RE: [chrony-users] chrony-3.4 bug?

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


Hi Miroslav.

Correct - it doesn’t start as a system service.  The pidfile is specified within my chrony.conf file so I wouldn’t expect that it will be responsible.  I also didn’t upgrade from a previous version of chrony - this is a brand new deployment (still under test).  I downloaded the 3.4 source code bundle and compiled it on a RHEL 7 VM.

When I try to start it with the -n switch in place I get the following messages:

>sudo systemctl restart chronyd.service

(after a long timeout)

Job for chronyd.service failed because a timeout was exceeded. See "systemctl status chronyd.service" and "journalctl -xe" for details.


>sudo systemctl status chronyd.service

● chronyd.service - Chrony
   Loaded: loaded (/etc/systemd/system/chronyd.service; enabled; vendor preset: enabled)
   Active: activating (start) since Fri 2018-11-02 13:26:47 EDT; 32s ago
 Main PID: 20946 (code=exited, status=0/SUCCESS);         : 20999 (chronyd)
   CGroup: /system.slice/chronyd.service
           └─20999 /var/chrony/sbin/chronyd -4 -n -u chrony -f /var/chrony/etc/chrony.conf -l /var/chrony/log/chrony.log

Nov 02 13:26:47 <hostname> systemd[1]: chronyd.service holdoff time over, scheduling restart.
Nov 02 13:26:47 <hostname> systemd[1]: Starting Chrony...


>sudo journalctl -xe

-- Unit chronyd.service has begun shutting down.
Nov 02 13:25:16 <hostname> systemd[1]: Starting Chrony...
-- Subject: Unit chronyd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit chronyd.service has begun starting up.
Nov 02 13:26:46 <hostname> systemd[1]: chronyd.service start operation timed out. Terminating.
Nov 02 13:26:46 <hostname> systemd[1]: Failed to start Chrony.
-- Subject: Unit chronyd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit chronyd.service has failed.
--
-- The result is failed.
Nov 02 13:26:46 <hostname> systemd[1]: Unit chronyd.service entered failed state.
Nov 02 13:26:46 <hostname> systemd[1]: chronyd.service failed.
Nov 02 13:26:46 <hostname> polkitd[621]: Unregistered Authentication Agent for unix-process:20981:44148827 (system bus name :1.10355, object path /org/freedesktop/Polic
Nov 02 13:26:47 <hostname> systemd[1]: chronyd.service holdoff time over, scheduling restart.
Nov 02 13:26:47 <hostname> systemd[1]: Starting Chrony...
-- Subject: Unit chronyd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit chronyd.service has begun starting up.


Note that chrony never actually starts - it just times out.


Here is the unit file (assuming you mean the chronyd.service file that I created):
_______________________
[Unit]
Description=Chrony
After=network.target

[Service]
ExecStart=/var/chrony/sbin/chronyd -4 -n -u chrony -f /var/chrony/etc/chrony.conf -l /var/chrony/log/chrony.log
Type=forking
PIDFile=/var/chrony/var/run/chrony.pid
Restart=always

[Install]
WantedBy=default.target
_______________________

....and here is the chrony.conf file that I created (IPs removed):
_______________________
#### TIME SOURCE SERVERS

        ## Define servers to draw time from
        ## Reduce polling interval to increase accuracy
        ## minpoll 2 equates to 4s
        ## maxpoll 3 equates to 8s
        ## iburst sends the first 4 requests at an interval of 2s or less

        ## Define the time source
        ## Use ONLY the time source that exists within the same site
        server <IP1> minpoll 2 maxpoll 3 iburst version 4 maxdelay 1 trust prefer require

        ## Note that it is recommended for security purposes that peering arrangements not be used
        ## Instead, it is recommended that each peer specify a client/server arrangement with one another
        ## Use ONLY the same site <redacted> appliance
        server <IP2> minpoll 2 maxpoll 3 iburst key 312 version 4 maxdelay 1 trust prefer require

