include statement does not work in chrony.conf

uvoigt · June 9, 2017, 8:20am

Hi,

recently I updated from chrony 3.0 to 3.1 (chrony-3.1-21.1.x86_64). I am using the include statement in the chrony config file.
After updating the statements in the included file are not included any more.

This is my /etc/chrony.conf:


driftfile /var/lib/chrony/drift
makestep 62 -1
rtcsync
allow
local stratum 7 orphan
maxdistance 6
logdir /var/log/chrony
log measurements statistics tracking rtc refclocks tempcomp
logbanner 100
logchange 0.1
refclock SHM 0 refid GPS precision 1e-1 offset 0.18 delay 0.2
refclock SHM 1 refid PPS precision 1e-9 delay 0.15
include /home/tester/ntp.include

This is /home/tester/ntp.include (Rights -rw-r–r–):

server 192.168.87.95 iburst

chronyc sources lists (GPS is not connected at the moment):

210 Number of sources = 2
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
#? GPS                           0   4     0     -     +0ns   +0ns] +/-    0ns
#? PPS                           0   4     0     -     +0ns   +0ns] +/-    0ns

chronyc does not complain :

# systemctl status chronyd
* chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2017-06-07 13:14:58 UTC; 1s ago
     Docs: man:chronyd(8)
           man:chrony.conf(5)
  Process: 22057 ExecStartPost=/usr/share/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
  Process: 22051 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 22056 (chronyd)
    Tasks: 1 (limit: 512)
   CGroup: /system.slice/chronyd.service
           └─22056 /usr/sbin/chronyd
 
Jun 07 13:14:58 testsrv systemd[1]: Starting NTP client/server...
Jun 07 13:14:58 testsrv chronyd[22056]: chronyd version 3.1 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SECHASH -SIGND +ASYNCDNS +IPV6 -DEBUG)
Jun 07 13:14:58 testsrv chronyd[22056]: Frequency -23.247 +/- 135.270 ppm read from /var/lib/chrony/drift
Jun 07 13:14:58 testsrv systemd[1]: Started NTP client/server.

The server is used when I move the server statement from the include file to /etc/chrony.conf.

Can anyone reproduce the problem?

Thanks!
Ulrich

uvoigt · June 9, 2017, 8:30am

Update: I updatet to chrony-3.1-21.21.x86_64 but still the same problem.

uname -a: Linux swe5-sp 4.4.62-18.6-default #1 SMP Fri Apr 21 16:14:48 UTC 2017 (84f9824) x86_64 x86_64 x86_64 GNU/Linux
s

uvoigt · June 21, 2017, 11:58am

The problem is caused by the systemd configuration. The option ProtectHome has to be changed to read-only otherwise chrony cannot read from the home directory.

Working chronyd systemd config:


# cat /usr/lib/systemd/system/chronyd.service
[Unit]
Description=NTP client/server
Documentation=man:chronyd(8) man:chrony.conf(5)
After=ntpdate.service sntp.service ntpd.service
Conflicts=ntpd.service systemd-timesyncd.service
ConditionCapability=CAP_SYS_TIME

[Service]
Type=forking
PIDFile=/var/run/chronyd.pid
EnvironmentFile=-/etc/sysconfig/chronyd
ExecStart=/usr/sbin/chronyd $OPTIONS
ExecStartPost=/usr/share/chrony-helper update-daemon
PrivateTmp=yes
ProtectHome=read-only
ProtectSystem=full

[Install]
WantedBy=multi-user.target