[Bug 2032805] Re: Could not open socket /var/run/timemaster/chrony.SOCK0

Fri, 22 Mar 2024 00:15:38 -0700 

Thanks for the ping on this @ahresse !
Yes, this should be very similar to thew old fix in bug 1771028

It is essentially yet another "chrony works with something else" use case.
There is a section for that in the chrony apparmor rules and we should indeed 
add the known default paths (like this) to be allowed.

And this is such a default path, from the man page:
rundir - Specify  the  directory  where  should  be  generated  chronyd,  ntpd  
and  ptp4l  configuration  files  and  sockets.  The  directory  will be 
created if it doesn't exist. The default value is              
/var/run/timemaster.
So on this we might even want to allow to read all sub-elements, including the 
generated config.
But RW for the socket.

But furthermore while touching it, in addition to the one reported I also see 
in the ptp4l
refclock_sock_address - The address of the UNIX domain socket to be used by the 
refclock_sock servo.  The default is /var/run/refclock.ptp.sock
So we should allow that path as well.

For chrony my proposal that - once agreed - we need to pick up would
seem like

diff --git a/debian/usr.sbin.chronyd b/debian/usr.sbin.chronyd
index bc52d4f7..e64edc90 100644
--- a/debian/usr.sbin.chronyd
+++ b/debian/usr.sbin.chronyd
@@ -62,6 +62,13 @@ abi <abi/3.0>,
   @{run}/chrony.*.sock rw,
   # To sign replies to MS-SNTP clients by the smbd daemon
   /var/lib/samba/ntp_signd/socket rw,
+  # default path of the sock to sync with ptp4l
+  @{run}/refclock.ptp.sock rw,
+  # timemaster directory  of chronyd,  ... configuration  files  and  sockets.
+  # read for all configs
+  @{run}/timemaster/* r,
+  # rw for coodination via the default socket path
+  @{run}/timemaster/chrony.SOCK0 rw,
 
   # rtc
   /etc/adjtime r,

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2032805

Title:
  Could not open socket /var/run/timemaster/chrony.SOCK0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/2032805/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to