Ubuntu
chrony package

Merge ~paelzer/ubuntu/+source/chrony:merge-eoan-3.4-4 into ubuntu/+source/chrony:debian/sid

  1. Git
  2. lp:~paelzer/ubuntu/+source/chrony
  3. merge-eoan-3.4-4
  4. Merge into debian/sid
Proposed by Christian Ehrhardt 
Status: Merged
Approved by: Christian Ehrhardt 
Approved revision: cb8fe9c6e7f13c0a1e6ebb6a37451f61f76bc273
Merge reported by: Christian Ehrhardt 
Merged at revision: cb8fe9c6e7f13c0a1e6ebb6a37451f61f76bc273
Proposed branch: ~paelzer/ubuntu/+source/chrony:merge-eoan-3.4-4
Merge into: ubuntu/+source/chrony:debian/sid
Diff against target: 629 lines (+410/-78)
11 files modified
debian/README.container (+60/-0)
debian/changelog (+235/-0)
debian/chrony.conf (+18/-1)
debian/chrony.default (+4/-0)
debian/chrony.service (+2/-2)
debian/chronyd-starter.sh (+70/-0)
debian/control (+3/-1)
debian/docs (+1/-0)
debian/install (+1/-0)
debian/postrm (+16/-1)
dev/null (+0/-73)
Reviewer Review Type Date Requested Status
Andreas Hasenack Approve
Canonical Server Pending
git-ubuntu developers Pending
Review via email: mp+367401@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

PPA: https://launchpad.net/~paelzer/+archive/ubuntu/merge-chrony-eoan-3.4-4

Replacing ours delta for networkd-dispatcher:
8f52063b d/control: Suggest networkd-dispatcher
=> We had used Recommends, but I think we can also work with a suggests as it is a rare case to even be a problem.
18fde15f Update sources in response to systemd-networkd events (LP: #1718227).
=> Taken from us as-is

We can drop those this time.

Minor typo in SYNC_IN_CONTAINER comment fixed.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Usual tags for review:
 * [new tag] lp1828992/logical/3.4-1ubuntu1 -> lp1828992/logical/3.4-1ubuntu1
 * [new tag] lp1828992/new/debian -> lp1828992/new/debian
 * [new tag] lp1828992/old/debian -> lp1828992/old/debian
 * [new tag] lp1828992/old/ubuntu -> lp1828992/old/ubuntu
 * [new tag] lp1828992/reconstruct/3.4-1ubuntu1 -> lp1828992/reconstruct/3.4-1ubuntu1
 * [new tag] lp1828992/split/3.4-1ubuntu1 -> lp1828992/split/3.4-1ubuntu1

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Fixed the install/remove/install issue in the MP

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI: Debian compatible delta submitted in https://salsa.debian.org/debian/chrony/merge_requests/1

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Do we expect trouble with the "Enable the system call filter by default" change? The NEWS file mentions the daemon won't be able to email anymore.

review: Needs Information
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Delta changes accounted for
d/changelog correct
closing merge bug
other debian changes don't seem to interact badly with our delta

Just the earlier question about the emailing, if we want to keep that, or maybe detect that it is being used in the chrony config and warn the user perhaps, or even switch the syscall filter off.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

I thought it is a nice change for security, the potential issue with mail-on-change is known.

The suggestion of an auto-catch is interesting.
We'd only do so on the version switch this is at not anymore later.
So it is not relevant for Debian as they already have this in the archive.
We OTOH could drop it post 20.04 so it would be no very long standing delta.

And isn't the lesson learned that modifying conffiles (chrony.conf and default/chrony are conffiles - from the postinst is always error prone.

And if we only want to detect+warn since changing is often worse than doing nothing then we are right at the same place as we are with the NEWS file already (which is shown to the user if he cares).

