Re: [chrony-users] Chrony without daemon |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
- To: chrony-users@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-users] Chrony without daemon
- From: Rob Janssen <chrony-users@xxxxxxxxx>
- Date: Mon, 4 Aug 2025 17:27:00 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=pe1chl.nl; s=pe1chl; t=1754321221; bh=pL/c08cEwjZWnMbFoGGrMeSp5bYZL6NRopzDXTHGcn4=; h=Date:Subject:To:References:From:In-Reply-To:From; b=IPjsLZAs0Won76CCV7cgJI/CGudR5DVwhWGSsAOIh8ntaSlachOn4WRjvCCFaWEMQ 5P01VVOx0zTYr0dlesYNdONoN1V0IM7pNdrrxTp5oTjryjOiWdvFSbp7F+jMG2rC+M J0mhirtn+7zRtys+XEjuGJk0PqksTBCXlZ0/csDrFZDRE1vEWclfVaUuP7PcP5PUVj 4d4HcqSRxQlRsZQBWAlhpqoPc0X7uPfX6NjVygBNK3pXTobtzu6tGIBQQEcMnh/VBF 92kf1t5EZX/Viarj5odQAc/hjAm/zI0Z6tHvAQDpF0SrntNrDgYq2octqiuWc3dxcU fVzkrStiArAdw==
- Organization: PE1CHL
I don't think you have a clear picture of the architecture of chrony...
There is a chrony daemon (chronyd) that performs the actual time sync functions
and for that it has to run permanently, and have sufficient privileges to sync the time.
It is usually started by systemd when that is the local method to manage services.
Then there is the "chronyc" program which can send queries to a chronyd daemon,
which can be on the local system or anywhere else on the network, and it displays
the information it gets back from the daemon in user-readable form.
It requires no privileges, it does not run as a daemon, it has no involvement with systemd.
Of course to meaningfully use chronyc, you need to have a chronyd running elsewhere
in your network, and it has to be configured with sufficient privileges to allow chronyc
queries from the address where chronyc is used (cmdallow keyword).
Rob
On 2025-08-04 11:04, Remush wrote:
> Hey there again, this might be a weird question but I'm testing my options.
> I'm trying to set up a pod in Openshift that will allow me to run `chronyc sources`.
>
> Sadly, the Openshift doesn't allow pods access to systemd, in addition it sets the user to be a random uid, but within the gid of root.
>
> Is there any way possible to achieve `chronyc sources` without access to the daemon?
>
> Sorry for the weird use case, might be irrelevant to this community.
> Thanks a lot in advance!
--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.