{"id":508691,"date":"2025-08-13T03:59:43","date_gmt":"2025-08-13T03:59:43","guid":{"rendered":"https:\/\/www.ninjaone.com\/?post_type=script_hub&p=508691"},"modified":"2025-08-13T03:59:43","modified_gmt":"2025-08-13T03:59:43","slug":"scripts-shell-pour-synchroniser-lheure-dans-linux","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/fr\/script-hub\/scripts-shell-pour-synchroniser-lheure-dans-linux\/","title":{"rendered":"Comment utiliser les scripts Shell pour synchroniser l’heure dans Linux"},"content":{"rendered":"

La synchronisation du temps est une des bases de l’infrastructure informatique moderne. De l’enregistrement pr\u00e9cis \u00e0 la coordination des syst\u00e8mes distribu\u00e9s, en passant par les communications s\u00e9curis\u00e9es, il est essentiel de disposer d’une heure syst\u00e8me coh\u00e9rente entre les serveurs et les terminaux<\/a>. Pour les professionnels de l’informatique et les fournisseurs de services g\u00e9r\u00e9s (MSP), il est essentiel de disposer d’une m\u00e9thode fiable et automatis\u00e9e pour synchroniser l’heure dans Linux<\/strong>. Cet article pr\u00e9sente un script shell efficace con\u00e7u pour synchroniser l’heure en utilisant chronyd<\/code>ou systemd-timesyncd<\/code>, deux services de protocole de temps r\u00e9seau (NTP) largement support\u00e9s sous Linux.<\/p>\n

Contexte<\/h2>\n

De nombreux environnements informatiques, en particulier ceux qui s’appuient sur des plateformes de gestion centralis\u00e9e et d’automatisation comme NinjaOne, exigent une synchronisation temporelle stricte. Les corr\u00e9lations de journaux, les versions de fichiers, les jetons d’authentification et les pistes d’audit d\u00e9pendent tous d’horloges syst\u00e8me pr\u00e9cises. Bien que les services NTP tels que chronyd<\/code>et systemd-timesyncd<\/code>s’en chargent souvent en arri\u00e8re-plan, une mauvaise configuration, des pannes de service ou des incoh\u00e9rences dans l’image du syst\u00e8me peuvent perturber la synchronisation.<\/p>\n

Ce script shell s’attaque directement \u00e0 ces probl\u00e8mes en d\u00e9tectant automatiquement les services de synchronisation disponibles, en s’assurant qu’ils sont correctement configur\u00e9s, en les d\u00e9marrant temporairement si n\u00e9cessaire, en synchronisant l’heure et en \u00e9tablissant des diagnostics d\u00e9taill\u00e9s. Il g\u00e8re \u00e9galement les services de mani\u00e8re fluide, en ramenant les syst\u00e8mes \u00e0 leur \u00e9tat ant\u00e9rieur si les services de synchronisation temporelle ont \u00e9t\u00e9 initialement d\u00e9sactiv\u00e9s.<\/p>\n

Le script\u00a0:<\/h2>\n
#!\/usr\/bin\/env bash\r\n#\r\n# Description: Synchronize the time on Linux using the system's network time server. Expects chrony or systemd-timesyncd to be installed and running.\r\n# By using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n# Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n# Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n# Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n# Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n# Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n# Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n# EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n#\r\n# Minimum OS Architecture Supported: Debian 11 (Bullseye)+, Red Hat Enterprise Linux (RHEL) 8+\r\n#\r\n# Release Notes: Initial Release\r\n#\r\n\r\n# When run directly without testing, the \"__()\" function does nothing.\r\ntest || __() { :; }\r\n\r\ndie() {\r\n    local _ret=\"${2:-1}\"\r\n    echo \"$1\" >&2\r\n    exit \"${_ret}\"\r\n}\r\n\r\nfunction GetChronyConfigFile() {\r\n    local _configFile\r\n    # Check if there is a chrony config folder\r\n    if [[ -d \"\/etc\/chrony\" ]]; then\r\n        # Check if the config file exists\r\n        if [[ -f \"\/etc\/chrony\/chrony.conf\" ]]; then\r\n            _configFile=\"\/etc\/chrony\/chrony.conf\"\r\n        fi\r\n    fi\r\n    # Check if primary default config file exists, this takes precedence over the chrony folder\r\n    if [[ -f \"\/etc\/chrony.conf\" ]]; then\r\n        _configFile=\"\/etc\/chrony.conf\"\r\n    fi\r\n    # Get the system's default config file for chronyd\r\n    _chronySystemDefaultConfigFile=$(\r\n        # Get man page for chronyd\r\n        # Looking for a line containing this \"The compiled-in default value is \/etc\/chrony\/chrony.conf.