Package: chrony
Version: 4.0-8
Severity: grave
Tags: upstream
Justification: renders package unusable
X-Debbugs-Cc: s.egb...@sbcglobal.net
Dear Maintainer,
The filename construct for a UNIX socket to be shared
between the Chrony (chronyd) daemon and its Chrony CLI (chronyc) client
admin tool are not in sync, as client's UNIX filename uses a PID value
whereas server's UNIX filename does not use PID value.
This appears to be a Debian-only issue.
Fired up its daemon and doubled checked that a UNIX socket was made:
$ ls -1 /run/chrony
chrony.sock
chrony.pid
Execute the client and no successful UNIX socket opened.
Using List Open File (lsof) tool, I show the daemon's opened files:
COMMAND PID USER FD TYPE NODE NAME
<snipped some non-relevant fds out>
chronyd 3597 _chrony 3u unix 0x0000000000000000 \
type=DGRAM
chronyd 3597 _chrony 5u IPv4 UDP 127.0.0.1:323
chronyd 3597 _chrony 6u IPv6 UDP [::1]:323
chronyd 3597 _chrony 7u unix 0x0000000000000000 \
/run/chrony/chronyd.sock type=DGRAM
chronyd 3597 _chrony 8u unix 0x0000000000000000 type=SEQPACKET
chronyc 3809 johnd 3u IPv4 UDP \
127.0.0.1:33911->127.0.0.1:323
No socket in the dispatcher part of the daemon, now to check the other
forked part of the daemon used to carry on the connection with
its chronyc client, same 'lsof' output.
COMMAND PID USER FD TYPE NODE NAME
<snipped some non-relevant fds out>
chronyd 3597 _chrony 5u IPv4 UDP 127.0.0.1:323
chronyd 3597 _chrony 6u IPv6 UDP [::1]:323
chronyd 3598 _chrony 9u unix 0x0000000000000000 type=SEQPACKET
chronyc 3809 johnd 3u IPv4 UDP \
127.0.0.1:33911->127.0.0.1:323
Appears that client failed socket open and fell back to a
different approach which is using an IP loopback address.
Investigated why socket open failed... by using 'strace -f chrony[c|d]'.
For the chronyd v4.0 having opened a Debian-tweaked '/run/chrony/chrony.sock',
I show the corresponding chronyc v4.0 version:
$ chronyc -v
chronyc (chrony) version 4.0 (+READLINE +SECHASH +IPV6 -DEBUG)
And ran strace against this v4.0 client and grep'd for 'sock' word pattern:
$ strace -f /usr/bin/chronyc
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
unlink("/run/chrony/chronyc.3875.sock") = -1 EACCES (Permission denied)
bind(3, {sa_family=AF_UNIX, sun_path="/run/chrony/chronyc.3875.sock"}, 110)
= -1 EACCES (Permission denied)
getsockname(3, {sa_family=AF_UNIX}, [112->2]) = 0
close(3) = 0
socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(323),
sin_addr=inet_addr("127.0.0.1")}, 16) = 0
Noticed the 'PID' number being inserted into the
'/run/chrony/chronyc.3875.sock'?
This is the chronyc client doing "PID-sock" filenaming convention, whereas
its daemon is doing a different "just-sock" filenaming convention.
The v4.1 client does exactly the same.
chronyc (chrony) version DEVELOPMENT (-READLINE -SECHASH +IPV6 +DEBUG)
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
unlink("/var/run/chrony/chronyc.3885.sock") = -1 EACCES (Permission denied)
bind(3, {sa_family=AF_UNIX, sun_path="/var/run/chrony/chronyc.3885.sock"},
110) = -1 EACCES (Permission denied)
getsockname(3, {sa_family=AF_UNIX}, [112->2]) = 0
close(3) = 0
socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(323),
sin_addr=inet_addr("127.0.0.1")}, 16) = 0
fstat(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...}) = 0
read(0, ^Cstrace: Process 3885 detached
<detached ...>
It would be nice to use consistent filenaming convention for the UNIX socket
for both client and daemon.
-- System Information:
Debian Release: 11.0
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.46 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages chrony depends on:
ii adduser 3.118
ii init-system-helpers 1.60
ii iproute2 5.10.0-4
ii libc6 2.31-13
ii libcap2 1:2.44-1
ii libedit2 3.1-20191231-2+b1
ii libgnutls30 3.7.1-5
ii libnettle8 3.7.3-1
ii libseccomp2 2.5.1-1
ii tzdata 2021a-1
ii ucf 3.0043
chrony recommends no packages.
Versions of packages chrony suggests:
ii bind9-dnsutils [dnsutils] 1:9.16.15-1
pn networkd-dispatcher <none>
-- Configuration Files:
/etc/apparmor.d/usr.sbin.chronyd changed:
/usr/sbin/chronyd flags=(attach_disconnected) {
#include <abstractions/base>
#include <abstractions/nameservice>
# For /run/chrony to be created
capability chown,
# Give “root” the ability to read and write the PID file
capability dac_override,
capability dac_read_search,
# Needed to support HW timestamping
capability net_admin,
# Needed to allow NTP server sockets to be bound to a privileged port
capability net_bind_service,
# Needed to allow an NTP socket to be bound to a device using the
# SO_BINDTODEVICE socket option on kernels before 5.7
capability net_raw,
# Needed to drop privileges
capability setgid,
capability setuid,
# Needed to set the SCHED_FIFO real-time scheduler at the specified priority
# using the '-P' option
capability sys_nice,
# Needed to lock chronyd into RAM
capability sys_resource,
# Needed to set the system/real-time clock
capability sys_time,
/usr/sbin/chronyd mr,
/etc/chrony/{,**} r,
/var/lib/chrony/{,*} rw,
/var/log/chrony/{,*} rw,
@{run}/chrony/{,*} rw,
@{run}/chrony-dhcp/{,*} r,
# Using the “tempcomp” directive gives chronyd the ability to improve
# the stability and accuracy of the clock by compensating the temperature
# changes measured by a sensor close to the oscillator.
@{sys}/class/hwmon/hwmon[0-9]*/temp[0-9]*_input r,
@{sys}/devices/virtual/thermal/thermal_zone[0-9]*/hwmon[0-9]*/temp[0-9]*_input
r,
# Support all paths suggested in the man page (LP: #1771028). Assume these
# are common use cases; others should be set as local include (see below).
# Configs using a 'chrony.' prefix like the tempcomp config file example
/etc/chrony.* r,
# Example gpsd socket is outside @{run}/chrony/
@{run}/chrony.tty{,*}.sock rw,
@{run}/chrony.*.sock rw,
# To sign replies to MS-SNTP clients by the smbd daemon
/var/lib/samba/ntp_signd/socket rw,
# rtc
/etc/adjtime r,
/dev/rtc{,[0-9]*} rw,
# gps devices
/dev/pps[0-9]* rw,
/dev/ptp[0-9]* rw,
# For use with clocks that report via shared memory (e.g. gpsd),
# you may need to give ntpd access to all of shared memory, though
# this can be considered dangerous. See https://launchpad.net/bugs/722815
# for details. To enable, add this to local/usr.sbin.chronyd:
# capability ipc_owner,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.chronyd>
}
/etc/default/chrony changed:
DAEMON_OPTS="-F 1 -L 0"
-- no debconf information