After the following:
 61 # We change a TMP file to leave non conffiles unmodified, but also UCF working
 62 tmp=$(mktemp)
 63 cp /usr/share/chrony/chrony.conf "$tmp"
 64 if [ -n "$2" ] && dpkg --compare-versions "$2" lt "3.4-4ubuntu1"; then
 65 if grep -q '^ *mailonchange' /etc/chrony/chrony.conf
 66 # TODO also need md5 check like mailman-2.1.16/debian/postinst
 67 echo "Warning: mailonchange configured, not enabling seccomp filter'" >&2
 68 if ! sed -e 's/^DAEMON_OPTS="-F -1"/DAEMON_OPTS="-F -0"/' debian/chrony.default
 69 echo "Warning: Failed disabling seccomp filter, please see NEWS file'" >&2
 70 fi
 71 fi
 72 fi

I gave up and decided it might be too much complexity for too rare of a case and potentially more harm than gain.

TL;DR: no lets keep the seccomp/mailonchange as it comes from Debian

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

ok, +1

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks you - tag pushed and uploaded to Eoan

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

This migrated -> merged

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/README.container b/debian/README.container
0new file mode 1006440new file mode 100644
index 0000000..16f2618
--- /dev/null
+++ b/debian/README.container
@@ -0,0 +1,60 @@
1Chrony in Containers
2--------------------
3
4Currently in in 99.9+% of the cases syncing the local clock in a container
5is wrong. Most of the time it will be unable to do so, because it is lacking
6CAP_SYS_TIME. Or worse, if the CAP_SYS_TIME privilege is granted, multiple
7containers could fight over the system's time, because the Linux kernel does
8not provide time namespaces (yet).
9
10There are two things a user installing chrony usually wants:
111. synchronize my time (NTP client)
122. serve NTP (NTP server)
13
14In a container the first makes (usually) no sense, so by default we enable -x
15there (as it would only crash otherwise).
16This will disable the control of the system clock.
17See `man chronyd` for more details on the -x option.
18
19Formerly, the check for Condition=CAP_SYS_TIME in the systemd service avoided
20the crash of the NTP client portion, but that means the server use case will
21not work by default in containers. It is still not recommended to use a
22container as an NTP server, but if the host clock is synchronised via NTP,
23adding the -x option to chronyd instances running in containers will allow
24them to function as NTP servers which do not adjust the system clock.
25The Condition=CAP_SYS_TIME check was a silent, no-log-entry stealing away
26leaving users often unclear what happened - especially if they were more after
27the NTP server than the NTP client.
28
29One could argue that someone who installs chrony expects the system time to be
30synchronised, so it should fail if it is not able to do so. On the other hand
31it could be argued that someone who installs chrony expects time to be served
32over the network via NTP.
33We can't know which expectation is applicable, so we assume that time should
34be synchronised unless chronyd is running in a container (or is without
35CAP_SYS_TIME in any other environment).
36
37To make things worse recent container implementations will offer CAP_SYS_TIME
38to the container. Since from the container's point of view, this capability is
39available for the container's user namespace. Just later on adjtimex and similar
40are actually evaluated against the host kernel where they will fail. Due to
41that without further precaution running chrony in Ubuntu in the future will
42likely have the service start (as Condition=CAP_SYS_TIME will be true) but
43then immediately fail.
44This will depend on the environment e.g. versions and types of containers and
45thereby feel just 'unreliable' from users point of view.
46Furthermore it will affect upgrades as the service has to be restarted for a
47package upgrade to be considered complete.
48
49Due to all of that Ubuntu decided (LP: #1589780) to default to -x (do not
50set the system clock) in containers.
51