\"\r\n        man chronyd |\r\n            # Get the default config file location\r\n            grep \/chrony.conf | grep default |\r\n            # Get the last item in the line\r\n            awk '{print $NF}' |\r\n            # Remove the trailing period\r\n            sed 's\/\\.$\/\/'\r\n    )\r\n    # Check if the config file exists\r\n    if [[ -f \"$_chronySystemDefaultConfigFile\" ]]; then\r\n        _configFile=\"$_chronySystemDefaultConfigFile\"\r\n    fi\r\n\r\n    # Validate that the config file exists\r\n    if [[ -n \"${_configFile}\" && -f \"$_configFile\" ]]; then\r\n        echo \"$_configFile\"\r\n    else\r\n        echo \"[Error] No chrony config file found\"\r\n        exit 1\r\n    fi\r\n}\r\n\r\nfunction GetNtpPoolServers() {\r\n    local -a _configFiles\r\n    local -a _pools\r\n    local -a _servers\r\n    local -a _timedatectlConfigFiles\r\n    _timedatectlConfigFiles=(\r\n        # Last take precedence over previous ones\r\n        \"\/usr\/lib\/systemd\/timesyncd.conf.d\"\r\n        \"\/usr\/local\/lib\/systemd\/timesyncd.conf.d\"\r\n        \"\/run\/systemd\/timesyncd.conf.d\"\r\n        \"\/etc\/systemd\/timesyncd.conf.d\"\r\n        \"\/usr\/lib\/systemd\/timesyncd.conf\"\r\n        \"\/usr\/local\/lib\/systemd\/timesyncd.conf\"\r\n        \"\/run\/systemd\/timesyncd.conf\"\r\n        \"\/etc\/systemd\/timesyncd.conf\"\r\n    )\r\n    # Get the NTP pool servers for the specified region\r\n\r\n    echo \"[Info] Getting NTP pools and servers\"\r\n    if command -v chronyc &>\/dev\/null; then\r\n        # Get the NTP pool servers for chrony\r\n        if [[ -f \"${_chronyConfigFile}\" ]]; then\r\n            _pools+=$(grep -E \"^pool\" \"${_chronyConfigFile}\" | awk '{print $2}' | sort -u)\r\n            _servers+=$(grep -E \"^server\" \"${_chronyConfigFile}\" | awk '{print $2}' | sort -u)\r\n        fi\r\n    elif command -v timedatectl &>\/dev\/null; then\r\n        # Get the NTP pool servers for systemd-timesyncd\r\n        for configFile in \"${_timedatectlConfigFiles[@]}\"; do\r\n            if [[ -d \"$configFile\" ]]; then\r\n                # If the config file is a directory, check for .conf files inside it\r\n                for confFile in \"$configFile\"\/*.conf; do\r\n                    if [[ -f \"$confFile\" ]]; then\r\n                        # Append the contents of the .conf file to the list of config files\r\n                        _pools+=$(grep -E \"^NTP=\" \"$configFile\" | awk -F '=' '{print $2}' | sort -u)\r\n                        _pools+=$(grep -E \"^FallbackNTP=\" \"$configFile\" | awk -F '=' '{print $2}' | sort -u)\r\n                    fi\r\n                done\r\n            elif [[ -f \"$configFile\" ]]; then\r\n                _pools+=$(grep -E \"^NTP=\" \"$configFile\" | awk -F '=' '{print $2}' | sort -u)\r\n                _pools+=$(grep -E \"^FallbackNTP=\" \"$configFile\" | awk -F '=' '{print $2}' | sort -u)\r\n            fi\r\n        done\r\n    else\r\n        echo \"[Error] chronyc or timedatectl not found\"\r\n        exit 1\r\n    fi\r\n\r\n    # Return the list of NTP pools and servers\r\n    if [[ -n \"${_pools}\" ]]; then\r\n        echo \"[Info] NTP pools:\"\r\n        echo \"$_pools\"\r\n    fi\r\n    if [[ -n \"${_servers}\" ]]; then\r\n        echo \"[Info] NTP servers:\"\r\n        echo \"$_servers\"\r\n    fi\r\n    if [[ -z \"${_pools}\" && -z \"${_servers}\" ]]; then\r\n        # If no pools or servers were found\r\n        echo \"[Info] Distribution's default NTP servers are being used.