8

I'm struggling to understand WHY ntp (the service) won't set the time correctly on my raspberry pi.

I have configured the filesystem as read only, to save my SD card, but it used to work, and I cannot seem to figure out why ntp won't work now.

In the logs I get many many lines of that message:

ntpd[415]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized
ntpd[415]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized
ntpd[415]: error resolving pool 0.debian.pool.ntp.org: Temporary failure in name resolution (-3)
ntpd[415]: error resolving pool 1.debian.pool.ntp.org: Temporary failure in name resolution (-3)
ntpd[415]: error resolving pool 2.debian.pool.ntp.org: Temporary failure in name resolution (-3)
ntpd[415]: error resolving pool 3.debian.pool.ntp.org: Temporary failure in name resolution (-3)
ntpd[415]: error resolving pool 3.debian.pool.ntp.org: Temporary failure in name resolution (-3)
ntpd[415]: error resolving pool 2.debian.pool.ntp.org: Temporary failure in name resolution (-3)
ntpd[415]: error resolving pool 1.debian.pool.ntp.org: Temporary failure in name resolution (-3)
ntpd[415]: error resolving pool 0.debian.pool.ntp.org: Temporary failure in name resolution (-3)

My /etc/resolv.conf looks like this:

# Generated by resolvconf
nameserver 8.8.8.8
nameserver 192.168.1.22

I have access to internet on that RPi, I can ping the pool addresses, I can ping google, I can apt update (after remounting in rw)...

I also can issue an ntpdate command manually and IT WORKS!

$ sudo ntpdate -u 0.fr.pool.ntp.org 1.fr.pool.ntp.org
24 Nov 23:04:34 ntpdate[578]: step time server 129.250.35.250 offset 2418.621037 sec

So yeah, I'm pulling hairs here. I cannot understand why the ntp service won't work. I scourged the internet, nobody seems to have this particular issue (all have a malfunctioning dns, but mine is working)

My read-only setup is the following: https://hallard.me/raspberry-pi-read-only/

Do you guys have any idea?

Gui13
  • 168
  • 2
  • 11
  • Am wondering if `nscd` being unable to write to its hosts cache, or `ntp` being unable to write to its drift file might be causing some of this woe. – steve Nov 24 '19 at 22:28
  • 1
    Maybe. You want the catch? If I manually stop ntp and start it in command line: `sudo ntp -c /etc/ntp.conf -n`, it all works. The drift file has been moved to the `/var/tmp` folder that is a R/W tmpfs. Maybe `nscd` is a good lead, although the name resolution definitely works: `getent hosts 0.debian.pool.ntp.org` works fine. – Gui13 Nov 24 '19 at 22:31
  • 1
    My first thought was the drift file. Have you thought of using an overlayfs rather than entirely read only FS. This might give you some into what's being edited because the overlayfs upper layer would only contain edited files, while lower remains read-only https://en.m.wikipedia.org/wiki/OverlayFS – Philip Couling Nov 24 '19 at 23:13
  • Perhaps run `strace -f -o /tmp/ntp.trace -p 415`(assuming you have /tmp mount r/w) and see if the failures give you some clues, or post it somewhere where we can look? – icarus Nov 25 '19 at 02:08

2 Answers2

8

I found this question while facing a similar issue.

The issue turned out to be that systemd's PrivateTmp feature does not work in a read-only configuration.

  1. Be sure to install ntp and ntpdate 
    sudo apt install -y ntp ntpdate

  2. Copy /lib/systemd/system/ntp.service to /etc/systemd/system/ntp.service

    cp /lib/systemd/system/ntp.service /etc/systemd/system/ntp.service

  3. Open /etc/systemd/system/ntp.service and comment out PrivateTmp=true.

    sudo nano /etc/systemd/system/ntp.service

Now, it should work correctly!

As an additional step I have also now mounted /var/lib/ntp as tmpfs as recommended here

  1. Open /etc/fstab and add tmpfs /var/lib/ntp tmpfs nosuid,nodev 0 0 at the end of file. 
    sudo nano /etc/fstab

I didn't find this necessary in my case but there are additional insights into running on a read-only filesystem there.

Stephen Kitt
  • 411,918
  • 54
  • 1,065
  • 1,164
Mark Rogers
  • 96
  • 1
  • 3
3

Mark Roger's answer works, however I think it is better to user overrides:

echo -e '[Service]\nPrivateTmp=false' > /etc/systemd/system/ntp.service.d/override.conf

Then reboot or maybe systemctl daemon-reload is enough.

AdminBee
  • 21,637
  • 21
  • 47
  • 71
obranco
  • 41
  • 1