Page MenuHomeVyOS Platform
Create Task
Maniphest T6748

`show ntp sources` Command Broken
Open, NormalPublicBUG
Actions

Description

It looks like privileges are not allowing the show ntp sources command to work on 1.4:

vyos@cr01-vyos:~$ show ntp sources
Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/ntp.py", line 159, in <module>
    res = vyos.opmode.run(sys.modules[__name__])
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/opmode.py", line 263, in run
    res = func(**args)
          ^^^^^^^^^^^^
  File "/usr/libexec/vyos/op_mode/ntp.py", line 133, in show_sources
    return cmd(command)
           ^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: chronyc sources -v
returned: 506 Cannot talk to daemon
exit code: 1

Running the command as sudo fixes the issue, so I'm guessing the command underneath needs to be run either as root, or as _chrony:

vyos@cr01-vyos:~$ sudo chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* ns02.ac.trae32566.org         2   6   377    12   +591us[ +812us] +/-   27ms
^- ns01.ac.trae32566.org         2   6   377    11   +320us[ +320us] +/-   38ms

Details

Version
1.4.0
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Event Timeline

trae32566 created this task.Sep 28 2024, 9:04 AM
pasik subscribed.Sep 28 2024, 9:06 AM
c-po claimed this task.Sep 29 2024, 2:13 PM
c-po triaged this task as Normal priority.
c-po edited a custom field.
c-po edited a custom field.
c-po edited projects, added VyOS 1.4 Sagitta (1.4.1), VyOS 1.5 Circinus, VyOS Rolling; removed VyOS 1.4 Sagitta (1.4.0).
c-po added a comment.Sep 29 2024, 2:32 PM

I can not immediately recreate the issue:

vyos@vyos:~$ show ver
Version:          VyOS 1.4.0
Release train:    sagitta
Release flavor:   generic

Built by:         Sentrium S.L.
Built on:         Tue 04 Jun 2024 09:23 UTC
vyos@vyos:~$ show ntp sources
.-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^- server3.njk.aero              2  10   377   35m   -344us[ -302us] +/-   40ms
^* server1b.meinberg.de          2  10   377   266   +133us[ +201us] +/-   10ms

But we should try to avoid a backtrace in any case and use a proper error message

vyosbot added a project: Bugs.Oct 14 2024, 8:16 AM
trae32566 added a comment.EditedOct 15 2024, 5:05 AM

@c-po So what's interesting here is it seems like it might be something with the reconfiguration of the daemon. Try deleting and then adding the default config, like this (obviously after delete service ntp and commit):

vyos@cr01-vyos# set service ntp allow-client address 127.0.0.0/8
[edit]
vyos@cr01-vyos# set service ntp allow-client address 169.254.0.0/16
[edit]
vyos@cr01-vyos# set service ntp allow-client address 10.0.0.0/8
[edit]
vyos@cr01-vyos# set service ntp allow-client address 172.16.0.0/12
[edit]
vyos@cr01-vyos# set service ntp allow-client address 192.168.0.0/16
[edit]
vyos@cr01-vyos# set service ntp allow-client address ::1/128
[edit]
vyos@cr01-vyos# set service ntp allow-client address fe80::/10
[edit]
vyos@cr01-vyos# set service ntp allow-client address fc00::/7
[edit]
vyos@cr01-vyos# 
[edit]
vyos@cr01-vyos# set service ntp server time1.vyos.net
[edit]
vyos@cr01-vyos# set service ntp server time2.vyos.net
[edit]
vyos@cr01-vyos# set service ntp server time3.vyos.net
[edit]
vyos@cr01-vyos# commit
Archiving config...
  sftp://stor01a-rh9.int.trae32566.org/bhs/cr01-vyos Host 'stor01a-rh9.int.trae32566.org' not found in known hosts.
Fingerprint: 1083a0c4ff8380df83596781bcddf2a9
Do you wish to continue? [y/N] y

WARNING: no 'known_hosts' file; create to store keys permanently

[edit]
vyos@cr01-vyos# run show ntp sources
Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/ntp.py", line 159, in <module>
    res = vyos.opmode.run(sys.modules[__name__])
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/opmode.py", line 263, in run
    res = func(**args)
          ^^^^^^^^^^^^
  File "/usr/libexec/vyos/op_mode/ntp.py", line 133, in show_sources
    return cmd(command)
           ^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: chronyc sources -v
returned: 506 Cannot talk to daemon
exit code: 1
[edit]
vyos@cr01-vyos# show service ntp 
 allow-client {
     address 127.0.0.0/8
     address 169.254.0.0/16
     address 10.0.0.0/8
     address 172.16.0.0/12
     address 192.168.0.0/16
     address ::1/128
     address fe80::/10
     address fc00::/7
 }
 server time1.vyos.net {
 }
 server time2.vyos.net {
 }
 server time3.vyos.net {
 }
vyos@cr01-vyos# sudo chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 2600:1f18:1632:5f01:3ee9>     2   6    77    30  +2164us[-1223us] +/-   91ms
^+ 2a05:d014:89b:f501:c695:>     3   6    77    31  +1612us[-1775us] +/-  101ms
^+ 2406:da18:cdf:e900:9420:>     2   6    77    31  +2102us[+2102us] +/-  205ms
[edit]
syncer removed projects: VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.1).Nov 1 2024, 8:17 PM
syncer added a subscriber: Global Notifications.Nov 1 2024, 9:19 PM
dmbaturin moved this task from Need Triage to Backlog - Bug on the VyOS Rolling board.Nov 15 2024, 3:28 PM