In case upstream won't accept the changes, here he revised Design of the
wrapper as mentioned in comment #9:
- The amount of "-x" passed to chronyd doesn't matter, so we can just add one.
- But OTOH the X-SET check is good and can be used to silence the warnings we
otherwise would
emit (no need to fall back if set this way)
- We want the capsh check only to be a warning a la "you likely can't set the
time as you lack
CAP_SYS_TIME" but not "the only decision maker to set -x
If CAP_SYS_TIME is missing, set -x and warn (that way around the logic works)
But if it is avail that is no guarantee that all is fine.
- The extra decision to default to -x as well is "systemd-detect-virt
--container"
Also along with a message that explains that (and why) we do so.
- /etc/default/chrony needs an option to override this for people that really
WANT to start without -x in containers
For Debian packaging:
- Yet untested code for the wrapper approach available at [1].
- The code that uses the suggested change to chrony itsel is available in [2]
[1]:
https://code.launchpad.net/~paelzer/ubuntu/+source/chrony/+git/chrony/+ref/bionic-lp1589780-run-in-container-wrapper
[2]:
https://code.launchpad.net/~paelzer/ubuntu/+source/chrony/+git/chrony/+ref/bionic-lp1589780-run-in-container
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1589780
Title:
chrony.service doesn't start on LXD container
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/1589780/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
