diff -pruN 4.7-1/debian/NEWS 4.7-1ubuntu3/debian/NEWS --- 4.7-1/debian/NEWS 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/NEWS 2025-11-25 19:12:26.000000000 +0000 @@ -1,3 +1,43 @@ +chrony (4.5-3ubuntu4) plucky; urgency=medium + + Starting with version 4.5-3ubuntu4, chrony will ship with a default + configuration set to use Ubuntu NTS servers by default. + + The two main changes are: + + a) NTS/KE uses a separate port (4460/tcp) to negotiate security parameters, + which are then used via the normal NTP port (123/udp). This is a new + deployment, running on different IP addresses than the service without NTS. + + b) A new CA is installed in /etc/chrony/nts-bootstrap-ubuntu.crt that is + used specifically for the Ubuntu NTS bootstrap server, needed for when the + clock is too far off. This is added to certificate set ID "1", and defined + via /etc/chrony/conf.d/ubuntu-nts.conf. There is also a staging CA shipped + with the package, but it's not referred to anywhere and is just there as a + convenience for testing the staging servers. + + If your network does not allow access to the Ubuntu NTS servers and the + required ports, and the new configuration is in place, chrony will not be + able to adjust this system's clock. To revert to NTP, just edit the + configuration file in /etc/chrony/sources.d/ubuntu-ntp-pools.sources and + revert to using the listed NTP servers in favor of the NTS ones. Or revert + to your previous copy of that configuration file. + + -- Andreas Hasenack Fri, 11 Oct 2024 13:31:00 -0300 + +chrony (4.5-3ubuntu2) oracular; urgency=medium + + Starting with chrony version 4.5-3ubuntu2 the default time sources are + configured by default in the /etc/chrony/sources.d/ubuntu-ntp-pools.sources + file. + Setting the chrony/configure_ubuntu_pools_in_sourcesd debconf key to "false", + either via pre-seeding or dpkg-reconfigure, will result in the package being + installed without any time sources configured. With this setting, in the case + of an upgrade, if /etc/chrony/sources.d/ubuntu-ntp-pools.sources exists, it + will be removed and subsequent upgrades will not recreate it. + + -- Ankush Pathak Tue, 16 Jul 2024 17:57:41 -0600 + chrony (4.1~pre1-1) experimental; urgency=medium Starting with chrony 4.0, it is possible to specify NTP sources in files diff -pruN 4.7-1/debian/README.container 4.7-1ubuntu3/debian/README.container --- 4.7-1/debian/README.container 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/README.container 2025-11-24 18:52:21.000000000 +0000 @@ -0,0 +1,72 @@ +Chrony in Containers +-------------------- + +Currently in 99.9+% of the cases syncing the local clock in a container +is wrong. Most of the time it will be unable to do so, because it is lacking +CAP_SYS_TIME. Or worse, if the CAP_SYS_TIME privilege is granted, multiple +containers could fight over the system's time, because the Linux kernel does +not provide time namespaces (yet). + +There are two things a user installing chrony usually wants: +1. synchronize my time (NTP client) +2. serve NTP (NTP server) + +In a container the first makes (usually) no sense, so by default we enable -x +there (as it would only crash otherwise). +This will disable the control of the system clock. +See `man chronyd` for more details on the -x option. + +Formerly, the check for Condition=CAP_SYS_TIME in the systemd service avoided +the crash of the NTP client portion, but that means the server use case will +not work by default in containers. It is still not recommended to use a +container as an NTP server, but if the host clock is synchronised via NTP, +adding the -x option to chronyd instances running in containers will allow +them to function as NTP servers which do not adjust the system clock. +The Condition=CAP_SYS_TIME check was a silent, no-log-entry stealing away +leaving users often unclear what happened - especially if they were more after +the NTP server than the NTP client. + +One could argue that someone who installs chrony expects the system time to be +synchronised, so it should fail if it is not able to do so. On the other hand +it could be argued that someone who installs chrony expects time to be served +over the network via NTP. +We can't know which expectation is applicable, so we assume that time should +be synchronised unless chronyd is running in a container (or is without +CAP_SYS_TIME in any other environment). + +To make things worse recent container implementations will offer CAP_SYS_TIME +to the container. Since from the container's point of view, this capability is +available for the container's user namespace. Just later on adjtimex and similar +are actually evaluated against the host kernel where they will fail. Due to +that without further precaution running chrony in Ubuntu in the future will +likely have the service start (as Condition=CAP_SYS_TIME will be true) but +then immediately fail. +This will depend on the environment e.g. versions and types of containers and +thereby feel just 'unreliable' from users point of view. +Furthermore it will affect upgrades as the service has to be restarted for a +package upgrade to be considered complete. + +Due to all of that Ubuntu decided (LP: #1589780) to default to -x (do not +set the system clock) in containers. + +If one really wants to (try to) sync time in a container or CAP_SYS_TIME-less +environment set SYNC_IN_CONTAINER="yes" in /etc/default/chrony to disable +this special handling. + +It is important to mention that as soon as upstream provides a way to provide +a default config working in those cases Ubuntu intends to use that and drop +the current workaround. + + -- Christian Ehrhardt Fri, 16 Mar 2018 12:25:44 +0100 + + +In addition to the above mentioned SYNC_IN_CONTAINER="yes" enablement one also +needs to disable the "ConditionVirtualization=!container" check in +chrony.service (LP: #2111535), e.g. by placing an override config in +/etc/systemd/system/chrony.service.d/10-container.conf: +``` +[Unit] +ConditionVirtualization= +``` + + -- Lukas Märdian Mon, 02 Jun 2025 11:31:37 +0200 diff -pruN 4.7-1/debian/changelog 4.7-1ubuntu3/debian/changelog --- 4.7-1/debian/changelog 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/changelog 2025-11-25 19:22:57.000000000 +0000 @@ -1,3 +1,86 @@ +chrony (4.7-1ubuntu3) resolute; urgency=medium + + * configure: switch sed separator from % to # to cope with dpkg + + -- Nick Rosbrook Tue, 25 Nov 2025 14:22:57 -0500 + +chrony (4.7-1ubuntu2) resolute; urgency=medium + + * d/control: Recommends: networkd-dispatcher (LP: #2132159) + This package ships networkd-dispatcher scripts. Directly declare a + Recommends: networkd-dispatcher instead of relying on systemd to do so. + + -- Nick Rosbrook Mon, 24 Nov 2025 08:49:04 -0500 + +chrony (4.7-1ubuntu1) questing; urgency=medium + + * Merge with Debian experimental. Remaining changes: (LP: #2110435) + - Set -x as default if unable to set time (e.g. in containers) (LP #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + d/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + d/chrony.default: new option SYNC_IN_CONTAINER to not fall + back (Default off) + + d/chronyd-starter.sh: wrapper to handle special cases in + containers and if CAP_SYS_TIME is missing. Effectively allows + running the NTP server in containers on a default installation + and avoid failing to sync time (or if allowed to sync, avoid + multiple containers fighting over it by accident). + + d/install: Make chrony-starter.sh available on install. + + d/docs, d/README.container: Provide documentation about the + handling of this case. + - d/rules, d/chrony.examples: Ship restricted service as an example + not installed to the system for use. (See LP #2051028) + - d/chrony.conf: remove Debian NTP pool + - Install Ubuntu NTP sources in + /etc/chrony/sources.d/ubuntu-ntp-pools.sources, gated on a low priority + (default yes) debconf question (LP #2048876): + + d/templates: Add debconf question to customize installation of + /etc/chrony/sources.d/ubuntu-ntp-pools.sources + + d/install, d/ubuntu-ntp-pools.sources: Install ubuntu-ntp-pools.sources + in /usr/share/chrony + + d/control: