Hello Christian, One need to use "-F 1 -x" in order to reproduce. The "1" instead of "-1" is what causes the bug to happen. Thanks!
Regards, Simon On 2020-10-05 7:33 a.m., Christian Ehrhardt wrote: > Hrm I got to test this now and I can't reproduce with: > > Groovy > root@g:~# grep OPT /etc/default/chrony > DAEMON_OPTS="-F -1 -x" > root@g:~# systemctl restart chrony; systemctl status chrony | grep > 'sbin\/chronyd' > ├─118154 /usr/sbin/chronyd -F -1 -x > └─118155 /usr/sbin/chronyd -F -1 -x > > Focal > root@f:~# grep OPT /etc/default/chrony > DAEMON_OPTS="-F -1 -x" > root@f:~# systemctl restart chrony; systemctl status chrony | grep > 'sbin\/chronyd' > ├─80336 /usr/sbin/chronyd -F -1 -x > └─80337 /usr/sbin/chronyd -F -1 -x > > Hmm, maybe my containers I currently use are "too capable" > > The script does two things: > 1. it checks if it is running in a container > OR > 2. it checks if it misses cap_sys_time > > If 1 || 2 are true the service would (by default) fail to run at all. > The wrapper automatically adds -x in that case. > > So if 1 || 2 you'll see: > "Adding -x as fallback disabling control of the system clock, see > /usr/share/doc/chrony/README.container to override this behavior" > > > But when you add -x in the OPTs yourself it should still be ok. > It runs a getopt loop if there is a -x. > If it is set it does not go into any of the later checks and runs chrony as > you told it. > > Test on non privileged container > default: > ├─1459 /usr/sbin/chronyd -F -1 -x > └─1460 /usr/sbin/chronyd -F -1 -x > ... > Oct 05 11:27:20 g-chrony chronyd-starter.sh[1454]: Warning: Running in a > container, likely impossible and unintended to sync system clock > Oct 05 11:27:20 g-chrony chronyd-starter.sh[1454]: Adding -x as fallback > disabling control of the system clock, see > /usr/share/doc/chrony/README.container to override this behavior > > > Adding -x to the options still does not break it ... hmm: > > Groovy: > root@g-chrony:~# grep OPT /etc/default/chrony > DAEMON_OPTS="-F -1 -x" > root@g-chrony:~# systemctl restart chrony; systemctl status chrony | grep > 'sbin\/chronyd' > ├─1688 /usr/sbin/chronyd -F -1 -x > └─1689 /usr/sbin/chronyd -F -1 -x > > Focal: > root@f-chrony:~# grep OPT /etc/default/chrony > DAEMON_OPTS="-F -1 -x" > root@f-chrony:~# systemctl restart chrony; systemctl status chrony | grep > 'sbin\/chronyd' > ├─2221 /usr/sbin/chronyd -F -1 -x > └─2222 /usr/sbin/chronyd -F -1 -x > > > Still ok. > Could you add set -x to /usr/lib/systemd/scripts/chronyd-starter.sh and let > me know why the getopt loop might not work for you? > > >>From /usr/lib/systemd/scripts/chronyd-starter.sh: > # Check if -x is already set manually, don't process further if that is the > case > X_SET=0 > while getopts ":x" opt; do > case $opt in > x) > X_SET=1 > ;; > esac > done > > > ** Changed in: chrony (Ubuntu) > Status: New => Incomplete > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1898000 Title: bogus handling of DAEMON_OPTS by chronyd-starter.sh To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/1898000/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
