On Tue, Mar 13, 2018 at 10:45:56AM +0100, Christian Ehrhardt wrote: > In unprivileged containers even after e8096330 "sys_linux: don't keep > CAP_SYS_TIME with -x option" default installations > will still run without an explicit -x being set and therefore fail by > missing CAP_SYS_TIME. > > In some use cases users want the NTP server service to "just work" which > in a non-CAP_SYS_TIME environment means that chrony has to fall back.
As I said in the previous mail, they can use -x to have an NTP server that always "works". We seem to agree that neither -x or -X should be a default. In what configuration it would be useful to enable -X but not -x? I appreciate the effort you put into the patch, but without a use case it seems to me like an unnecessary complication of the code and another trap for the user to fall in. > By that a user will get an NTP server working independent to the > environment, that will control the local time if it is able to do so. > > This is not set as default as the fallback is considered a loss of time > control that users should opt-in, but the new config allows an admin and > setup tools to opt into -x like behavior without loosing the feature to > control time when running in an environment that is able to do so. They either need the clock to be controlled by chronyd or they don't. If they don't, I think they can always use -x. I have some comments about the patch, but I think we should make this clear first. -- Miroslav Lichvar -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.