add dependency on debconf + + d/postinst: handle Ubuntu pools via debconf and ucf + + d/postrm: handle Ubuntu pools via debconf and ucf + + d/NEWS: Add information about default time sources moving out from + chrony.conf to /etc/chrony/sources.d/ubuntu-ntp-pools.sources. + + d/chrony.config: debconf script to handle Ubuntu pools + + d/t/control, d/t/default-ubuntu-sources-behavior: new test to check the + debconf behavior + - Use Ubuntu NTS servers by default (LP #2084585): + + d/conf.d/ubuntu-nts.conf: refer to the CA used to sign the NTS bootstrap + server + + d/nts-bootstrap-{,staging}-ubuntu.crt: CA certificate for the NTS + bootstrap servers + + d/install: install the NTS bootstrap CAs + + d/ubuntu-ntp-pools.sources: use NTS by default + + d/t/default-ubuntu-sources-behavior: update tests for NTS support + + d/NEWS: add news entry about the NTS change + * Drop Changes: + - d/t/helper-functions: Do not fail if backup does not exist + [Fixed in 4.7-1] + - d/tests: Clean up after __no_system_clock_control() + [Fixed in 4.7-1] + - d/chrony.service: Do not run inside containers by default (LP 2111535) + [Fixed in 4.7-1] + - d/t/default-ubuntu-sources-behavior: Adopt to upstream container handling. + [Squashed into "new test to check the debconf behavior"] + * Add Changes: + - d/chrony.service: Allow real chronyd to send READY=1 via sd_notify in + place of the chronyd-starter.sh wrapper. + - d/usr.sbin.chronyd: Grant access to NOTIFY_SOCKET in AppArmor profile. + - d/chrony.conf: Document non-NTS sources from DHCP (LP: #2115565) + + -- Lukas Märdian Mon, 30 Jun 2025 13:26:18 +0200 + chrony (4.7-1) experimental; urgency=medium [ Vincent Blut ] @@ -87,6 +170,72 @@ chrony (4.6.1-2) unstable; urgency=mediu -- Vincent Blut Wed, 02 Apr 2025 21:33:06 +0200 +chrony (4.6.1-1ubuntu2) questing; urgency=medium + + * d/chrony.service: Do not run inside containers by default (LP: #2111535) + Still allow running tests in containers, by installing override + configs in /etc/systemd/system/chrony.service.d/ + * d/tests: Clean up after __no_system_clock_control() + * d/t/helper-functions: Do not fail if backup does not exist + * d/t/default-ubuntu-sources-behavior: Adopt to upstream container handling. + + -- Lukas Märdian Tue, 03 Jun 2025 10:13:08 +0200 + +chrony (4.6.1-1ubuntu1) plucky; urgency=medium + + * Merge with Debian unstable (LP: #2085221). Remaining changes: + - Set -x as default if unable to set time (e.g. in containers) (LP #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + d/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + d/chrony.default: new option SYNC_IN_CONTAINER to not fall + back (Default off) + + d/chronyd-starter.sh: wrapper to handle special cases in + containers and if CAP_SYS_TIME is missing. Effectively allows + running the NTP server in containers on a default installation + and avoid failing to sync time (or if allowed to sync, avoid + multiple containers fighting over it by accident). + + d/install: Make chrony-starter.sh available on install. + + d/docs, d/README.container: Provide documentation about the + handling of this case. + - d/rules, d/chrony.examples: Ship restricted service as an example + not installed to the system for use. (See LP #2051028) + - d/chrony.conf: remove Debian NTP pool + - Install Ubuntu NTP sources in + /etc/chrony/sources.d/ubuntu-ntp-pools.sources, gated on a low priority + (default yes) debconf question (LP #2048876): + + d/templates: Add debconf question to customize installation of + /etc/chrony/sources.d/ubuntu-ntp-pools.sources + + d/install, d/ubuntu-ntp-pools.sources: Install ubuntu-ntp-pools.sources + in /usr/share/chrony + + d/control: add dependency on debconf + + d/postinst: handle Ubuntu pools via debconf and ucf + + d/postrm: handle Ubuntu pools via debconf and ucf + + d/NEWS: Add information about default time sources moving out from + chrony.conf to /etc/chrony/sources.d/ubuntu-ntp-pools.sources. + + d/chrony.config: debconf script to handle Ubuntu pools + + d/t/control, d/t/default-ubuntu-sources-behavior: new test to check the + debconf behavior + - Use Ubuntu NTS servers by default (LP #2084585): + + d/conf.d/ubuntu-nts.conf: refer to the CA used to sign the NTS bootstrap + server + + d/nts-bootstrap-{,staging}-ubuntu.crt: CA certificate for the NTS + bootstrap servers + + d/install: install the NTS bootstrap CAs + + d/ubuntu-ntp-pools.sources: use NTS by default + + d/t/default-ubuntu-sources-behavior: update tests for NTS support + + d/NEWS: add news entry about the NTS change + + -- Andreas Hasenack Thu, 23 Jan 2025 10:35:08 -0300 + chrony (4.6.1-1) unstable; urgency=medium * Import upstream version 4.6.1: @@ -134,6 +283,87 @@ chrony (4.6~pre1-1) experimental; urgenc -- Vincent Blut Tue, 30 Jul 2024 15:01:19 +0200 +chrony (4.5-3ubuntu4) plucky; urgency=medium + + * Use Ubuntu NTS servers by default (LP: #2084585): + - d/conf.d/ubuntu-nts.conf: refer to the CA used to sign the NTS bootstrap + server + - d/nts-bootstrap-{,staging}-ubuntu.crt: CA certificate for the NTS + bootstrap servers + - d/install: install the NTS bootstrap CAs + - d/ubuntu-ntp-pools.sources: use NTS by default + - d/t/default-ubuntu-sources-behavior: update tests for NTS support + - d/NEWS: add news entry about the NTS change + + -- Andreas Hasenack Thu, 17 Oct 2024 10:25:57 -0300 + +chrony (4.5-3ubuntu3) oracular; urgency=medium + + * d/t/control, d/t/default-ubuntu-sources-behavior: new test to check the + debconf behavior introduced in LP #2048876) + + -- Andreas Hasenack Mon, 02 Sep 2024 16:37:40 -0300 + +chrony (4.5-3ubuntu2) oracular; urgency=medium + * Move Ubuntu NTP sources to /etc/chrony/sources.d/ubuntu-ntp-pools.sources, + gated on a low priority (default yes) debconf question (LP: #2048876): + - d/NEWS: Add entry with information about default time sources moving out + from chrony.conf to /etc/chrony/sources.d/ubuntu-ntp-pools.sources. + - d/chrony.conf, d/ubuntu-ntp-pools.sources: Move Ubuntu NTP pool sources + from chrony.conf to ubuntu-ntp-pools.sources + - d/chrony.config: Ask chrony/configure_ubuntu_pools_in_sourcesd debconf + question. + - d/control: Add debconf dependency. + - d/install: Install ubuntu-ntp-pools.sources in /usr/share/chrony + - d/postinst: Handle ubuntu-ntp-pools.sources installation, removal and + ucf tracking based on debconf question. + - d/postrm: Handle /etc/chrony/sources.d/ubuntu-ntp-pools.sources removal + from ucf tracking based on debconf question on uninstall. + - d/templates: Add debconf question to customize installation of + /etc/chrony/sources.d/ubuntu-ntp-pools.sources. + + -- Ankush Pathak Thu, 15 Aug 2024 00:03:08 +0530 + +chrony (4.5-3ubuntu1) oracular; urgency=medium + + * Merge with Debian unstable (LP: #2064393, LP: #2068526). Remaining + changes: + - d/chrony.conf: Use ubuntu ntp pool and server. + (LP #1744664, #1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + d/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + d/chrony.default: new option SYNC_IN_CONTAINER to not fall + back (Default off) + + d/chronyd-starter.sh: wrapper to handle special cases in + containers and if CAP_SYS_TIME is missing. Effectively allows + running the NTP server in containers on a default installation + and avoid failing to sync time (or if allowed to sync, avoid + multiple containers fighting over it by accident). + + d/install: Make chrony-starter.sh available on install. + + d/docs, d/README.container: Provide documentation about the + handling of this case. + - d/rules, d/chrony.examples: Ship restricted service as an example + not installed to the system for use. (See LP #2051028) + * Dropped: + - d/usr.sbin.chronyd: apparmor fixes (LP: #2032805): + + Allow the default UNIX domain socket address to be used by the + reflock_sock service in the Apport configuration. + + Fix failure to start timemaster due to lack of rw permissions on + chrony socket. + [In 4.5-2 and 4.5-3] + + -- Andreas Hasenack Tue, 02 Jul 2024 15:57:20 -0300 + chrony (4.5-3) unstable; urgency=medium * debian/upstream-simulation-test-suite: @@ -172,6 +402,65 @@ chrony (4.5-2) unstable; urgency=medium -- Vincent