Page MenuHomeVyOS Platform
Create Task
Maniphest T6748

`show ntp sources` Command Broken
Closed, ResolvedPublicBUG
Actions

Description

It looks like privileges are not allowing the show ntp sources command to work on 1.4:

vyos@cr01-vyos:~$ show ntp sources
Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/ntp.py", line 159, in <module>
    res = vyos.opmode.run(sys.modules[__name__])
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/opmode.py", line 263, in run
    res = func(**args)
          ^^^^^^^^^^^^
  File "/usr/libexec/vyos/op_mode/ntp.py", line 133, in show_sources
    return cmd(command)
           ^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: chronyc sources -v
returned: 506 Cannot talk to daemon
exit code: 1

Running the command as sudo fixes the issue, so I'm guessing the command underneath needs to be run either as root, or as _chrony:

vyos@cr01-vyos:~$ sudo chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* ns02.ac.trae32566.org         2   6   377    12   +591us[ +812us] +/-   27ms
^- ns01.ac.trae32566.org         2   6   377    11   +320us[ +320us] +/-   38ms

Details

Version
1.4.0
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Event Timeline

trae32566 created this task.Sep 28 2024, 9:04 AM
pasik subscribed.Sep 28 2024, 9:06 AM
c-po claimed this task.Sep 29 2024, 2:13 PM
c-po triaged this task as Normal priority.
c-po edited a custom field.
c-po edited a custom field.
c-po edited projects, added VyOS 1.4 Sagitta (1.4.1), VyOS 1.5 Circinus, VyOS Rolling; removed VyOS 1.4 Sagitta (1.4.0).
c-po added a comment.Sep 29 2024, 2:32 PM

I can not immediately recreate the issue:

vyos@vyos:~$ show ver
Version:          VyOS 1.4.0
Release train:    sagitta
Release flavor:   generic

Built by:         Sentrium S.L.
Built on:         Tue 04 Jun 2024 09:23 UTC
vyos@vyos:~$ show ntp sources
.-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^- server3.njk.aero              2  10   377   35m   -344us[ -302us] +/-   40ms
^* server1b.meinberg.de          2  10   377   266   +133us[ +201us] +/-   10ms

But we should try to avoid a backtrace in any case and use a proper error message

vyosbot added a project: Bugs.Oct 14 2024, 8:16 AM
trae32566 added a comment.EditedOct 15 2024, 5:05 AM

@c-po So what's interesting here is it seems like it might be something with the reconfiguration of the daemon. Try deleting and then adding the default config, like this (obviously after delete service ntp and commit):

vyos@cr01-vyos# set service ntp allow-client address 127.0.0.0/8
[edit]
vyos@cr01-vyos# set service ntp allow-client address 169.254.0.0/16
[edit]
vyos@cr01-vyos# set service ntp allow-client address 10.0.0.0/8
[edit]
vyos@cr01-vyos# set service ntp allow-client address 172.16.0.0/12
[edit]
vyos@cr01-vyos# set service ntp allow-client address 192.168.0.0/16
[edit]
vyos@cr01-vyos# set service ntp allow-client address ::1/128
[edit]
vyos@cr01-vyos# set service ntp allow-client address fe80::/10
[edit]
vyos@cr01-vyos# set service ntp allow-client address fc00::/7
[edit]
vyos@cr01-vyos# 
[edit]
vyos@cr01-vyos# set service ntp server time1.vyos.net
[edit]
vyos@cr01-vyos# set service ntp server time2.vyos.net
[edit]
vyos@cr01-vyos# set service ntp server time3.vyos.net
[edit]
vyos@cr01-vyos# commit
Archiving config...
  sftp://stor01a-rh9.int.trae32566.org/bhs/cr01-vyos Host 'stor01a-rh9.int.trae32566.org' not found in known hosts.
Fingerprint: 1083a0c4ff8380df83596781bcddf2a9
Do you wish to continue? [y/N] y