52If one really wants to (try to) sync time in a container or CAP_SYS_TIME-less
53environment set SYNC_IN_CONTAINER="yes" in /etc/default/chrony to disable
54this special handling.
55
56It is important to mention that as soon as upstream provides a way to provide
57a default config working in those cases Ubuntu intends to use that and drop
58the current workaround.
59
60 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 16 Mar 2018 12:25:44 +0100
diff --git a/debian/changelog b/debian/changelog
index 8f8c9a4..f3070be 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,45 @@
1chrony (3.4-4ubuntu1) eoan; urgency=medium
2
3 * Merge with Debian unstable (LP: #1828992). Remaining changes:
4 - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358)
5 - Set -x as default if unable to set time (e.g. in containers) (LP 1589780)
6 Chrony is a single service which acts as both NTP client (i.e. syncing the
7 local clock) and NTP server (i.e. providing NTP services to the network),
8 and that is both desired and expected in the vast majority of cases.
9 But in containers syncing the local clock is usually impossible, but this
10 shall not break the providing of NTP services to the network.
11 To some extent this makes chrony's default config more similar to 'ntpd',
12 which complained in syslog but still provided NTP server service in those
13 cases.
14 + debian/chrony.service: allow the service to run without CAP_SYS_TIME
15 + debian/control: add new dependency libcap2-bin for capsh (usually
16 installed anyway, but make them explicit to be sure).
17 + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
18 (Default off) [fixed a minor typo in the comment in this update]
19 + debian/chronyd-starter.sh: wrapper to handle special cases in containers
20 and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
21 containers on a default installation and avoid failing to sync time (or
22 if allowed to sync, avoid multiple containers to fight over it by
23 accident).
24 + debian/install: make chrony-starter.sh available on install.
25 + debian/docs, debian/README.container: provide documentation about the
26 handling of this case.
27 - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357)
28 - d/postrm: respect policy-rc.d when restoring systemd-timesyncd
29 (LP 1771994)
30 * Added Changes:
31 - removed d/init to avoid weird interactions between sysV and systemd
32 * Dropped Changes:
33 - Notify chrony to update sources in response to systemd-networkd
34 events (LP: 1718227)
35 + d/links: link dispatcher script to networkd-dispatcher events routable
36 and off
37 + d/control: set Recommends to networkd-dispatcher
38 [Those are in Debian, except that we agreed to have networkd-dispatcher
39 to only be a Suggests]
40
41 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 14 May 2019 12:49:30 +0200
42
1chrony (3.4-4) unstable; urgency=medium43chrony (3.4-4) unstable; urgency=medium
244
3 * debian/patches/*:45 * debian/patches/*:
@@ -74,6 +116,48 @@ chrony (3.4-2) unstable; urgency=medium
74116
75 -- Vincent Blut <vincent.debian@free.fr> Wed, 13 Feb 2019 17:08:17 +0100117 -- Vincent Blut <vincent.debian@free.fr> Wed, 13 Feb 2019 17:08:17 +0100
76118
119chrony (3.4-1ubuntu1) disco; urgency=medium
120
121 * Merge with Debian unstable (LP: #1802886). Remaining changes:
122 - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
123 - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780)
124 Chrony is a single service which acts as both NTP client (i.e. syncing the
125 local clock) and NTP server (i.e. providing NTP services to the network),
126 and that is both desired and expected in the vast majority of cases.
127 But in containers syncing the local clock is usually impossible, but this
128 shall not break the providing of NTP services to the network.
129 To some extent this makes chrony's default config more similar to 'ntpd',
130 which complained in syslog but still provided NTP server service in those
131 cases.
132 + debian/chrony.service: allow the service to run without CAP_SYS_TIME