Blut Thu, 25 Apr 2024 15:52:18 +0200 +chrony (4.5-1ubuntu4) noble; urgency=medium + + * d/usr.sbin.chronyd: Fix failure to start timemaster due to lack + of rw permissions on chrony socket. + (LP: #2032805) + * d/usr.sbin.chronyd: Allow the default UNIX domain socket address + to be used by the reflock_sock service in the Apport configuration. + (ref LP #2032805) + + -- Bryce Harrington Mon, 01 Apr 2024 18:28:32 -0700 + +chrony (4.5-1ubuntu3) noble; urgency=medium + + * No-change rebuild for CVE-2024-3094 + + -- William Grant Mon, 01 Apr 2024 16:38:10 +1100 + +chrony (4.5-1ubuntu2) noble; urgency=medium + + * No-change rebuild against libgnutls30t64 + + -- Steve Langasek Sun, 10 Mar 2024 02:02:48 +0000 + +chrony (4.5-1ubuntu1) noble; urgency=medium + + * Merge with Debian unstable (LP: #2040371). Remaining changes: + - d/chrony.conf: Use ubuntu ntp pool and server. + (LP #1744664, #1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + d/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + d/chrony.default: new option SYNC_IN_CONTAINER to not fall + back (Default off) + + d/chronyd-starter.sh: wrapper to handle special cases in + containers and if CAP_SYS_TIME is missing. Effectively allows + running the NTP server in containers on a default installation + and avoid failing to sync time (or if allowed to sync, avoid + multiple containers fighting over it by accident). + + d/install: Make chrony-starter.sh available on install. + + d/docs, d/README.container: Provide documentation about the + handling of this case. + * Dropped: + - Depend on tzdata-legacy for reading leapsectz from + /usr/share/zoneinfo/right/UTC + (LP #2008076) + * d/rules, d/chrony.examples: Ship restricted service as an example + not installed to the system for use. (See LP #2051028) + + -- Bryce Harrington Tue, 02 Jan 2024 00:45:01 -0800 + chrony (4.5-1) unstable; urgency=medium * Import upstream version 4.5: @@ -285,6 +574,39 @@ chrony (4.3-2+deb12u1) unstable; urgency -- Vincent Blut Mon, 08 May 2023 22:05:00 +0200 +chrony (4.3-2ubuntu1) mantic; urgency=medium + + * Merge with Debian unstable (LP: #2018062). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server + (LP #1744664, #1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + d/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + d/chrony.default: new option SYNC_IN_CONTAINER to not fall + back (Default off) + + d/chronyd-starter.sh: wrapper to handle special cases in + containers and if CAP_SYS_TIME is missing. Effectively allows + running the NTP server in containers on a default installation + and avoid failing to sync time (or if allowed to sync, avoid + multiple containers fighting over it by accident). + + d/install: make chrony-starter.sh available on install. + + d/docs, d/README.container: provide documentation about the + handling of this case. + - Depend on tzdata-legacy for reading leapsectz from + /usr/share/zoneinfo/right/UTC + (LP #2008076) + + -- Bryce Harrington Mon, 08 May 2023 22:15:26 -0700 + chrony (4.3-2) unstable; urgency=medium * debian/control: @@ -319,6 +641,60 @@ chrony (4.3-2) unstable; urgency=medium -- Vincent Blut Fri, 27 Jan 2023 22:51:17 +0100 +chrony (4.3-1ubuntu4) lunar; urgency=medium + + * Let upstream-simulation-test-suite depend on tzdata-legacy as well + (LP: #2008076) + + -- Benjamin Drung Wed, 15 Mar 2023 15:42:10 +0100 + +chrony (4.3-1ubuntu3) lunar; urgency=medium + + * Depend on tzdata-legacy for reading leapsectz from + /usr/share/zoneinfo/right/UTC (LP: #2008076) + + -- Benjamin Drung Wed, 15 Mar 2023 09:26:25 +0100 + +chrony (4.3-1ubuntu2) lunar; urgency=medium + + * No-change rebuild for glibc 2.37 + + -- Bryce Harrington Thu, 09 Feb 2023 07:26:02 +0000 + +chrony (4.3-1ubuntu1) lunar; urgency=medium + + * Merge with Debian unstable (LP: #1993389). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server + (LP #1744664, #1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for + capsh (usually installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall + back (Default off) + + debian/chronyd-starter.sh: wrapper to handle special cases in + containers and if CAP_SYS_TIME is missing. Effectively allows + running the NTP server in containers on a default installation + and avoid failing to sync time (or if allowed to sync, avoid + multiple containers fighting over it by accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation + about the handling of this case. + * Dropped: + - d/patches/add-rseq.patch: Add "rseq" to list of acceptable syscalls to fix + tests with glibc 2.35. + [Included in upstream 4.3 release] + + -- Bryce Harrington Mon, 09 Jan 2023 19:41:47 -0800 + chrony (4.3-1) unstable; urgency=medium * Import upstream version 4.3: @@ -354,6 +730,49 @@ chrony (4.3~pre1-1) experimental; urgenc -- Vincent Blut Thu, 11 Aug 2022 14:12:25 +0200 +chrony (4.2-2ubuntu2) jammy; urgency=medium + + * d/patches/add-rseq.patch: Add "rseq" to list of acceptable syscalls to fix + tests with glibc 2.35. + + -- Michael Hudson-Doyle Tue, 08 Feb 2022 16:48:09 +1300 + +chrony (4.2-2ubuntu1) jammy; urgency=medium + + * Merge with Debian unstable. Remaining changes: + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes [ in 4.2-1 ] + - Drop patches present in v4.2 + + d/p/allow-clone3-and-pread64-in-seccomp-filter.patch + + d/p/fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch + + d/p/lp-1940252-rtc-avoid-printing-and-scanning-time_t.patch + - d/t/upstream-simulation-test-suite: bump to the matching clknetsim + + -- Christian Ehrhardt Fri, 04 Feb 2022 07:52:48 +0100 + chrony (4.2-2) unstable; urgency=medium * debian/usr.sbin.chronyd: @@ -382,6 +801,42 @@ chrony (4.2-1) unstable; urgency=medium -- Vincent Blut Thu, 13 Jan 2022 14:01:35 +0100 +chrony (4.2-0ubuntu1) jammy; urgency=medium + + * Merge with Debian testing (LP: #1946848) and upstream v4.2. + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Drop patches present in v4.2 + - d/p/allow-clone3-and-pread64-in-seccomp-filter.patch + - d/p/fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch + - d/p/lp-1940252-rtc-avoid-printing-and-scanning-time_t.patch + * Added changes: + - d/t/upstream-simulation-test-suite: bump to the matching clknetsim + + -- Christian Ehrhardt Thu, 06 Jan 2022 14:51:22 +0100 + chrony (4.1-4) unstable; urgency=medium * debian/: @@ -404,6 +859,41 @@ chrony (4.1-4) unstable; urgency=medium -- Vincent Blut Thu, 07 Oct 2021 15:23:28 +0200 +chrony (4.1-3ubuntu1) impish; urgency=medium + + * Merge with Debian unstable (LP: #1940252). Remaining changes: + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/helper-functions: restart explicitly to fix test issues + * Added changes: + - d/p/lp-1940252-rtc-avoid-printing-and-scanning-time_t.patch: glibc 2.34 + compatibility + + -- Christian Ehrhardt Tue, 17 Aug 2021 12:22:32 +0200 + chrony (4.1-3) unstable; urgency=medium * Upload to unstable. @@ -434,6 +924,51 @@ chrony (4.1-2) experimental; urgency=med -- Vincent Blut Sat, 26 Jun 2021 17:16:45 +0200 +chrony (4.1-1ubuntu1) impish; urgency=medium + + * Merge new upstream 4.1 and yet unrelased changes from Debian salsa. + Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/helper-functions: reduce default ubuntu config, to make space for + testcase config + [ in Debian 4.0-6 ] + - d/t/{dynamically-add-source,ntp-server-and-nts-auth,helper-functions}: + unify tests to use reload and restart + [ in Debian 4.0-6 ] + - d/t/upstream-simulation-test-suite: Update clknetsim version to fix + a test failure on s390x when LTO is enabled at build time (LP #1921377) + [ in Debian 4.1~pre1-1 ] + - d/p/lp-1915006-sys_linux-allow-statx-and-fstatat64-in-seccomp-filte.patch: + add compatibility for glibc 2.33 (LP: 1915006) + [ upstream in 4.1-pre1 ] + * Added changes: + - d/t/helper-functions: restart explicitly to fix test issues + + -- Christian Ehrhardt Tue, 18 May 2021 08:12:59 +0200 + chrony (4.1-1) experimental; urgency=medium * Import upstream version 4.1: @@ -524,6 +1059,54 @@ chrony (4.0-6) unstable; urgency=medium -- Vincent Blut Sun, 21 Feb 2021 21:59:22 +0100 +chrony (4.0-5ubuntu3) hirsute; urgency=medium + + * d/t/upstream-simulation-test-suite: Update clknetsim version to fix + a test failure on s390x when LTO is enabled at build time (LP: #1921377) + + -- Christian Ehrhardt Thu, 25 Mar 2021 15:45:47 +0100 + +chrony (4.0-5ubuntu2) hirsute; urgency=medium + + * d/p/lp-1915006-sys_linux-allow-statx-and-fstatat64-in-seccomp-filte.patch: + add compatibility for glibc 2.33 (LP: 1915006) + + -- Christian Ehrhardt Mon, 15 Feb 2021 12:50:29 +0100 + +chrony (4.0-5ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable (LP: #1915006). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Added changes: + - d/t/helper-functions: reduce default ubuntu config, to make space for + testcase config + - d/t/{dynamically-add-source,ntp-server-and-nts-auth,helper-functions}: + unify tests to use reload and restart + + -- Christian Ehrhardt Mon, 08 Feb 2021 12:45:05 +0100 + chrony (4.0-5) unstable; urgency=medium * Follow DEP-14 branch naming conventions: @@ -640,6 +1223,35 @@ chrony (4.0-3) unstable; urgency=medium -- Vincent Blut Mon, 18 Jan 2021 21:58:52 +0100 +chrony (4.0-2ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server + in containers on a default installation and avoid failing to sync time + (or if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + + -- Christian Ehrhardt Tue, 27 Oct 2020 10:55:19 +0100 + chrony (4.0-2) unstable; urgency=medium * Merge branch 'experimental' into 'master'. @@ -775,6 +1387,44 @@ chrony (4.0~pre4-1) experimental; urgenc -- Vincent Blut Fri, 02 Oct 2020 21:21:08 +0200 +chrony (3.5.1-1ubuntu2) groovy; urgency=medium + + * d/chronyd-starter.sh: fix commandline argument parsing (LP: #1898000) + + -- Christian Ehrhardt Tue, 06 Oct 2020 12:20:40 +0200 + +chrony (3.5.1-1ubuntu1) groovy; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes + - d/t/control: harden time-sources-from-dhcp-servers test for systemd change + (LP: 1873031) [no more needed with recent systemd that is in groovy] + + -- Christian Ehrhardt Wed, 26 Aug 2020 15:30:48 +0200 + chrony (3.5.1-1) unstable; urgency=medium * Import upstream version 3.5.1: @@ -790,6 +1440,50 @@ chrony (3.5.1-1) unstable; urgency=mediu -- Vincent Blut Thu, 20 Aug 2020 14:07:22 +0200 +chrony (3.5-9ubuntu2) groovy; urgency=medium + + * No change rebuild against new libnettle8 and libhogweed6 ABI. + + -- Dimitri John Ledkov Mon, 29 Jun 2020 22:22:19 +0100 + +chrony (3.5-9ubuntu1) groovy; urgency=medium + + * Merge with Debian unstable (LP: #1878005). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/t/control: harden time-sources-from-dhcp-servers test for systemd change + (LP: 1873031) + * Dropped changes [in Debian now] + - d/t/upstream-system-tests: stop chrony/systemd-timesynd before tests + - d/t/upstream-system-tests: fix stderr in case services do not exist + - Stop starting systemd-timesyncd in postrm. This is no longer relevant + since systemd-timesyncd is a standalone package declaring + Conflicts/Replaces/Provides: time-daemon. (Closes 955773, LP: 1872183) + - d/postrm: Reinstate the remove target (LP: 1873810) + + -- Christian Ehrhardt Wed, 20 May 2020 09:57:39 +0200 + chrony (3.5-9) unstable; urgency=medium * debian/patches/: @@ -852,6 +1546,76 @@ chrony (3.5-7) unstable; urgency=medium -- Vincent Blut Tue, 17 Mar 2020 15:21:53 +0100 +chrony (3.5-6ubuntu6) focal; urgency=medium + + * d/postrm: Reinstate the remove target (LP: #1873810) + + -- Christian Ehrhardt Mon, 20 Apr 2020 15:58:52 +0200 + +chrony (3.5-6ubuntu5) focal; urgency=medium + + * d/t/control: harden time-sources-from-dhcp-servers test for systemd change + (LP: #1873031) + + -- Christian Ehrhardt Wed, 15 Apr 2020 18:23:10 +0200 + +chrony (3.5-6ubuntu4) focal; urgency=medium + + * debian/postrm: + - Stop starting systemd-timesyncd in postrm. This is no longer relevant + since systemd-timesyncd is a standalone package declaring + Conflicts/Replaces/Provides: time-daemon. (Closes 955773, LP: #1872183) + + -- Christian Ehrhardt Wed, 15 Apr 2020 09:01:30 +0200 + +chrony (3.5-6ubuntu3) focal; urgency=medium + + * avoid multiple time services running concurrently (LP: #1870144). + This fixes the autopkgtests vs chrond itself, the issue of concurrent + systemd-timesyncd will be fixed in systemd by (LP 1849156) + - d/t/upstream-system-tests: stop chrony/systemd-timesynd before tests + - d/t/upstream-system-tests: fix stderr in case services do not exist + + -- Christian Ehrhardt Wed, 01 Apr 2020 09:25:45 +0200 + +chrony (3.5-6ubuntu2) focal; urgency=medium + + * fix capsh usage in focal avoiding to always fall back to -x (LP: #1867036) + - d/control: add versioned dependency to libcap2-bin new enough to + support --has-p + - d/chronyd-starter.sh: update capsh usage to use --has-p + + -- Christian Ehrhardt Tue, 31 Mar 2020 10:19:20 +0200 + +chrony (3.5-6ubuntu1) focal; urgency=medium + + * Merge with Debian unstable (LP: #1866753). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + + -- Christian Ehrhardt Thu, 12 Mar 2020 11:02:33 +0100 + chrony (3.5-6) unstable; urgency=medium * debian/chrony.service: @@ -886,6 +1650,41 @@ chrony (3.5-6) unstable; urgency=medium -- Vincent Blut Tue, 10 Mar 2020 19:17:16 +0100 +chrony (3.5-5ubuntu1) focal; urgency=medium + + * Merge with Debian unstable (LP: #1859969). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/control: destructive_system_tests only work on amd64 and s390x right + now [fixed by backporting fixes from upstream in 3.5-5 ] + - d/t/upstream-simulation-test-suite: ignore warnings on stderr while + running clksim make + [ in Debian 3.5-5 ] + + -- Christian Ehrhardt Thu, 16 Jan 2020 12:55:32 +0100 + chrony (3.5-5) unstable; urgency=medium * debian/control: @@ -913,6 +1712,47 @@ chrony (3.5-5) unstable; urgency=medium -- Vincent Blut Sun, 22 Dec 2019 17:30:40 +0100 +chrony (3.5-4ubuntu2) focal; urgency=medium + + * d/t/control: destructive_system_tests only work on amd64 and s390x right + now + * d/t/upstream-simulation-test-suite: ignore warnings on stderr while + running clksim make + + -- Christian Ehrhardt Tue, 03 Dec 2019 14:50:50 +0100 + +chrony (3.5-4ubuntu1) focal; urgency=medium + + * Merge with Debian unstable (LP: #1854328). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes: + - d/t/control: allow stderr for recent changes in resolved/iproute + (LP 1836882) [no more needed] + + -- Christian Ehrhardt Thu, 28 Nov 2019 10:31:36 +0100 + chrony (3.5-4) unstable; urgency=medium * debian/tests/control: @@ -957,6 +1797,52 @@ chrony (3.5-3) unstable; urgency=medium -- Vincent Blut Tue, 13 Aug 2019 17:57:47 +0200 +chrony (3.5-2ubuntu3) focal; urgency=medium + + * No-change rebuild against libnettle7 + + -- Steve Langasek Thu, 31 Oct 2019 22:07:56 +0000 + +chrony (3.5-2ubuntu2) eoan; urgency=medium + + * d/t/control: allow stderr for recent changes in resolved/iproute + (LP: #1836882) + + -- Christian Ehrhardt Wed, 17 Jul 2019 12:41:58 +0200 + +chrony (3.5-2ubuntu1) eoan; urgency=medium + + * Merge with Debian experimental (LP: #1835046). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + * Dropped changes (accepted in Debian now): + - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357) + - d/postrm: respect policy-rc.d when restoring systemd-timesyncd + (LP 1771994) + + -- Christian Ehrhardt Tue, 02 Jul 2019 13:37:23 +0200 + chrony (3.5-2) unstable; urgency=medium * Merge branch “experimental” into “master”. @@ -1043,6 +1929,56 @@ chrony (3.5~pre1-1) experimental; urgenc -- Vincent Blut Sun, 12 May 2019 22:16:14 +0200 +chrony (3.4-4ubuntu2) eoan; urgency=medium + + * Dropped sysV change added in 3.4-4ubuntu1 (LP: #1829700): + - removed d/init to avoid weird interactions between sysV and systemd + [With debhelper compat level 12 this isn't an issue anymore] + + -- Christian Ehrhardt Wed, 22 May 2019 09:10:41 +0200 + +chrony (3.4-4ubuntu1) eoan; urgency=medium + + * Merge with Debian unstable (LP: #1828992). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358) + - Set -x as default if unable to set time (e.g. in containers) (LP 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off) [fixed a minor typo in the comment in this update] + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chrony-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357) + - d/postrm: respect policy-rc.d when restoring systemd-timesyncd + (LP 1771994) + * Added Changes: + - removed d/init to avoid weird interactions between sysV and systemd + * Dropped Changes: + - Notify chrony to update sources in response to systemd-networkd + events (LP: 1718227) + + d/links: link dispatcher script to networkd-dispatcher events routable + and off + + d/control: set Recommends to networkd-dispatcher + [Those are in Debian, except that we agreed to have networkd-dispatcher + to only be a Suggests] + + -- Christian Ehrhardt Tue, 14 May 2019 12:49:30 +0200 + chrony (3.4-4) unstable; urgency=medium * debian/patches/*: @@ -1119,6 +2055,48 @@ chrony (3.4-2) unstable; urgency=medium -- Vincent Blut Wed, 13 Feb 2019 17:08:17 +0100 +chrony (3.4-1ubuntu1) disco; urgency=medium + + * Merge with Debian unstable (LP: #1802886). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664) + - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + + debian/chrony.service: allow the service to run without CAP_SYS_TIME + + debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off). + + debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + + debian/install: make chronyd-starter.sh available on install. + + debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357) + - Notify chrony to update sources in response to systemd-networkd + events (LP: 1718227) + + d/links: link dispatcher script to networkd-dispatcher events routable + and off + + d/control: set Recommends to networkd-dispatcher + * Dropped Changes (upstream): + - d/p/lp-1718227-nm-dispatcher-for-networkd.patch + - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting + the service on newer kernels by falling back to urandom. (LP: 1787366) + * Added Changes: + - d/postrm: respect policy-rc.d when restoring systemd-timesyncd + (LP: #1771994) + + -- Christian Ehrhardt Mon, 12 Nov 2018 11:39:08 +0100 + chrony (3.4-1) unstable; urgency=medium * Import upstream version 3.4: @@ -1195,6 +2173,66 @@ chrony (3.3-3) unstable; urgency=medium -- Vincent Blut Sat, 18 Aug 2018 16:23:19 +0200 +chrony (3.3-2ubuntu2) cosmic; urgency=medium + + * - d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting + the service on newer kernels by falling back to urandom. + (LP: #1787366, Closes: #906276) + + -- Christian Ehrhardt Thu, 16 Aug 2018 11:48:38 +0200 + +chrony (3.3-2ubuntu1) cosmic; urgency=medium + + * Merge with Debian unstable (LP: #1771061). Remaining changes: + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664) + - Set -x as default if unable to set time (e.g. in containers) (LP: 1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + - debian/chrony.service: allow the service to run without CAP_SYS_TIME + - debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off). + - debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + - debian/install: make chronyd-starter.sh available on install. + - debian/docs, debian/README.container: provide documentation about the + handling of this case. + - d/postrm: re-establish systemd-timesyncd on removal (LP: 1764357) + - Notify chrony to update sources in response to systemd-networkd + events (LP: 1718227) + - d/links: link dispatcher script to networkd-dispatcher events routable + and off + - d/control: set Recommends to networkd-dispatcher + - d/p/lp-1718227-nm-dispatcher-for-networkd.patch + * Dropped changes + - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor + (LP: 1751241) (in Debian now) + - debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: 1761327) + (in Debian now) + - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch: + When dropping the root privileges, don't try to keep the CAP_SYS_TIME + capability if the -x option was enabled. This allows chronyd to be + started without the capability (e.g. in containers) and also drop the + root privileges (This is upstream now). + - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch (This is + upstream now). + - d/control: switch to nss instead of tomcrypt (Debian switched to nettle + which is in main, so we can drop this) + * Added changes + - debian/README.container: fix typos + + -- Christian Ehrhardt Mon, 14 May 2018 09:06:01 +0200 + chrony (3.3-2) unstable; urgency=medium * debian/chrony.service: @@ -1250,6 +2288,76 @@ chrony (3.2-5) unstable; urgency=medium -- Vincent Blut Wed, 28 Feb 2018 17:31:08 +0100 +chrony (3.2-4ubuntu4) bionic; urgency=medium + + * d/postrm: re-establish systemd-timesyncd on removal (LP: #1764357) + * Notify chrony to update sources in response to systemd-networkd + events (LP: #1718227) + - d/links: link dispatcher script to networkd-dispatcher events routable + and off + - d/control: set Recommends to networkd-dispatcher + - d/p/lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch + - d/p/lp-1718227-nm-dispatcher-for-networkd.patch + + -- Christian Ehrhardt Mon, 16 Apr 2018 17:04:06 +0200 + +chrony (3.2-4ubuntu3) bionic; urgency=medium + + * debian/usr.sbin.chronyd: add cap net_admin for hwtimestamp (LP: #1761327) + + -- Christian Ehrhardt Thu, 05 Apr 2018 09:38:10 +0200 + +chrony (3.2-4ubuntu2) bionic; urgency=medium + + * Set -x as default if unable to set time (e.g. in containers) (LP: #1589780) + Chrony is a single service which acts as both NTP client (i.e. syncing the + local clock) and NTP server (i.e. providing NTP services to the network), + and that is both desired and expected in the vast majority of cases. + But in containers syncing the local clock is usually impossible, but this + shall not break the providing of NTP services to the network. + To some extent this makes chrony's default config more similar to 'ntpd', + which complained in syslog but still provided NTP server service in those + cases. + - d/p/lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch: + When dropping the root privileges, don't try to keep the CAP_SYS_TIME + capability if the -x option was enabled. This allows chronyd to be + started without the capability (e.g. in containers) and also drop the + root privileges. + - debian/chrony.service: allow the service to run without CAP_SYS_TIME + - debian/control: add new dependency libcap2-bin for capsh (usually + installed anyway, but make them explicit to be sure). + - debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back + (Default off). + - debian/chronyd-starter.sh: wrapper to handle special cases in containers + and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in + containers on a default installation and avoid failing to sync time (or + if allowed to sync, avoid multiple containers to fight over it by + accident). + - debian/install: make chronyd-starter.sh available on install. + - debian/docs, debian/README.container: provide documentation about the + handling of this case. + * debian/chrony.conf: update default chrony.conf to not violate the policy + of pool.ntp.org (to use no more than four of their servers) and to provide + more ipv6 capable sources by default (LP: #1754358) + + -- Christian Ehrhardt Fri, 16 Mar 2018 12:25:44 +0100 + +chrony (3.2-4ubuntu1) bionic; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - d/control: switch to nss instead of tomcrypt (nss is in main) + - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664) + * Dropped changes (in Debian) + - d/chrony.default, d/chrony.service: support /etc/default/chrony + DAEMON_OPTS in systemd environment (LP: 1746081) + - d/chrony.service: properly start after networking (LP: 1746458) + - d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: 1746444) + * Added Changes: + - debian/usr.sbin.chronyd: ensure RTC/GPS usage isn't blocked by apparmor + (LP: #1751241, Closes: #891201) + + -- Christian Ehrhardt Mon, 26 Feb 2018 14:44:54 +0100 + chrony (3.2-4) unstable; urgency=medium * debian/changelog: @@ -1316,6 +2424,27 @@ chrony (3.2-3) unstable; urgency=medium -- Vincent Blut Wed, 07 Feb 2018 21:27:09 +0100 +chrony (3.2-2ubuntu3) bionic; urgency=medium + + * Revert the changes of (LP 1746458) as in the follow on discussion + it became clear that we want it to start early (for