Merge ~paelzer/ubuntu/+source/chrony:merge-disco-3.4 into ubuntu/+source/chrony:debian/sid

Proposed by Christian Ehrhardt 
Status: Merged
Merge reported by: Christian Ehrhardt 
Merged at revision: 7985b12f4b9631af536d163775cfcf54585f46ac
Proposed branch: ~paelzer/ubuntu/+source/chrony:merge-disco-3.4
Merge into: ubuntu/+source/chrony:debian/sid
Diff against target: 516 lines (+374/-5)
11 files modified
debian/README.container (+60/-0)
debian/changelog (+193/-0)
debian/chrony.conf (+18/-1)
debian/chrony.default (+4/-0)
debian/chrony.service (+2/-2)
debian/chronyd-starter.sh (+70/-0)
debian/control (+4/-1)
debian/docs (+1/-0)
debian/install (+1/-0)
debian/links (+5/-0)
debian/postrm (+16/-1)
Reviewer Review Type Date Requested Status
Andreas Hasenack Approve
Canonical Server Team Pending
Ubuntu Server Dev import team Pending
Review via email: mp+358631@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Pushed merge tags for review
 * [new tag] lp1802886/deconstruct/3.3-2ubuntu2 -> lp1802886/deconstruct/3.3-2ubuntu2
 * [new tag] lp1802886/logical/3.3-2ubuntu2 -> lp1802886/logical/3.3-2ubuntu2
 * [new tag] lp1802886/new/debian -> lp1802886/new/debian
 * [new tag] lp1802886/old/debian -> lp1802886/old/debian
 * [new tag] lp1802886/old/ubuntu -> lp1802886/old/ubuntu
 * [new tag] lp1802886/reconstruct/3.3-2ubuntu2 -> lp1802886/reconstruct/3.3-2ubuntu2

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Tests on the Bileto ticket fail for Disco not being fully available yet :-/
I'd appreciate a review still as it looks rather normal this time (no huge changes).

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

The pidfile is actually configured - I missed that.
I need to rework it a bit.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Ok, fortunately I just needed to drop two commits to clean that up

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Bileto should work with disco shortly:
<ahasenack> looks like all we need is one package in that ppa built for disco
<xnox> ahasenack, that is fixable.
<xnox> ahasenack, not built =) _copied_
* xnox does that

You might want to upload a ~ppa2 or something to trigger a new run.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Some changelog entries under "remaining changes" have incorrect indentation, namely:
      - debian/chrony.service: allow the service to run without CAP_SYS_TIME
      - debian/control: add new dependency libcap2-bin for capsh (usually
        installed anyway, but make them explicit to be sure).
      - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
        (Default off).
      - debian/chronyd-starter.sh: wrapper to handle special cases in containers
        and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
        containers on a default installation and avoid failing to sync time (or
        if allowed to sync, avoid multiple containers to fight over it by
        accident).
      - debian/install: make chronyd-starter.sh available on install.
      - debian/docs, debian/README.container: provide documentation about the
        handling of this case.

and

      - d/links: link dispatcher script to networkd-dispatcher events routable
        and off
      - d/control: set Recommends to networkd-dispatcher
      - d/p/lp-1718227-nm-dispatcher-for-networkd.patch

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

commit 9a45945013355c5fad351a36cfc0ee17a8ac5882
Author: Christian Ehrhardt <email address hidden>
Date: Thu Mar 15 09:31:48 2018 +0100

    - debian/chronyd-starter.sh: wrapper to handle special cases in containers

That also touched debian/chrony.service.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

In my comment about the indentation of d/changelog, the second "hunk" that starts with "- d/links:...", is correct as it is, indented below "Notify chrony ...". My mistake.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

And I just realized that everything in the first "hunk" of that comment is also related to the parent line, so indentation is also correct. Sorry.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Sorry about the confusing review.

