1
diff --git a/debian/README.container b/debian/README.container
2
0
new file mode 100644
0
new file mode 100644
3
index 0000000..16f2618
4
--- /dev/null
5
+++ b/debian/README.container
6
@@ -0,0 +1,60 @@
7
1
Chrony in Containers
8
2
--------------------
9
3
10
4
Currently in in 99.9+% of the cases syncing the local clock in a container
11
5
is wrong. Most of the time it will be unable to do so, because it is lacking
12
6
CAP_SYS_TIME. Or worse, if the CAP_SYS_TIME privilege is granted, multiple
13
7
containers could fight over the system's time, because the Linux kernel does
14
8
not provide time namespaces (yet).
15
9
16
10
There are two things a user installing chrony usually wants:
17
11
1. synchronize my time (NTP client)
18
12
2. serve NTP (NTP server)
19
13
20
14
In a container the first makes (usually) no sense, so by default we enable -x
21
15
there (as it would only crash otherwise).
22
16
This will disable the control of the system clock.
23
17
See `man chronyd` for more details on the -x option.
24
18
25
19
Formerly, the check for Condition=CAP_SYS_TIME in the systemd service avoided
26
20
the crash of the NTP client portion, but that means the server use case will
27
21
not work by default in containers. It is still not recommended to use a
28
22
container as an NTP server, but if the host clock is synchronised via NTP,
29
23
adding the -x option to chronyd instances running in containers will allow
30
24
them to function as NTP servers which do not adjust the system clock.
31
25
The Condition=CAP_SYS_TIME check was a silent, no-log-entry stealing away
32
26
leaving users often unclear what happened - especially if they were more after
33
27
the NTP server than the NTP client.
34
28
35
29
One could argue that someone who installs chrony expects the system time to be
36
30
synchronised, so it should fail if it is not able to do so.  On the other hand
37
31
it could be argued that someone who installs chrony expects time to be served
38
32
over the network via NTP.
39
33
We can't know which expectation is applicable, so we assume that time should
40
34
be synchronised unless chronyd is running in a container (or is without
41
35
CAP_SYS_TIME in any other environment).
42
36
43
37
To make things worse recent container implementations will offer CAP_SYS_TIME
44
38
to the container. Since from the container's point of view, this capability is
45
39
available for the container's user namespace. Just later on adjtimex and similar
46
40
are actually evaluated against the host kernel where they will fail. Due to
47
41
that without further precaution running chrony in Ubuntu in the future will
48
42
likely have the service start (as Condition=CAP_SYS_TIME will be true) but
49
43
then immediately fail.
50
44
This will depend on the environment e.g. versions and types of containers and
51
45
thereby feel just 'unreliable' from users point of view.
52
46
Furthermore it will affect upgrades as the service has to be restarted for a
53
47
package upgrade to be considered complete.
54
48
55
49
Due to all of that Ubuntu decided (LP: #1589780) to default to -x (do not
56
50
set the system clock) in containers.
57
51
58
52
If one really wants to (try to) sync time in a container or CAP_SYS_TIME-less
59
53
environment set SYNC_IN_CONTAINER="yes" in /etc/default/chrony to disable
60
54
this special handling.
61
55
62
56
It is important to mention that as soon as upstream provides a way to provide
63
57
a default config working in those cases Ubuntu intends to use that and drop
64
58
the current workaround.
65
59
66
60
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 16 Mar 2018 12:25:44 +0100
67
diff --git a/debian/changelog b/debian/changelog
68
index f3c52fc..8177c32 100644
69
--- a/debian/changelog
70
+++ b/debian/changelog
71
@@ -1,3 +1,36 @@
72
1
chrony (3.5-2ubuntu1) eoan; urgency=medium
73
2
74
3
  * Merge with Debian experimental (LP: #1835046). Remaining changes:
75
4
    - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358)
76
5
    - Set -x as default if unable to set time (e.g. in containers) (LP 1589780)
77
6
      Chrony is a single service which acts as both NTP client (i.e. syncing the
78
7
      local clock) and NTP server (i.e. providing NTP services to the network),
79
8
      and that is both desired and expected in the vast majority of cases.
