root@b:~# echo "refclock SOCK /var/run/chrony.ttyS0.sock" >> /etc/chrony/chrony.conf root@b:~# systemctl restart chrony Job for chrony.service failed because the control process exited with error code. See "systemctl status chrony.service" and "journalctl -xe" for details.
Hitting denies like: [1790155.225877] audit: type=1400 audit(1527142484.030:1791): apparmor="DENIED" operation="mknod" namespace="root//lxd-b_<var-snap- lxd-common-lxd>" profile="/usr/sbin/chronyd" name="/run/chrony.ttyS0.sock" pid=27371 comm="chronyd" requested_mask="c" denied_mask="c" fsuid=0 ouid=0 Upgrade works fine, and denies are gone with the version from proposed. # apt install chrony Reading package lists... Done Building dependency tree Reading state information... Done The following package was automatically installed and is no longer required: libfreetype6 Use 'apt autoremove' to remove it. The following packages will be upgraded: chrony 1 upgraded, 0 newly installed, 0 to remove and 23 not upgraded. Need to get 203 kB of archives. After this operation, 1024 B of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 chrony amd64 3.2-4ubuntu4.1 [203 kB] Fetched 203 kB in 0s (1255 kB/s) (Reading database ... 28548 files and directories currently installed.) Preparing to unpack .../chrony_3.2-4ubuntu4.1_amd64.deb ... Unpacking chrony (3.2-4ubuntu4.1) over (3.2-4ubuntu4) ... Processing triggers for ureadahead (0.100.0-20) ... Setting up chrony (3.2-4ubuntu4.1) ... Installing new version of config file /etc/apparmor.d/usr.sbin.chronyd ... ... Atfer this I have root@b:~# systemctl status chrony ● chrony.service - chrony, an NTP client/server Loaded: loaded (/lib/systemd/system/chrony.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2018-05-24 06:17:30 UTC; 1min 22s ago Docs: man:chronyd(8) man:chronyc(1) man:chrony.conf(5) Process: 2594 ExecStartPost=/usr/lib/chrony/chrony-helper update-daemon (code=exited, status=0/SUCCESS) Process: 2587 ExecStart=/usr/lib/systemd/scripts/chronyd-starter.sh $DAEMON_OPTS (code=exited, status=0/SUCCESS) Main PID: 2593 (chronyd) Tasks: 1 (limit: 4915) CGroup: /system.slice/chrony.service └─2593 /usr/sbin/chronyd -x May 24 06:17:30 b systemd[1]: Starting chrony, an NTP client/server... May 24 06:17:30 b chronyd-starter.sh[2587]: Warning: Missing cap_sys_time, syncing the system clock will fail May 24 06:17:30 b chronyd-starter.sh[2587]: Warning: Running in a container, likely impossible and unintended to sync system clock May 24 06:17:30 b chronyd-starter.sh[2587]: Adding -x as fallback disabling control of the system clock, see /usr/share/doc/chrony/README.containe May 24 06:17:30 b chronyd[2593]: chronyd version 3.2 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SECHASH +SIGND +ASYNCDNS +IPV6 -DE May 24 06:17:30 b chronyd[2593]: Disabled control of system clock May 24 06:17:30 b chronyd[2593]: Frequency 1.521 +/- 34.520 ppm read from /var/lib/chrony/chrony.drift May 24 06:17:30 b systemd[1]: Started chrony, an NTP client/server. May 24 06:17:38 b chronyd[2593]: Selected source 185.183.156.211 Therefore, verified ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1771028 Title: Apparmor profile for chronyd needs to allow creation of /var/run/chrony.tty*.sock To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/1771028/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
