diff -pruN 4.2-2/debian/changelog 4.2-2ubuntu2/debian/changelog --- 4.2-2/debian/changelog 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/changelog 2022-02-08 03:48:09.000000000 +0000 @@ -1,3 +1,46 @@ +chrony (4.2-2ubuntu2) jammy; urgency=medium + + * d/patches/add-rseq.patch: Add "rseq" to list of acceptable syscalls to fix + tests with glibc 2.35. + + -- Michael Hudson-Doyle Tue, 08 Feb 2022 16:48:09 +1300 + +chrony (4.2-2ubuntu1) jammy; urgency=medium + + * Merge with Debian unstable. Remaining changes: + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes [ in 4.2-1 ] + - Drop patches present in v4.2 + + d/p/allow-clone3-and-pread64-in-seccomp-filter.patch + + d/p/fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch + + d/p/lp-1940252-rtc-avoid-printing-and-scanning-time_t.patch + - d/t/upstream-simulation-test-suite: bump to the matching clknetsim + + -- Christian Ehrhardt Fri, 04 Feb 2022 07:52:48 +0100 + chrony (4.2-2) unstable; urgency=medium * debian/usr.sbin.chronyd: @@ -26,6 +69,42 @@ chrony (4.2-1) unstable; urgency=medium -- Vincent Blut Thu, 13 Jan 2022 14:01:35 +0100 +chrony (4.2-0ubuntu1) jammy; urgency=medium + + * Merge with Debian testing (LP: #1946848) and upstream v4.2. + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Drop patches present in v4.2 + - d/p/allow-clone3-and-pread64-in-seccomp-filter.patch + - d/p/fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch + - d/p/lp-1940252-rtc-avoid-printing-and-scanning-time_t.patch + * Added changes: + - d/t/upstream-simulation-test-suite: bump to the matching clknetsim + + -- Christian Ehrhardt Thu, 06 Jan 2022 14:51:22 +0100 + chrony (4.1-4) unstable; urgency=medium * debian/: @@ -48,6 +127,41 @@ chrony (4.1-4) unstable; urgency=medium -- Vincent Blut Thu, 07 Oct 2021 15:23:28 +0200 +chrony (4.1-3ubuntu1) impish; urgency=medium + + * Merge with Debian unstable (LP: #1940252). Remaining changes: + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/helper-functions: restart explicitly to fix test issues + * Added changes: + - d/p/lp-1940252-rtc-avoid-printing-and-scanning-time_t.patch: glibc 2.34 + compatibility + + -- Christian Ehrhardt Tue, 17 Aug 2021 12:22:32 +0200 + chrony (4.1-3) unstable; urgency=medium * Upload to unstable. @@ -78,6 +192,51 @@ chrony (4.1-2) experimental; urgency=med -- Vincent Blut Sat, 26 Jun 2021 17:16:45 +0200 +chrony (4.1-1ubuntu1) impish; urgency=medium + + * Merge new upstream 4.1 and yet unrelased changes from Debian salsa. + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/helper-functions: reduce default ubuntu config, to make space for + testcase config + [ in Debian 4.0-6 ] + - d/t/{dynamically-add-source,ntp-server-and-nts-auth,helper-functions}: + unify tests to use reload and restart + [ in Debian 4.0-6 ] + - d/t/upstream-simulation-test-suite: Update clknetsim version to fix + a test failure on s390x when LTO is enabled at build time (LP #1921377) + [ in Debian 4.1~pre1-1 ] + - d/p/lp-1915006-sys_linux-allow-statx-and-fstatat64-in-seccomp-filte.patch: + add compatibility for glibc 2.33 (LP: 1915006) + [ upstream in 4.1-pre1 ] + * Added changes: + - d/t/helper-functions: restart explicitly to fix test issues + + -- Christian Ehrhardt Tue, 18 May 2021 08:12:59 +0200 + chrony (4.1-1) experimental; urgency=medium * Import upstream version 4.1: @@ -168,6 +327,54 @@ chrony (4.0-6) unstable; urgency=medium -- Vincent Blut Sun, 21 Feb 2021 21:59:22 +0100 +chrony (4.0-5ubuntu3) hirsute; urgency=medium + + * d/t/upstream-simulation-test-suite: Update clknetsim version to fix + a test failure on s390x when LTO is enabled at build time (LP: #1921377) + + -- Christian Ehrhardt Thu, 25 Mar 2021 15:45:47 +0100 + +chrony (4.0-5ubuntu2) hirsute; urgency=medium + + * d/p/lp-1915006-sys_linux-allow-statx-and-fstatat64-in-seccomp-filte.patch: + add compatibility for glibc 2.33 (LP: 1915006) + + -- Christian Ehrhardt Mon, 15 Feb 2021 12:50:29 +0100 + +chrony (4.0-5ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable (LP: #1915006). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Added changes: + - d/t/helper-functions: reduce default ubuntu config, to make space for + testcase config + - d/t/{dynamically-add-source,ntp-server-and-nts-auth,helper-functions}: + unify tests to use reload and restart + + -- Christian Ehrhardt Mon, 08 Feb 2021 12:45:05 +0100 + chrony (4.0-5) unstable; urgency=medium * Follow DEP-14 branch naming conventions: @@ -284,6 +491,35 @@ chrony (4.0-3) unstable; urgency=medium -- Vincent Blut Mon, 18 Jan 2021 21:58:52 +0100 +chrony (4.0-2ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + + -- Christian Ehrhardt Tue, 27 Oct 2020 10:55:19 +0100 + chrony (4.0-2) unstable; urgency=medium * Merge branch 'experimental' into 'master'. @@ -419,6 +655,44 @@ chrony (4.0~pre4-1) experimental; urgenc -- Vincent Blut Fri, 02 Oct 2020 21:21:08 +0200 +chrony (3.5.1-1ubuntu2) groovy; urgency=medium + + * d/chronyd-starter.sh: fix commandline argument parsing (LP: #1898000) + + -- Christian Ehrhardt Tue, 06 Oct 2020 12:20:40 +0200 + +chrony (3.5.1-1ubuntu1) groovy; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes + - d/t/control: harden time-sources-from-dhcp-servers test for systemd change + (LP: 1873031) [no more needed with recent systemd that is in groovy] + + -- Christian Ehrhardt Wed, 26 Aug 2020 15:30:48 +0200 + chrony (3.5.1-1) unstable; urgency=medium * Import upstream version 3.5.1: @@ -434,6 +708,50 @@ chrony (3.5.1-1) unstable; urgency=mediu -- Vincent Blut Thu, 20 Aug 2020 14:07:22 +0200 +chrony (3.5-9ubuntu2) groovy; urgency=medium + + * No change rebuild against new libnettle8 and libhogweed6 ABI. + + -- Dimitri John Ledkov Mon, 29 Jun 2020 22:22:19 +0100 + +chrony (3.5-9ubuntu1) groovy; urgency=medium + + * Merge with Debian unstable (LP: #1878005). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/t/control: harden time-sources-from-dhcp-servers test for systemd change + (LP: 1873031) + * Dropped changes [in Debian now] + - d/t/upstream-system-tests: stop chrony/systemd-timesynd before tests + - d/t/upstream-system-tests: fix stderr in case services do not exist + - Stop starting systemd-timesyncd in postrm. This is no longer relevant + since systemd-timesyncd is a standalone package declaring + Conflicts/Replaces/Provides: time-daemon. (Closes 955773, LP: 1872183) + - d/postrm: Reinstate the remove target (LP: 1873810) + + -- Christian Ehrhardt Wed, 20 May 2020 09:57:39 +0200 + chrony (3.5-9) unstable; urgency=medium * debian/patches/: @@ -496,6 +814,76 @@ chrony (3.5-7) unstable; urgency=medium -- Vincent Blut Tue, 17 Mar 2020 15:21:53 +0100 +chrony (3.5-6ubuntu6) focal; urgency=medium + + * d/postrm: Reinstate the remove target (LP: #1873810) + + -- Christian Ehrhardt Mon, 20 Apr 2020 15:58:52 +0200 + +chrony (3.5-6ubuntu5) focal; urgency=medium + + * d/t/control: harden time-sources-from-dhcp-servers test for systemd change + (LP: #1873031) + + -- Christian Ehrhardt Wed, 15 Apr 2020 18:23:10 +0200 + +chrony (3.5-6ubuntu4) focal; urgency=medium + + * debian/postrm: + - Stop starting systemd-timesyncd in postrm. This is no longer relevant + since systemd-timesyncd is a standalone package