[ubuntu/hirsute-proposed] chrony 4.0-5ubuntu2 (Accepted)
Christian Ehrhardt
christian.ehrhardt at canonical.com
Mon Feb 15 11:52:12 UTC 2021
chrony (4.0-5ubuntu2) hirsute; urgency=medium
* d/p/lp-1915006-sys_linux-allow-statx-and-fstatat64-in-seccomp-filte.patch:
add compatibility for glibc 2.33 (LP: 1915006)
chrony (4.0-5ubuntu1) hirsute; urgency=medium
* Merge with Debian unstable (LP: #1915006). Remaining changes:
- d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358)
- Set -x as default if unable to set time (e.g. in containers) (LP 1589780)
Chrony is a single service which acts as both NTP client (i.e. syncing the
local clock) and NTP server (i.e. providing NTP services to the network),
and that is both desired and expected in the vast majority of cases.
But in containers syncing the local clock is usually impossible, but this
shall not break the providing of NTP services to the network.
To some extent this makes chrony's default config more similar to 'ntpd',
which complained in syslog but still provided NTP server service in those
cases.
+ debian/chrony.service: allow the service to run without CAP_SYS_TIME
+ debian/control: add new dependency libcap2-bin for capsh (usually
installed anyway, but make them explicit to be sure).
+ debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
(Default off) [fixed a minor typo in the comment in this update]
+ debian/chronyd-starter.sh: wrapper to handle special cases in containers
and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server
in containers on a default installation and avoid failing to sync time
(or if allowed to sync, avoid multiple containers to fight over it by
accident).
+ debian/install: make chrony-starter.sh available on install.
+ debian/docs, debian/README.container: provide documentation about the
handling of this case.
* Added changes:
- d/t/helper-functions: reduce default ubuntu config, to make space for
testcase config
- d/t/{dynamically-add-source,ntp-server-and-nts-auth,helper-functions}:
unify tests to use reload and restart
chrony (4.0-5) unstable; urgency=medium
* Follow DEP-14 branch naming conventions:
master -> debian/latest
upstream -> upstream/latest
* debian/chrony.service:
- Enable some hardening settings.
* debian/control:
- Remove Joachim Wiedorn from the Uploaders field. This decision was taken
in agreement with him. Thanks a lot, Joachim, for your work on chrony and
for your benevolence when you handed me its maintenance.
- Point Vcs-Git to the debian/latest branch.
* debian/dirs:
- Do not create the /etc/apparmor.d/force-complain directory. Not needed
anymore.
* debian/postrm:
- Remove /run/chrony-dhcp on purge.
* debian/preinst:
- Drop old migration code snippet. It was used to put the newly provided
AppArmor profile in complain mode when upgrading chrony to prevent
regressions this profile could have caused. (Closes: #905485)
chrony (4.0-4) unstable; urgency=medium
* debian/chrony.examples:
- Provide example configuration files.
* debian/postinst:
- Run adduser unconditionally.
- Use 'chronyd -p' to check the whole configuration.
* debian/tests/:
- Prevent dynamically-add-source and ntp-server-and-nts-auth tests from
failing on chronyd's preparation step.
- Don't pass 'set -u' to dynamically-add-source and
ntp-server-and-nts-auth scripts.
* debian/tests/control:
- Mark dynamically-add-source as skippable.
chrony (4.0-3) unstable; urgency=medium
* debian/:
- chronyd's configuration can now be fragmented. Please see
/etc/chrony/conf.d/README for more information.
- NTP sources can be specified in /etc/chrony/sources.d. Please see
/etc/chrony/sources.d/README for more information.
* debian/chrony.conf:
- Include configuration files found in /etc/chrony/conf.d.
- Use NTP sources found in /etc/chrony/sources.d.
- Get TAI-UTC offset and leap seconds from the system tz database by using
the "leapsectz right/UTC" directive. This directive must be commented out
when using time sources serving leap-smeared time. (Closes: #974845)
- Add missing comment.
* debian/chrony.default:
- Switch the seccomp filter to level 1.
* debian/chrony.lintian-overrides:
- Override breakout-link.
* debian/control:
- Add tzdata to the dependencies.
- Bump Standards-Version to 4.5.1 (no changes required).
* debian/copyright:
- Update copyright year for debian/*.