\"\r\n    fi\r\n}\r\n\r\nfunction GetNtpConfiguration() {\r\n\r\n    # Get the NTP configuration for the specified region\r\n\r\n    if command -v chronyc &>\/dev\/null; then\r\n        echo \"[Info] NTP configuration:\"\r\n        if ! [[ -f \"$_chronyConfigFile\" ]]; then\r\n            _chronyConfigFile=\"$(GetChronyConfigFile)\"\r\n        fi\r\n\r\n        # Get the NTP configuration for chrony\r\n        grep -E \"^server|^pool\" \"${_chronyConfigFile}\" 2>\/dev\/null\r\n        if [[ -f \"${_chronyConfigFile}\" ]]; then\r\n            grep -E \"^sourcedir\" \"${_chronyConfigFile}\" 2>\/dev\/null | awk '{print $2}' | while read -r _dir; do\r\n                if [[ -d \"$_dir\" ]]; then\r\n                    for confFile in \"$_dir\"\/*.conf; do\r\n                        # Check if the file exists before grepping\r\n                        if [[ -f \"$confFile\" ]]; then\r\n                            grep -E \"^server|^pool\" <\"$confFile\" 2>\/dev\/null\r\n                        fi\r\n                    done\r\n                fi\r\n            done\r\n            grep -E \"^confdir\" \"${_chronyConfigFile}\" 2>\/dev\/null | awk '{print $2}' | while read -r _dir; do\r\n                if [[ -d \"$_dir\" ]]; then\r\n                    for confFile in \"$_dir\"\/*.conf; do\r\n                        # Check if the file exists before grepping\r\n                        if [[ -f \"$confFile\" ]]; then\r\n                            grep -E \"^server|^pool\" <\"$confFile\" 2>\/dev\/null\r\n                        fi\r\n                    done\r\n                fi\r\n            done\r\n        fi\r\n    elif command -v timedatectl &>\/dev\/null; then\r\n        # Get the NTP configuration for systemd-timesyncd\r\n        if ((\"$(timedatectl --version | grep systemd | awk '{print $2}')\" >= 239)); then # Try to get the NTP configuration\r\n            echo \"[Info] NTP configuration:\"\r\n            timedatectl show-timesync 2>\/dev\/null\r\n        else\r\n            # If it fails then we are running and older version of systemd, then get the status\r\n            echo \"[Warn] systemd version is older than 239, show-timesync is not available.\"\r\n        fi\r\n    else\r\n        echo \"[Error] No NTP configuration found.\"\r\n        exit 1\r\n    fi\r\n}\r\n\r\nfunction IsChronySecurityConfigured() {\r\n    # Check if the keyfile is set in chrony.conf\r\n    if grep -q \"^keyfile\" \"${_chronyConfigFile}\" 2>\/dev\/null; then\r\n        # Check if commandkey is set in chrony.conf\r\n        if grep -q \"^commandkey\" \"${_chronyConfigFile}\" 2>\/dev\/null; then\r\n            echo \"[Info] Keyfile and commandkey are set in ${_chronyConfigFile}\"\r\n            _id=$(grep \"^keyfile\" \"${_chronyConfigFile}\" 2>\/dev\/null | awk '{print $2}')\r\n            _keyfile=$(grep \"^commandkey\" \"${_chronyConfigFile}\" 2>\/dev\/null | awk '{print $2}')\r\n            # Check if the keyfile exists\r\n            if [[ -f \"$_keyfile\" ]]; then\r\n                # Check if commandkey exists in keyfile\r\n                if grep -q \"^$_id\" \"$_keyfile\"; then\r\n                    # Keyfile exists and commandkey is set\r\n                    return 0\r\n                else\r\n                    # Keyfile exists but commandkey is not set\r\n                    echo \"[Error] Keyfile $_keyfile exists but commandkey $_id is not set in it\"\r\n                    return 1\r\n                fi\r\n            else\r\n                # Keyfile does not exist\r\n                echo \"[Error] Keyfile $_keyfile does not exist\"\r\n                return 1\r\n            fi\r\n        else\r\n            # Keyfile is set but commandkey is not set\r\n            return 1\r\n        fi\r\n    else\r\n        # Keyfile is not set\r\n        return 1\r\n    fi\r\n}\r\n\r\n__ begin __\r\n\r\n# Check if the script is being run as root. If not, exit with an error message.\r\nif [[ $(id -u) -ne 0 ]]; then\r\n    die \"[Error] This script must be run with root permissions. Try running it with sudo or as the system\/root user.