I guess my only comment is about that d/chronyd-starter.sh wrapper commit which forgot to mention chrony.service. I see that in under paelzer/lp1802886/logical/3.3-2ubuntu2 too:

commit bb17fdf9967601d436a73bf93f9b3e72fa67696a
Author: Christian Ehrhardt <email address hidden>
Date: Thu Mar 15 09:31:48 2018 +0100

    - debian/chronyd-starter.sh: wrapper to handle special cases in containers

    Signed-off-by: Christian Ehrhardt <email address hidden>

No big deal, though.

Logical, drops, and added change are good. delta carried forward as expected. Would be cool to see a new dep8 run after bileto was fixed today to work with disco (hopefully).

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

The indents are meant that way.
It is not meant to me misread as you did only to then realize it is right.
That means my CL is bad, so I replaced the - with a + to make clear that it is intentionally an extra level.
Thanks for the catch

Updated the commit message on 9a4594 (changelog was ok)

I'll use the fixed thing for a new bileto upload.
If it works fine, otherwise I might go on still.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Tests are good now: https://bileto.ubuntu.com/excuses/3512/disco.html

So we are complete, I'll upload

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/README.container b/debian/README.container
2new file mode 100644
3index 0000000..16f2618
4--- /dev/null
5+++ b/debian/README.container
6@@ -0,0 +1,60 @@
7+Chrony in Containers
8+--------------------
9+
10+Currently in in 99.9+% of the cases syncing the local clock in a container
11+is wrong. Most of the time it will be unable to do so, because it is lacking
12+CAP_SYS_TIME. Or worse, if the CAP_SYS_TIME privilege is granted, multiple
13+containers could fight over the system's time, because the Linux kernel does
14+not provide time namespaces (yet).
15+
16+There are two things a user installing chrony usually wants:
17+1. synchronize my time (NTP client)
18+2. serve NTP (NTP server)
19+
20+In a container the first makes (usually) no sense, so by default we enable -x
21+there (as it would only crash otherwise).
22+This will disable the control of the system clock.
23+See `man chronyd` for more details on the -x option.
24+
25+Formerly, the check for Condition=CAP_SYS_TIME in the systemd service avoided
26+the crash of the NTP client portion, but that means the server use case will
27+not work by default in containers. It is still not recommended to use a
28+container as an NTP server, but if the host clock is synchronised via NTP,
29+adding the -x option to chronyd instances running in containers will allow
30+them to function as NTP servers which do not adjust the system clock.
31+The Condition=CAP_SYS_TIME check was a silent, no-log-entry stealing away
32+leaving users often unclear what happened - especially if they were more after
33+the NTP server than the NTP client.
34+
35+One could argue that someone who installs chrony expects the system time to be
36+synchronised, so it should fail if it is not able to do so. On the other hand
37+it could be argued that someone who installs chrony expects time to be served
38+over the network via NTP.
39+We can't know which expectation is applicable, so we assume that time should
40+be synchronised unless chronyd is running in a container (or is without
41+CAP_SYS_TIME in any other environment).
42+
43+To make things worse recent container implementations will offer CAP_SYS_TIME
44+to the container. Since from the container's point of view, this capability is
45+available for the container's user namespace. Just later on adjtimex and similar
46+are actually evaluated against the host kernel where they will fail. Due to
47+that without further precaution running chrony in Ubuntu in the future will
48+likely have the service start (as Condition=CAP_SYS_TIME will be true) but
49+then immediately fail.