        ## Use ONLY the same site other chronyd servers
        server <IP3> minpoll 2 maxpoll 3 iburst key 311 version 4 maxdelay 1 trust prefer require


#### TIME ADJUSTMENT CONSTRAINTS

        ## Limit the number of sources used (default)
        combinelimit 3

        ## Do not update the local clock without having at least 2 sources considered as selectable
        minsources 2

        ## Select slew for leapsecond treatment
        leapsecmode slew

        ## Set timezone for leap seconds
        leapsectz right/UTC

        ## Step the local system clock if it is off by more than 0.01s in the first 3 clock updates
        makestep 0.01 3

        ## Set the max allowed clock offset correction on a clock update
        maxchange 1000 1 -1

        ## Set max update skew to 5 ppm (good LAN)
        maxupdateskew 5


#### LOCAL SERVER SPECIFICS

        ## Define the address to which chrony will bind as a client
        ## Not applicable to server configuration
        #bindacqaddress <IP_address>

        ## Define the address to which chrony will bind as a server
        bindaddress <local_IP>

        ## Define location of measurement history file
        dumpdir /var/chrony/data/measurement_hist

        ## Store drift rate information in this file
        driftfile /var/chrony/data/drift

        ## Copy system time to Real-Time Clock (RTC)
        rtcsync

        ## NOTE That hardware timestamping is not supported on the network interface cards so will not be used

        ## Keys
        keyfile /var/chrony/keys/chrony.keys

        ## Lock chrony in memory such that it will not swap out to disk (results in lower and more consistent latency)
        lock_all

        ## PID file
        pidfile /var/chrony/var/run/chrony.pid


#### SECURITY

        ## Deny all remote command attempts
#        cmddeny all

        ## 181028 - allow command-level access from other NTP servers (originally required for testing purposes)
        cmdallow <other_IP_1>
        cmdallow <other_IP_2>
        cmdallow <other_IP_3>
        cmdallow <other_IP_4>
        cmdallow <other_IP_5>
        cmdallow <other_IP_6>

        ## 181031 - Define the address to which chrony will bind for commands
        bindcmdaddress <local_IP>

        ## 181031 - Open the command port (default port #)
        cmdport 323

        ## Specify user to run chrony as
        user chrony


#### CONTROLLING CLIENT ACCESS

        ## Allow queries from anyone (restricted on the firewall)
        allow all

        ## Set max memory allocated to tracking client access
        clientloglimit 1048576

        ## Specify port number
        port 123

        ## Rate limit client NTP queries
        ratelimit interval 2


#### LOGGING

        ## Define log directory
        logdir /var/chrony/log

        ## Define what to log
        log measurements statistics tracking

        ## Define threshold for system clock adjustments to be logged (default)
        logchange 1
_______________________

Interestingly enough, the chronyc output is what I needed and it appears to work fine with the -n switch.  So if this is a bug it is not holding me up at the moment.

Thanks!

Dan LeBlanc

-----Original Message-----
From: Miroslav Lichvar [mailto:mlichvar@xxxxxxxxxx] 
Sent: November-01-18 5:44 AM
To: chrony-users@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [chrony-users] chrony-3.4 bug?

On Wed, Oct 31, 2018 at 11:55:29PM +0000, LeBlanc, Daniel James wrote:
> Hi All.
> 
> I have discovered that chrony-3.4 will not startup on RHEL 7 if I pass it the -n option.  It times out.  My executable start string is as follows:
> 
> /var/chrony/sbin/chronyd -4 -u chrony -f /var/chrony/etc/chrony.conf -l /var/chrony/log/chrony.log
> 
> If I add the -n after the -4 or replace the -4 with -n, chronyd fails to start.  Has anyone else successfully used the -n flag?

It doesn't start as a systemd service? Can you please post the chrony
unit file and chrony config?

There was one change in chrony-3.4 that could be related. The default
pidfile has moved from /var/run to /var/run/chrony. So, you may need
to update the unit file or chrony config.

-- 
Miroslav Lichvar

-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/