133 + debian/control: add new dependency libcap2-bin for capsh (usually
134 installed anyway, but make them explicit to be sure).
135 + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
136 (Default off).
137 + debian/chronyd-starter.sh: wrapper to handle special cases in containers
138 and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
139 containers on a default installation and avoid failing to sync time (or
140 if allowed to sync, avoid multiple containers to fight over it by
141 accident).
142 + debian/install: make chronyd-starter.sh available on install.
143 + debian/docs, debian/README.container: provide documentation about the
144 handling of this case.
145 - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357)
146 - Notify chrony to update sources in response to systemd-networkd
147 events (LP: 1718227)
148 + d/links: link dispatcher script to networkd-dispatcher events routable
149 and off
150 + d/control: set Recommends to networkd-dispatcher
151 * Dropped Changes (upstream):
152 - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
153 - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting
154 the service on newer kernels by falling back to urandom. (LP: 1787366)
155 * Added Changes:
156 - d/postrm: respect policy-rc.d when restoring systemd-timesyncd
157 (LP: #1771994)
158
159 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 12 Nov 2018 11:39:08 +0100
160
77chrony (3.4-1) unstable; urgency=medium161chrony (3.4-1) unstable; urgency=medium
78162
79 * Import upstream version 3.4:163 * Import upstream version 3.4:
@@ -150,6 +234,66 @@ chrony (3.3-3) unstable; urgency=medium
150234
151 -- Vincent Blut <vincent.debian@free.fr> Sat, 18 Aug 2018 16:23:19 +0200235 -- Vincent Blut <vincent.debian@free.fr> Sat, 18 Aug 2018 16:23:19 +0200
152236
237chrony (3.3-2ubuntu2) cosmic; urgency=medium
238
239 * - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting
240 the service on newer kernels by falling back to urandom.
241 (LP: #1787366, Closes: #906276)
242
243 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 16 Aug 2018 11:48:38 +0200
244
245chrony (3.3-2ubuntu1) cosmic; urgency=medium
246
247 * Merge with Debian unstable (LP: #1771061). Remaining changes:
248 - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
249 - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780)
250 Chrony is a single service which acts as both NTP client (i.e. syncing the
251 local clock) and NTP server (i.e. providing NTP services to the network),
252 and that is both desired and expected in the vast majority of cases.
253 But in containers syncing the local clock is usually impossible, but this
254 shall not break the providing of NTP services to the network.
255 To some extent this makes chrony's default config more similar to 'ntpd',
256 which complained in syslog but still provided NTP server service in those
257 cases.
258 - debian/chrony.service: allow the service to run without CAP_SYS_TIME
259 - debian/control: add new dependency libcap2-bin for capsh (usually
260 installed anyway, but make them explicit to be sure).
261 - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
262 (Default off).
263 - debian/chronyd-starter.sh: wrapper to handle special cases in containers
264 and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
265 containers on a default installation and avoid failing to sync time (or
266 if allowed to sync, avoid multiple containers to fight over it by
267 accident).
268 - debian/install: make chronyd-starter.sh available on install.
269 - debian/docs, debian/README.container: provide documentation about the
270 handling of this case.
271 - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357)
272 - Notify chrony to update sources in response to systemd-networkd
273 events (LP: 1718227)
274 - d/links: link dispatcher script to networkd-dispatcher events routable
275 and off
276 - d/control: set Recommends to networkd-dispatcher
277 - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
278 * Dropped changes
279 - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor
280 (LP: 1751241) (in Debian now)
281 - debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: 1761327)
282 (in Debian now)
283 - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch:
284 When dropping the root privileges, don't try to keep the CAP_SYS_TIME
285 capability if the -x option was enabled. This allows chronyd to be
286 started without the capability (e.g. in containers) and also drop the
287 root privileges (This is upstream now).
288 - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch (This is
289 upstream now).
290 - d/control: switch to nss instead of tomcrypt (Debian switched to nettle
291 which is in main, so we can drop this)
292 * Added changes
293 - debian/README.container: fix typos
294
295 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 May 2018 09:06:01 +0200
296
153chrony (3.3-2) unstable; urgency=medium297chrony (3.3-2) unstable; urgency=medium
154298
155 * debian/chrony.service:299 * debian/chrony.service:
@@ -205,6 +349,76 @@ chrony (3.2-5) unstable; urgency=medium
205349
206 -- Vincent Blut <vincent.debian@free.fr> Wed, 28 Feb 2018 17:31:08 +0100350 -- Vincent Blut <vincent.debian@free.fr> Wed, 28 Feb 2018 17:31:08 +0100
207351
352chrony (3.2-4ubuntu4) bionic; urgency=medium
353
354 * d/postrm: re-establish systemd-timesyncd on removal (LP: #1764357)
355 * Notify chrony to update sources in response to systemd-networkd
356 events (LP: #1718227)
357 - d/links: link dispatcher script to networkd-dispatcher events routable
358 and off
359 - d/control: set Recommends to networkd-dispatcher
360 - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch
361 - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
362
363 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Apr 2018 17:04:06 +0200
364
365chrony (3.2-4ubuntu3) bionic; urgency=medium
366
367 * debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: #1761327)
368
369 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 05 Apr 2018 09:38:10 +0200
370
371chrony (3.2-4ubuntu2) bionic; urgency=medium
372
373 * Set -x as default if unable to set time (e.g. in containers) (LP: #1589780)
374 Chrony is a single service which acts as both NTP client (i.e. syncing the
375 local clock) and NTP server (i.e. providing NTP services to the network),
376 and that is both desired and expected in the vast majority of cases.
377 But in containers syncing the local clock is usually impossible, but this
378 shall not break the providing of NTP services to the network.
379 To some extent this makes chrony's default config more similar to 'ntpd',
380 which complained in syslog but still provided NTP server service in those
381 cases.
382 - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch:
383 When dropping the root privileges, don't try to keep the CAP_SYS_TIME
384 capability if the -x option was enabled. This allows chronyd to be
385 started without the capability (e.g. in containers) and also drop the
386 root privileges.
387 - debian/chrony.service: allow the service to run without CAP_SYS_TIME
388 - debian/control: add new dependency libcap2-bin for capsh (usually
389 installed anyway, but make them explicit to be sure).
390 - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
391 (Default off).
392 - debian/chronyd-starter.sh: wrapper to handle special cases in containers
393 and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
394 containers on a default installation and avoid failing to sync time (or
395 if allowed to sync, avoid multiple containers to fight over it by
396 accident).
397 - debian/install: make chronyd-starter.sh available on install.
398 - debian/docs, debian/README.container: provide documentation about the
399 handling of this case.
400 * debian/chrony.conf: update default chrony.conf to not violate the policy
401 of pool.ntp.org (to use no more than four of their servers) and to provide
402 more ipv6 capable sources by default (LP: #1754358)
403
404 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 16 Mar 2018 12:25:44 +0100
405
406chrony (3.2-4ubuntu1) bionic; urgency=medium