example for an + early offset from drift file). iIf needed chrony will later on pick + up that servers are online via retries (augmented by hooks on network + events). + + -- Christian Ehrhardt Thu, 08 Feb 2018 10:52:30 +0100 + +chrony (3.2-2ubuntu2) bionic; urgency=medium + + * d/control: use to nss instead of tomcrypt (in main) (LP: #1744072) + * d/chrony.conf: use ubuntu ntp pool and server (LP: #1744664) + * d/chrony.default, d/chrony.service: support /etc/default/chrony + DAEMON_OPTS in systemd environment (LP: #1746081) + * d/chrony.service: properly start after networking (LP: #1746458) + * d/usr.sbin.chronyd: allow to create /run/chrony on demand (LP: #1746444) + + -- Christian Ehrhardt Fri, 19 Jan 2018 09:45:38 +0100 + chrony (3.2-2) unstable; urgency=medium * Initial AppArmor profile for chronyd. Thanks to Jamie diff -pruN 4.7-1/debian/chrony.conf 4.7-1ubuntu3/debian/chrony.conf --- 4.7-1/debian/chrony.conf 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/chrony.conf 2025-11-25 19:12:26.000000000 +0000 @@ -1,10 +1,11 @@ # Welcome to the chrony configuration file. See chrony.conf(5) for more # information about usable directives. -# Use Debian vendor zone. -pool 2.debian.pool.ntp.org iburst +# The Ubuntu NTP pool servers configuration was moved to /etc/chrony/sources.d/ubuntu-ntp-pools.sources # Use time sources from DHCP. +# Those could be non-NTS sources. If you want to avoid unauthenticated NTP +# sources comment the following line. (LP: #2115565) sourcedir /run/chrony-dhcp # Use NTP sources found in /etc/chrony/sources.d. diff -pruN 4.7-1/debian/chrony.config 4.7-1ubuntu3/debian/chrony.config --- 4.7-1/debian/chrony.config 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/chrony.config 2025-11-25 19:12:26.000000000 +0000 @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e + +. /usr/share/debconf/confmodule + +if [ "${1}" = "configure" ] || [ "${1}" = "reconfigure" ]; then + db_input low chrony/configure_ubuntu_pools_in_sourcesd || true + db_go || true +fi diff -pruN 4.7-1/debian/chrony.default 4.7-1ubuntu3/debian/chrony.default --- 4.7-1/debian/chrony.default 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/chrony.default 2025-11-24 18:52:21.000000000 +0000 @@ -4,3 +4,7 @@ # Options to pass to chrony. DAEMON_OPTS="-F 1" + +# Sync system clock in containers or without CAP_SYS_TIME (likely to fail) +# See /usr/share/doc/chrony/README.container for details. +SYNC_IN_CONTAINER="no" diff -pruN 4.7-1/debian/chrony.examples 4.7-1ubuntu3/debian/chrony.examples --- 4.7-1/debian/chrony.examples 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/chrony.examples 2025-11-24 18:52:22.000000000 +0000 @@ -1 +1,2 @@ examples/chrony.conf* +examples/chronyd-restricted.service diff -pruN 4.7-1/debian/chrony.service 4.7-1ubuntu3/debian/chrony.service --- 4.7-1/debian/chrony.service 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/chrony.service 2025-11-25 19:12:26.000000000 +0000 @@ -3,7 +3,6 @@ Description=chrony, an NTP client/server Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5) Conflicts=openntpd.service ntp.service ntpsec.service ConditionVirtualization=!container -ConditionCapability=CAP_SYS_TIME [Service] Type=notify @@ -11,7 +10,9 @@ PIDFile=/run/chrony/chronyd.pid EnvironmentFile=-/etc/default/chrony User=_chrony # Daemon is started as root, but still sandboxed -ExecStart=!/usr/sbin/chronyd -n $DAEMON_OPTS +ExecStart=!/usr/lib/systemd/scripts/chronyd-starter.sh -n $DAEMON_OPTS +# Allow real chronyd to notify "READY=1" for chronyd-starter.sh +NotifyAccess=all CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_KILL CAP_LEASE CAP_LINUX_IMMUTABLE diff -pruN 4.7-1/debian/chronyd-starter.sh 4.7-1ubuntu3/debian/chronyd-starter.sh --- 4.7-1/debian/chronyd-starter.sh 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/chronyd-starter.sh 2025-11-24 18:52:21.000000000 +0000 @@ -0,0 +1,68 @@ +#!/bin/sh +set -ue + +CONF="/etc/default/chrony" +DOC="/usr/share/doc/chrony/README.container" +CAP="cap_sys_time" +CMD="/usr/sbin/chronyd" +# Take any args passed, use none if nothing was specified +EFFECTIVE_DAEMON_OPTS=${@:-""} + +if [ -f "${CONF}" ]; then + . "${CONF}" +else + echo "<4>Warning: ${CONF} is missing" +fi +# take from conffile if available, default to no otherwise +EFFECTIVE_SYNC_IN_CONTAINER=${SYNC_IN_CONTAINER:-"no"} + +if [ ! -x "${CMD}" ]; then + echo "<3>Error: ${CMD} not executable" + # ugly, but works around https://github.com/systemd/systemd/issues/2913 + sleep 0.1 + exit 1 +fi + +# Check if -x is already set manually, don't process further if that is the case +X_SET=0 +for arg in $@; do + if echo "$arg" | grep -q -e '^-[a-zA-Z0-9]*x'; then + X_SET=1 + fi +done + +if [ ${X_SET} -ne 1 ]; then + # Assume it is not in a container + IS_CONTAINER=0 + if [ -x /usr/bin/systemd-detect-virt ]; then + if /usr/bin/systemd-detect-virt --quiet --container; then + IS_CONTAINER=1 + fi + fi + + + # Assume it has the cap + HAS_CAP=1 + CAPSH="/sbin/capsh" + if [ -x "${CAPSH}" ]; then + ${CAPSH} --has-p="${CAP}" || HAS_CAP=0 + fi + + if [ ${HAS_CAP} -eq 0 ]; then + echo "<4>Warning: Missing ${CAP}, syncing the system clock will fail" + fi + if [ ${IS_CONTAINER} -eq 1 ]; then + echo "<4>Warning: Running in a container, likely impossible and unintended to sync system clock" + fi + + if [ ${HAS_CAP} -eq 0 -o ${IS_CONTAINER} -eq 1 ]; then + if [ "${EFFECTIVE_SYNC_IN_CONTAINER}" != "yes" ]; then + echo "<5>Adding -x as fallback disabling control of the system clock, see ${DOC} to override this behavior" + EFFECTIVE_DAEMON_OPTS="${EFFECTIVE_DAEMON_OPTS} -x" + else + echo "<5>Not falling back to disable control of the system clock, see ${DOC} to change this behavior" + fi + fi +fi + +${CMD} ${EFFECTIVE_DAEMON_OPTS} diff -pruN 4.7-1/debian/conf.d/ubuntu-nts.conf 4.7-1ubuntu3/debian/conf.d/ubuntu-nts.conf --- 4.7-1/debian/conf.d/ubuntu-nts.conf 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/conf.d/ubuntu-nts.conf 2025-11-25 19:12:26.000000000 +0000 @@ -0,0 +1,6 @@ +# This CA is needed for the Ubuntu NTS bootstrap servers. It has a very large +# validity range (decades into the past and future) to allow systems with a +# very large initial clock drift to use NTS. +# If there is already another certificate set using the same index as this one +# here ("1"), then this CA will get added to that set. +ntstrustedcerts 1 /etc/chrony/nts-bootstrap-ubuntu.crt diff -pruN 4.7-1/debian/control 4.7-1ubuntu3/debian/control --- 4.7-1/debian/control 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/control 2025-11-25 19:12:35.000000000 +0000 @@ -1,7 +1,8 @@ Source: chrony Section: net Priority: optional -Maintainer: Vincent Blut +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Vincent Blut Standards-Version: 4.7.2 Build-Depends: asciidoctor, bison, @@ -26,13 +27,15 @@ Package: chrony Architecture: linux-any Pre-Depends: ${misc:Pre-Depends} Depends: adduser (>= 3.130), + debconf (>= 0.5), iproute2 [linux-any], tzdata, + libcap2-bin (>= 1:2.32-1), ucf, ${misc:Depends}, ${shlibs:Depends} +Recommends: networkd-dispatcher, Suggests: dnsutils, - networkd-dispatcher Breaks: network-manager (<< 1.20.0-1~) Conflicts: time-daemon Provides: time-daemon diff -pruN 4.7-1/debian/docs 4.7-1ubuntu3/debian/docs --- 4.7-1/debian/docs 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/docs 2025-11-24 18:52:21.000000000 +0000 @@ -1,3 +1,4 @@ FAQ NEWS README +debian/README.container diff -pruN 4.7-1/debian/install 4.7-1ubuntu3/debian/install --- 4.7-1/debian/install 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/install 2025-11-25 19:12:26.000000000 +0000 @@ -1,6 +1,10 @@ debian/chrony-helper usr/libexec/chrony debian/chrony.conf usr/share/chrony +debian/ubuntu-ntp-pools.sources usr/share/chrony debian/conf.d etc/chrony debian/ntp-units.d/50-chrony.list usr/lib/systemd/ntp-units.d debian/sources.d etc/chrony debian/usr.sbin.chronyd etc/apparmor.d +debian/chronyd-starter.sh usr/lib/systemd/scripts/ +debian/nts-bootstrap-staging-ubuntu.crt etc/chrony +debian/nts-bootstrap-ubuntu.crt etc/chrony diff -pruN 4.7-1/debian/nts-bootstrap-staging-ubuntu.crt 4.7-1ubuntu3/debian/nts-bootstrap-staging-ubuntu.crt --- 4.7-1/debian/nts-bootstrap-staging-ubuntu.crt 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/nts-bootstrap-staging-ubuntu.crt 2025-11-25 19:12:26.000000000 +0000 @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBoDCCAUegAwIBAgIUboHEx7dO7bYbqpDEg4me/VVt+IswCgYIKoZIzj0EAwIw +ETEPMA0GA1UEAwwGdWJ1bnR1MCAXDTUwMDEwMTAwMDAwMFoYDzk5OTkxMjMxMjM1 +OTU5WjArMSkwJwYDVQQDDCBudHAtYm9vdHN0cmFwLnN0YWdpbmcudWJ1bnR1LmNv +bTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABK9XPhpN0XjX3itffScnYxTMi+nH +6pW7bbNTRil6THK7TTKZDhG1r3dLy+FlYBU4dsxg9CQlTSMJlApplUnLwBmjYTBf +ME8GA1UdEQRIMEaCIG50cC1ib290c3RyYXAuc3RhZ2luZy51YnVudHUuY29tgiIq +Lm50cC1ib290c3RyYXAuc3RhZ2luZy51YnVudHUuY29tMAwGA1UdEwEB/wQCMAAw +CgYIKoZIzj0EAwIDRwAwRAIgOvXlLW5NlZob+ukYRAhLkMqlPOzLqLtcHQlKnnja +3sgCIENZVt2+zsZRpX1a8p6O9yVk8n7ovF4tbqEvFkqlzLQm +-----END CERTIFICATE----- diff -pruN 4.7-1/debian/nts-bootstrap-ubuntu.crt 4.7-1ubuntu3/debian/nts-bootstrap-ubuntu.crt --- 4.7-1/debian/nts-bootstrap-ubuntu.crt 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/nts-bootstrap-ubuntu.crt 2025-11-25 19:12:26.000000000 +0000 @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBiTCCAS+gAwIBAgIUPlSKCl0OHrnDiEB3/4yJAoeMh18wCgYIKoZIzj0EAwIw +ETEPMA0GA1UEAwwGdWJ1bnR1MCAXDTcwMDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAw +MDAwWjAjMSEwHwYDVQQDDBhudHAtYm9vdHN0cmFwLnVidW50dS5jb20wWTATBgcq +hkjOPQIBBggqhkjOPQMBBwNCAAS7TU/9OynpZSHZIF5/AUQPwCewy50pybP3/DBR +PV5cNtdj4CefCp09x7hEsrofm2XSh0HkcuoADgO6pioVAOQXo1EwTzA/BgNVHREE +ODA2ghhudHAtYm9vdHN0cmFwLnVidW50dS5jb22CGioubnRwLWJvb3RzdHJhcC51 +YnVudHUuY29tMAwGA1UdEwEB/wQCMAAwCgYIKoZIzj0EAwIDSAAwRQIhAK06wN7r +Ys7PDAIvFn2qlIKL8FFLhYtHZLcJwwV6vFgBAiATxuquFRB/xn4Y3ZSMvAxRx9rG +8vLwOy6cp6CVWRVvWQ== +-----END CERTIFICATE----- diff -pruN 4.7-1/debian/patches/configure-switch-sed-separator-from-to-to-cope-with-.patch 4.7-1ubuntu3/debian/patches/configure-switch-sed-separator-from-to-to-cope-with-.patch --- 4.7-1/debian/patches/configure-switch-sed-separator-from-to-to-cope-with-.patch 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/patches/configure-switch-sed-separator-from-to-to-cope-with-.patch 2025-11-25 19:22:57.000000000 +0000 @@ -0,0 +1,68 @@ +From: Nick Rosbrook +Date: Tue, 25 Nov 2025 14:39:26 -0500 +Subject: configure: switch sed separator from % to # to cope with dpkg + +Since 1.22.21ubuntu6 (see LP #2071468), dpkg set --package-metadata +directly in LDFLAGS. The strings passed with --package-metadata contain +percent-encoded URLs, which breaks the use of % as a sed separator. +--- + configure | 46 +++++++++++++++++++++++----------------------- + 1 file changed, 23 insertions(+), 23 deletions(-) + +diff --git a/configure b/configure +index bcd6944..0d0ed00 100755 +--- a/configure ++++ b/configure +@@ -1101,29 +1101,29 @@ add_def CHRONY_VERSION "\"${CHRONY_VERSION}\"" + for f in Makefile doc/Makefile test/unit/Makefile + do + echo Creating $f +- sed -e "s%@EXTRA_OBJS@%${EXTRA_OBJECTS}%;\ +- s%@EXTRA_CLI_OBJS@%${EXTRA_CLI_OBJECTS}%;\ +- s%@CC@%${MYCC}%;\ +- s%@CFLAGS@%${MYCFLAGS}%;\ +- s%@CPPFLAGS@%${MYCPPFLAGS}%;\ +- s%@LDFLAGS@%${MYLDFLAGS}%;\ +- s%@GETDATE_CFLAGS@%${GETDATE_CFLAGS}%;\ +- s%@LIBS@%${LIBS}%;\ +- s%@EXTRA_LIBS@%${EXTRA_LIBS}%;\ +- s%@EXTRA_CLI_LIBS@%${EXTRA_CLI_LIBS}%;\ +- s%@SYSCONFDIR@%${SYSCONFDIR}%;\ +- s%@BINDIR@%${BINDIR}%;\ +- s%@SBINDIR@%${SBINDIR}%;\ +- s%@DOCDIR@%${DOCDIR}%;\ +- s%@MANDIR@%${MANDIR}%;\ +- s%@LOCALSTATEDIR@%${LOCALSTATEDIR}%;\ +- s%@CHRONYRUNDIR@%${CHRONYRUNDIR}%;\ +- s%@CHRONYVARDIR@%${CHRONYVARDIR}%;\ +- s%@DEFAULT_HWCLOCK_FILE@%${default_hwclockfile}%;\ +- s%@DEFAULT_PID_FILE@%${default_pidfile}%;\ +- s%@DEFAULT_RTC_DEVICE@%${default_rtcdevice}%;\ +- s%@DEFAULT_USER@%${default_user}%;\ +- s%@CHRONY_VERSION@%${CHRONY_VERSION}%;" \ ++ sed -e "s#@EXTRA_OBJS@#${EXTRA_OBJECTS}#;\ ++ s#@EXTRA_CLI_OBJS@#${EXTRA_CLI_OBJECTS}#;\ ++ s#@CC@#${MYCC}#;\ ++ s#@CFLAGS@#${MYCFLAGS}#;\ ++ s#@CPPFLAGS@#${MYCPPFLAGS}#;\ ++ s#@LDFLAGS@#${MYLDFLAGS}#;\ ++ s#@GETDATE_CFLAGS@#${GETDATE_CFLAGS}#;\ ++ s#@LIBS@#${LIBS}#;\ ++ s#@EXTRA_LIBS@#${EXTRA_LIBS}#;\ ++ s#@EXTRA_CLI_LIBS@#${EXTRA_CLI_LIBS}#;\ ++ s#@SYSCONFDIR@#${SYSCONFDIR}#;\ ++ s#@BINDIR@#${BINDIR}#;\ ++ s#@SBINDIR@#${SBINDIR}#;\ ++ s#@DOCDIR@#${DOCDIR}#;\ ++ s#@MANDIR@#${MANDIR}#;\ ++ s#@LOCALSTATEDIR@#${LOCALSTATEDIR}#;\ ++ s#@CHRONYRUNDIR@#${CHRONYRUNDIR}#;\ ++ s#@CHRONYVARDIR@#${CHRONYVARDIR}#;\ ++ s#@DEFAULT_HWCLOCK_FILE@#${default_hwclockfile}#;\ ++ s#@DEFAULT_PID_FILE@#${default_pidfile}#;\ ++ s#@DEFAULT_RTC_DEVICE@#${default_rtcdevice}#;\ ++ s#@DEFAULT_USER@#${default_user}#;\ ++ s#@CHRONY_VERSION@#${CHRONY_VERSION}#;" \ + < ${f}.in > $f + done + diff -pruN 4.7-1/debian/patches/series 4.7-1ubuntu3/debian/patches/series --- 4.7-1/debian/patches/series 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/patches/series 2025-11-25 19:22:57.000000000 +0000 @@ -1,2 +1,3 @@ debianize-chronyd-restricted-unit-file.patch nm-dispatcher-dhcp_Move-server_dir-to-run.patch +configure-switch-sed-separator-from-to-to-cope-with-.patch diff -pruN 4.7-1/debian/postinst 4.7-1ubuntu3/debian/postinst --- 4.7-1/debian/postinst 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/postinst 2025-11-25 19:12:26.000000000 +0000 @@ -3,13 +3,15 @@ # # see: dh_installdeb(1) +. /usr/share/debconf/confmodule set -e # targets: configure|abort-upgrade|abort-remove|abort-deconfigure +ucf_managed_sources="true" case "$1" in - configure) + configure|reconfigure) adduser --system \ --group \ @@ -18,13 +20,34 @@ case "$1" in --home /var/lib/chrony \ --no-create-home _chrony + ubuntu_ntp_pools_sources_filepath="/etc/chrony/sources.d/ubuntu-ntp-pools.sources" + packaged_ubuntu_ntp_pools_sources_filepath="/usr/share/chrony/ubuntu-ntp-pools.sources" + + db_get chrony/configure_ubuntu_pools_in_sourcesd + ucf_managed_sources="${RET}" + if command -v ucf >/dev/null then - ucf --three-way /usr/share/chrony/chrony.conf /etc/chrony/chrony.conf - ucf --three-way /usr/share/chrony/chrony.keys /etc/chrony/chrony.keys + ucf --debconf-ok --three-way /usr/share/chrony/chrony.conf /etc/chrony/chrony.conf + ucf --debconf-ok --three-way /usr/share/chrony/chrony.keys /etc/chrony/chrony.keys + if [ "${ucf_managed_sources}" = "true" ]; then + ucf --debconf-ok --three-way "${packaged_ubuntu_ntp_pools_sources_filepath}" "${ubuntu_ntp_pools_sources_filepath}" + else + # If this was under ucf before, purge it. + # If it wasn't under ucf before, this does not fail + ucf --debconf-ok --purge "${ubuntu_ntp_pools_sources_filepath}" + rm -f "${ubuntu_ntp_pools_sources_filepath}" + fi if [ -x "$(command -v ucfr)" ]; then ucfr chrony /etc/chrony/chrony.conf ucfr chrony /etc/chrony/chrony.keys + if [ "${ucf_managed_sources}" = "true" ]; then + ucfr chrony "${ubuntu_ntp_pools_sources_filepath}" + else + # If this was under ucf before, purge it. + # If it wasn't under ucf before, this does not fail + ucfr --purge chrony "${ubuntu_ntp_pools_sources_filepath}" + fi fi fi diff -pruN 4.7-1/debian/postrm 4.7-1ubuntu3/debian/postrm --- 4.7-1/debian/postrm 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/postrm 2025-11-25 19:12:26.000000000 +0000 @@ -5,8 +5,16 @@ set -e +. /usr/share/debconf/confmodule + # targets: purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear +ubuntu_ntp_pools_sources_filepath="/etc/chrony/sources.d/ubuntu-ntp-pools.sources" +ucf_managed_sources="true" + +db_get chrony/configure_ubuntu_pools_in_sourcesd +ucf_managed_sources="${RET}" + case "$1" in purge) rm -f /var/lib/chrony/* @@ -16,9 +24,15 @@ case "$1" in then ucf --purge /etc/chrony/chrony.conf ucf --purge /etc/chrony/chrony.keys + if [ "${ucf_managed_sources}" = "true" ]; then + ucf --purge "${ubuntu_ntp_pools_sources_filepath}" + fi if [ -x "$(command -v ucfr)" ]; then ucfr --purge chrony /etc/chrony/chrony.conf ucfr --purge chrony /etc/chrony/chrony.keys + if [ "${ucf_managed_sources}" = "true" ]; then + ucfr --purge chrony "${ubuntu_ntp_pools_sources_filepath}" + fi fi fi rm -rf /etc/chrony diff -pruN 4.7-1/debian/rules 4.7-1ubuntu3/debian/rules --- 4.7-1/debian/rules 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/rules 2025-11-25 19:12:26.000000000 +0000 @@ -47,6 +47,5 @@ endif override_dh_installsystemd: dh_installsystemd chrony.service dh_installsystemd --name=chrony-wait --no-enable --no-start chrony-wait.service - dh_installsystemd --name=chronyd-restricted --no-enable --no-start chronyd-restricted.service dh_installsystemd --name=chrony-dnssrv@ chrony-dnssrv@.service dh_installsystemd --name=chrony-dnssrv@ --no-enable --no-start chrony-dnssrv@.timer diff -pruN 4.7-1/debian/templates 4.7-1ubuntu3/debian/templates --- 4.7-1/debian/templates 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/templates 2025-11-24 18:52:22.000000000 +0000 @@ -0,0 +1,12 @@ +Template: chrony/configure_ubuntu_pools_in_sourcesd +Type: boolean +Default: true +Description: Configure Ubuntu NTP pools in /etc/chrony/sources.d/ubuntu-ntp-pools.sources + The default Ubuntu NTP pools were moved from /etc/chrony/chrony.conf to an + included file in /etc/chrony/sources.d/ubuntu-ntp-pools.sources. The main + chrony.conf file shipped by the package no longer contains any NTP pools. + If you answer "yes", what was described above will be applied. + If you answer "no", then /etc/chrony/sources.d/ubuntu-ntp-pools.sources will + NOT be created. If it exists already, it will be REMOVED, and subsequent + upgrades will not recreate it. + If in doubt, it's recommended that you answer "yes". diff -pruN 4.7-1/debian/tests/control 4.7-1ubuntu3/debian/tests/control --- 4.7-1/debian/tests/control 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/tests/control 2025-11-25 19:12:26.000000000 +0000 @@ -1,3 +1,9 @@ +# Keep this as the first test, to check default installation behavior more +# easily. +Tests: default-ubuntu-sources-behavior +Depends: chrony, dpkg-dev +Restrictions: isolation-container, needs-root + Tests: upstream-simulation-test-suite Depends: @builddeps@, build-essential, ca-certificates, wget Restrictions: isolation-container, build-needed, skippable, needs-root, needs-internet diff -pruN 4.7-1/debian/tests/default-ubuntu-sources-behavior 4.7-1ubuntu3/debian/tests/default-ubuntu-sources-behavior --- 4.7-1/debian/tests/default-ubuntu-sources-behavior 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/tests/default-ubuntu-sources-behavior 2025-11-25 19:12:26.000000000 +0000 @@ -0,0 +1,134 @@ +#!/bin/bash + +set -e + +. debian/tests/helper-functions + +UBUNTU_NTP_POOLS="/etc/chrony/sources.d/ubuntu-ntp-pools.sources" + +cleanup() { + ret=$? + __cleanup + set +e + if [ ${ret} -ne 0 ]; then + echo "## ERROR, something failed" + echo + echo "## journal logs for chrony" + journalctl -u chrony.service --lines 500 + echo + echo "## Content of /etc/chrony" + find /etc/chrony -ls + echo + echo "## chrony sources" + chronyc sources + fi +} + +trap cleanup EXIT + +test_fresh_install_has_nts_sources() { + local -i n=0 + local output + + echo + echo "## Running ${FUNCNAME[0]}" + echo "## Fresh install, ubuntu NTS sources must be defined" + ls -la "$(dirname ${UBUNTU_NTP_POOLS})" + test -f "${UBUNTU_NTP_POOLS}" || return 1 + cat "${UBUNTU_NTP_POOLS}" + grep -qE "^pool.*nts" "${UBUNTU_NTP_POOLS}" || return 1 + echo + echo "## Chrony should have valid sources loaded" + # Sometimes this lists sources and still fails ($? != 0), so let's ignore + # errors and check the output instead + output=$(chronyc sources 2>&1 || :) + echo "${output}" + n=$(echo "${output}" | grep -E '^\^'|wc -l) + echo "## ${n} sources identified" + if [ "${n}" -gt 0 ]; then + echo "## OK" + else + echo "## FAIL" + return 1 + fi + echo + echo "## And these sources should be authenticated" + output=$(chronyc authdata 2>&1 || :) + echo "${output}" + n=$(echo "${output}" | grep -E 'NTS'|wc -l) + echo "## ${n} authenticated sources identified" + if [ "${n}" -gt 0 ]; then + echo "## OK" + else + echo "## FAIL" + return 1 + fi +} + +test_debconf_no_ubuntu_sources() { + echo + echo "## Running ${FUNCNAME[0]}" + echo "## Checking that ${UBUNTU_NTP_POOLS} exists" + ls -la "${UBUNTU_NTP_POOLS}" || return 1 + echo + echo "## Reconfiguring chrony with chrony/configure_ubuntu_pools_in_sourcesd set to false" + debconf-set-selections <&1 + echo + echo "## Now ${UBUNTU_NTP_POOLS} should be gone" + ls -la "${UBUNTU_NTP_POOLS}" 2>&1 && return 1 || : + echo + echo "## And chrony should have no sources" + # Sometimes this lists sources and still fails ($? != 0), so let's ignore + # errors and check the output instead + output=$(chronyc sources 2>&1 || :) + echo "${output}" + n=$(echo "${output}" | grep -E '^\^'|wc -l) + echo "## ${n} sources identified" + if [ "${n}" -gt 0 ]; then + echo "## FAIL" + return 1 + else + echo "## OK" + fi +} + +test_debconf_with_ubuntu_sources() { + echo + echo "## Running ${FUNCNAME[0]}" + echo "## Checking that ${UBUNTU_NTP_POOLS} does not exist" + ls -la "${UBUNTU_NTP_POOLS}" 2>&1 && return 1 || : + echo + echo "## Reconfiguring chrony with chrony/configure_ubuntu_pools_in_sourcesd set to true" + debconf-set-selections <&1 + echo + echo "## Now ${UBUNTU_NTP_POOLS} should exist now" + ls -la "${UBUNTU_NTP_POOLS}" || return 1 + echo + echo "## And chrony should have valid sources" + # Sometimes this lists sources and still fails ($? != 0), so let's ignore + # errors and check the output instead + output=$(chronyc sources 2>&1 || :) + echo "${output}" + n=$(echo "${output}" | grep -E '^\^'|wc -l) + echo "## ${n} sources identified" + if [ "${n}" -gt 0 ]; then + echo "## OK" + else + echo "## FAIL" + return 1 + fi +} + +__no_system_clock_control +__restart_chronyd +# these tests must be run in this order, because they don't reset the state +# each time +test_fresh_install_has_nts_sources +test_debconf_no_ubuntu_sources +test_debconf_with_ubuntu_sources diff -pruN 4.7-1/debian/ubuntu-ntp-pools.sources 4.7-1ubuntu3/debian/ubuntu-ntp-pools.sources --- 4.7-1/debian/ubuntu-ntp-pools.sources 1970-01-01 00:00:00.000000000 +0000 +++ 4.7-1ubuntu3/debian/ubuntu-ntp-pools.sources 2025-11-25 19:12:26.000000000 +0000 @@ -0,0 +1,31 @@ +# Use NTS by default +# NTS uses an additional port to negotiate security: 4460/tcp +# The normal NTP port remains in use: 123/udp +pool 1.ntp.ubuntu.com iburst maxsources 1 nts prefer +pool 2.ntp.ubuntu.com iburst maxsources 1 nts prefer +pool 3.ntp.ubuntu.com iburst maxsources 1 nts prefer +pool 4.ntp.ubuntu.com iburst maxsources 1 nts prefer +# The bootstrap server is needed by systems without a hardware clock, or a very +# large initial clock offset. The specified certificate set is defined in +# /etc/chrony/conf.d/ubuntu-nts.conf. +pool ntp-bootstrap.ubuntu.com iburst maxsources 1 nts certset 1 + +# If you can't or won't use NTS, then here are the old NTP-only definitions + +# This will use (up to): +# - 4 sources from ntp.ubuntu.com which some are ipv6 enabled +# - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well +# - 1 source from [01].ubuntu.pool.ntp.org each (ipv4 only atm) +# This means by default, up to 6 dual-stack and up to 2 additional IPv4-only +# sources will be used. +# At the same time it retains some protection against one of the entries being +# down (compare to just using one of the lines). See (LP: #1754358) for the +# discussion. +# +# About using servers from the NTP Pool Project in general see (LP: #104525). +# Approved by Ubuntu Technical Board on 2011-02-08. +# See http://www.pool.ntp.org/join.html for more information. +#pool ntp.ubuntu.com iburst maxsources 4 +#pool 0.ubuntu.pool.ntp.org iburst maxsources 1 +#pool 1.ubuntu.pool.ntp.org iburst maxsources 1 +#pool 2.ubuntu.pool.ntp.org iburst maxsources 2 diff -pruN 4.7-1/debian/usr.sbin.chronyd 4.7-1ubuntu3/debian/usr.sbin.chronyd --- 4.7-1/debian/usr.sbin.chronyd 2025-06-11 15:38:16.000000000 +0000 +++ 4.7-1ubuntu3/debian/usr.sbin.chronyd 2025-11-24 18:44:11.000000000 +0000 @@ -78,6 +78,9 @@ abi , # Allow read-write access to the socket path(s). @{run}/timemaster/chrony.SOCK[0-9]* rw, + # Allow systemd Type=notify using sd_notify's $NOTIFY_SOCKET + @{run}/systemd/notify w, + # For use with clocks that report via shared memory (e.g. gpsd), # you may need to give ntpd access to all of shared memory, though # this can be considered dangerous. See https://launchpad.net/bugs/722815