Comment 14 for bug 1867036

Looking into this, it seems the problem is that /usr/lib/systemd/scripts/chronyd-starter.sh expects to be able to check for the cap_sys_time capability by grepping the output of "capsh --print" for "^Current.*cap_sys_time". However, in Focal the output of "capsh --print" for a root process is just "Current: =ep". I suspect this is a linux kernel tools change, as on an eoan system with linux 5.3.0, "sudo capsh --print" has all the capabilities listed in Current:, which is what the starter script expects.

andol's dropin makes capsh output "Current: =ep cap_sys_time+i" which the grep matches so all is fine. Not sure that's the right fix, though. (It would help if I knew what "Current: =ep" is supposed to mean.