* debian/postinst:
- Use dpkg-statoverride to manage mode bits and ownership of
/var/l{ib,og}/chrony.
* debian/postrm:
- Remove overrides for /var/l{ib,og}/chrony on purge.
* debian/rules:
- Drop '--without-readline' option. GNU readline support has been dropped
upstream due to license incompatibility.
- Replace -F -1 by -F 1 in the sed invocation.
* debian/tests/:
- Add fragmented-configuration autopkgtest.
- Add dynamically-add-source autopkgtest.
- Add ntp-server-and-nts-auth autopkgtest.
* debian/tests/control:
- Mark ntp-server-and-nts-auth as skippable.
* debian/tests/fragmented-configuration:
- Use another directive for the test since "leapsectz right/UTC" is now
used by default.
* debian/tests/helper-functions:
- Add __no_system_clock_control() function.
* debian/tests/upstream-simulation-test-suite:
- Always use the same seed to get deterministic results.
* debian/upstream/metadata:
- Remove obsolete field Name. Thanks to Debian Janitor <janitor at jelmer.uk>.
* debian/usr.sbin.chronyd:
- Make use of the @{run} variable.
Date: Mon, 15 Feb 2021 12:50:29 +0100
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/chrony/4.0-5ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 15 Feb 2021 12:50:29 +0100
Source: chrony
Architecture: source
Version: 4.0-5ubuntu2
Distribution: hirsute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Closes: 905485 974845
Launchpad-Bugs-Fixed: 1915006
Changes:
chrony (4.0-5ubuntu2) hirsute; urgency=medium
.
* d/p/lp-1915006-sys_linux-allow-statx-and-fstatat64-in-seccomp-filte.patch:
add compatibility for glibc 2.33 (LP: 1915006)
.
chrony (4.0-5ubuntu1) hirsute; urgency=medium
.
* Merge with Debian unstable (LP: #1915006). Remaining changes:
- d/chrony.conf: use ubuntu ntp pool and server (LP 1744664 1754358)
- Set -x as default if unable to set time (e.g. in containers) (LP 1589780)
Chrony is a single service which acts as both NTP client (i.e. syncing the
local clock) and NTP server (i.e. providing NTP services to the network),
and that is both desired and expected in the vast majority of cases.
But in containers syncing the local clock is usually impossible, but this
shall not break the providing of NTP services to the network.
To some extent this makes chrony's default config more similar to 'ntpd',
which complained in syslog but still provided NTP server service in those
cases.
+ debian/chrony.service: allow the service to run without CAP_SYS_TIME
+ debian/control: add new dependency libcap2-bin for capsh (usually
installed anyway, but make them explicit to be sure).
+ debian/chrony.default: new option SYNC_IN_CONTAINER to not fall back
(Default off) [fixed a minor typo in the comment in this update]
+ debian/chronyd-starter.sh: wrapper to handle special cases in containers
and if CAP_SYS_TIME is missing. Effectively allows on to run NTP server
in containers on a default installation and avoid failing to sync time
(or if allowed to sync, avoid multiple containers to fight over it by
accident).
+ debian/install: make chrony-starter.sh available on install.
+ debian/docs, debian/README.container: provide documentation about the
handling of this case.
* Added changes:
- d/t/helper-functions: reduce default ubuntu config, to make space for
testcase config
- d/t/{dynamically-add-source,ntp-server-and-nts-auth,helper-functions}:
unify tests to use reload and restart
.
chrony (4.0-5) unstable; urgency=medium
.
* Follow DEP-14 branch naming conventions:
master -> debian/latest
upstream -> upstream/latest
.
* debian/chrony.service:
- Enable some hardening settings.
.
* debian/control:
- Remove Joachim Wiedorn from the Uploaders field. This decision was taken
in agreement with him. Thanks a lot, Joachim, for your work on chrony and
for your benevolence when you handed me its maintenance.
- Point Vcs-Git to the debian/latest branch.
.
* debian/dirs:
- Do not create the /etc/apparmor.d/force-complain directory. Not needed
anymore.
.
* debian/postrm:
- Remove /run/chrony-dhcp on purge.
.
* debian/preinst:
- Drop old migration code snippet. It was used to put the newly provided
AppArmor profile in complain mode when upgrading chrony to prevent
regressions this profile could have caused. (Closes: #905485)
.
chrony (4.0-4) unstable; urgency=medium
.
