Chrony

Allikas: Imre kasutab arvutit
Redaktsioon seisuga 3. mai 2026, kell 21:57 kasutajalt Imre (arutelu | kaastöö) (→‎Misc - chrony teenus)
(erin) ←Vanem redaktsioon | Viimane redaktsiooni (erin) | Uuem redaktsioon→ (erin)
Mine navigeerimisribaleMine otsikasti

Sissejuhatus

TODO

Tööpõhimõte

TODO

Misc - chrony protsess

chronyd protsessi info 

root@pve-svc-02:~# pgrep chronyd
1436092
1436093
root@pve-svc-02:~# lsns -p 1436093
        NS TYPE   NPROCS     PID USER    COMMAND
4026531833 net       481       1 root    /sbin/init
4026531834 time      481       1 root    /sbin/init
4026531835 cgroup    481       1 root    /sbin/init
4026531836 pid       481       1 root    /sbin/init
4026531837 user      481       1 root    /sbin/init
4026531839 ipc       481       1 root    /sbin/init
4026533035 mnt         2 1436092 _chrony ├─/usr/sbin/chronyd -F 1
4026533036 uts         2 1436092 _chrony └─/usr/sbin/chronyd -F 1

kus 

root@pve-svc-02:~# cat /proc/1436092/status | grep -i seccomp
Seccomp:	2
Seccomp_filters:	23

root@pve-svc-02:~# nsenter -m -t 1436092 findmnt | grep inacc | sed -r 's/tmpfs\s+.*//'
│ └─/dev/kmsg                                                    tmpfs[/systemd/inaccessible/chr]
│ ├─/run/credentials                                             tmpfs[/systemd/inaccessible/dir]
│ ├─/run/user                                                    tmpfs[/systemd/inaccessible/dir]
├─/root                                                          tmpfs[/systemd/inaccessible/dir]
├─/home                                                          tmpfs[/systemd/inaccessible/dir]
├─/usr/lib/modules                                               tmpfs[/systemd/inaccessible/dir]

ning systemd vastavad seadistused 

root@pve-svc-02:~# systemctl show chrony | egrep "^Prot|Priv" | grep yes$
PrivateTmp=yes
ProtectKernelTunables=yes
ProtectKernelModules=yes
ProtectKernelLogs=yes
ProtectControlGroups=yes
ProtectControlGroupsEx=yes
ProtectHome=yes
ProtectHostname=yes

Misc - chrony teenus

Seadistus 

root@pve-svc-02:~# egrep "pool|server" /etc/chrony/chrony.conf
# pool 2.debian.pool.ntp.org iburst

root@pve-svc-02:~# cat /etc/chrony/sources.d/local-ntp-server.sources
server 10.192.0.53 iburst

sources info 

root@pve-svc-02:~# chronyc sources -v -n

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* 10.192.0.53                   4   9   377   413   -135us[ -216us] +/- 3171us

tracking info 

root@pve-svc-02:~# chronyc tracking
Reference ID    : 0AC00035 (10.192.0.53)
Stratum         : 5
Ref time (UTC)  : Sun May 03 17:25:18 2026
System time     : 0.000016197 seconds slow of NTP time
Last offset     : -0.000080330 seconds
RMS offset      : 0.000049475 seconds
Frequency       : 0.712 ppm fast
Residual freq   : -0.006 ppm
Skew            : 0.085 ppm
Root delay      : 0.006004042 seconds
Root dispersion : 0.000445185 seconds
Update interval : 517.6 seconds
Leap status     : Normal

Kasulikud lisamaterjalid

  • TODO
Pärit leheküljelt "https://www.auul.pri.ee/wiki/index.php?title=Chrony&oldid=3420"