Created
April 10, 2018 13:31
-
-
Save dryliketoast/a51d27a95c4c783bc76bf7af3833132d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://bugs.launchpad.net/mos/+bug/1475019 | |
| Denis Puchkin (dpuchkin) wrote on 2016-04-20: #6 | |
| Hi | |
| The cause of these apparmor messages is misconfigured ntp apparmor profile, | |
| but there is nothing terrible | |
| Apparmor banned only messages (like ntp successfully started and listen on socket ) | |
| to rsyslog through /dev/log, this happened because NTP is running in the | |
| network namespase and apparmor has some issues with that. | |
| Therefore apparmor doesn't not blocks ntpd activity and reason of clock skew in other place | |
| as workaround, to allow ntp send msg to rsyslog you can Add the attach_disconnected flag | |
| to the ntpd profile /etc/apparmor.d/usr.sbin.ntpd | |
| -/usr/sbin/ntpd { | |
| +/usr/sbin/ntpd flags=(attach_disconnected) { | |
| please note, if you want get ntpd status, you should run ntpd -nq in proper namespace: | |
| # ip netns exec vrouter ntpq -pn | |
| remote refid st t when poll reach delay offset jitter | |
| ================================================== | |
| +85.21.78.91 89.109.251.24 2 u 39m 1024 374 74.328 -7.866 1.642 | |
| *193.85.174.5 .GPS. 1 u 40m 1024 174 27.040 2.521 1.731 | |
| +191.233.81.105 213.109.127.82 3 u 851 1024 167 19.762 -8.164 3.164 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment