Hi Santiago, On 2020-01-02T13:38+0100, Santiago Vila wrote:
Package: chrony Version: 3.4-4 Severity: importantDear maintainer: Apparently, installing chrony does not ensure at all that it will work. Google has moved from ntp in Debian 9 to chrony in Debian 10 for their default Debian GCE images, and I discovered this on a lot of GCE instances having a clock several minutes off. The problem I found is very similar to the one described here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933370
Indeed, it sounds pretty similar.
I believe the best summary of the problem was made by Michael Biebl here: https://github.com/systemd/systemd/issues/7104#issuecomment-471329392 Quoting Michael:As it stands, the current practice of having systemd-timesyncd.service enabled by default (in Debian) and alternative implementations like chrony or ntpd declare Conflicts=systemd-timesyncd.service in their service file does not work reliably.AFAIK, this has been fixed on the systemd side in version 241-3 by dropping the "Conflicts" systemd had on chrony or ntpd.
Exact, the Debian systemd maintainers reintroduced the following drop-in file in version 241-3:
$ cat /lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf [Unit] ConditionFileIsExecutable=!/usr/sbin/ntpd ConditionFileIsExecutable=!/usr/sbin/openntpd ConditionFileIsExecutable=!/usr/sbin/chronyd ConditionFileIsExecutable=!/usr/sbin/VBoxService It prevents systemd-timesyncd from starting if one of the above executables is present on the system.
Unfortunately, AFAIK, conflicts are bi-directional, so apparently the problem will persist in buster as far as chrony still has conflicts in the systemd unit file.
What do you mean by “conflicts are bi-directional”?Also, conflicting with systemd-timesyncd doesn’t seem to cause any issue on most systems (well, I hope ;-), so we should be cautious about incriminating “Conflicts= systemd-timesyncd.service” use as the root cause.
Would you please tell me how things go when removing “ConditionFileIsExecutable=!/usr/sbin/chronyd” from the systemd-timesyncd service unit? Does that make chrony happy?
Thanks.
Cheers, Vincent
signature.asc
Description: PGP signature