50+This will depend on the environment e.g. versions and types of containers and
51+thereby feel just 'unreliable' from users point of view.
52+Furthermore it will affect upgrades as the service has to be restarted for a
53+package upgrade to be considered complete.
54+
55+Due to all of that Ubuntu decided (LP: #1589780) to default to -x (do not
56+set the system clock) in containers.
57+
58+If one really wants to (try to) sync time in a container or CAP_SYS_TIME-less
59+environment set SYNC_IN_CONTAINER="yes" in /etc/default/chrony to disable
60+this special handling.
61+
62+It is important to mention that as soon as upstream provides a way to provide
63+a default config working in those cases Ubuntu intends to use that and drop
64+the current workaround.
65+
66+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 16 Mar 2018 12:25:44 +0100
67diff --git a/debian/changelog b/debian/changelog
68index 513307a..2ea28a0 100644
69--- a/debian/changelog
70+++ b/debian/changelog
71@@ -1,3 +1,45 @@
72+chrony (3.4-1ubuntu1) disco; urgency=medium
73+
74+ * Merge with Debian unstable (LP: #1802886). Remaining changes:
75+ - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
76+ - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780)
77+ Chrony is a single service which acts as both NTP client (i.e. syncing the
78+ local clock) and NTP server (i.e. providing NTP services to the network),
79+ and that is both desired and expected in the vast majority of cases.
80+ But in containers syncing the local clock is usually impossible, but this
81+ shall not break the providing of NTP services to the network.
82+ To some extent this makes chrony's default config more similar to 'ntpd',
83+ which complained in syslog but still provided NTP server service in those
84+ cases.
85+ - debian/chrony.service: allow the service to run without CAP_SYS_TIME
86+ - debian/control: add new dependency libcap2-bin for capsh (usually
87+ installed anyway, but make them explicit to be sure).
88+ - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
89+ (Default off).
90+ - debian/chronyd-starter.sh: wrapper to handle special cases in containers
91+ and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
92+ containers on a default installation and avoid failing to sync time (or
93+ if allowed to sync, avoid multiple containers to fight over it by
94+ accident).
95+ - debian/install: make chronyd-starter.sh available on install.
96+ - debian/docs, debian/README.container: provide documentation about the
97+ handling of this case.
98+ - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357)
99+ - Notify chrony to update sources in response to systemd-networkd
100+ events (LP: 1718227)
101+ - d/links: link dispatcher script to networkd-dispatcher events routable
102+ and off
103+ - d/control: set Recommends to networkd-dispatcher
104+ * Dropped Changes (upstream):
105+ - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
106+ - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting
107+ the service on newer kernels by falling back to urandom. (LP: 1787366)
108+ * Added Changes:
109+ - d/postrm: respect policy-rc.d when restoring systemd-timesyncd
110+ (LP: #1771994)
111+
112+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 12 Nov 2018 11:39:08 +0100
113+
114 chrony (3.4-1) unstable; urgency=medium
115
116 * Import upstream version 3.4:
117@@ -74,6 +116,66 @@ chrony (3.3-3) unstable; urgency=medium
118
119 -- Vincent Blut <vincent.debian@free.fr> Sat, 18 Aug 2018 16:23:19 +0200
120
121+chrony (3.3-2ubuntu2) cosmic; urgency=medium
122+
123+ * - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting
124+ the service on newer kernels by falling back to urandom.
125+ (LP: #1787366, Closes: #906276)
126+
127+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 16 Aug 2018 11:48:38 +0200
128+
129+chrony (3.3-2ubuntu1) cosmic; urgency=medium
130+
131+ * Merge with Debian unstable (LP: #1771061). Remaining changes:
132+ - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
133+ - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780)
134+ Chrony is a single service which acts as both NTP client (i.e. syncing the
135+ local clock) and NTP server (i.e. providing NTP services to the network),
136+ and that is both desired and expected in the vast majority of cases.
137+ But in containers syncing the local clock is usually impossible, but this
138+ shall not break the providing of NTP services to the network.
139+ To some extent this makes chrony's default config more similar to 'ntpd',
140+ which complained in syslog but still provided NTP server service in those
141+ cases.
142+ - debian/chrony.service: allow the service to run without CAP_SYS_TIME
143+ - debian/control: add new dependency libcap2-bin for capsh (usually
144+ installed anyway, but make them explicit to be sure).
145+ - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
146+ (Default off).
147+ - debian/chronyd-starter.sh: wrapper to handle special cases in containers
148+ and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
149+ containers on a default installation and avoid failing to sync time (or
150+ if allowed to sync, avoid multiple containers to fight over it by
151+ accident).
152+ - debian/install: make chronyd-starter.sh available on install.
153+ - debian/docs, debian/README.container: provide documentation about the
154+ handling of this case.
155+ - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357)
156+ - Notify chrony to update sources in response to systemd-networkd
157+ events (LP: 1718227)
158+ - d/links: link dispatcher script to networkd-dispatcher events routable
159+ and off
160+ - d/control: set Recommends to networkd-dispatcher
161+ - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
162+ * Dropped changes
163+ - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor
164+ (LP: 1751241) (in Debian now)
165+ - debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: 1761327)
166+ (in Debian now)
167+ - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch:
168+ When dropping the root privileges, don't try to keep the CAP_SYS_TIME
169+ capability if the -x option was enabled. This allows chronyd to be
170+ started without the capability (e.g. in containers) and also drop the
171+ root privileges (This is upstream now).
172+ - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch (This is
173+ upstream now).
174+ - d/control: switch to nss instead of tomcrypt (Debian switched to nettle
175+ which is in main, so we can drop this)
176+ * Added changes
177+ - debian/README.container: fix typos
178+
179+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 May 2018 09:06:01 +0200
180+
181 chrony (3.3-2) unstable; urgency=medium
182
183 * debian/chrony.service:
184@@ -129,6 +231,76 @@ chrony (3.2-5) unstable; urgency=medium
185
186 -- Vincent Blut <vincent.debian@free.fr> Wed, 28 Feb 2018 17:31:08 +0100
187
188+chrony (3.2-4ubuntu4) bionic; urgency=medium
189+
190+ * d/postrm: re-establish systemd-timesyncd on removal (LP: #1764357)
191+ * Notify chrony to update sources in response to systemd-networkd
192+ events (LP: #1718227)
193+ - d/links: link dispatcher script to networkd-dispatcher events routable
194+ and off
195+ - d/control: set Recommends to networkd-dispatcher
196+ - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch
197+ - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
198+
199+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Apr 2018 17:04:06 +0200
200+
201+chrony (3.2-4ubuntu3) bionic; urgency=medium
202+
203+ * debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: #1761327)
204+
205+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 05 Apr 2018 09:38:10 +0200
206+
207+chrony (3.2-4ubuntu2) bionic; urgency=medium
208+
209+ * Set -x as default if unable to set time (e.g. in containers) (LP: #1589780)
210+ Chrony is a single service which acts as both NTP client (i.e. syncing the