80
9
      But in containers syncing the local clock is usually impossible, but this
81
10
      shall not break the providing of NTP services to the network.
82
11
      To some extent this makes chrony's default config more similar to 'ntpd',
83
12
      which complained in syslog but still provided NTP server service in those
84
13
      cases.
85
14
      + debian/chrony.service: allow the service to run without CAP_SYS_TIME
86
15
      + debian/control: add new dependency libcap2-bin for capsh (usually
87
16
        installed anyway, but make them explicit to be sure).
88
17
      + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
89
18
        (Default off) [fixed a minor typo in the comment in this update]
90
19
      + debian/chronyd-starter.sh: wrapper to handle special cases in containers
91
20
        and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
92
21
        containers on a default installation and avoid failing to sync time (or
93
22
        if allowed to sync, avoid multiple containers to fight over it by
94
23
        accident).
95
24
      + debian/install: make chrony-starter.sh available on install.
96
25
      + debian/docs, debian/README.container: provide documentation about the
97
26
        handling of this case.
98
27
   * Dropped changes (accepted in Debian now):
99
28
    - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357)
100
29
    - d/postrm: respect policy-rc.d when restoring systemd-timesyncd
101
30
      (LP 1771994)
102
31
103
32
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 02 Jul 2019 13:37:23 +0200
104
33
105
1
chrony (3.5-2) unstable; urgency=medium
34
chrony (3.5-2) unstable; urgency=medium
106
2
35
107
3
  * Merge branch “experimental” into “master”.
36
  * Merge branch “experimental” into “master”.
108
@@ -84,6 +117,56 @@ chrony (3.5~pre1-1) experimental; urgency=medium
109
84
117
110
85
 -- Vincent Blut <vincent.debian@free.fr>  Sun, 12 May 2019 22:16:14 +0200
118
 -- Vincent Blut <vincent.debian@free.fr>  Sun, 12 May 2019 22:16:14 +0200
111
86
119
112
120
chrony (3.4-4ubuntu2) eoan; urgency=medium
113
121
114
122
  * Dropped sysV change added in 3.4-4ubuntu1 (LP: #1829700):
115
123
    - removed d/init to avoid weird interactions between sysV and systemd
116
124
    [With debhelper compat level 12 this isn't an issue anymore]
117
125
118
126
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 22 May 2019 09:10:41 +0200
119
127
120
128
chrony (3.4-4ubuntu1) eoan; urgency=medium
121
129
122
130
  * Merge with Debian unstable (LP: #1828992). Remaining changes:
123
131
    - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358)
124
132
    - Set -x as default if unable to set time (e.g. in containers) (LP 1589780)
125
133
      Chrony is a single service which acts as both NTP client (i.e. syncing the
126
134
      local clock) and NTP server (i.e. providing NTP services to the network),
127
135
      and that is both desired and expected in the vast majority of cases.
128
136
      But in containers syncing the local clock is usually impossible, but this
129
137
      shall not break the providing of NTP services to the network.
130
138
      To some extent this makes chrony's default config more similar to 'ntpd',
131
139
      which complained in syslog but still provided NTP server service in those
132
140
      cases.
133
141
      + debian/chrony.service: allow the service to run without CAP_SYS_TIME
134
142
      + debian/control: add new dependency libcap2-bin for capsh (usually
135
143
        installed anyway, but make them explicit to be sure).
136
144
      + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
137
145
        (Default off) [fixed a minor typo in the comment in this update]
138
146
      + debian/chronyd-starter.sh: wrapper to handle special cases in containers
139
147
        and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
140
148
        containers on a default installation and avoid failing to sync time (or
141
149
        if allowed to sync, avoid multiple containers to fight over it by
142
150
        accident).
143
151
      + debian/install: make chrony-starter.sh available on install.
144
152
      + debian/docs, debian/README.container: provide documentation about the
145
153
        handling of this case.
