无法打开 /run/chrony/chronyd.pid:权限被拒绝

tag-icon tag-icon permissions
无法打开 /run/chrony/chronyd.pid:权限被拒绝

将 ubuntu 20.04 LTS 升级到 22.04 LTS 后,我无法正确运行 chronyd 并且没有出现错误。

sudo systemctl status chronyd
× chrony.service - chrony, an NTP client/server
     Loaded: loaded (/lib/systemd/system/chrony.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code)
       Docs: man:chronyd(8)
             man:chronyc(1)
             man:chrony.conf(5)
    Process: 29980 ExecStart=/usr/lib/systemd/scripts/chronyd-starter.sh $DAEMON_OPTS (code=exited, status=1/FAILURE)
        CPU: 159ms

ubuntu systemd[1]: Starting chrony, an NTP client/server...
ubuntu chronyd[29989]: chronyd version 4.2 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +NTS +SECHASH +IPV6 -D>
ubuntu chronyd[29989]: Fatal error : Could not open /run/chrony/chronyd.pid : Permission denied
ubuntu chronyd-starter.sh[29987]: Could not open /run/chrony/chronyd.pid : Permission denied
ubuntu systemd[1]: chrony.service: Control process exited, code=exited, status=1/FAILURE
ubuntu systemd[1]: chrony.service: Failed with result 'exit-code'.
ubuntu systemd[1]: Failed to start chrony, an NTP client/server.

ls -al

ubuntu@ubuntu:/run$ sudo ls -al /run/chrony/
total 0
drwxr-x---  2 _chrony _chrony   40 May 27 22:27 .
drwxr-xr-x 40 root    root    1140 May 27 22:27 ..

如果我改变用户例如像那样:

ubuntu@ubuntu:/run$ sudo chown root: /run/chrony/

并启动 chrony 守护进程,但是:

ubuntu@ubuntu:/run$ sudo systemctl status chronyd
● chrony.service - chrony, an NTP client/server
     Loaded: loaded (/lib/systemd/system/chrony.service; enabled; vendor preset: enabled)
     Active: active (running) since 
...

ubuntu systemd[1]: Starting chrony, an NTP client/server...
ubuntu chronyd[32080]: chronyd version 4.2 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +NTS +SECHASH +IPV6 -D>
ubuntu chronyd[32080]: Wrong owner of /run/chrony (UID != 117)
ubuntu chronyd[32080]: Disabled command socket /run/chrony/chronyd.sock

ubuntu@ubuntu:/run$ sudo ls -al chrony/
total 4
drwxr-x---  2 root root   60 May 27 22:47 .
drwxr-xr-x 40 root root 1140 May 27 22:27 ..
-rw-r--r--  1 root root    6 May 27 22:47 chronyd.pid

哪些用户和权限是正确的?

答案1

检查 apparmor 是否正在使用 chrony 配置文件运行 - 在我的情况下,这阻止了访问。

aa-status

相关内容