View Issue Details

IDProjectCategoryView StatusLast Update
0001156Rocky-Linux-9chronypublic2022-11-29 02:06
ReporterMike Ely Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Summary0001156: chrony-wait fails after upgrade from chrony-4.1-3 to 4.2-1
DescriptionAfter upgrading chrony, the chrony-wait service enters a failed state and will not recover.

# systemctl status chrony-wait
× chrony-wait.service - Wait for chrony to synchronize system clock
     Loaded: loaded (/usr/lib/systemd/system/chrony-wait.service; enabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Mon 2022-11-28 17:21:09 PST; 8s ago
       Docs: man:chronyc(1)
    Process: 2657690 ExecStart=/usr/bin/chronyc -h 127.0.0.1,::1 waitsync 0 0.1 0.0 1 (code=exited, status=217/USER)
   Main PID: 2657690 (code=exited, status=217/USER)
        CPU: 20ms

Nov 28 17:21:09 server.example systemd[1]: Starting Wait for chrony to synchronize system clock...
Nov 28 17:21:09 server.example systemd[2657690]: chrony-wait.service: Failed to set up user namespacing: No space left on device
Nov 28 17:21:09 server.example systemd[2657690]: chrony-wait.service: Failed at step USER spawning /usr/bin/chronyc: No space left on device
Nov 28 17:21:09 server.example systemd[1]: chrony-wait.service: Main process exited, code=exited, status=217/USER
Nov 28 17:21:09 server.example systemd[1]: chrony-wait.service: Failed with result 'exit-code'.
Nov 28 17:21:09 server.example systemd[1]: Failed to start Wait for chrony to synchronize system clock.
Steps To ReproduceCheck status of chrony-wait, observe that it is running and that chrony-4.1-3.el9.rocky.0.1.x86_64 is installed.
"dnf in chrony"
Observe that chrony-4.2-1.el9.rocky.1.0.x86_64.rpm is installed.
Check status of chrony-wait, observe that it has failed as in the bug description.
Additional InformationI have tried:
Rebooting the host
Setting selinux to permissive
Verifying that plenty of free disk space exists.
Merging any item that's enabled by default and can safely be merged from /etc/chrony.conf.rpmnew:
ntsdumpdir /var/lib/chrony
logdir /var/log/chrony
Verified the existence of both paths above.
TagsNo tags attached.

Activities

Mike Ely

Mike Ely

2022-11-29 02:06

reporter   ~0001322

Setting max_user_namespaces to a nonzero value allows the service to start, but this is in conflict with the guidance issued to address CVE-2022-1015. As that issue appears to have been resolved, this is more of an errata IMHO.

Issue History

Date Modified Username Field Change
2022-11-29 01:39 Mike Ely New Issue
2022-11-29 02:06 Mike Ely Note Added: 0001322