146
154
    - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357)
147
155
    - d/postrm: respect policy-rc.d when restoring systemd-timesyncd
148
156
      (LP 1771994)
149
157
  * Added Changes:
150
158
    - removed d/init to avoid weird interactions between sysV and systemd
151
159
  * Dropped Changes:
152
160
    - Notify chrony to update sources in response to systemd-networkd
153
161
      events (LP: 1718227)
154
162
      + d/links: link dispatcher script to networkd-dispatcher events routable
155
163
        and off
156
164
      + d/control: set Recommends to networkd-dispatcher
157
165
      [Those are in Debian, except that we agreed to have networkd-dispatcher
158
166
       to only be a Suggests]
159
167
160
168
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 14 May 2019 12:49:30 +0200
161
169
162
87
chrony (3.4-4) unstable; urgency=medium
170
chrony (3.4-4) unstable; urgency=medium
163
88
171
164
89
  * debian/patches/*:
172
  * debian/patches/*:
165
@@ -160,6 +243,48 @@ chrony (3.4-2) unstable; urgency=medium
166
160
243
167
161
 -- Vincent Blut <vincent.debian@free.fr>  Wed, 13 Feb 2019 17:08:17 +0100
244
 -- Vincent Blut <vincent.debian@free.fr>  Wed, 13 Feb 2019 17:08:17 +0100
168
162
245
169
246
chrony (3.4-1ubuntu1) disco; urgency=medium
170
247
171
248
  * Merge with Debian unstable (LP: #1802886). Remaining changes:
172
249
    - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
173
250
    - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780)
174
251
      Chrony is a single service which acts as both NTP client (i.e. syncing the
175
252
      local clock) and NTP server (i.e. providing NTP services to the network),
176
253
      and that is both desired and expected in the vast majority of cases.
177
254
      But in containers syncing the local clock is usually impossible, but this
178
255
      shall not break the providing of NTP services to the network.
179
256
      To some extent this makes chrony's default config more similar to 'ntpd',
180
257
      which complained in syslog but still provided NTP server service in those
181
258
      cases.
182
259
      + debian/chrony.service: allow the service to run without CAP_SYS_TIME
183
260
      + debian/control: add new dependency libcap2-bin for capsh (usually
184
261
        installed anyway, but make them explicit to be sure).
185
262
      + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
186
263
        (Default off).
187
264
      + debian/chronyd-starter.sh: wrapper to handle special cases in containers
188
265
        and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
189
266
        containers on a default installation and avoid failing to sync time (or
190
267
        if allowed to sync, avoid multiple containers to fight over it by
191
268
        accident).
192
269
      + debian/install: make chronyd-starter.sh available on install.
193
270
      + debian/docs, debian/README.container: provide documentation about the
194
271
        handling of this case.
195
272
    - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357)
196
273
    - Notify chrony to update sources in response to systemd-networkd
197
274
      events (LP: 1718227)
198
275
      + d/links: link dispatcher script to networkd-dispatcher events routable
199
276
        and off
200
277
      + d/control: set Recommends to networkd-dispatcher
201
278
  * Dropped Changes (upstream):
202
279
    - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
203
280
    - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting
204
281
      the service on newer kernels by falling back to urandom. (LP: 1787366)
205
282
  * Added Changes:
206
283
    - d/postrm: respect policy-rc.d when restoring systemd-timesyncd
207
284
      (LP: #1771994)
208
285
209
286
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 12 Nov 2018 11:39:08 +0100
210
287
211
163
chrony (3.4-1) unstable; urgency=medium
288
chrony (3.4-1) unstable; urgency=medium
212
164
289
213
165
  * Import upstream version 3.4:
290
  * Import upstream version 3.4:
214
@@ -236,6 +361,66 @@ chrony (3.3-3) unstable; urgency=medium
215
236
361
216
237
 -- Vincent Blut <vincent.debian@free.fr>  Sat, 18 Aug 2018 16:23:19 +0200
362
 -- Vincent Blut <vincent.debian@free.fr>  Sat, 18 Aug 2018 16:23:19 +0200
217
238
363
218
364
chrony (3.3-2ubuntu2) cosmic; urgency=medium
219
365
220
366
  * - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting
221
367
      the service on newer kernels by falling back to urandom.
