Mar 27 11:17:47 ld3ubu001t systemd[1]: Starting chrony, an NTP client/server...
Mar 27 11:17:47 ld3ubu001t chronyd-starter.sh[15193]: Warning: Missing cap_sys_time, syncing the system clock will fail
Mar 27 11:17:47 ld3ubu001t chronyd-starter.sh[15193]: Adding -x as fallback disabling control of the system clock, see /usr/shar>
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: chronyd version 3.5 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND >
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: Disabled control of system clock
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: Frequency 0.707 +/- 6.210 ppm read from /var/lib/chrony/chrony.drift
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: Loaded seccomp filter
Mar 27 11:17:47 ld3ubu001t systemd[1]: Started chrony, an NTP client/server.
# dpkg -l chrony
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-============-============-===================================================
ii chrony 3.5-6ubuntu1 amd64 Versatile implementation of the Network Time Protocol
Confirmed on amd64 (vmware vm without docker, lxd, ...)
# systemctl restart chrony system/ chrony. service; enabled; vendor preset: enabled)
man: chronyc( 1)
man: chrony. conf(5) /usr/lib/ systemd/ scripts/ chronyd- starter. sh $DAEMON_OPTS (code=exited, status=0/SUCCESS) /usr/lib/ chrony/ chrony- helper update-daemon (code=exited, status=0/SUCCESS) slice/chrony. service
├ ─15209 /usr/sbin/chronyd -F -1 -4 -x
└ ─15210 /usr/sbin/chronyd -F -1 -4 -x
# systemctl status chrony
● chrony.service - chrony, an NTP client/server
Loaded: loaded (/lib/systemd/
Active: active (running) since Fri 2020-03-27 11:17:47 CET; 1s ago
Docs: man:chronyd(8)
Process: 15193 ExecStart=
Process: 15213 ExecStartPost=
Main PID: 15209 (chronyd)
Tasks: 2 (limit: 2249)
Memory: 1.7M
CGroup: /system.
Mar 27 11:17:47 ld3ubu001t systemd[1]: Starting chrony, an NTP client/server... starter. sh[15193] : Warning: Missing cap_sys_time, syncing the system clock will fail starter. sh[15193] : Adding -x as fallback disabling control of the system clock, see /usr/shar> chrony/ chrony. drift
Mar 27 11:17:47 ld3ubu001t chronyd-
Mar 27 11:17:47 ld3ubu001t chronyd-
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: chronyd version 3.5 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND >
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: Disabled control of system clock
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: Frequency 0.707 +/- 6.210 ppm read from /var/lib/
Mar 27 11:17:47 ld3ubu001t chronyd[15209]: Loaded seccomp filter
Mar 27 11:17:47 ld3ubu001t systemd[1]: Started chrony, an NTP client/server.
# dpkg -l chrony Unknown/ Install/ Remove/ Purge/Hold Not/Inst/ Conf-files/ Unpacked/ halF-conf/ Half-inst/ trig-aWait/ Trig-pend /Reinst- required (Status,Err: uppercase=bad) ======= ====-== ======= ===-=== ======= ==-==== ======= ======= ======= ======= ======= ======= =====
Desired=
| Status=
|/ Err?=(none)
||/ Name Version Architecture Description
+++-===
ii chrony 3.5-6ubuntu1 amd64 Versatile implementation of the Network Time Protocol
# pscap -a |grep chrony
1 15209 _chrony chronyd net_bind_service +
15209 15210 _chrony chronyd net_bind_service +
# cat /etc/apparmor. d/usr.sbin. chronyd | grep capa
capability sys_time,
capability net_bind_service,
capability setuid,
capability setgid,
capability sys_nice,
capability sys_resource,
capability chown,
capability net_admin,