Re: [chrony-users] 506 Cannot talk to daemon

[Benjamin Schnieders <benjamin.schnieders@xxxxxxxxx>]

Ohhhhh.....

Yes, connecting to chronyd over the network worked. Next thing, I tried connecting to itself using -h 127.0.0.1, which worked fine. Connecting to itself using its hostname, however, didn't work, which finally pushed me in the right direction:

in /etc/hosts, there was an entry

127.0.1.1 localhost

which, as we all know, is not the default address for localhost. Setting it to 127.0.0.1 solved the issue. I guess chronyc defaults to "localhost", if no hostname is given. Then, I guess, in some other part of the software only 127.0.0.1 is allowed per default; not other loopback IP addresses.

In the end, this just explains the cronyc/cronyd communication difficulties, right? cronyd should have still run without issues...

Anyway, thank you for your help :)

Benjamin

2017-04-28 12:20 GMT+01:00 Miroslav Lichvar <mlichvar@xxxxxxxxxx>:

On Fri, Apr 28, 2017 at 11:43:53AM +0100, Benjamin Schnieders wrote:
> On the problematic machine, however, it's still running as root. It's also
> running as root on another client machine (on which chronyc sources works),
> which is also Ubuntu 14.04, so that appears to be normal.

The older package just didn't configure chronyd to drop root. That
shouldn't change anything for the ability to listen and respond on the
port 323.

If you have a second machine with the same chrony version, could you
try to configure both of them with the "cmdallow" directive to allow
command access and check from which machine chronyc works remotely?
Maybe that will tell us if it's a problem in chronyc or chronyd. You
might need to open the port 323 in firewall.

--
Miroslav Lichvar

--
To unsubscribe email chrony-users-request@chrony.tuxfamily.org
with "unsubscribe" in the subject.
For help email chrony-users-request@chrony.tuxfamily.org
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxx.org.