design-Shared#timezone
[2] Create a file /etc/whonix.d/50_whonixcheck_user and add:
whonixcheck_skip_functions+=" check_systemd_clock "
[799]
--
You received this message because you are subscribed to the Google Groups "qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscribe@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1a102f3c-da72-4987-b688-edde6f9ebe75%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
awokd
May 15, 2018, 10:34:19 PM5/15/18
to 799, Dimitri, qubes-users
On Tue, May 15, 2018 8:47 pm, 799 wrote:
> Hello,
>
> On 05/15 10:57, Dimitri wrote:
>> Hi,
>> I noticed that the clock in whonix-ws based VMs is not synchronized
>> after
> sleep mode. If I have my computer in sleep mode for 2h then the VMs clock
> is 2h in the past.
>> To me this looks like a bug.
>> Large clock skews can potentially harm anonymity.
>
> I have the same problem.
>
> I have set the time manually using the following command in sys-whonix and
> my anon-whonix AppVM:
>
> user@host:~$ sudo date +%T -s "22:18:00"
>
>
> which sets the time to my current local time (germany).
>
> Strangely I still get an error message when running whonixcheck.
> Why is there a message "NTP synchronized: no" ?
>
> Shouldn't the time always be synchronized as we're running virtual
> machines?
I think this may have been addressed in Whonix 14. On Whonix 13 on R3.2
> Hello,
>
> On 05/15 10:57, Dimitri wrote:
>> Hi,
>> I noticed that the clock in whonix-ws based VMs is not synchronized
>> after
> sleep mode. If I have my computer in sleep mode for 2h then the VMs clock
> is 2h in the past.
>> To me this looks like a bug.
>> Large clock skews can potentially harm anonymity.
>
> I have the same problem.
>
> I have set the time manually using the following command in sys-whonix and
> my anon-whonix AppVM:
>
> user@host:~$ sudo date +%T -s "22:18:00"
>
>
> which sets the time to my current local time (germany).
>
> Strangely I still get an error message when running whonixcheck.
> Why is there a message "NTP synchronized: no" ?
>
> Shouldn't the time always be synchronized as we're running virtual
> machines?
with DispVMs, I worked around the issue by disabling sdwdate
(https://phabricator.whonix.org/T695). I'm not sure that's the safest
approach or if it will help on a normal suspend. So try Whonix 14 first,
then disabling sdwdate if it still isn't working.
NTP is disabled in Whonix templates. https://www.whonix.org/wiki/Time_Attacks
[799]
May 16, 2018, 1:28:41 AM5/16/18
to qubes-users
Hello,
On 05/15 10:57, Dimitri wrote:
On 05/15 10:57, Dimitri wrote:
I have the same problem.
I have set the time manually using the following command in sys-whonix and my anon-whonix AppVM:
user@host:~$ sudo date +%T -s "22:18:00"
which sets the time to my current local time (germany).
Strangely I still get an error message when running whonixcheck.
Why is there a message "NTP synchronized: no" ?
Shouldn't the time always be synchronized as we're running virtual machines?
I have set the time manually using the following command in sys-whonix and my anon-whonix AppVM:
user@host:~$ sudo date +%T -s "22:18:00"
which sets the time to my current local time (germany).
Strangely I still get an error message when running whonixcheck.
Why is there a message "NTP synchronized: no" ?
Shouldn't the time always be synchronized as we're running virtual machines?
Reply all
Reply to author
Forward
0 new messages