222
368
      (LP: #1787366, Closes: #906276)
223
369
224
370
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 16 Aug 2018 11:48:38 +0200
225
371
226
372
chrony (3.3-2ubuntu1) cosmic; urgency=medium
227
373
228
374
  * Merge with Debian unstable (LP: #1771061). Remaining changes:
229
375
    - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
230
376
    - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780)
231
377
      Chrony is a single service which acts as both NTP client (i.e. syncing the
232
378
      local clock) and NTP server (i.e. providing NTP services to the network),
233
379
      and that is both desired and expected in the vast majority of cases.
234
380
      But in containers syncing the local clock is usually impossible, but this
235
381
      shall not break the providing of NTP services to the network.
236
382
      To some extent this makes chrony's default config more similar to 'ntpd',
237
383
      which complained in syslog but still provided NTP server service in those
238
384
      cases.
239
385
      - debian/chrony.service: allow the service to run without CAP_SYS_TIME
240
386
      - debian/control: add new dependency libcap2-bin for capsh (usually
241
387
        installed anyway, but make them explicit to be sure).
242
388
      - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
243
389
        (Default off).
244
390
      - debian/chronyd-starter.sh: wrapper to handle special cases in containers
245
391
        and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
246
392
        containers on a default installation and avoid failing to sync time (or
247
393
        if allowed to sync, avoid multiple containers to fight over it by
248
394
        accident).
249
395
      - debian/install: make chronyd-starter.sh available on install.
250
396
      - debian/docs, debian/README.container: provide documentation about the
251
397
        handling of this case.
252
398
    - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357)
253
399
    - Notify chrony to update sources in response to systemd-networkd
254
400
      events (LP: 1718227)
255
401
      - d/links: link dispatcher script to networkd-dispatcher events routable
256
402
        and off
257
403
      - d/control: set Recommends to networkd-dispatcher
258
404
      - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
259
405
  * Dropped changes
260
406
    - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor
261
407
      (LP: 1751241) (in Debian now)
262
408
    - debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: 1761327)
263
409
      (in Debian now)
264
410
    - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch:
265
411
      When dropping the root privileges, don't try to keep the CAP_SYS_TIME
266
412
      capability if the -x option was enabled. This allows chronyd to be
267
413
      started without the capability (e.g. in containers) and also drop the
268
414
      root privileges (This is upstream now).
269
415
    - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch (This is
270
416
      upstream now).
271
417
    - d/control: switch to nss instead of tomcrypt (Debian switched to nettle
272
418
      which is in main, so we can drop this)
273
419
  * Added changes
274
420
    - debian/README.container: fix typos
275
421
276
422
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 14 May 2018 09:06:01 +0200
277
423
278
239
chrony (3.3-2) unstable; urgency=medium
424
chrony (3.3-2) unstable; urgency=medium
279
240
425
280
241
  * debian/chrony.service:
426
  * debian/chrony.service:
281
@@ -291,6 +476,76 @@ chrony (3.2-5) unstable; urgency=medium
282
291
476
283
292
 -- Vincent Blut <vincent.debian@free.fr>  Wed, 28 Feb 2018 17:31:08 +0100
477
 -- Vincent Blut <vincent.debian@free.fr>  Wed, 28 Feb 2018 17:31:08 +0100
284
293
478
285
479
chrony (3.2-4ubuntu4) bionic; urgency=medium
286
480
287
481
  * d/postrm: re-establish systemd-timesyncd on removal (LP: #1764357)
288
482
  * Notify chrony to update sources in response to systemd-networkd
289
483
    events (LP: #1718227)
290
484
    - d/links: link dispatcher script to networkd-dispatcher events routable
291
485
      and off
292
486
    - d/control: set Recommends to networkd-dispatcher
293
487
    - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch
294
488
    - d/p/lp-1718227-nm-dispatcher-for-networkd.patch
295
489
296
490
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 16 Apr 2018 17:04:06 +0200
297
491
298
492
chrony (3.2-4ubuntu3) bionic; urgency=medium
299
493
300
494
  * debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: #1761327)
301
495
302
496
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 05 Apr 2018 09:38:10 +0200
303
497
304
498
chrony (3.2-4ubuntu2) bionic; urgency=medium
305
499
306
500
  * Set -x as default if unable to set time (e.g. in containers) (LP: #1589780)
307
501
    Chrony is a single service which acts as both NTP client (i.e. syncing the
308
502
    local clock) and NTP server (i.e. providing NTP services to the network),
309
503
    and that is both desired and expected in the vast majority of cases.
