Skip to content

/ systemd

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

systemd-timesync fails to update /var/lib/systemd/timesync/clock #11329

Closed
mbiebl opened this issue Jan 4, 2019 · 4 comments
Closed

systemd-timesync fails to update /var/lib/systemd/timesync/clock #11329

mbiebl opened this issue Jan 4, 2019 · 4 comments
Labels
documentation 📖 timesync

Comments

@mbiebl
Copy link
Contributor

@mbiebl mbiebl commented Jan 4, 2019
edited

systemd version the issue has been seen with

v240

Used distribution

Debian sid.
Filed originally as downstream bug report https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918190

After the update to v240, where DynamicUser=true has been turned off for systemd-timesyncd.service, the daemon fails updating the stamp file /var/lib/private/systemd/timesync/clock

# ls -ld /var/lib/systemd/timesync
lrwxrwxrwx 1 root root 27 Dez 17  2017 /var/lib/systemd/timesync -> ../private/systemd/timesync

# ls -ld /var/lib/private/systemd/timesync
drwxr-xr-x 2 systemd-timesync systemd-timesync 4096 Dez 17  2017 /var/lib/private/systemd/timesync

So the state directory is writable by the systemd-timesync user, but not accessible as /var/lib/private is 0700 root:root.
Adding Environment=SYSTEMD_LOG_LEVEL=debug to systemd-timesyncd.service yields

Jan 04 12:35:00 pluto systemd-timesyncd[7011]: Failed to create state directory, ignoring: Permission denied

I can work around that in the Debian package by removing the /var/lib/systemd/timesync symlink in our maintainer scripts and let it be recreated as real directory.
That said, this issue will possibly affect other distros as well, so I wanted to raise it upstream. Maybe there is a better solution.
@mbiebl mbiebl added the timesync label Jan 4, 2019
@yuwata
Copy link
Member

@yuwata yuwata commented Jan 7, 2019

We have dropped DynamicUser=. So, packagers need to add some script to move the clock file to non-private place. I do not know whether pid1 should support such downgrading situation.
For Fedora, I've added a tiny script for this issue: https://src.fedoraproject.org/cgit/rpms/systemd.git/commit/?id=d644e8032c6e67ba695a4cc222b77f93cd309b82.
@mbiebl
Copy link
Contributor Author

@mbiebl mbiebl commented Jan 7, 2019

Ok with me. The NEWS file didn't specifically mention this issue so I thought it would be worth to raise it upstream. Even if we don't address this in systemd itself, I thought it would be worthwile to notify other distro maintainers this way.
Btw, do we have a list of the distro maintainers for the (major) distros which we could CC?
@yuwata
Copy link
Member

@yuwata yuwata commented Jan 8, 2019

It may not be enough, but I've tried to announce that: aa2437e.
@yuwata
Copy link
Member

@yuwata yuwata commented Jan 8, 2019

Btw, do we have a list of the distro maintainers for the (major) distros which we could CC?

Not sure, but by telegram? cc @poettering.
yuwata added a commit to yuwata/systemd that referenced this issue Jan 8, 2019
@yuwata
NEWS: also mention that clock file for timesyncd may need to move
72f65ac 
Follow-up for aa2437e.

Closes systemd#11329.
@yuwata yuwata mentioned this issue Jan 8, 2019
Merged
keszybz added a commit that referenced this issue Jan 8, 2019
@yuwata @keszybz
NEWS: also mention that clock file for timesyncd may need to move
Loading status checks…
787a133 
Follow-up for aa2437e.

Closes #11329.
ricardosalveti added a commit to ricardosalveti/meta-lmp that referenced this issue Jun 24, 2019
@ricardosalveti
systemd: add job to fix timesyncd update
0c476ae 
Add job to fix the timesyncd update as discussed at
systemd/systemd#11329.

A new job is required as upstream decided to let distros fix the update
issue via post install script, which is not available in ostree based
systems.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
ricardosalveti added a commit to ricardosalveti/meta-lmp that referenced this issue Jun 25, 2019
@ricardosalveti
systemd: add job to fix timesyncd update
0f8db3e 
Add job to fix the timesyncd update as discussed at
systemd/systemd#11329.

A new job is required as upstream decided to let distros fix the update
issue via post install script, which is not available in ostree based
systems.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
ricardosalveti added a commit to ricardosalveti/meta-lmp that referenced this issue Jun 25, 2019
@ricardosalveti
systemd: add job to fix timesyncd update
7451377 
Add job to fix the timesyncd update as discussed at
systemd/systemd#11329.

A new job is required as upstream decided to let distros fix the update
issue via post install script, which is not available in ostree based
systems.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
ricardosalveti added a commit to ricardosalveti/meta-lmp that referenced this issue Jun 28, 2019
@ricardosalveti
systemd: add job to fix timesyncd update
5db9c69 
Add job to fix the timesyncd update as discussed at
systemd/systemd#11329.

A new job is required as upstream decided to let distros fix the update
issue via post install script, which is not available in ostree based
systems.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
ricardosalveti added a commit to ricardosalveti/meta-lmp that referenced this issue Jul 1, 2019
@ricardosalveti
systemd: add job to fix timesyncd update
815b01a 
Add job to fix the timesyncd update as discussed at
systemd/systemd#11329.

A new job is required as upstream decided to let distros fix the update
issue via post install script, which is not available in ostree based
systems.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
ricardosalveti added a commit to ricardosalveti/meta-lmp that referenced this issue Jul 1, 2019
@ricardosalveti
systemd: add job to fix timesyncd update
2f1a3a0 
Add job to fix the timesyncd update as discussed at
systemd/systemd#11329.

A new job is required as upstream decided to let distros fix the update
issue via post install script, which is not available in ostree based
systems.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
ricardosalveti added a commit to foundriesio/meta-lmp that referenced this issue Jul 4, 2019
@ricardosalveti
systemd: add job to fix timesyncd update
5cb0fa1 
Add job to fix the timesyncd update as discussed at
systemd/systemd#11329.

A new job is required as upstream decided to let distros fix the update
issue via post install script, which is not available in ostree based
systems.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation 📖 timesync
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
@mbiebl @yuwata
You can’t perform that action at this time.