| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA256 |
| 3 |
|
| 4 |
|
| 5 |
Well, it's not an RBAC/role problem, otherwise you'd see more 'grsec:' |
| 6 |
lines in syslog. Based on this info, chrony is setting the time |
| 7 |
correctly. You might want to look at mailing lists for this daemon and/or |
| 8 |
google for the errors you get. |
| 9 |
|
| 10 |
|
| 11 |
brant williams |
| 12 |
FCAA CDCA 20BC 3925 D634 F5C4 7420 6784 4DEB 6002 |
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
On Mon, 31 Dec 2007, Peter Humphrey wrote: |
| 17 |
|
| 18 |
> Date: Mon, 31 Dec 2007 17:44:14 +0000 |
| 19 |
> From: Peter Humphrey <prh@××××××××××.uk> |
| 20 |
> Reply-To: gentoo-hardened@l.g.o |
| 21 |
> To: gentoo-hardened@l.g.o |
| 22 |
> Subject: Re: [gentoo-hardened] How to set up for chrony? |
| 23 |
> |
| 24 |
> On Monday 31 December 2007 16:39:30 brant williams wrote: |
| 25 |
> |
| 26 |
>> Can you paste the error you're referring to? |
| 27 |
> |
| 28 |
> Here goes (sorry if line wrapping spoils it), with my four comments: |
| 29 |
> |
| 30 |
> Dec 31 17:32:55 gate chronyd[23772]: chronyd exiting on signal # I'd restarted it; no mention of file operations, note |
| 31 |
> Dec 31 17:32:55 gate chronyd[23855]: chronyd version 1.21 starting |
| 32 |
> Dec 31 17:32:55 gate chronyd[23855]: Could not open RTC file /etc/chrony/chrony.rtc for reading # because it wasn't there |
| 33 |
> Dec 31 17:32:56 gate grsec: From 192.168.129.25: time set by /usr/sbin/chronyd[chronyd:23855] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/chronyd[chronyd:23854] uid/euid:0/0 gid/egid:0/0 # I was ssh'd in from that IP address (this box is headless) |
| 34 |
> Dec 31 17:32:56 gate chronyd[23855]: Initial txc.tick=10000 txc.freq=0 (0.00000000) txc.offset=0 => hz=100 shift_hz=7 |
| 35 |
> Dec 31 17:32:56 gate chronyd[23855]: set_config_hz=0 hz=100 shift_hz=7 basic_freq_scale=1.28000000 nominal_tick=10000 slew_delta_tick=833 max_tick_bias=1000 |
| 36 |
> Dec 31 17:32:56 gate chronyd[23855]: Linux kernel major=2 minor=6 patch=23 |
| 37 |
> Dec 31 17:32:56 gate chronyd[23855]: calculated_freq_scale=0.99902439 freq_scale=0.99902439 |
| 38 |
> Dec 31 17:33:03 gate chronyd[23855]: No valid file coefficients, cannot trim system time # I don't understand what that means |
| 39 |
> |
| 40 |
> So it looks as though chrony can set the system clock, but not write /etc/chrony/chrony.rtc - but it has written /etc/chrony/chrony.drift! |
| 41 |
> |
| 42 |
> $ ls -ld /etc/chrony |
| 43 |
> drwxr-xr-x 2 root root 4096 2007-12-31 17:38 /etc/chrony |
| 44 |
> $ ls -l /etc/chrony |
| 45 |
> total 24 |
| 46 |
> -rw-r--r-- 1 root root 12395 2007-12-31 17:29 chrony.conf |
| 47 |
> -rw-r--r-- 1 root root 42 2007-12-31 17:39 chrony.drift |
| 48 |
> -rw-r--r-- 1 root root 1172 2007-12-31 17:31 chrony.keys |
| 49 |
> |
| 50 |
> I tried touching /etc/chrony/chrony.conf, but it remained empty. |
| 51 |
> |
| 52 |
> $ uname -a |
| 53 |
> Linux gate 2.6.23-hardened-r4-gr #4 Sun Dec 30 16:58:09 GMT 2007 i686 Intel(R) Pentium(R) 4 CPU 2.00GHz GenuineIntel GNU/Linux |
| 54 |
> |
| 55 |
> I'm beginning to wonder whether chrony is capable of running on this box. |
| 56 |
> |
| 57 |
> -- |
| 58 |
> Rgds |
| 59 |
> Peter |
| 60 |
> -- |
| 61 |
> gentoo-hardened@g.o mailing list |
| 62 |
> |
| 63 |
> |
| 64 |
-----BEGIN PGP SIGNATURE----- |
| 65 |
Version: GnuPG v2.0.7 (GNU/Linux) |
| 66 |
|
| 67 |
iD8DBQFHeS+NdCBnhE3rYAIRCNaHAJ9w0teLjOpugdN7OKdNILwQQfkGqwCfSvm1 |
| 68 |
lDws0NyTa4DoP8mOeHZ1jSc= |
| 69 |
=VQQM |
| 70 |
-----END PGP SIGNATURE----- |
| 71 |
-- |
| 72 |
gentoo-hardened@g.o mailing list |
Archives