declaring + Conflicts/Replaces/Provides: time-daemon. (Closes 955773, LP: #1872183) + + -- Christian Ehrhardt Wed, 15 Apr 2020 09:01:30 +0200 + +chrony (3.5-6ubuntu3) focal; urgency=medium + + * avoid multiple time services running concurrently (LP: #1870144). + This fixes the autopkgtests vs chrond itself, the issue of concurrent + systemd-timesyncd will be fixed in systemd by (LP 1849156) + - d/t/upstream-system-tests: stop chrony/systemd-timesynd before tests + - d/t/upstream-system-tests: fix stderr in case services do not exist + + -- Christian Ehrhardt Wed, 01 Apr 2020 09:25:45 +0200 + +chrony (3.5-6ubuntu2) focal; urgency=medium + + * fix capsh usage in focal avoiding to always fall back to -x (LP: #1867036) + - d/control: add versioned dependency to libcap2-bin new enough to + support --has-p + - d/chronyd-starter.sh: update capsh usage to use --has-p + + -- Christian Ehrhardt Tue, 31 Mar 2020 10:19:20 +0200 + +chrony (3.5-6ubuntu1) focal; urgency=medium + + * Merge with Debian unstable (LP: #1866753). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + + -- Christian Ehrhardt Thu, 12 Mar 2020 11:02:33 +0100 + chrony (3.5-6) unstable; urgency=medium * debian/chrony.service: @@ -530,6 +918,41 @@ chrony (3.5-6) unstable; urgency=medium -- Vincent Blut Tue, 10 Mar 2020 19:17:16 +0100 +chrony (3.5-5ubuntu1) focal; urgency=medium + + * Merge with Debian unstable (LP: #1859969). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/control: destructive_system_tests only work on amd64 and s390x right + now [fixed by backporting fixes from upstream in 3.5-5 ] + - d/t/upstream-simulation-test-suite: ignore warnings on stderr while + running clksim make + [ in Debian 3.5-5 ] + + -- Christian Ehrhardt Thu, 16 Jan 2020 12:55:32 +0100 + chrony (3.5-5) unstable; urgency=medium * debian/control: @@ -557,6 +980,47 @@ chrony (3.5-5) unstable; urgency=medium -- Vincent Blut Sun, 22 Dec 2019 17:30:40 +0100 +chrony (3.5-4ubuntu2) focal; urgency=medium + + * d/t/control: destructive_system_tests only work on amd64 and s390x right + now + * d/t/upstream-simulation-test-suite: ignore warnings on stderr while + running clksim make + + -- Christian Ehrhardt Tue, 03 Dec 2019 14:50:50 +0100 + +chrony (3.5-4ubuntu1) focal; urgency=medium + + * Merge with Debian unstable (LP: #1854328). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/control: allow stderr for recent changes in resolved/iproute + (LP 1836882) [no more needed] + + -- Christian Ehrhardt Thu, 28 Nov 2019 10:31:36 +0100 + chrony (3.5-4) unstable; urgency=medium * debian/tests/control: @@ -601,6 +1065,52 @@ chrony (3.5-3) unstable; urgency=medium -- Vincent Blut Tue, 13 Aug 2019 17:57:47 +0200 +chrony (3.5-2ubuntu3) focal; urgency=medium + + * No-change rebuild against libnettle7 + + -- Steve Langasek Thu, 31 Oct 2019 22:07:56 +0000 + +chrony (3.5-2ubuntu2) eoan; urgency=medium + + * d/t/control: allow stderr for recent changes in resolved/iproute + (LP: #1836882) + + -- Christian Ehrhardt Wed, 17 Jul 2019 12:41:58 +0200 + +chrony (3.5-2ubuntu1) eoan; urgency=medium + + * Merge with Debian experimental (LP: #1835046). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes (accepted in Debian now): + - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357) + - d/postrm: respect policy-rc.d when restoring systemd-timesyncd + (LP 1771994) + + -- Christian Ehrhardt Tue, 02 Jul 2019 13:37:23 +0200 + chrony (3.5-2) unstable; urgency=medium * Merge branch “experimental” into “master”. @@ -687,6 +1197,56 @@ chrony (3.5~pre1-1) experimental; urgenc -- Vincent Blut Sun, 12 May 2019 22:16:14 +0200 +chrony (3.4-4ubuntu2) eoan; urgency=medium + + * Dropped sysV change added in 3.4-4ubuntu1 (LP: #1829700): + - removed d/init to avoid weird interactions between sysV and systemd + [With debhelper compat level 12 this isn't an issue anymore] + + -- Christian Ehrhardt Wed, 22 May 2019 09:10:41 +0200 + +chrony (3.4-4ubuntu1) eoan; urgency=medium + + * Merge with Debian unstable (LP: #1828992). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357) + - d/postrm: respect policy-rc.d when restoring systemd-timesyncd + (LP 1771994) + * Added Changes: + - removed d/init to avoid weird interactions between sysV and systemd + * Dropped Changes: + - Notify chrony to update sources in response to systemd-networkd + events (LP: 1718227) + + d/links: link dispatcher script to networkd-dispatcher events routable + and off + + d/control: set Recommends to networkd-dispatcher + [Those are in Debian, except that we agreed to have networkd-dispatcher + to only be a Suggests] + + -- Christian Ehrhardt Tue, 14 May 2019 12:49:30 +0200 + chrony (3.4-4) unstable; urgency=medium * debian/patches/*: @@ -763,6 +1323,48 @@ chrony (3.4-2) unstable; urgency=medium -- Vincent Blut Wed, 13 Feb 2019 17:08:17 +0100 +chrony (3.4-1ubuntu1) disco; urgency=medium + + * Merge with Debian unstable (LP: #1802886). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664) + - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off). + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chronyd-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357) + - Notify chrony to update sources in response to systemd-networkd + events (LP: 1718227) + + d/links: link dispatcher script to networkd-dispatcher events routable + and off + + d/control: set Recommends to networkd-dispatcher + * Dropped Changes (upstream): + - d/p/lp-1718227-nm-dispatcher-for-networkd.patch + - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting + the service on newer kernels by falling back to urandom. (LP: 1787366) + * Added Changes: + - d/postrm: respect policy-rc.d when restoring systemd-timesyncd + (LP: #1771994) + + -- Christian Ehrhardt Mon, 12 Nov 2018 11:39:08 +0100 + chrony (3.4-1) unstable; urgency=medium * Import upstream version 3.4: @@ -839,6 +1441,66 @@ chrony (3.3-3) unstable; urgency=medium -- Vincent Blut Sat, 18 Aug 2018 16:23:19 +0200 +chrony (3.3-2ubuntu2) cosmic; urgency=medium + + * - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting + the service on newer kernels by falling back to urandom. + (LP: #1787366, Closes: #906276) + + -- Christian Ehrhardt Thu, 16 Aug 2018 11:48:38 +0200 + +chrony (3.3-2ubuntu1) cosmic; urgency=medium + + * Merge with Debian unstable (LP: #1771061). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664) + - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + - debian/chrony.service: allow the service to run without CAP_SYS_TIME + - debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off). + - debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + - debian/install: make chronyd-starter.sh available on install. + - debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357) + - Notify chrony to update sources in response to systemd-networkd + events (LP: 1718227) + - d/links: link dispatcher script to networkd-dispatcher events routable + and off + - d/control: set Recommends to networkd-dispatcher + - d/p/lp-1718227-nm-dispatcher-for-networkd.patch + * Dropped changes + - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor + (LP: 1751241) (in Debian now) + - debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: 