WARNING: no 'known_hosts' file; create to store keys permanently

[edit]
vyos@cr01-vyos# run show ntp sources
Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/ntp.py", line 159, in <module>
    res = vyos.opmode.run(sys.modules[__name__])
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/opmode.py", line 263, in run
    res = func(**args)
          ^^^^^^^^^^^^
  File "/usr/libexec/vyos/op_mode/ntp.py", line 133, in show_sources
    return cmd(command)
           ^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: chronyc sources -v
returned: 506 Cannot talk to daemon
exit code: 1
[edit]
vyos@cr01-vyos# show service ntp 
 allow-client {
     address 127.0.0.0/8
     address 169.254.0.0/16
     address 10.0.0.0/8
     address 172.16.0.0/12
     address 192.168.0.0/16
     address ::1/128
     address fe80::/10
     address fc00::/7
 }
 server time1.vyos.net {
 }
 server time2.vyos.net {
 }
 server time3.vyos.net {
 }
vyos@cr01-vyos# sudo chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 2600:1f18:1632:5f01:3ee9>     2   6    77    30  +2164us[-1223us] +/-   91ms
^+ 2a05:d014:89b:f501:c695:>     3   6    77    31  +1612us[-1775us] +/-  101ms
^+ 2406:da18:cdf:e900:9420:>     2   6    77    31  +2102us[+2102us] +/-  205ms
[edit]
syncer removed projects: VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.1).Nov 1 2024, 8:17 PM
syncer added a subscriber: Global Notifications.Nov 1 2024, 9:19 PM
dmbaturin moved this task from Need Triage to Backlog - Bug on the VyOS Rolling board.Nov 15 2024, 3:28 PM
L0crian subscribed.Sep 3 2025, 1:35 PM
a.pidnebesny subscribed.EditedSep 8 2025, 1:49 PM

Tested NTP, setup-delete-setup
First Setup :

vyos@vyos:~$ show ntp sources
.-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* time3.google.com              1   8   377   449    -89us[  -95us] +/-   18ms
^- ec2-34-206-168-146.compu>     2   9   377   313  -1937us[-1937us] +/-  106ms
^- ec2-18-193-41-138.eu-cen>     3   9   377   132   +238us[ +238us] +/-   69ms
^- ec2-122-248-201-177.ap-s>     2   8   165   179    -16ms[  -16ms] +/-  250ms

vyos@vyos:~$ show ntp system
Reference ID    : D8EF2308 (time3.google.com)
Stratum         : 2
Ref time (UTC)  : Mon Sep 08 12:09:54 2025
System time     : 0.000006126 seconds slow of NTP time
Last offset     : -0.000006506 seconds
RMS offset      : 0.001321035 seconds
Frequency       : 54.960 ppm fast
Residual freq   : -0.002 ppm
Skew            : 0.178 ppm
Root delay      : 0.032653034 seconds
Root dispersion : 0.000899684 seconds
Update interval : 517.5 seconds
Leap status     : Normal
vyos@vyos:~$ show ntp activity
200 OK
4 sources online
0 sources offline
0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address

vyos@vyos# run show ntp activity
200 OK
4 sources online
0 sources offline
0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address

Delete:

vyos@vyos# delete service ntp
vyos@vyos# commit
vyos@vyos:~$ show ntp sources
NTP service is not enabled.

Second Setup:

vyos@vyos# set service ntp server time3.google.com
set service ntp allow-client address 127.0.0.0/8
set service ntp allow-client address 169.254.0.0/16
set service ntp allow-client address 10.0.0.0/8
set service ntp allow-client address 172.16.0.0/12
set service ntp allow-client address 192.168.0.0/16
set service ntp allow-client address ::1/128
set service ntp allow-client address fe80::/10
set service ntp allow-client address fc00::/7
set service ntp server time1.vyos.net
set service ntp server time2.vyos.net
set service ntp server time3.vyos.net

vyos@vyos# commit
vyos@vyos:~$ show ntp sources
.-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^- ec2-34-206-168-146.compu>     2   6    17     4  +1043us[ +825us] +/-  108ms
^- ec2-18-193-41-138.eu-cen>     3   6    17     4  -4260us[-4479us] +/-   83ms
^* time3.google.com              1   6    17     4    -58us[ -277us] +/-   16ms
^? ec2-122-248-201-177.ap-s>     2   6     4     8    -18ms[  -18ms] +/-  263ms

Summary:
No issue with show ntp sources , after configuration ,reconfiguration.
Output as expected.
Problem not replicate

Unknown Object (User) closed this task as Resolved.Sep 18 2025, 2:37 PM
Unknown Object (User) subscribed.

Problem was not reproduced