[ubuntu/oracular-proposed] chrony 4.5-3ubuntu1 (Accepted)
Andreas Hasenack
andreas at canonical.com
Mon Jul 8 16:57:11 UTC 2024
chrony (4.5-3ubuntu1) oracular; urgency=medium
* Merge with Debian unstable (LP: #2064393, LP: #2068526). Remaining
changes:
- d/chrony.conf: Use ubuntu ntp pool and server.
(LP #1744664, #1754358)
- Set -x as default if unable to set time (e.g. in containers) (LP #1589780)
Chrony is a single service which acts as both NTP client (i.e. syncing the
local clock) and NTP server (i.e. providing NTP services to the network),
and that is both desired and expected in the vast majority of cases.
But in containers syncing the local clock is usually impossible, but this
shall not break the providing of NTP services to the network.
To some extent this makes chrony's default config more similar to 'ntpd',
which complained in syslog but still provided NTP server service in those
cases.
+ debian/chrony.service: allow the service to run without CAP_SYS_TIME
+ d/control: add new dependency libcap2-bin for capsh (usually
installed anyway, but make them explicit to be sure).
+ d/chrony.default: new option SYNC_IN_CONTAINER to not fall
back (Default off)
+ d/chronyd-starter.sh: wrapper to handle special cases in
containers and if CAP_SYS_TIME is missing. Effectively allows
running the NTP server in containers on a default installation
and avoid failing to sync time (or if allowed to sync, avoid
multiple containers fighting over it by accident).
+ d/install: Make chrony-starter.sh available on install.
+ d/docs, d/README.container: Provide documentation about the
handling of this case.
- d/rules, d/chrony.examples: Ship restricted service as an example
not installed to the system for use. (See LP #2051028)
* Dropped:
- d/usr.sbin.chronyd: apparmor fixes (LP: #2032805):
+ Allow the default UNIX domain socket address to be used by the
reflock_sock service in the Apport configuration.
+ Fix failure to start timemaster due to lack of rw permissions on
chrony socket.
[In 4.5-2 and 4.5-3]
Date: Tue, 02 Jul 2024 15:57:20 -0300
Changed-By: Andreas Hasenack <andreas at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/chrony/4.5-3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 02 Jul 2024 15:57:20 -0300
Source: chrony
Built-For-Profiles: noudeb
Architecture: source
Version: 4.5-3ubuntu1
Distribution: oracular
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Hasenack <andreas at canonical.com>
Launchpad-Bugs-Fixed: 2032805 2064393 2068526
Changes:
chrony (4.5-3ubuntu1) oracular; urgency=medium
.
* Merge with Debian unstable (LP: #2064393, LP: #2068526). Remaining
changes:
- d/chrony.conf: Use ubuntu ntp pool and server.
(LP #1744664, #1754358)
- Set -x as default if unable to set time (e.g. in containers) (LP #1589780)
Chrony is a single service which acts as both NTP client (i.e. syncing the
local clock) and NTP server (i.e. providing NTP services to the network),
and that is both desired and expected in the vast majority of cases.
But in containers syncing the local clock is usually impossible, but this
shall not break the providing of NTP services to the network.
To some extent this makes chrony's default config more similar to 'ntpd',
which complained in syslog but still provided NTP server service in those
cases.
+ debian/chrony.service: allow the service to run without CAP_SYS_TIME
+ d/control: add new dependency libcap2-bin for capsh (usually
installed anyway, but make them explicit to be sure).
+ d/chrony.default: new option SYNC_IN_CONTAINER to not fall
back (Default off)
+ d/chronyd-starter.sh: wrapper to handle special cases in
containers and if CAP_SYS_TIME is missing. Effectively allows
running the NTP server in containers on a default installation
and avoid failing to sync time (or if allowed to sync, avoid
multiple containers fighting over it by accident).
+ d/install: Make chrony-starter.sh available on install.
+ d/docs, d/README.container: Provide documentation about the
handling of this case.
- d/rules, d/chrony.examples: Ship restricted service as an example
not installed to the system for use. (See LP #2051028)
* Dropped:
- d/usr.sbin.chronyd: apparmor fixes (LP: #2032805):
+ Allow the default UNIX domain socket address to be used by the
reflock_sock service in the Apport configuration.
+ Fix failure to start timemaster due to lack of rw permissions on
chrony socket.
[In 4.5-2 and 4.5-3]
Checksums-Sha1:
04f9926864e7e4ed6e9fd8eb7a3dfbe2694d68c0 2454 chrony_4.5-3ubuntu1.dsc
6823844361bc46d96eb45ca9b81c959492a6a2a0 47740 chrony_4.5-3ubuntu1.debian.tar.xz
d624ff2c203071ee2631942ab2b9721b0362d1a8 7443 chrony_4.5-3ubuntu1_source.buildinfo
Checksums-Sha256:
2144b2e9b98aa5c197ecf9213c8ac40ac9fbffbf41ba7de54ddee726cf9d916c 2454 chrony_4.5-3ubuntu1.dsc
ca62a668c0db427dd31ac08189fe7d7a9debef960e3baeb4ba23b5af6f462c4d 47740 chrony_4.5-3ubuntu1.debian.tar.xz
95bc31af59589c6727f91129c32200226fce6a1c5bddf449faa8bedcfe11d26a 7443 chrony_4.5-3ubuntu1_source.buildinfo
Files:
5a0018dffbe6bfc6582a4f172cc282b5 2454 net optional chrony_4.5-3ubuntu1.dsc
3851704d198f3915f82e3e82a0176ad9 47740 net optional chrony_4.5-3ubuntu1.debian.tar.xz
77580981216744ca4d97a71358d5ef37 7443 net optional chrony_4.5-3ubuntu1_source.buildinfo
Original-Maintainer: Vincent Blut <vincent.debian at free.fr>
Vcs-Git: https://git.launchpad.net/~ahasenack/ubuntu/+source/chrony
Vcs-Git-Commit: f534561466e2e2ca34f352dadc78be5a4ab8e774
Vcs-Git-Ref: refs/heads/oracular-chrony-merge-1
More information about the oracular-changes
mailing list