Ohhhhh..... Yes, connecting to chronyd over the network worked. Next thing, I tried connecting to itself using -h 127.0.0.1, which worked fine. Connecting to itself using its hostname, however, didn't work, which finally pushed me in the right direction: in /etc/hosts, there was an entry 127.0.1.1 localhost which, as we all know, is not the default address for localhost. Setting it to 127.0.0.1 solved the issue. I guess chronyc defaults to "localhost", if no hostname is given. Then, I guess, in some other part of the software only 127.0.0.1 is allowed per default; not other loopback IP addresses.
In the end, this just explains the cronyc/cronyd communication difficulties, right? cronyd should have still run without issues... Anyway, thank you for your help :) Benjamin 2017-04-28 12:20 GMT+01:00 Miroslav Lichvar <mlich...@redhat.com>: > On Fri, Apr 28, 2017 at 11:43:53AM +0100, Benjamin Schnieders wrote: > > On the problematic machine, however, it's still running as root. It's > also > > running as root on another client machine (on which chronyc sources > works), > > which is also Ubuntu 14.04, so that appears to be normal. > > The older package just didn't configure chronyd to drop root. That > shouldn't change anything for the ability to listen and respond on the > port 323. > > If you have a second machine with the same chrony version, could you > try to configure both of them with the "cmdallow" directive to allow > command access and check from which machine chronyc works remotely? > Maybe that will tell us if it's a problem in chronyc or chronyd. You > might need to open the port 323 in firewall. > > -- > Miroslav Lichvar > > -- > To unsubscribe email chrony-users-requ...@chrony.tuxfamily.org > with "unsubscribe" in the subject. > For help email chrony-users-requ...@chrony.tuxfamily.org > with "help" in the subject. > Trouble? Email listmas...@chrony.tuxfamily.org. > >
