1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
chrony (3.4-2) unstable; urgency=medium
To reduce the range of operations available to chronyd, and thereby decrease
the kernel attack surface, a system call filter is now active by default
wherever¹ possible.
Please, take into account that this change prevents the use of the
“mailonchange” directive in chrony.conf as the chronyd process will not be
allowed to fork and execute the sendmail binary. Therefore, it is fundamental
to disable the system call filter to continue using this directive!
To do so, edit the /etc/default/chrony file and substitute the “-F -1”
parameter with “-F 0”. Restart chrony afterward.
¹Are currently excluded alpha, ia64, m68k, riscv64, sh4 and sparc64
architectures due to lack of support in “libseccomp” and/or the Linux kernel.
-- Vincent Blut <vincent.debian@free.fr> Sun, 10 Feb 2019 18:44:22 +0100
chrony (2.2.1-1) unstable; urgency=medium
In chrony versions before 2.2, the 'chrony.keys' file contained a command
key used for run-time configuration via the 'chronyc' command-line tool.
Starting from this version, support for this authentication method has been
dropped in favor of a Unix domain socket accessible only *locally* by root or
the _chrony system user. Consequently, if you refuse to use the 'chrony.keys'
file template provided by the maintainers when upgrading, please don’t forget
to manually remove the obsolete command key (ID 1) in the aforementioned file.
-- Vincent Blut <vincent.debian@free.fr> Sun, 07 Feb 2016 17:02:30 +0100
chrony (2.1.1-1) unstable; urgency=medium
From this version, 'chronyd' will strictly act as an NTP client by default. If
you want it to serve time to other systems, please do so by configuring the
'allow' directive.
-- Vincent Blut <vincent.debian@free.fr> Mon, 12 Oct 2015 19:12:39 +0200
chrony (1.31.1-1) unstable; urgency=medium
From now on, we use the "hwclockfile" directive in /etc/chrony/chrony.conf.
Basically, it makes the detection of the standard (Local or UTC time) set
in /etc/adjtime — and used by the hardware clock — clearer compared to the
text processing method we used to use in the post install script to complete
the same task. Note that it overrides the "rtconutc" directive.
Also, we now create the _chrony system user to which chronyd will drop root
privileges. For users already allowing chronyd to drop root privileges in
favor of the user configured by the "user" directive in
/etc/chrony/chrony.conf, your configuration will remain unchanged and will
still work as intended.
However, some users might use a custom init script to accomplish the same
task by invoking chronyd with the '-u' option. We advise you to drop this
option from your init script before upgrading, otherwise you’ll have to
readjust the owner of the /var/l{ib,og}/chrony directories (recursively) to
the user you configured in your init script.
-- Vincent Blut <vincent.debian@free.fr> Sun, 6 Sep 2015 22:14:54 +0200
|