310
504
    But in containers syncing the local clock is usually impossible, but this
311
505
    shall not break the providing of NTP services to the network.
312
506
    To some extent this makes chrony's default config more similar to 'ntpd',
313
507
    which complained in syslog but still provided NTP server service in those
314
508
    cases.
315
509
    - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch:
316
510
      When dropping the root privileges, don't try to keep the CAP_SYS_TIME
317
511
      capability if the -x option was enabled. This allows chronyd to be
318
512
      started without the capability (e.g. in containers) and also drop the
319
513
      root privileges.
320
514
    - debian/chrony.service: allow the service to run without CAP_SYS_TIME
321
515
    - debian/control: add new dependency libcap2-bin for capsh (usually
322
516
      installed anyway, but make them explicit to be sure).
323
517
    - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
324
518
      (Default off).
325
519
    - debian/chronyd-starter.sh: wrapper to handle special cases in containers
326
520
      and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
327
521
      containers on a default installation and avoid failing to sync time (or
328
522
      if allowed to sync, avoid multiple containers to fight over it by
329
523
      accident).
330
524
    - debian/install: make chronyd-starter.sh available on install.
331
525
    - debian/docs, debian/README.container: provide documentation about the
332
526
      handling of this case.
333
527
  * debian/chrony.conf: update default chrony.conf to not violate the policy
334
528
    of pool.ntp.org (to use no more than four of their servers) and to provide
335
529
    more ipv6 capable sources by default (LP: #1754358)
336
530
337
531
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 16 Mar 2018 12:25:44 +0100
338
532
339
533
chrony (3.2-4ubuntu1) bionic; urgency=medium
340
534
341
535
  * Merge with Debian unstable. Remaining changes:
342
536
    - d/control: switch to nss instead of tomcrypt (nss is in main)
343
537
    - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664)
344
538
  * Dropped changes (in Debian)
345
539
    - d/chrony.default, d/chrony.service: support /etc/default/chrony
346
540
      DAEMON_OPTS in systemd environment (LP: 1746081)
347
541
    - d/chrony.service: properly start after networking (LP: 1746458)
348
542
    - d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: 1746444)
349
543
  * Added Changes:
350
544
    - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor
351
545
      (LP: #1751241, Closes: #891201)
352
546
353
547
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 26 Feb 2018 14:44:54 +0100
354
548
355
294
chrony (3.2-4) unstable; urgency=medium
549
chrony (3.2-4) unstable; urgency=medium
356
295
550
357
296
  * debian/changelog:
551
  * debian/changelog:
358
@@ -357,6 +612,27 @@ chrony (3.2-3) unstable; urgency=medium
359
357
612
360
358
 -- Vincent Blut <vincent.debian@free.fr>  Wed, 07 Feb 2018 21:27:09 +0100
613
 -- Vincent Blut <vincent.debian@free.fr>  Wed, 07 Feb 2018 21:27:09 +0100
361
359
614
362
615
chrony (3.2-2ubuntu3) bionic; urgency=medium
363
616
364
617
  * Revert the changes of (LP 1746458) as in the follow on discussion
365
618
    it became clear that we want it to start early (for example for an
366
619
    early offset from drift file). iIf needed chrony will later on pick
367
620
    up that servers are online via retries (augmented by hooks on network
368
621
    events).
