[ubuntu/oracular-proposed] chrony 4.5-3ubuntu1 (Accepted)

Andreas Hasenack andreas at canonical.com
Mon Jul 8 16:57:11 UTC 2024


chrony (4.5-3ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable (LP: #2064393, LP: #2068526). Remaining
    changes:
    - d/chrony.conf: Use ubuntu ntp pool and server.
      (LP #1744664, #1754358)
    - Set -x as default if unable to set time (e.g. in containers) (LP #1589780)
      Chrony is a single service which acts as both NTP client (i.e. syncing the
      local clock) and NTP server (i.e. providing NTP services to the network),
      and that is both desired and expected in the vast majority of cases.
      But in containers syncing the local clock is usually impossible, but this
      shall not break the providing of NTP services to the network.
      To some extent this makes chrony's default config more similar to 'ntpd',
      which complained in syslog but still provided NTP server service in those
      cases.
      + debian/chrony.service: allow the service to run without CAP_SYS_TIME
      + d/control: add new dependency libcap2-bin for capsh (usually
        installed anyway, but make them explicit to be sure).
      + d/chrony.default: new option SYNC_IN_CONTAINER to not fall
        back (Default off)
      + d/chronyd-starter.sh: wrapper to handle special cases in
        containers and if CAP_SYS_TIME is missing. Effectively allows
        running the NTP server in containers on a default installation
        and avoid failing to sync time (or if allowed to sync, avoid
        multiple containers fighting over it by accident).
      + d/install: Make chrony-starter.sh available on install.
      + d/docs, d/README.container: Provide documentation about the
        handling of this case.
    - d/rules, d/chrony.examples: Ship restricted service as an example
      not installed to the system for use.  (See LP #2051028)
  * Dropped:
    - d/usr.sbin.chronyd: apparmor fixes (LP: #2032805):
      + Allow the default UNIX domain socket address to be used by the
        reflock_sock service in the Apport configuration.
      + Fix failure to start timemaster due to lack of rw permissions on
        chrony socket.
      [In 4.5-2 and 4.5-3]

Date: Tue, 02 Jul 2024 15:57:20 -0300
Changed-By: Andreas Hasenack <andreas at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/chrony/4.5-3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 02 Jul 2024 15:57:20 -0300
Source: chrony
Built-For-Profiles: noudeb
Architecture: source
Version: 4.5-3ubuntu1
Distribution: oracular
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Hasenack <andreas at canonical.com>
Launchpad-Bugs-Fixed: 2032805 2064393 2068526
Changes:
 chrony (4.5-3ubuntu1) oracular; urgency=medium
 .
   * Merge with Debian unstable (LP: #2064393, LP: #2068526). Remaining
     changes:
     - d/chrony.conf: Use ubuntu ntp pool and server.
       (LP #1744664, #1754358)
     - Set -x as default if unable to set time (e.g. in containers) (LP #1589780)
       Chrony is a single service which acts as both NTP client (i.e. syncing the
       local clock) and NTP server (i.e. providing NTP services to the network),
       and that is both desired and expected in the vast majority of cases.
       But in containers syncing the local clock is usually impossible, but this
       shall not break the providing of NTP services to the network.
       To some extent this makes chrony's default config more similar to 'ntpd',
       which complained in syslog but still provided NTP server service in those
       cases.
       + debian/chrony.service: allow the service to run without CAP_SYS_TIME
       + d/control: add new dependency libcap2-bin for capsh (usually
         installed anyway, but make them explicit to be sure).
       + d/chrony.default: new option SYNC_IN_CONTAINER to not fall
         back (Default off)
       + d/chronyd-starter.sh: wrapper to handle special cases in
         containers and if CAP_SYS_TIME is missing. Effectively allows
         running the NTP server in containers on a default installation
         and avoid failing to sync time (or if allowed to sync, avoid
         multiple containers fighting over it by accident).
       + d/install: Make chrony-starter.sh available on install.
       + d/docs, d/README.container: Provide documentation about the
         handling of this case.
     - d/rules, d/chrony.examples: Ship restricted service as an example
       not installed to the system for use.  (See LP #2051028)
   * Dropped:
     - d/usr.sbin.chronyd: apparmor fixes (LP: #2032805):
       + Allow the default UNIX domain socket address to be used by the
         reflock_sock service in the Apport configuration.
       + Fix failure to start timemaster due to lack of rw permissions on
         chrony socket.
       [In 4.5-2 and 4.5-3]
Checksums-Sha1:
 04f9926864e7e4ed6e9fd8eb7a3dfbe2694d68c0 2454 chrony_4.5-3ubuntu1.dsc
 6823844361bc46d96eb45ca9b81c959492a6a2a0 47740 chrony_4.5-3ubuntu1.debian.tar.xz
 d624ff2c203071ee2631942ab2b9721b0362d1a8 7443 chrony_4.5-3ubuntu1_source.buildinfo
Checksums-Sha256:
 2144b2e9b98aa5c197ecf9213c8ac40ac9fbffbf41ba7de54ddee726cf9d916c 2454 chrony_4.5-3ubuntu1.dsc
 ca62a668c0db427dd31ac08189fe7d7a9debef960e3baeb4ba23b5af6f462c4d 47740 chrony_4.5-3ubuntu1.debian.tar.xz
 95bc31af59589c6727f91129c32200226fce6a1c5bddf449faa8bedcfe11d26a 7443 chrony_4.5-3ubuntu1_source.buildinfo
Files:
 5a0018dffbe6bfc6582a4f172cc282b5 2454 net optional chrony_4.5-3ubuntu1.dsc
 3851704d198f3915f82e3e82a0176ad9 47740 net optional chrony_4.5-3ubuntu1.debian.tar.xz
 77580981216744ca4d97a71358d5ef37 7443 net optional chrony_4.5-3ubuntu1_source.buildinfo
Original-Maintainer: Vincent Blut <vincent.debian at free.fr>
Vcs-Git: https://git.launchpad.net/~ahasenack/ubuntu/+source/chrony
Vcs-Git-Commit: f534561466e2e2ca34f352dadc78be5a4ab8e774
Vcs-Git-Ref: refs/heads/oracular-chrony-merge-1


More information about the oracular-changes mailing list