1761327) + (in Debian now) + - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch: + When dropping the root privileges, don't try to keep the CAP_SYS_TIME + capability if the -x option was enabled. This allows chronyd to be + started without the capability (e.g. in containers) and also drop the + root privileges (This is upstream now). + - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch (This is + upstream now). + - d/control: switch to nss instead of tomcrypt (Debian switched to nettle + which is in main, so we can drop this) + * Added changes + - debian/README.container: fix typos + + -- Christian Ehrhardt Mon, 14 May 2018 09:06:01 +0200 + chrony (3.3-2) unstable; urgency=medium * debian/chrony.service: @@ -894,6 +1556,76 @@ chrony (3.2-5) unstable; urgency=medium -- Vincent Blut Wed, 28 Feb 2018 17:31:08 +0100 +chrony (3.2-4ubuntu4) bionic; urgency=medium + + * d/postrm: re-establish systemd-timesyncd on removal (LP: #1764357) + * Notify chrony to update sources in response to systemd-networkd + events (LP: #1718227) + - d/links: link dispatcher script to networkd-dispatcher events routable + and off + - d/control: set Recommends to networkd-dispatcher + - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch + - d/p/lp-1718227-nm-dispatcher-for-networkd.patch + + -- Christian Ehrhardt Mon, 16 Apr 2018 17:04:06 +0200 + +chrony (3.2-4ubuntu3) bionic; urgency=medium + + * debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: #1761327) + + -- Christian Ehrhardt Thu, 05 Apr 2018 09:38:10 +0200 + +chrony (3.2-4ubuntu2) bionic; urgency=medium + + * Set -x as default if unable to set time (e.g. in containers) (LP: #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch: + When dropping the root privileges, don't try to keep the CAP_SYS_TIME + capability if the -x option was enabled. This allows chronyd to be + started without the capability (e.g. in containers) and also drop the + root privileges. + - debian/chrony.service: allow the service to run without CAP_SYS_TIME + - debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off). + - debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + - debian/install: make chronyd-starter.sh available on install. + - debian/docs, debian/README.container: provide documentation about the + handling of this case. + * debian/chrony.conf: update default chrony.conf to not violate the policy + of pool.ntp.org (to use no more than four of their servers) and to provide + more ipv6 capable sources by default (LP: #1754358) + + -- Christian Ehrhardt Fri, 16 Mar 2018 12:25:44 +0100 + +chrony (3.2-4ubuntu1) bionic; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - d/control: switch to nss instead of tomcrypt (nss is in main) + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664) + * Dropped changes (in Debian) + - d/chrony.default, d/chrony.service: support /etc/default/chrony + DAEMON_OPTS in systemd environment (LP: 1746081) + - d/chrony.service: properly start after networking (LP: 1746458) + - d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: 1746444) + * Added Changes: + - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor + (LP: #1751241, Closes: #891201) + + -- Christian Ehrhardt Mon, 26 Feb 2018 14:44:54 +0100 + chrony (3.2-4) unstable; urgency=medium * debian/changelog: @@ -960,6 +1692,27 @@ chrony (3.2-3) unstable; urgency=medium -- Vincent Blut Wed, 07 Feb 2018 21:27:09 +0100 +chrony (3.2-2ubuntu3) bionic; urgency=medium + + * Revert the changes of (LP 1746458) as in the follow on discussion + it became clear that we want it to start