211+ local clock) and NTP server (i.e. providing NTP services to the network),
212+ and that is both desired and expected in the vast majority of cases.
213+ But in containers syncing the local clock is usually impossible, but this
214+ shall not break the providing of NTP services to the network.
215+ To some extent this makes chrony's default config more similar to 'ntpd',
216+ which complained in syslog but still provided NTP server service in those
217+ cases.
218+ - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch:
219+ When dropping the root privileges, don't try to keep the CAP_SYS_TIME
220+ capability if the -x option was enabled. This allows chronyd to be
221+ started without the capability (e.g. in containers) and also drop the
222+ root privileges.
223+ - debian/chrony.service: allow the service to run without CAP_SYS_TIME
224+ - debian/control: add new dependency libcap2-bin for capsh (usually
225+ installed anyway, but make them explicit to be sure).
226+ - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
227+ (Default off).
228+ - debian/chronyd-starter.sh: wrapper to handle special cases in containers
229+ and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
230+ containers on a default installation and avoid failing to sync time (or
231+ if allowed to sync, avoid multiple containers to fight over it by
232+ accident).
233+ - debian/install: make chronyd-starter.sh available on install.
234+ - debian/docs, debian/README.container: provide documentation about the
235+ handling of this case.
236+ * debian/chrony.conf: update default chrony.conf to not violate the policy
237+ of pool.ntp.org (to use no more than four of their servers) and to provide
238+ more ipv6 capable sources by default (LP: #1754358)
239+
240+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 16 Mar 2018 12:25:44 +0100
241+
242+chrony (3.2-4ubuntu1) bionic; urgency=medium
243+
244+ * Merge with Debian unstable. Remaining changes:
245+ - d/control: switch to nss instead of tomcrypt (nss is in main)
246+ - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
247+ * Dropped changes (in Debian)
248+ - d/chrony.default, d/chrony.service: support /etc/default/chrony
249+ DAEMON_OPTS in systemd environment (LP: 1746081)
250+ - d/chrony.service: properly start after networking (LP: 1746458)
251+ - d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: 1746444)
252+ * Added Changes:
253+ - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor
254+ (LP: #1751241, Closes: #891201)
255+
256+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Feb 2018 14:44:54 +0100
257+
258 chrony (3.2-4) unstable; urgency=medium
259
260 * debian/changelog:
261@@ -195,6 +367,27 @@ chrony (3.2-3) unstable; urgency=medium
262
263 -- Vincent Blut <vincent.debian@free.fr> Wed, 07 Feb 2018 21:27:09 +0100
264
265+chrony (3.2-2ubuntu3) bionic; urgency=medium
266+
267+ * Revert the changes of (LP 1746458) as in the follow on discussion
268+ it became clear that we want it to start early (for example for an
269+ early offset from drift file). iIf needed chrony will later on pick
270+ up that servers are online via retries (augmented by hooks on network
271+ events).
272+
273+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 08 Feb 2018 10:52:30 +0100
274+
275+chrony (3.2-2ubuntu2) bionic; urgency=medium
276+
277+ * d/control: use to nss instead of tomcrypt (in main) (LP: #1744072)
278+ * d/chrony.conf: use ubuntu ntp pool and server (LP: #1744664)
279+ * d/chrony.default, d/chrony.service: support /etc/default/chrony
280+ DAEMON_OPTS in systemd environment (LP: #1746081)
281+ * d/chrony.service: properly start after networking (LP: #1746458)
282+ * d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: #1746444)
283+
284+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 19 Jan 2018 09:45:38 +0100
285+
286 chrony (3.2-2) unstable; urgency=medium
287