369
622
370
623
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 08 Feb 2018 10:52:30 +0100
371
624
372
625
chrony (3.2-2ubuntu2) bionic; urgency=medium
373
626
374
627
  * d/control: use to nss instead of tomcrypt (in main) (LP: #1744072)
375
628
  * d/chrony.conf: use ubuntu ntp pool and server (LP: #1744664)
376
629
  * d/chrony.default, d/chrony.service: support /etc/default/chrony
377
630
    DAEMON_OPTS in systemd environment (LP: #1746081)
378
631
  * d/chrony.service: properly start after networking (LP: #1746458)
379
632
  * d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: #1746444)
380
633
381
634
 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 19 Jan 2018 09:45:38 +0100
382
635
383
360
chrony (3.2-2) unstable; urgency=medium
636
chrony (3.2-2) unstable; urgency=medium
384
361
637
385
362
  * Initial AppArmor profile for chronyd. Thanks to Jamie
638
  * Initial AppArmor profile for chronyd. Thanks to Jamie
386
diff --git a/debian/chrony.conf b/debian/chrony.conf
387
index 6c19767..d5a0b37 100644
388
--- a/debian/chrony.conf
389
+++ b/debian/chrony.conf
390
@@ -1,6 +1,23 @@
391
1
# Welcome to the chrony configuration file. See chrony.conf(5) for more
1
# Welcome to the chrony configuration file. See chrony.conf(5) for more
392
2
# information about usuable directives.
2
# information about usuable directives.
394
3
pool 2.debian.pool.ntp.org iburst
3
395
4
# This will use (up to):
396
5
# - 4 sources from ntp.ubuntu.com which some are ipv6 enabled
397
6
# - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well
398
7
# - 1 source from [01].ubuntu.pool.ntp.org each (ipv4 only atm)
399
8
# This means by default, up to 6 dual-stack and up to 2 additional IPv4-only
400
9
# sources will be used.
401
10
# At the same time it retains some protection against one of the entries being
402
11
# down (compare to just using one of the lines). See (LP: #1754358) for the
403
12
# discussion.
404
13
#
405
14
# About using servers from the NTP Pool Project in general see (LP: #104525).
406
15
# Approved by Ubuntu Technical Board on 2011-02-08.
407
16
# See http://www.pool.ntp.org/join.html for more information.
408
17
pool ntp.ubuntu.com        iburst maxsources 4
409
18
pool 0.ubuntu.pool.ntp.org iburst maxsources 1
410
19
pool 1.ubuntu.pool.ntp.org iburst maxsources 1
411
20
pool 2.ubuntu.pool.ntp.org iburst maxsources 2
412
4
21
413
5
# This directive specify the location of the file containing ID/key pairs for
22
# This directive specify the location of the file containing ID/key pairs for
414
6
# NTP authentication.
23
# NTP authentication.
415
diff --git a/debian/chrony.default b/debian/chrony.default
416
index eead3e6..5391fc4 100644
417
--- a/debian/chrony.default
418
+++ b/debian/chrony.default
419
@@ -4,3 +4,7 @@
420
4
4
421
5
# Options to pass to chrony.
5
# Options to pass to chrony.
422
6
DAEMON_OPTS="-F -1"
6
DAEMON_OPTS="-F -1"
