chrony 3.4-4ubuntu1 source package in Ubuntu


chrony (3.4-4ubuntu1) eoan; urgency=medium

  * Merge with Debian unstable (LP: #1828992). Remaining changes:
    - d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358)
    - Set -x as default if unable to set time (e.g. in containers) (LP 1589780)
      Chrony is a single service which acts as both NTP client (i.e. syncing the
      local clock) and NTP server (i.e. providing NTP services to the network),
      and that is both desired and expected in the vast majority of cases.
      But in containers syncing the local clock is usually impossible, but this
      shall not break the providing of NTP services to the network.
      To some extent this makes chrony's default config more similar to 'ntpd',
      which complained in syslog but still provided NTP server service in those
      + debian/chrony.service: allow the service to run without CAP_SYS_TIME
      + debian/control: add new dependency libcap2-bin for capsh (usually
        installed anyway, but make them explicit to be sure).
      + debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
        (Default off) [fixed a minor typo in the comment in this update]
      + debian/ wrapper to handle special cases in containers
        and if CAP_SYS_TIME is missing. Effectively allows to run NTP server in
        containers on a default installation and avoid failing to sync time (or
        if allowed to sync, avoid multiple containers to fight over it by
      + debian/install: make available on install.
      + debian/docs, debian/README.container: provide documentation about the
        handling of this case.
    - d/postrm: re-establish systemd-timesyncd on removal (LP 1764357)
    - d/postrm: respect policy-rc.d when restoring systemd-timesyncd
      (LP 1771994)
  * Added Changes:
    - removed d/init to avoid weird interactions between sysV and systemd
  * Dropped Changes:
    - Notify chrony to update sources in response to systemd-networkd
      events (LP: 1718227)
      + d/links: link dispatcher script to networkd-dispatcher events routable
        and off
      + d/control: set Recommends to networkd-dispatcher
      [Those are in Debian, except that we agreed to have networkd-dispatcher
       to only be a Suggests]

chrony (3.4-4) unstable; urgency=medium

  * debian/patches/*:
    - Add allow-further-syscalls-in-seccomp-filter.patch. Supplementing the
    seccomp filter whitelist with those syscalls is a prerequisite, notably for
    the arm64 architecture.

  [ Leigh Brown ]
  * debian/patches/*:
    - Add allow-recv-send-in-seccomp-filter.patch. Necessary on armel and
    ppc64el. Other architectures might also be affected. (Closes: #924494)

chrony (3.4-3) unstable; urgency=medium

  * debian/.gitlab-ci.yml:
    - Check for missing hardening flags.

  * debian/patches/*:
    - Add allow-_llseek-in-seccomp-filter.patch. Needed on various 32-bit
    plateforms to log the {raw}measurements and statistics information when
    the seccomp filter is enabled. Thanks a lot to Francesco Poli (wintermute)
    <email address hidden> for the report. (Closes: #923137)
    - Add allow-waitpid-in-seccomp-filter.patch. Needed to correctly stop
    chronyd on some plateforms when the seccomp filter is enabled.

chrony (3.4-2) unstable; urgency=medium

  * debian/.gitlab-ci.yml:
    - Replace home-made GitLab CI with the standard Salsa pipeline.
    - Allow autopkgtest job to fail. The time-sources-from-dhcp-servers test
    currently fails due to a testbed issue on salsa CI.

  * debian/chrony.default:
    - Enable the system call filter by default.

  * debian/control:
    - Bump standard-version to 4.3.0 (no changes required).
    - Use the new debhelper-compat (= 12) notation and drop d/compat.
    - Add Pre-Depends: ${misc:Pre-Depends}. Debhelper compatibility level 12
    makes use of the “--skip-systemd-native” flag from “invoke-rc.d”. Adding
    Pre-Depends: ${misc:Pre-Depends} to d/control ensure that we have a recent
    enough version of “init-system-helpers”.
    - Suggest networkd-dispatcher.

  * debian/copyright:
    - Add myself as a copyright holder for 2019.

  * debian/links:
    - Now that “networkd-dispatcher” is in the Debian archive, link
    NetworkManager dispatcher script to networkd-dispatcher routable and off
    states. Patch cherry-picked from Ubuntu; thanks to Christian Ehrhardt
    <email address hidden> for working on this.

  * debian/NEWS:
    - Report that a system call filter is now enabled by default and the way
    to disable it if needed.

  * debian/rules:
    - Don’t enable the system call filter on some architectures due to missing
    support in the “libseccomp” and/or the Linux kernel.

  * debian/upstream/:
    - Strip upstream key from extra signatures. Thanks lintian!
    - Remove the Miroslav-Lichvar.txt file as it serves no purpose.

  * debian/usr.sbin.chronyd:
    - Don’t include “tunables/sys”. The etc/apparmor.d/tunables/sys file has
    been deprecated in AppArmor 2.13.1! The @{sys} variable is now defined in
    “tunables/kernelvars” which is included in “tunables/global”.

 -- Christian Ehrhardt <email address hidden>  Tue, 14 May 2019 12:49:30 +0200

Upload details

Uploaded by:
Christian Ehrhardt  on 2019-05-16
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
chrony_3.4.orig.tar.gz 442.4 KiB af77e47c2610a7e55c8af5b89a8aeff52d9a867dd5983d848b52d374bc0e6b9f
chrony_3.4-4ubuntu1.debian.tar.xz 34.8 KiB 40544850516619e6f2d400cb37474dc6efb0e297abe84fda1cd08888a5b4890e
chrony_3.4-4ubuntu1.dsc 2.3 KiB 4585062de741c270cae40495dc97cffbe5b376db19ded337e4e6710df5931367

Available diffs

View changes file

Binary packages built by this source

chrony: Versatile implementation of the Network Time Protocol

 It consists of a pair of programs:
 chronyd: This is a daemon which runs in background on the system.
 It obtains measurements (e.g. via the network) of the system's offset
 relative to other systems and adjusts the system time accordingly. For
 isolated systems, the user can periodically enter the correct time by
 hand (using 'chronyc'). In either case 'chronyd' determines the rate
 at which the computer gains or loses time, and compensates for this.
 Chronyd implements the NTP protocol and can act as either a client or
 a server.
 chronyc: This is a command-line driven control and monitoring program.
 An administrator can use this to fine-tune various parameters within
 the daemon, add or delete servers etc whilst the daemon is running.

chrony-dbgsym: debug symbols for chrony