There are actually rules for this, and the problem is that they are read only but chrony needs write as well.
Maybe to some r-only would be ok, but until that is fixed in code (takes time) allow on these devices. They are not terribly security critical in regard to write access fortunately.
The same applied to:
/dev/pps*
/dev/ptp*
There are actually rules for this, and the problem is that they are read only but chrony needs write as well.
Maybe to some r-only would be ok, but until that is fixed in code (takes time) allow on these devices. They are not terribly security critical in regard to write access fortunately.