amazonlinux
[Bug] - chronyd fails to restart - failed to create symbolic link
Describe the bug
I have a default chronyd install. I set selinux to enforcing. Latest AL2023 release.
chrony-4.3-1.amzn2023.0.4.aarch64
When I restart the service it fails to start with the following error:
Sep 29 19:36:42 host1 sh[42834]: ln: failed to create symbolic link '/run/chrony.d/ntp-pool.sources': File exists
I proceed to unlink /run/chrony.d/ntp-pool.sources. When I start chronyd now it succeeds but then fails to restart again.
Still happening on 2023.5.20240708 even with SELinux in Permissive mode. This is pretty bad. If chrony is ever restarted or fails for some reason, I guess NTP for the box is totally down until you either delete the link so it can be recreated and the service can start, or just blow the whole instance away?
I think it's an override file they ship:
# /usr/lib/systemd/system/chronyd.service.d/default-sources.conf
[Service]
# amazon-chrony-config may configure sources in /run/chrony.d before
# we get here. If it doesn't, fall back to the public NTP pool for
# lack of any better options:
ExecStartPre=/usr/bin/mkdir -p /run/chrony.d
ExecStartPre=/bin/sh -c "[ -f /run/chrony.d/.configured ] || ln -s /usr/share/chrony/ntp-pool.sources /run/chrony.d/"
This should be ln -sf, and creating the following override should fix the failure:
# /etc/systemd/system/chronyd.service.d/override.conf
[Service]
ExecStartPre=
ExecStartPre=/usr/bin/mkdir -p /run/chrony.d
ExecStartPre=/bin/sh -c "[ -f /run/chrony.d/.configured ] || ln -sf /usr/share/chrony/ntp-pool.sources /run/chrony.d/"
If you touch that .configured file it should bypass this as well.
running:
touch /run/chrony.d/.configured
on all my al2023 hosts fixed this chronyd restart issue.
Should the file be put down by cloudinit the first time the host start up?
This should have been fixed via the following updates:
selinux-policy-38.1.50-1.amzn2023.0.1 chrony-4.3-1.amzn2023.0.5
If you're still seeing issue please let us know, thanks!