407
408 * Merge with Debian unstable. Remaining changes:
409 - d/control: switch to nss instead of tomcrypt (nss is in main)
410 - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
411 * Dropped changes (in Debian)
412 - d/chrony.default, d/chrony.service: support /etc/default/chrony
413 DAEMON_OPTS in systemd environment (LP: 1746081)
414 - d/chrony.service: properly start after networking (LP: 1746458)
415 - d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: 1746444)
416 * Added Changes:
417 - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor
418 (LP: #1751241, Closes: #891201)
419
420 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Feb 2018 14:44:54 +0100
421
208chrony (3.2-4) unstable; urgency=medium422chrony (3.2-4) unstable; urgency=medium
209423
210 * debian/changelog:424 * debian/changelog:
@@ -271,6 +485,27 @@ chrony (3.2-3) unstable; urgency=medium
271485
272 -- Vincent Blut <vincent.debian@free.fr> Wed, 07 Feb 2018 21:27:09 +0100486 -- Vincent Blut <vincent.debian@free.fr> Wed, 07 Feb 2018 21:27:09 +0100
273487
488chrony (3.2-2ubuntu3) bionic; urgency=medium
489
490 * Revert the changes of (LP 1746458) as in the follow on discussion
491 it became clear that we want it to start early (for example for an
492 early offset from drift file). iIf needed chrony will later on pick
493 up that servers are online via retries (augmented by hooks on network
494 events).
495
496 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 08 Feb 2018 10:52:30 +0100
497
498chrony (3.2-2ubuntu2) bionic; urgency=medium
499
500 * d/control: use to nss instead of tomcrypt (in main) (LP: #1744072)
501 * d/chrony.conf: use ubuntu ntp pool and server (LP: #1744664)
502 * d/chrony.default, d/chrony.service: support /etc/default/chrony
503 DAEMON_OPTS in systemd environment (LP: #1746081)
504 * d/chrony.service: properly start after networking (LP: #1746458)
505 * d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: #1746444)
506
507 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 19 Jan 2018 09:45:38 +0100
508
274chrony (3.2-2) unstable; urgency=medium509chrony (3.2-2) unstable; urgency=medium
275510
276 * Initial AppArmor profile for chronyd. Thanks to Jamie511 * Initial AppArmor profile for chronyd. Thanks to Jamie
diff --git a/debian/chrony.conf b/debian/chrony.conf
index 6c19767..d5a0b37 100644
--- a/debian/chrony.conf
+++ b/debian/chrony.conf
@@ -1,6 +1,23 @@
1# Welcome to the chrony configuration file. See chrony.conf(5) for more1# Welcome to the chrony configuration file. See chrony.conf(5) for more
2# information about usuable directives.2# information about usuable directives.
3pool 2.debian.pool.ntp.org iburst3
4# This will use (up to):
5# - 4 sources from ntp.ubuntu.com which some are ipv6 enabled
6# - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well
7# - 1 source from [01].ubuntu.pool.ntp.org each (ipv4 only atm)
8# This means by default, up to 6 dual-stack and up to 2 additional IPv4-only
9# sources will be used.
10# At the same time it retains some protection against one of the entries being
11# down (compare to just using one of the lines). See (LP: #1754358) for the
12# discussion.
13#
14# About using servers from the NTP Pool Project in general see (LP: #104525).
15# Approved by Ubuntu Technical Board on 2011-02-08.
16# See http://www.pool.ntp.org/join.html for more information.
17pool ntp.ubuntu.com iburst maxsources 4
18pool 0.ubuntu.pool.ntp.org iburst maxsources 1
19pool 1.ubuntu.pool.ntp.org iburst maxsources 1
20pool 2.ubuntu.pool.ntp.org iburst maxsources 2
421
5# This directive specify the location of the file containing ID/key pairs for22# This directive specify the location of the file containing ID/key pairs for
6# NTP authentication.23# NTP authentication.
diff --git a/debian/chrony.default b/debian/chrony.default
index eead3e6..5391fc4 100644
--- a/debian/chrony.default
+++ b/debian/chrony.default
@@ -4,3 +4,7 @@
44
5# Options to pass to chrony.5# Options to pass to chrony.
6DAEMON_OPTS="-F -1"6DAEMON_OPTS="-F -1"
7
