Merge chrony from Debian Unstable for r-series
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| chrony (Ubuntu) |
New
|
Undecided
|
Lukas Märdian | ||
Bug Description
Scheduled-For: ubuntu-25.11
Ubuntu: 4.7-1ubuntu1
Debian Unstable: 4.8-1
A new release of chrony is available for merging from Debian Unstable.
If it turns out this needs a sync rather than a merge, please change the tagging from ['needs-merge', 'upgrade-
If this merge pulls in a new upstream version, also consider adding an entry to the r-series Release Notes: https:/
### New Debian Changes ###
chrony (4.8-1) unstable; urgency=medium
* Import upstream version 4.8:
- Please see /usr/share/
* Merge branch 'debian/unstable' into debian/latest.
* Upload to unstable.
* debian/
- Install a sysusers.d file to create the _chrony system user/group.
* debian/control:
- Build-depend on dh-sequence-
- Drop unused adduser dependency.
* debian/postinst:
- Drop adduser invocation. The _chrony system user/group is now created
using a sysusers.d fragment.
- Allocate the _chrony system user/group before running dpkg-statoverride
commands.
* debian/postrm:
- Don't delete the _chrony system user/group during purge.
Deleting it is risky because sensitive files belonging to this uid might
remain on the filesystem and could be recovered by another system user
reusing the same uid.
* debian/
- Update clknetsim version.
- Get clknetsim from Gitlab.
* debian/watch:
- Update to version 5.
-- Vincent Blut <email address hidden> Wed, 27 Aug 2025 15:22:42 +0200
chrony (4.8~pre1-1) experimental; urgency=medium
* Import upstream version 4.8-pre1:
- Please see /usr/share/
* debian/control:
- Drop 'Priority: optional'. dpkg sets it by default if omitted.
- Drop 'Rules-
* debian/copyright:
- Add a few entries and update copyright year.
* debian/
- Update clknetsim version.
-- Vincent Blut <email address hidden> Thu, 14 Aug 2025 17:46:23 +0200
chrony (4.7-3) unstable; urgency=medium
* debian/patches/:
- Add skip-flaky-
007-cmdmon fails intermittently. Skip it! (Closes: #1111222)
-- Vincent Blut <email address hidden> Sat, 16 Aug 2025 13:34:52 +0200
chrony (4.7-2) unstable; urgency=medium
[ Vincent Blut ]
* Upload to unstable.
* debian/control:
- Suggest gpsd.
[ Lukas Märdian ]
* debian/
- Grant access to sd_notify's $NOTIFY_SOCKET.
-- Vincent Blut <email address hidden> Sun, 10 Aug 2025 15:12:28 +0200
### Old Ubuntu Delta ###
chrony (4.7-1ubuntu1) questing; urgency=medium
* Merge with Debian experimental. Remaining changes: (LP: #2110435)
- Set -x as default if unable to set time (e.g. in containers) (LP #1589780)
Chrony is a single service which acts as both NTP client (i.e. syncing the
local clock) and NTP server (i.e. providing NTP services to the network),
and that is both desired and expected in the vast majority of cases.
But in containers syncing the local clock is usually impossible, but this
shall not break the providing of NTP services to the network.
To some extent this makes chrony's default config more similar to 'ntpd',
which complained in syslog but still provided NTP server service in those
cases.
+ debian/
+ d/control: add new dependency libcap2-bin for capsh (usually
installed anyway, but make them explicit to be sure).
+ d/chrony.default: new option SYNC_IN_CONTAINER to not fall
back (Default off)
+ d/chronyd-
containers and if CAP_SYS_TIME is missing. Effectively allows
running the NTP server in containers on a default installation
and avoid failing to sync time (or if allowed to sync, avoid
multiple containers fighting over it by accident).
+ d/install: Make chrony-starter.sh available on install.
+ d/docs, d/README.container: Provide documentation about the
handling of this case.
- d/rules, d/chrony.examples: Ship restricted service as an example
not installed to the system for use. (See LP #2051028)
- d/chrony.conf: remove Debian NTP pool
- Install Ubuntu NTP sources in
/
(default yes) debconf question (LP #2048876):
+ d/templates: Add debconf question to customize installation of
+ d/install, d/ubuntu-
in /usr/share/chrony
+ d/control: add dependency on debconf
+ d/postinst: handle Ubuntu pools via debconf and ucf
+ d/postrm: handle Ubuntu pools via debconf and ucf
+ d/NEWS: Add information about default time sources moving out from
chrony.conf to /etc/chrony/
+ d/chrony.config: debconf script to handle Ubuntu pools
+ d/t/control, d/t/default-
debconf behavior
- Use Ubuntu NTS servers by default (LP #2084585):
+ d/conf.
server
+ d/nts-bootstrap
bootstrap servers
+ d/install: install the NTS bootstrap CAs
+ d/ubuntu-
+ d/t/default-
+ d/NEWS: add news entry about the NTS change
* Drop Changes:
- d/t/helper-
[Fixed in 4.7-1]
- d/tests: Clean up after __no_system_
[Fixed in 4.7-1]
- d/chrony.service: Do not run inside containers by default (LP 2111535)
[Fixed in 4.7-1]
- d/t/default-
[Squashed into "new test to check the debconf behavior"]
* Add Changes:
- d/chrony.service: Allow real chronyd to send READY=1 via sd_notify in
place of the chronyd-starter.sh wrapper.
- d/usr.sbin.chronyd: Grant access to NOTIFY_SOCKET in AppArmor profile.
- d/chrony.conf: Document non-NTS sources from DHCP (LP: #2115565)
-- Lukas Märdian <email address hidden> Mon, 30 Jun 2025 13:26:18 +0200
| Changed in chrony (Ubuntu): | |
| assignee: | nobody → Lukas Märdian (slyon) |
| Changed in chrony (Ubuntu): | |
| milestone: | none → ubuntu-25.12 |
| Changed in chrony (Ubuntu): | |
| milestone: | ubuntu-25.12 → ubuntu-26.01 |