288 * Initial AppArmor profile for chronyd. Thanks to Jamie
289diff --git a/debian/chrony.conf b/debian/chrony.conf
290index 6c19767..d5a0b37 100644
291--- a/debian/chrony.conf
292+++ b/debian/chrony.conf
293@@ -1,6 +1,23 @@
294 # Welcome to the chrony configuration file. See chrony.conf(5) for more
295 # information about usuable directives.
296-pool 2.debian.pool.ntp.org iburst
297+
298+# This will use (up to):
299+# - 4 sources from ntp.ubuntu.com which some are ipv6 enabled
300+# - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well
301+# - 1 source from [01].ubuntu.pool.ntp.org each (ipv4 only atm)
302+# This means by default, up to 6 dual-stack and up to 2 additional IPv4-only
303+# sources will be used.
304+# At the same time it retains some protection against one of the entries being
305+# down (compare to just using one of the lines). See (LP: #1754358) for the
306+# discussion.
307+#
308+# About using servers from the NTP Pool Project in general see (LP: #104525).
309+# Approved by Ubuntu Technical Board on 2011-02-08.
310+# See http://www.pool.ntp.org/join.html for more information.
311+pool ntp.ubuntu.com iburst maxsources 4
312+pool 0.ubuntu.pool.ntp.org iburst maxsources 1
313+pool 1.ubuntu.pool.ntp.org iburst maxsources 1
314+pool 2.ubuntu.pool.ntp.org iburst maxsources 2
315
316 # This directive specify the location of the file containing ID/key pairs for
317 # NTP authentication.
318diff --git a/debian/chrony.default b/debian/chrony.default
319index ae79e8a..b523f60 100644
320--- a/debian/chrony.default
321+++ b/debian/chrony.default
322@@ -4,3 +4,7 @@
323
324 # Options to pass to chrony.
325 DAEMON_OPTS=""
326+
327+# Sync systecm clock in containers or without CAP_SYS_TIME (likely to fail)
328+# See /usr/share/doc/chrony/README.container for details.
329+SYNC_IN_CONTAINER="no"
330diff --git a/debian/chrony.service b/debian/chrony.service
331index 3e4451a..bb01a79 100644
332--- a/debian/chrony.service
333+++ b/debian/chrony.service
334@@ -3,13 +3,13 @@ Description=chrony, an NTP client/server
335 Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5)
336 Conflicts=systemd-timesyncd.service openntpd.service ntp.service ntpsec.service
337 After=network.target
338-ConditionCapability=CAP_SYS_TIME
339
340 [Service]
341 Type=forking
342 PIDFile=/run/chronyd.pid
343 EnvironmentFile=-/etc/default/chrony
344-ExecStart=/usr/sbin/chronyd $DAEMON_OPTS
345+# Starter takes care of special cases mostly for containers
346+ExecStart=/usr/lib/systemd/scripts/chronyd-starter.sh $DAEMON_OPTS
347 ExecStartPost=-/usr/lib/chrony/chrony-helper update-daemon
348 PrivateTmp=yes
349 ProtectHome=yes
350diff --git a/debian/chronyd-starter.sh b/debian/chronyd-starter.sh
351new file mode 100755
352index 0000000..c175db5
353--- /dev/null
354+++ b/debian/chronyd-starter.sh
355@@ -0,0 +1,70 @@
356+#!/bin/sh
357+set -ue
358+
359+CONF="/etc/default/chrony"
360+DOC="/usr/share/doc/chrony/README.container"
361+CAP="cap_sys_time"
362+CMD="/usr/sbin/chronyd"
363+# Take any args passed, use none if nothing was specified
364+EFFECTIVE_DAEMON_OPTS=${@:-""}
365+
366+if [ -f "${CONF}" ]; then
367+ . "${CONF}"
368+else
369+ echo "<4>Warning: ${CONF} is missing"
370+fi
371+# take from conffile if available, default to no otherwise
372+EFFECTIVE_SYNC_IN_CONTAINER=${SYNC_IN_CONTAINER:-"no"}
373+
374+if [ ! -x "${CMD}" ]; then
375+ echo "<3>Error: ${CMD} not executable"
376+ # ugly, but works around https://github.com/systemd/systemd/issues/2913
377+ sleep 0.1
378+ exit 1
379+fi
380+
381+# Check if -x is already set manually, don't process further if that is the case
382+X_SET=0
383+while getopts ":x" opt; do
384+ case $opt in
385+ x)
386+ X_SET=1
387+ ;;
388+ esac
389+done
390+
391+if [ ${X_SET} -ne 1 ]; then
392+ # Assume it is not in a container
393+ IS_CONTAINER=0
394+ if [ -x /usr/bin/systemd-detect-virt ]; then
395+ if /usr/bin/systemd-detect-virt --quiet --container; then
396+ IS_CONTAINER=1