423
7
424
8
# Sync system clock in containers or without CAP_SYS_TIME (likely to fail)
425
9
# See /usr/share/doc/chrony/README.container for details.
426
10
SYNC_IN_CONTAINER="no"
427
diff --git a/debian/chrony.service b/debian/chrony.service
428
index 3e4451a..bb01a79 100644
429
--- a/debian/chrony.service
430
+++ b/debian/chrony.service
431
@@ -3,13 +3,13 @@ Description=chrony, an NTP client/server
432
3
Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5)
3
Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5)
433
4
Conflicts=systemd-timesyncd.service openntpd.service ntp.service ntpsec.service
4
Conflicts=systemd-timesyncd.service openntpd.service ntp.service ntpsec.service
434
5
After=network.target
5
After=network.target
435
6
ConditionCapability=CAP_SYS_TIME
436
7
6
437
8
[Service]
7
[Service]
438
9
Type=forking
8
Type=forking
439
10
PIDFile=/run/chronyd.pid
9
PIDFile=/run/chronyd.pid
440
11
EnvironmentFile=-/etc/default/chrony
10
EnvironmentFile=-/etc/default/chrony
442
12
ExecStart=/usr/sbin/chronyd $DAEMON_OPTS
11
# Starter takes care of special cases mostly for containers
443
12
ExecStart=/usr/lib/systemd/scripts/chronyd-starter.sh $DAEMON_OPTS
444
13
ExecStartPost=-/usr/lib/chrony/chrony-helper update-daemon
13
ExecStartPost=-/usr/lib/chrony/chrony-helper update-daemon
445
14
PrivateTmp=yes
14
PrivateTmp=yes
446
15
ProtectHome=yes
15
ProtectHome=yes
447
diff --git a/debian/chronyd-starter.sh b/debian/chronyd-starter.sh
448
16
new file mode 100755
16
new file mode 100755
449
index 0000000..c175db5
450
--- /dev/null
451
+++ b/debian/chronyd-starter.sh
452
@@ -0,0 +1,70 @@
453
1
#!/bin/sh
454
2
set -ue
455
3
456
4
CONF="/etc/default/chrony"
457
5
DOC="/usr/share/doc/chrony/README.container"
458
6
CAP="cap_sys_time"
459
7
CMD="/usr/sbin/chronyd"
460
8
# Take any args passed, use none if nothing was specified
461
9
EFFECTIVE_DAEMON_OPTS=${@:-""}
462
10
463
11
if [ -f "${CONF}" ]; then
464
12
    . "${CONF}"
465
13
else
466
14
    echo "<4>Warning: ${CONF} is missing"
467
15
fi
468
16
# take from conffile if available, default to no otherwise
469
17
EFFECTIVE_SYNC_IN_CONTAINER=${SYNC_IN_CONTAINER:-"no"}
470
18
471
19
if [ ! -x "${CMD}" ]; then
472
20
    echo "<3>Error: ${CMD} not executable"
473
21
    # ugly, but works around https://github.com/systemd/systemd/issues/2913
474
22
    sleep 0.1
475
23
    exit 1
476
24
fi
477
25
478
26
# Check if -x is already set manually, don't process further if that is the case
479
27
X_SET=0
480
28
while getopts ":x" opt; do
481
29
    case $opt in
482
30
        x)
483
31
            X_SET=1
484
32
            ;;
485
33
    esac
486
34
done
487
35
488
36
if [ ${X_SET} -ne 1 ]; then
489
37
  # Assume it is not in a container
490
38
  IS_CONTAINER=0
491
39
  if [ -x /usr/bin/systemd-detect-virt ]; then
492
40
      if /usr/bin/systemd-detect-virt --quiet --container; then
493
41
          IS_CONTAINER=1
494
42
      fi
495
43
  fi
496
44
497
45
498
46
  # Assume it has the cap
499
47
  HAS_CAP=1
500
48
  CAPSH="/sbin/capsh"
501
49
  if [ -x "${CAPSH}" ]; then
502
50
      ${CAPSH} --print | grep -q "^Current.*${CAP}" || HAS_CAP=0
503
51
  fi
504
52
505
53
  if [ ${HAS_CAP} -eq 0 ]; then
506
54
      echo "<4>Warning: Missing ${CAP}, syncing the system clock will fail"
507
55
  fi
508
56
  if [ ${IS_CONTAINER} -eq 1 ]; then
509
57
      echo "<4>Warning: Running in a container, likely impossible and unintended to sync system clock"