8# Sync system clock in containers or without CAP_SYS_TIME (likely to fail)
9# See /usr/share/doc/chrony/README.container for details.
10SYNC_IN_CONTAINER="no"
diff --git a/debian/chrony.service b/debian/chrony.service
index 3e4451a..bb01a79 100644
--- a/debian/chrony.service
+++ b/debian/chrony.service
@@ -3,13 +3,13 @@ Description=chrony, an NTP client/server
3Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5)3Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5)
4Conflicts=systemd-timesyncd.service openntpd.service ntp.service ntpsec.service4Conflicts=systemd-timesyncd.service openntpd.service ntp.service ntpsec.service
5After=network.target5After=network.target
6ConditionCapability=CAP_SYS_TIME
76
8[Service]7[Service]
9Type=forking8Type=forking
10PIDFile=/run/chronyd.pid9PIDFile=/run/chronyd.pid
11EnvironmentFile=-/etc/default/chrony10EnvironmentFile=-/etc/default/chrony
12ExecStart=/usr/sbin/chronyd $DAEMON_OPTS11# Starter takes care of special cases mostly for containers
12ExecStart=/usr/lib/systemd/scripts/chronyd-starter.sh $DAEMON_OPTS
13ExecStartPost=-/usr/lib/chrony/chrony-helper update-daemon13ExecStartPost=-/usr/lib/chrony/chrony-helper update-daemon
14PrivateTmp=yes14PrivateTmp=yes
15ProtectHome=yes15ProtectHome=yes
diff --git a/debian/chronyd-starter.sh b/debian/chronyd-starter.sh
16new file mode 10075516new file mode 100755
index 0000000..c175db5
--- /dev/null
+++ b/debian/chronyd-starter.sh
@@ -0,0 +1,70 @@
1#!/bin/sh
2set -ue
3
4CONF="/etc/default/chrony"
5DOC="/usr/share/doc/chrony/README.container"
6CAP="cap_sys_time"
7CMD="/usr/sbin/chronyd"
8# Take any args passed, use none if nothing was specified
9EFFECTIVE_DAEMON_OPTS=${@:-""}
10
11if [ -f "${CONF}" ]; then
12 . "${CONF}"
13else
14 echo "<4>Warning: ${CONF} is missing"
15fi
16# take from conffile if available, default to no otherwise
17EFFECTIVE_SYNC_IN_CONTAINER=${SYNC_IN_CONTAINER:-"no"}
18
19if [ ! -x "${CMD}" ]; then
20 echo "<3>Error: ${CMD} not executable"
21 # ugly, but works around https://github.com/systemd/systemd/issues/2913
22 sleep 0.1
23 exit 1
24fi
25
26# Check if -x is already set manually, don't process further if that is the case
27X_SET=0
28while getopts ":x" opt; do
29 case $opt in
30 x)
31 X_SET=1
32 ;;
33 esac
34done
35
36if [ ${X_SET} -ne 1 ]; then
37 # Assume it is not in a container
38 IS_CONTAINER=0
39 if [ -x /usr/bin/systemd-detect-virt ]; then
40 if /usr/bin/systemd-detect-virt --quiet --container; then
41 IS_CONTAINER=1
42 fi
43 fi
44
45
46 # Assume it has the cap
47 HAS_CAP=1
48 CAPSH="/sbin/capsh"
49 if [ -x "${CAPSH}" ]; then
50 ${CAPSH} --print | grep -q "^Current.*${CAP}" || HAS_CAP=0
51 fi
52
53 if [ ${HAS_CAP} -eq 0 ]; then
54 echo "<4>Warning: Missing ${CAP}, syncing the system clock will fail"
55 fi
56 if [ ${IS_CONTAINER} -eq 1 ]; then
57 echo "<4>Warning: Running in a container, likely impossible and unintended to sync system clock"
58 fi
59
60 if [ ${HAS_CAP} -eq 0 -o ${IS_CONTAINER} -eq 1 ]; then
61 if [ "${EFFECTIVE_SYNC_IN_CONTAINER}" != "yes" ]; then
62 echo "<5>Adding -x as fallback disabling control of the system clock, see ${DOC} to override this behavior"
63 EFFECTIVE_DAEMON_OPTS="${EFFECTIVE_DAEMON_OPTS} -x"
64 else
65 echo "<5>Not falling back to disable control of the system clock, see ${DOC} to change this behavior"
66 fi
67 fi
68fi
69
70${CMD} ${EFFECTIVE_DAEMON_OPTS}
diff --git a/debian/control b/debian/control
index 54c4ccc..c552ce7 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,8 @@
1Source: chrony1Source: chrony
2Section: net2Section: net
3Priority: optional3Priority: optional
4Maintainer: Vincent Blut <vincent.debian@free.fr>4Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
5XSBC-Original-Maintainer: Vincent Blut <vincent.debian@free.fr>
5Uploaders: Joachim Wiedorn <joodebian@joonet.de>6Uploaders: Joachim Wiedorn <joodebian@joonet.de>
6Standards-Version: 4.3.07Standards-Version: 4.3.0
7Build-Depends: asciidoctor (>= 1.5.3-1~),8Build-Depends: asciidoctor (>= 1.5.3-1~),
@@ -25,6 +26,7 @@ Pre-Depends: ${misc:Pre-Depends}
25Depends: adduser,26Depends: adduser,