early (for example for an + early offset from drift file). iIf needed chrony will later on pick + up that servers are online via retries (augmented by hooks on network + events). + + -- Christian Ehrhardt Thu, 08 Feb 2018 10:52:30 +0100 + +chrony (3.2-2ubuntu2) bionic; urgency=medium + + * d/control: use to nss instead of tomcrypt (in main) (LP: #1744072) + * d/chrony.conf: use ubuntu ntp pool and server (LP: #1744664) + * d/chrony.default, d/chrony.service: support /etc/default/chrony + DAEMON_OPTS in systemd environment (LP: #1746081) + * d/chrony.service: properly start after networking (LP: #1746458) + * d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: #1746444) + + -- Christian Ehrhardt Fri, 19 Jan 2018 09:45:38 +0100 + chrony (3.2-2) unstable; urgency=medium * Initial AppArmor profile for chronyd. Thanks to Jamie diff -pruN 4.2-2/debian/chrony.conf 4.2-2ubuntu2/debian/chrony.conf --- 4.2-2/debian/chrony.conf 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/chrony.conf 2022-02-08 03:35:04.000000000 +0000 @@ -4,8 +4,23 @@ # Include configuration files found in /etc/chrony/conf.d. confdir /etc/chrony/conf.d -# Use Debian vendor zone. -pool 2.debian.pool.ntp.org iburst +# This will use (up to): +# - 4 sources from ntp.ubuntu.com which some are ipv6 enabled +# - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well +# - 1 source from [01].ubuntu.pool.ntp.org each (ipv4 only atm) +# This means by default, up to 6 dual-stack and up to 2 additional IPv4-only +# sources will be used. +# At the same time it retains some protection against one of the entries being +# down (compare to just using one of the lines). See (LP: #1754358) for the +# discussion. +# +# About using servers from the NTP Pool Project in general see (LP: #104525). +# Approved by Ubuntu Technical Board on 2011-02-08. +# See http://www.pool.ntp.org/join.html for more information. +pool ntp.ubuntu.com iburst maxsources 4 +pool 0.ubuntu.pool.ntp.org iburst maxsources 1 +pool 1.ubuntu.pool.ntp.org iburst maxsources 1 +pool 2.ubuntu.pool.ntp.org iburst maxsources 2 # Use time sources from DHCP. sourcedir /run/chrony-dhcp diff -pruN 4.2-2/debian/chrony.default 4.2-2ubuntu2/debian/chrony.default --- 4.2-2/debian/chrony.default 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/chrony.default 2022-02-08 03:35:04.000000000 +0000 @@ -4,3 +4,7 @@ # Options to pass to chrony. DAEMON_OPTS="-F 1" + +# Sync system clock in containers or without CAP_SYS_TIME (likely to fail) +# See /usr/share/doc/chrony/README.container for details. +SYNC_IN_CONTAINER="no" diff -pruN 4.2-2/debian/chronyd-starter.sh 4.2-2ubuntu2/debian/chronyd-starter.sh --- 4.2-2/debian/chronyd-starter.sh 1970-01-01 00:00:00.000000000 +0000 +++ 4.2-2ubuntu2/debian/chronyd-starter.sh 2022-02-08 03:35:04.000000000 +0000 @@ -0,0 +1,68 @@ +#!/bin/sh +set -ue + +CONF="/etc/default/chrony" +DOC="/usr/share/doc/chrony/README.container" +CAP="cap_sys_time" +CMD="/usr/sbin/chronyd" +# Take any args passed, use none if nothing was specified +EFFECTIVE_DAEMON_OPTS=${@:-""} + +if [ -f "${CONF}" ]; then + . "${CONF}" +else + echo "<4>Warning: ${CONF} is missing" +fi +# take from conffile if available, default to no otherwise +EFFECTIVE_SYNC_IN_CONTAINER=${SYNC_IN_CONTAINER:-"no"} + +if [ ! -x "${CMD}" ]; then + echo "<3>Error: ${CMD} not executable" + # ugly, but works around https://github.com/systemd/systemd/issues/2913 + sleep 0.1 + exit 1 +fi + +# Check if -x is already set manually, don't process further if that is the case +X_SET=0 +for arg in $@; do + if echo "$arg" | grep -q -e '^-[a-zA-Z0-9]*x'; then + X_SET=1 + fi +done + +if [ ${X_SET} -ne 1 ]; then + # Assume it is not in a container + IS_CONTAINER=0 + if [ -x /usr/bin/systemd-detect-virt ]; then + if /usr/bin/systemd-detect-virt --quiet --container; then + IS_CONTAINER=1 + fi + fi + + + # Assume it has the cap + HAS_CAP=1 + CAPSH="/sbin/capsh" + if [ -x "${CAPSH}" ]; then + ${CAPSH} --has-p="${CAP}" || HAS_CAP=0 + fi + + if [ ${HAS_CAP} -eq 0 ]; then + echo "<4>Warning: Missing ${CAP}, syncing the system clock will fail" + fi + if [ ${IS_CONTAINER} -eq 1 ]; then + echo "<4>Warning: Running in a container, likely impossible and unintended to sync system clock" + fi + + if [ ${HAS_CAP} -eq 0 -o ${IS_CONTAINER} -eq 1 ]; then + if [ "${EFFECTIVE_SYNC_IN_CONTAINER}" != "yes" ]; then + echo "<5>Adding -x as fallback disabling control of the system clock, see ${DOC} to override this behavior" + EFFECTIVE_DAEMON_OPTS="${EFFECTIVE_DAEMON_OPTS} -x" + else + echo "<5>Not falling back to disable control of the system clock, see ${DOC} to change this behavior" + fi + fi +fi + +${CMD} ${EFFECTIVE_DAEMON_OPTS} diff -pruN 4.2-2/debian/chrony.service 4.2-2ubuntu2/debian/chrony.service --- 4.2-2/debian/chrony.service 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/chrony.service 2022-02-08 03:35:04.000000000 +0000 @@ -5,13 +5,12 @@ Conflicts=openntpd.service ntp.service n Wants=time-sync.target Before=time-sync.target After=network.target -ConditionCapability=CAP_SYS_TIME [Service] Type=forking PIDFile=/run/chrony/chronyd.pid EnvironmentFile=-/etc/default/chrony -ExecStart=/usr/sbin/chronyd $DAEMON_OPTS +ExecStart=/usr/lib/systemd/scripts/chronyd-starter.sh $DAEMON_OPTS CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_KILL CAP_LEASE CAP_LINUX_IMMUTABLE diff -pruN 4.2-2/debian/control 4.2-2ubuntu2/debian/control --- 4.2-2/debian/control 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/control 2022-02-08 03:35:04.000000000 +0000 @@ -1,7 +1,8 @@ Source: chrony Section: net Priority: optional -Maintainer: Vincent Blut +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Vincent Blut Standards-Version: 4.6.0 Build-Depends: asciidoctor, bison, @@ -27,6 +28,7 @@ Architecture: linux-any Pre-Depends: ${misc:Pre-Depends} Depends: adduser, iproute2 [linux-any], + libcap2-bin (>= 1:2.32-1), tzdata, ucf, ${misc:Depends}, diff -pruN 4.2-2/debian/docs 4.2-2ubuntu2/debian/docs --- 4.2-2/debian/docs 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/docs 2022-02-08 03:35:04.000000000 +0000 @@ -1,3 +1,4 @@ FAQ NEWS README +debian/README.container diff -pruN 4.2-2/debian/install 4.2-2ubuntu2/debian/install --- 4.2-2/debian/install 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/install 2022-02-08 03:35:04.000000000 +0000 @@ -5,3 +5,4 @@ debian/conf.d etc/chrony debian/ntp-units.d/50-chrony.list usr/lib/systemd/ntp-units.d debian/sources.d etc/chrony debian/usr.sbin.chronyd etc/apparmor.d +debian/chronyd-starter.sh usr/lib/systemd/scripts/ diff -pruN 4.2-2/debian/patches/add-rseq.patch 4.2-2ubuntu2/debian/patches/add-rseq.patch --- 4.2-2/debian/patches/add-rseq.patch 1970-01-01 00:00:00.000000000 +0000 +++ 4.2-2ubuntu2/debian/patches/add-rseq.patch 2022-02-08 03:47:55.000000000 +0000 @@ -0,0 +1,12 @@ +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -601,6 +601,9 @@ + SCMP_SYS(getrandom), + SCMP_SYS(sysinfo), + SCMP_SYS(uname), ++#ifdef __NR_rseq ++ SCMP_SYS(rseq), ++#endif + }; + + const int denied_any[] = { diff -pruN 4.2-2/debian/patches/series 4.2-2ubuntu2/debian/patches/series --- 4.2-2/debian/patches/series 2022-02-01 19:42:35.000000000 +0000 +++ 4.2-2ubuntu2/debian/patches/series 2022-02-08 03:47:02.000000000 +0000 @@ -1,2 +1,3 @@ ensure_awk_commands_in_008-ntpera_test_return_an_integer.patch nm-dispatcher-dhcp_Move-server_dir-to-run.patch +add-rseq.patch diff -pruN 4.2-2/debian/README.container 4.2-2ubuntu2/debian/README.container --- 4.2-2/debian/README.container 1970-01-01 00:00:00.000000000 +0000 +++ 4.2-2ubuntu2/debian/README.container 2022-02-08 03:35:04.000000000 +0000 @@ -0,0 +1,60 @@ +Chrony in Containers +-------------------- + +Currently in 99.9+% of the cases syncing the local clock in a container +is wrong. Most of the time it will be unable to do so, because it is lacking +CAP_SYS_TIME. Or worse, if the CAP_SYS_TIME privilege is granted, multiple +containers could fight over the system's time, because the Linux kernel does +not provide time namespaces (yet). + +There are two things a user installing chrony usually wants: +1. synchronize my time (NTP client) +2. serve NTP (NTP server) + +In a container the first makes (usually) no sense, so by default we enable -x +there (as it would only crash otherwise). +This will disable the control of the system clock. +See `man chronyd` for more details on the -x option. + +Formerly, the check for Condition=CAP_SYS_TIME in the systemd service avoided +the crash of the NTP client portion, but that means the server use case will +not work by default in containers. It is still not recommended to use a +container as an NTP server, but if the host clock is synchronised via NTP, +adding the -x option to chronyd instances running in containers will allow +them to function as NTP servers which do not adjust the system clock. +The Condition=CAP_SYS_TIME check was a silent, no-log-entry stealing away +leaving users often unclear what happened - especially if they were more after +the NTP server than the NTP client. + +One could argue that someone who installs chrony expects the system time to be +synchronised, so it should fail if it is not able to do so. On the other hand +it could be argued that someone who installs chrony expects time to be served +over the network via NTP. +We can't know which expectation is applicable, so we assume that time should +be synchronised unless chronyd is running in a container (or is without +CAP_SYS_TIME in any other environment). + +To make things worse recent container implementations will offer CAP_SYS_TIME +to the container. Since from the container's point of view, this capability is +available for the container's user namespace. Just later on adjtimex and similar +are actually evaluated against the host kernel where they will fail. Due to +that without further precaution running chrony in Ubuntu in the future will +likely have the service start (as Condition=CAP_SYS_TIME will be true) but +then immediately fail. +This will depend on the environment e.g. versions and types of containers and +thereby feel just 'unreliable' from users point of view. +Furthermore it will affect upgrades as the service has to be restarted for a +package upgrade to be considered complete. + +Due to all of that Ubuntu decided (LP: #1589780) to default to -x (do not +set the system clock) in containers. + +If one really wants to (try to) sync time in a container or CAP_SYS_TIME-less +environment set SYNC_IN_CONTAINER="yes" in /etc/default/chrony to disable +this special handling. + +It is important to mention that as soon as upstream provides a way to provide +a default config working in those cases Ubuntu intends to use that and drop +the current workaround. + + -- Christian Ehrhardt Fri, 16 Mar 2018 12:25:44 +0100