510
58
  fi
511
59
512
60
  if [ ${HAS_CAP} -eq 0 -o ${IS_CONTAINER} -eq 1 ]; then
513
61
      if [ "${EFFECTIVE_SYNC_IN_CONTAINER}" != "yes" ]; then
514
62
          echo "<5>Adding -x as fallback disabling control of the system clock, see ${DOC} to override this behavior"
515
63
          EFFECTIVE_DAEMON_OPTS="${EFFECTIVE_DAEMON_OPTS} -x"
516
64
      else
517
65
          echo "<5>Not falling back to disable control of the system clock, see ${DOC} to change this behavior"
518
66
      fi
519
67
  fi
520
68
fi
521
69
522
70
${CMD} ${EFFECTIVE_DAEMON_OPTS}
523
diff --git a/debian/control b/debian/control
524
index 0da2ecf..197ae0c 100644
525
--- a/debian/control
526
+++ b/debian/control
527
@@ -1,7 +1,8 @@
528
1
Source: chrony
1
Source: chrony
529
2
Section: net
2
Section: net
530
3
Priority: optional
3
Priority: optional
532
4
Maintainer: Vincent Blut <vincent.debian@free.fr>
4
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
533
5
XSBC-Original-Maintainer: Vincent Blut <vincent.debian@free.fr>
534
5
Uploaders: Joachim Wiedorn <joodebian@joonet.de>
6
Uploaders: Joachim Wiedorn <joodebian@joonet.de>
535
6
Standards-Version: 4.3.0
7
Standards-Version: 4.3.0
536
7
Build-Depends: asciidoctor (>= 1.5.3-1~),
8
Build-Depends: asciidoctor (>= 1.5.3-1~),
537
@@ -26,6 +27,7 @@ Architecture: linux-any
538
26
Pre-Depends: ${misc:Pre-Depends}
27
Pre-Depends: ${misc:Pre-Depends}
539
27
Depends: adduser,
28
Depends: adduser,
540
28
         iproute2 [linux-any],
29
         iproute2 [linux-any],
541
30
         libcap2-bin,
542
29
         ucf,
31
         ucf,
543
30
         ${misc:Depends},
32
         ${misc:Depends},
544
31
         ${shlibs:Depends}
33
         ${shlibs:Depends}
545
diff --git a/debian/docs b/debian/docs
546
index e12f653..3bfc9dc 100644
547
--- a/debian/docs
548
+++ b/debian/docs
549
@@ -1,3 +1,4 @@
550
1
FAQ
1
FAQ
551
2
NEWS
2
NEWS
552
3
README
3
README
553
4
debian/README.container
554
diff --git a/debian/install b/debian/install
555
index db2e305..abaa2f3 100644
556
--- a/debian/install
557
+++ b/debian/install
558
@@ -2,3 +2,4 @@ debian/chrony-dnssrv@.* lib/systemd/system
559
2
debian/chrony-helper usr/lib/chrony
2
debian/chrony-helper usr/lib/chrony
560
3
debian/chrony.conf usr/share/chrony
3
debian/chrony.conf usr/share/chrony
561
4
debian/usr.sbin.chronyd etc/apparmor.d
4
debian/usr.sbin.chronyd etc/apparmor.d
562
5
debian/chronyd-starter.sh usr/lib/systemd/scripts/
Status:	Merged
Approved by:	Christian Ehrhardt  on 2019-07-17
Approved revision:	f636f08af4823db78cc9c65bff3f92d48aa64f0a
Merge reported by:	Christian Ehrhardt 
Merged at revision:	f636f08af4823db78cc9c65bff3f92d48aa64f0a
Proposed branch:	~paelzer/ubuntu/+source/chrony:merge-3.5-eoan
Merge into:	ubuntu/+source/chrony:debian/sid
Diff against target:	562 lines (+435/-4) 9 files modified debian/README.container (+60/-0) debian/changelog (+276/-0) debian/chrony.conf (+18/-1) debian/chrony.default (+4/-0) debian/chrony.service (+2/-2) debian/chronyd-starter.sh (+70/-0) debian/control (+3/-1) debian/docs (+1/-0) debian/install (+1/-0)
Related bugs:	Link a bug report
Reviewer	Date Requested	Status
Rafael David Tinoco (community)	2019-07-16	Approve on 2019-07-16
Canonical Server	2019-07-16	Pending
Canonical Server packageset reviewers	2019-07-16	Pending
git-ubuntu developers	2019-07-16	Pending
Review via email: mp+370185@code.launchpad.net