26 iproute2 [linux-any],27 iproute2 [linux-any],
27 lsb-base,28 lsb-base,
29 libcap2-bin,
28 ucf,30 ucf,
29 ${misc:Depends},31 ${misc:Depends},
30 ${shlibs:Depends}32 ${shlibs:Depends}
diff --git a/debian/docs b/debian/docs
index e12f653..3bfc9dc 100644
--- a/debian/docs
+++ b/debian/docs
@@ -1,3 +1,4 @@
1FAQ1FAQ
2NEWS2NEWS
3README3README
4debian/README.container
diff --git a/debian/init b/debian/init
4deleted file mode 1006445deleted file mode 100644
index bc376b5..0000000
--- a/debian/init
+++ /dev/null
@@ -1,73 +0,0 @@
1#! /bin/sh
2#
3# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
4# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
5# Modified for Debian by Christoph Lameter <clameter@debian.org>
6# Modified for chrony by John Hasler <jhasler@debian.org> 1998-2012
7# Modified for Debian by Vincent Blut <vincent.debian@free.fr>
8
9### BEGIN INIT INFO
10# Provides: chrony
11# Required-Start: $remote_fs
12# Required-Stop: $remote_fs
13# Should-Start: $syslog $network $named $time
14# Should-Stop: $syslog $network $named $time
15# Default-Start: 2 3 4 5
16# Default-Stop: 0 1 6
17# Short-Description: Controls chronyd NTP time daemon
18# Description: Chronyd is the NTP time daemon in the Chrony package
19### END INIT INFO
20
21PATH=/bin:/usr/bin:/sbin:/usr/sbin
22DAEMON=/usr/sbin/chronyd
23NAME="chronyd"
24DESC="time daemon"
25PIDFILE=/run/chronyd.pid
26CHRONY_HELPER=/usr/lib/chrony/chrony-helper
27
28[ -x "$DAEMON" ] || exit 0
29
30. /lib/lsb/init-functions
31
32# Override this variable by editing /etc/default/chrony.
33DAEMON_OPTS=""
34if [ -f /etc/default/chrony ]; then
35 . /etc/default/chrony
36fi
37
38case "$1" in
39 start)
40 if $0 status > /dev/null ; then
41 log_success_msg "$NAME is already running"
42 else
43 log_daemon_msg "Starting $DESC" "$NAME"
44 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
45 if [ -x $CHRONY_HELPER ]; then
46 $CHRONY_HELPER update-daemon
47 fi
48 log_end_msg $?
49 fi
50 ;;
51
52 stop)
53 log_daemon_msg "Stopping $DESC" "$NAME"
54 start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --remove-pidfile --exec $DAEMON
55 log_end_msg $?
56 ;;
57
58 restart|force-reload)
59 $0 stop
60 $0 start
61 ;;
62
63 status)
64 status_of_proc -p $PIDFILE "$DAEMON" "$NAME" && exit 0 || exit $?
65 ;;
66
67 *)
68 log_action_msg "Usage: /etc/init.d/chrony {start|stop|restart|force-reload|status}"
69 exit 1
70 ;;
71esac
72
73exit 0
diff --git a/debian/install b/debian/install
index db2e305..abaa2f3 100644
--- a/debian/install
+++ b/debian/install
@@ -2,3 +2,4 @@ debian/chrony-dnssrv@.* lib/systemd/system
2debian/chrony-helper usr/lib/chrony2debian/chrony-helper usr/lib/chrony
3debian/chrony.conf usr/share/chrony3debian/chrony.conf usr/share/chrony
4debian/usr.sbin.chronyd etc/apparmor.d4debian/usr.sbin.chronyd etc/apparmor.d
5debian/chronyd-starter.sh usr/lib/systemd/scripts/
diff --git a/debian/postrm b/debian/postrm
index ed3bac1..a5fd9ba 100644
--- a/debian/postrm
+++ b/debian/postrm
@@ -7,6 +7,15 @@ set -e
77
8# targets: purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear8# targets: purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear
99
10restore_timesyncd() {
11 # on next reboot it would start, but that would leave time
12 # unsynchronized until then. So as the Conflicts in the service file kill
13 # systemd-timesyncd re-establish it if it is enabled
14 if [ "$(systemctl is-enabled systemd-timesyncd 2>/dev/null)" = "enabled" ] ; then
15 deb-systemd-invoke start systemd-timesyncd
16 fi
17}
18
10case "$1" in19case "$1" in
11 purge)20 purge)
12 rm -f /var/lib/chrony/*21 rm -f /var/lib/chrony/*
@@ -30,9 +39,15 @@ case "$1" in
30 then39 then
31 deluser --quiet --system _chrony > /dev/null 2>&1 || true40 deluser --quiet --system _chrony > /dev/null 2>&1 || true
32 fi41 fi
42
43 restore_timesyncd
44 ;;
45
46 remove)
47 restore_timesyncd
33 ;;48 ;;
3449
35 remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)50 upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
3651
37 ;;52 ;;
3853

Subscribers

People subscribed via source and target branches