\" 1\r\nfi\r\n\r\n_is_enabled=0\r\n_is_active=0\r\n\r\n# Check if time synchronization services are installed\r\nif systemctl list-unit-files | grep -q -E \"(systemd-timesyncd|chronyd).service\"; then\r\n    echo \"[Info] Time synchronization service(s) found:\"\r\n    # Check if systemd-timesyncd or chronyd is running\r\n    while read -r service; do                                          # Read each service name\r\n        if systemctl is-enabled --quiet \"${service}\" 2>\/dev\/null; then # Check if the service is enabled\r\n            echo \"[Info] ${service} is enabled\"\r\n            _is_enabled=1\r\n        else\r\n            echo \"[Info] ${service} is not enabled\"\r\n        fi\r\n        if systemctl is-active --quiet \"${service}\" 2>\/dev\/null; then # Check if the service is active\/running\r\n            echo \"[Info] ${service} is running\"\r\n            _is_active=1\r\n        else\r\n            echo \"[Info] ${service} is not running\"\r\n        fi\r\n    done < <(\r\n        systemctl list-unit-files |                         # List all unit files\r\n            grep -E \"(systemd-timesyncd|chronyd).service\" | # Filter for systemd-timesyncd or chronyd\r\n            awk '{print $1}'                                # Get the first column (service name)\r\n    )\r\n    _service_name=$(systemctl list-unit-files | grep -E \"(systemd-timesyncd|chronyd).service\" | awk '{print $1}')\r\n    if [[ -z \"${_service_name}\" ]] && [[ $_is_enabled -eq 0 ]] && [[ \"${_is_active}\" -eq 0 ]]; then\r\n        die \"[Error] No time synchronization service found. Please install systemd-timesyncd, or chrony.\" 1\r\n    fi\r\n    if [[ \"${_is_active}\" -eq 0 ]]; then\r\n        echo \"[Info] Time synchronization service is not running. Will start it now, sync it, and stop it after.\"\r\n        # Start the service\r\n        if [[ \"${_service_name}\" == *\"chronyd\"* ]]; then\r\n            # If chronyd is available, start it as it takes precedence over systemd-timesyncd\r\n            # Start chronyd\r\n            echo \"[Info] Starting time synchronization service: chronyd\"\r\n            systemctl start chronyd.service 2>\/dev\/null || die \"[Error] Failed to start chronyd service\" 1\r\n            sleep 2\r\n        elif [[ \"${_service_name}\" == *\"systemd-timesyncd\"* ]]; then\r\n            # chronyd is not available, so we will use systemd-timesyncd\r\n            # Start systemd-timesyncd\r\n            echo \"[Info] Starting time synchronization service: systemd-timesyncd\"\r\n            systemctl start systemd-timesyncd.service 2>\/dev\/null || die \"[Error] Failed to start systemd-timesyncd service\" 1\r\n            sleep 2\r\n        else\r\n            # If neither chronyd nor systemd-timesyncd is available, exit with an error\r\n            die \"[Error] No time synchronization service found. Please install systemd-timesyncd, or chrony.\" 1\r\n        fi\r\n    fi\r\nelse\r\n    die \"[Error] No time synchronization service found. Please install systemd-timesyncd, or chrony.\" 1\r\nfi\r\n\r\n_shouldError=0\r\n\r\n# Sync time now\r\necho \"[Info] Syncing time now\"\r\nif command -v chronyc &>\/dev\/null; then\r\n    # Check if keyfile is set in chrony.conf\r\n    if IsChronySecurityConfigured; then\r\n        # Use chronyc to sync time\r\n        echo \"[Info] Syncing time using chronyc with keyfile in ${_chronyConfigFile}\"\r\n        if [[ \"$(chronyc -a makestep 2>\/dev\/null)\" == *\"OK\"* ]]; then\r\n            echo \"[Info] Time syncing\"\r\n        else\r\n            echo \"[Error] Failed to sync time using chronyc\"\r\n            _shouldError=1\r\n        fi\r\n    else\r\n        # Sync time using chronyc\r\n        echo \"[Info] Syncing time using chronyc\"\r\n        if [[ \"$(chronyc makestep 2>\/dev\/null)\" == *\"OK\"* ]]; then\r\n            echo \"[Info] Time syncing\"\r\n        else\r\n            echo \"[Error] Failed to sync time using chronyc\"\r\n            _shouldError=1\r\n        fi\r\n    fi\r\n\r\n    # Verify that time is synced if we had no errors\r\n    if ((_shouldError == 0)); then\r\n        # Sleep for 5 seconds to allow some time to sync after restarting chronyd\r\n        sleep 5\r\n\r\n        # Check if time is synced with chronyc tracking\r\n        case $(chronyc tracking 2>\/dev\/null | grep \"Leap status\") in\r\n        *\"Leap Second\"* | *\"Normal\"*)\r\n            # If the leap status is \"Leap Second\" or \"Normal\", then time is synced\r\n            echo \"[Info] Time synced successfully\"\r\n            ;;\r\n        *\"Insert second\"*)\r\n            # If the leap status is \"Insert second\", then time is being synced\r\n            echo \"[Info] Chrony is in the process of inserting a second and will be synced over time to prevent time jumps.\"\r\n            ;;\r\n        *\"Delete second\"*)\r\n            # If the leap status is \"Delete second\", then time is being synced\r\n            echo \"[Info] Chrony is in the process of deleting a second and will be synced over time to prevent time jumps.\"\r\n            ;;\r\n        *\"Not synchronized\"*)\r\n            # If the leap status is \"Not synchronized\", then time is not synced\r\n            echo \"[Error] Chrony is not synchronized.\"\r\n            _shouldError=1\r\n            ;;\r\n        *\"Unknown\"*)\r\n            # If the leap status is \"Unknown\", then time is not synced\r\n            echo \"[Error] Unknown status from chronyc tracking.\"\r\n            _shouldError=1\r\n            ;;\r\n        *)\r\n            # If the leap status is not recognized, then time is not synced\r\n            echo \"[Error] Failed to get sync status from chronyc\"\r\n            _shouldError=1\r\n            ;;\r\n        esac\r\n\r\n        # Stop chronyd if it was not running before\r\n        if ((_is_active == 0)); then\r\n            sleep 5\r\n            # Get the service name\r\n            _service_name=$(systemctl list-unit-files | grep -E \"chronyd.service\" | awk '{print $1}')\r\n            echo \"[Info] Stopping time synchronization service: ${_service_name}\"\r\n            # Stop the service\r\n            systemctl stop \"$_service_name\" 2>\/dev\/null\r\n        fi\r\n    fi\r\nelif command -v timedatectl &>\/dev\/null; then\r\n    # Sync time using timedatectl\r\n    echo \"[Info] Syncing time using timedatectl\"\r\n    # Restart systemd-timesyncd to force a sync\r\n    if systemctl restart systemd-timesyncd.service 2>\/dev\/null; then\r\n        if timedatectl status 2>\/dev\/null | grep \"synchronized\" | grep -q \"yes\"; then\r\n            echo \"[Info] Time synced successfully\"\r\n        else\r\n            echo \"[Error] Failed to sync time using timedatectl\"\r\n            _shouldError=1\r\n        fi\r\n    else\r\n        echo \"[Error] Failed to sync time using timedatectl\"\r\n        _shouldError=1\r\n    fi\r\n\r\n    # Stop systemd-timesyncd if it was not running before\r\n    if ((_is_active == 0)); then\r\n        sleep 5\r\n        # Get the service name\r\n        _service_name=$(systemctl list-unit-files | grep -E \"systemd-timesyncd.service\" | awk '{print $1}')\r\n        echo \"[Info] Stopping time synchronization service: ${_service_name}\"\r\n        # Stop the service\r\n        systemctl stop \"$_service_name\" 2>\/dev\/null\r\n    fi\r\nelse\r\n    echo \"[Error] No time synchronization service found. Please install systemd-timesyncd, or chrony.\"\r\n    exit 1\r\nfi\r\n\r\necho \"\"\r\n\r\nGetNtpConfiguration\r\nGetNtpPoolServers\r\n\r\nif ((_shouldError == 1)); then\r\n    exit 1\r\nfi\r\n<\/pre>\n
 <\/p>\n\n
Description d\u00e9taill\u00e9e<\/h2>\n
Ce script est structur\u00e9 en plusieurs fonctions et sections pour un contr\u00f4le modulaire et une plus grande clart\u00e9. Voici un aper\u00e7u de ses principaux composants\u00a0:<\/p>\n
1. Contr\u00f4les pr\u00e9alables<\/h3>\n