Package: dhcpcd-base Version: 1:10.1.0-11+deb13u1 Severity: serious Justification: time is important Control: affects -1 + systemd-timesyncd
Hi, Spotted on a local CI: my bookworm hosts are NTP-synced, while my trixie hosts are not. The installation procedure is the very same though: netinst images and almost-all-default answers all the way. This means having: - ifupdown/isc-dhcp-client (dhclient) on bookworm; - ifupdown/dhcpcd-base on trixie. On bookworm hosts, lease information stored by dhclient include the ntp-servers option, which trickles down to systemd-timesyncd via /run/systemd/timesyncd.conf.d/01-dhclient.conf On trixie hosts, that's not happening, /run/systemd/timesyncd.conf.d/ is not even present. There's /usr/lib/dhcpcd/dhcpcd-hooks/50-timesyncd.conf though, which would be doing the trick except… the default setting in dhcpcd-base is the following: | # Most distributions have NTP support. | #option ntp_servers This dates back to commit aa1a876387301cbfe636a3f737fde1baf7d00493 in 2017. I'm not sure what “Most distributions have NTP support.” means in the first place, or why the default was changed, as there were no explanations whatsoever… See: https://github.com/NetworkConfiguration/dhcpcd/commit/aa1a876387301cbfe636a3f737fde1baf7d00493 What I can say for sure though is that default installations that wouldn't be able to access the default NTP servers (as in the ones embedded in systemd-timesyncd, see also FallbackNTP=), e.g. because of network-level restrictions, end up without NTP synchronization with the default dhcpcd-base configuration, which is a HUGE functional regression from bookworm. Uncommenting the `option ntp_servers` line in /etc/dhcpcd.conf is sufficient to fix the issue: - /run/systemd/timesyncd.conf.d/ gets created; - /run/systemd/timesyncd.conf.d/dhcpcd-ens18.dhcp.conf gets populated with an NTP= entry matching what's provided by the DHCP server. - `timedatectl` reports `System clock synchronized: yes` as well as `NTP service: active` (as opposed to `no` and `active` resp.). - `timedatectl show-timesync --all` now reports a non-empty `SystemNTPServers=`. - And of course the system isn't running anymore with one full minute worth of offset (after 2 days of uptime)… I strongly suggest adjusting the configuration to enable this option, first in unstable, and then in trixie, making sure to coordinate with the release team. (I think that's orthogonal to #1087113 which I first glance could have been related to this issue, except that (currently-disabled) test was actively setting the option via the command line, so that's another story I suppose.) Cheers, -- Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/