* debian/chrony.examples:
- Provide example configuration files.
.
* debian/postinst:
- Run adduser unconditionally.
- Use 'chronyd -p' to check the whole configuration.
.
* debian/tests/:
- Prevent dynamically-add-source and ntp-server-and-nts-auth tests from
failing on chronyd's preparation step.
- Don't pass 'set -u' to dynamically-add-source and
ntp-server-and-nts-auth scripts.
.
* debian/tests/control:
- Mark dynamically-add-source as skippable.
.
chrony (4.0-3) unstable; urgency=medium
.
* debian/:
- chronyd's configuration can now be fragmented. Please see
/etc/chrony/conf.d/README for more information.
- NTP sources can be specified in /etc/chrony/sources.d. Please see
/etc/chrony/sources.d/README for more information.
.
* debian/chrony.conf:
- Include configuration files found in /etc/chrony/conf.d.
- Use NTP sources found in /etc/chrony/sources.d.
- Get TAI-UTC offset and leap seconds from the system tz database by using
the "leapsectz right/UTC" directive. This directive must be commented out
when using time sources serving leap-smeared time. (Closes: #974845)
- Add missing comment.
.
* debian/chrony.default:
- Switch the seccomp filter to level 1.
.
* debian/chrony.lintian-overrides:
- Override breakout-link.
.
* debian/control:
- Add tzdata to the dependencies.
- Bump Standards-Version to 4.5.1 (no changes required).
.
* debian/copyright:
- Update copyright year for debian/*.
.
* debian/postinst:
- Use dpkg-statoverride to manage mode bits and ownership of
/var/l{ib,og}/chrony.
.
* debian/postrm:
- Remove overrides for /var/l{ib,og}/chrony on purge.
.
* debian/rules:
- Drop '--without-readline' option. GNU readline support has been dropped
upstream due to license incompatibility.
- Replace -F -1 by -F 1 in the sed invocation.
.
* debian/tests/:
- Add fragmented-configuration autopkgtest.
- Add dynamically-add-source autopkgtest.
- Add ntp-server-and-nts-auth autopkgtest.
.
* debian/tests/control:
- Mark ntp-server-and-nts-auth as skippable.
.
* debian/tests/fragmented-configuration:
- Use another directive for the test since "leapsectz right/UTC" is now
used by default.
.
* debian/tests/helper-functions:
- Add __no_system_clock_control() function.
.
* debian/tests/upstream-simulation-test-suite:
- Always use the same seed to get deterministic results.
.
* debian/upstream/metadata:
- Remove obsolete field Name. Thanks to Debian Janitor <janitor at jelmer.uk>.
.
* debian/usr.sbin.chronyd:
- Make use of the @{run} variable.
Checksums-Sha1:
ffc401ad32582f55b74abe3ec979c623d3488738 2475 chrony_4.0-5ubuntu2.dsc
f5facce01163a0d2b02875b2edf2410eb0728f3b 43004 chrony_4.0-5ubuntu2.debian.tar.xz
f79b5256eff61f14bf5dc1092b47ab05b1801099 7485 chrony_4.0-5ubuntu2_source.buildinfo
Checksums-Sha256:
78ccb696c0dbcbbda7a5cbe8609335b6faad52513ba65b6b5ea42eab70930f58 2475 chrony_4.0-5ubuntu2.dsc
8b970ec14afcf52ccc12bc227b68e6feed0cf94518e6cb39fe9270e653fd4262 43004 chrony_4.0-5ubuntu2.debian.tar.xz
9d01a1830db5eaa7ed07e9b4db323f07ad4d9123479fcce6def0dcbb9a398c75 7485 chrony_4.0-5ubuntu2_source.buildinfo
Files:
5fc76810ddfd9364f4e8e1509297b803 2475 net optional chrony_4.0-5ubuntu2.dsc
d4b8e4212accb3f30994201e782012b8 43004 net optional chrony_4.0-5ubuntu2.debian.tar.xz
fcf4405dede9e2476acb52e281bba53a 7485 net optional chrony_4.0-5ubuntu2_source.buildinfo
Original-Maintainer: Vincent Blut <vincent.debian at free.fr>
More information about the Hirsute-changes
mailing list