examples: update for recent changes

examples/chrony.conf.example2

@@ -21,12 +21,6 @@ rtcsync
 # Specify file containing keys for NTP authentication.
 #keyfile /etc/chrony.keys
 
-# Disable logging of client accesses.
-noclientlog
-
-# Send message to syslog when clock adjustment is larger than 0.5 seconds.
-logchange 0.5
-
 # Specify directory for log files.
 logdir /var/log/chrony
 

examples/chrony.conf.example3

@@ -5,22 +5,6 @@
 # want to enable.  The more obscure options are not included.  Refer
 # to the documentation for these.
 #
-# Copyright 2002 Richard P. Curnow
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of version 2 of the GNU General Public License as
-# published by the Free Software Foundation.
-# 
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
-# 
-#
 #######################################################################
 ### COMMENTS
 # Any of the following lines are comments (you have a choice of
@@ -207,6 +191,13 @@ driftfile /var/lib/chrony/drift
 
 ! clientloglimit 4194304
 
+# By default, chronyd tries to respond to all valid NTP requests from
+# allowed addresses.  If you want to limit the response rate for NTP
+# clients that are sending requests too frequently, uncomment and edit
+# the following line.
+
+! limitrate interval 3 burst 8
+
 #######################################################################
 ### REPORTING BIG CLOCK CHANGES
 # Perhaps you want to know if chronyd suddenly detects any large error
@@ -233,6 +224,7 @@ driftfile /var/lib/chrony/drift
 
 # By default chronyd binds to the loopback interface.  Uncomment the
 # following lines to allow receiving command packets from remote hosts.
+
 ! bindcmdaddress 0.0.0.0
 ! bindcmdaddress ::
 
@@ -248,6 +240,11 @@ driftfile /var/lib/chrony/drift
 # syntax and meaning is the same as for 'allow' and 'deny', except that
 # 'cmdallow' and 'cmddeny' control access to the chronyd's command port.
 
+# Rate limiting can be enabled also for command packets.  (Note,
+# commands from localhost are never limited.)
+
+! cmdratelimit interval 1 burst 16
+
 #######################################################################
 ### REAL TIME CLOCK
 # chronyd can characterise the system's real-time clock.  This is the

examples/chrony.keys.example

@@ -1,15 +1,12 @@
 # This is an example chrony keys file.  It is used for NTP authentication with
 # symmetric keys.  It should be readable only by root or the user to which
-# chronyd is configured to switch to.
+# chronyd is configured to switch to after start.
 #
-# Don't use the example keys!  The keys need to be random for maximum security.
-# These shell commands can be used to generate random MD5 and SHA1 keys on
-# systems which have the /dev/urandom device:
-# echo "1 MD5 HEX:$(tr -d -c '[:xdigit:]' < /dev/urandom | head -c 32)"
-# echo "1 SHA1 HEX:$(tr -d -c '[:xdigit:]' < /dev/urandom | head -c 40)"
+# Don't use the example keys!  It's recommended to generate random keys using
+# the chronyc keygen command.
 
 # Examples of valid keys:
 
-#1 ALongAndRandomPassword
-#2 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC
-#3 SHA1 HEX:1DC764E0791B11FA67EFC7ECBC4B0D73F68A070C
+#1 MD5 AVeryLongAndRandomPassword
+#2 MD5 HEX:12114855C7931009B4049EF3EFC48A139C3F989F
+#3 SHA1 HEX:B2159C05D6A219673A3B7E896B6DE07F6A440995