397+ fi
398+ fi
399+
400+
401+ # Assume it has the cap
402+ HAS_CAP=1
403+ CAPSH="/sbin/capsh"
404+ if [ -x "${CAPSH}" ]; then
405+ ${CAPSH} --print | grep -q "^Current.*${CAP}" || HAS_CAP=0
406+ fi
407+
408+ if [ ${HAS_CAP} -eq 0 ]; then
409+ echo "<4>Warning: Missing ${CAP}, syncing the system clock will fail"
410+ fi
411+ if [ ${IS_CONTAINER} -eq 1 ]; then
412+ echo "<4>Warning: Running in a container, likely impossible and unintended to sync system clock"
413+ fi
414+
415+ if [ ${HAS_CAP} -eq 0 -o ${IS_CONTAINER} -eq 1 ]; then
416+ if [ "${EFFECTIVE_SYNC_IN_CONTAINER}" != "yes" ]; then
417+ echo "<5>Adding -x as fallback disabling control of the system clock, see ${DOC} to override this behavior"
418+ EFFECTIVE_DAEMON_OPTS="${EFFECTIVE_DAEMON_OPTS} -x"
419+ else
420+ echo "<5>Not falling back to disable control of the system clock, see ${DOC} to change this behavior"
421+ fi
422+ fi
423+fi
424+
425+${CMD} ${EFFECTIVE_DAEMON_OPTS}
426diff --git a/debian/control b/debian/control
427index a35df2d..c740cc9 100644
428--- a/debian/control
429+++ b/debian/control
430@@ -1,7 +1,8 @@
431 Source: chrony
432 Section: net
433 Priority: optional
434-Maintainer: Vincent Blut <vincent.debian@free.fr>
435+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
436+XSBC-Original-Maintainer: Vincent Blut <vincent.debian@free.fr>
437 Uploaders: Joachim Wiedorn <joodebian@joonet.de>
438 Standards-Version: 4.2.1
439 Build-Depends: asciidoctor (>= 1.5.3-1~),
440@@ -24,9 +25,11 @@ Architecture: linux-any
441 Depends: adduser,
442 iproute2 [linux-any],
443 lsb-base,
444+ libcap2-bin,
445 ucf,
446 ${misc:Depends},
447 ${shlibs:Depends}
448+Recommends: networkd-dispatcher (>= 1.7-0ubuntu3)
449 Suggests: dnsutils
450 Conflicts: ntp,
451 time-daemon
452diff --git a/debian/docs b/debian/docs
453index e12f653..3bfc9dc 100644
454--- a/debian/docs
455+++ b/debian/docs
456@@ -1,3 +1,4 @@
457 FAQ
458 NEWS
459 README
460+debian/README.container
461diff --git a/debian/install b/debian/install
462index db2e305..abaa2f3 100644
463--- a/debian/install
464+++ b/debian/install
465@@ -2,3 +2,4 @@ debian/chrony-dnssrv@.* lib/systemd/system
466 debian/chrony-helper usr/lib/chrony
467 debian/chrony.conf usr/share/chrony
468 debian/usr.sbin.chronyd etc/apparmor.d
469+debian/chronyd-starter.sh usr/lib/systemd/scripts/
470diff --git a/debian/links b/debian/links
471new file mode 100644
472index 0000000..71e2c52
473--- /dev/null
474+++ b/debian/links
475@@ -0,0 +1,5 @@
476+# Update sources in response to systemd-networkd events (LP: #1718227).
477+# This is reusing the NetworkManager dispatch script which has no hard
478+# dependency to NetworkManager (not using any of its arguments)
479+etc/NetworkManager/dispatcher.d/20-chrony usr/lib/networkd-dispatcher/routable.d/chrony
480+etc/NetworkManager/dispatcher.d/20-chrony usr/lib/networkd-dispatcher/off.d/chrony
481diff --git a/debian/postrm b/debian/postrm
482index ed3bac1..a5fd9ba 100644
483--- a/debian/postrm
484+++ b/debian/postrm
485@@ -7,6 +7,15 @@ set -e
486
487 # targets: purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear
488
489+restore_timesyncd() {
490+ # on next reboot it would start, but that would leave time
491+ # unsynchronized until then. So as the Conflicts in the service file kill
492+ # systemd-timesyncd re-establish it if it is enabled
493+ if [ "$(systemctl is-enabled systemd-timesyncd 2>/dev/null)" = "enabled" ] ; then
494+ deb-systemd-invoke start systemd-timesyncd
495+ fi
496+}
497+
498 case "$1" in
499 purge)
500 rm -f /var/lib/chrony/*
501@@ -30,9 +39,15 @@ case "$1" in
502 then
503 deluser --quiet --system _chrony > /dev/null 2>&1 || true
504 fi
505+
506+ restore_timesyncd
507+ ;;
508+
509+ remove)
510+ restore_timesyncd
511 ;;
512
513- remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
514+ upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
515
516 ;;
517

Subscribers

People subscribed via source and target branches