Section: System Administration (8)
chronyd - chrony daemon
chronyd [OPTION]... [DIRECTIVE]...
chronyd is a daemon for synchronisation of the system clock. It can
synchronise the clock with NTP servers, reference clocks (e.g. a GPS receiver),
and manual input using wristwatch and keyboard via chronyc. It can also
operate as an NTPv4 (RFC 5905) server and peer to provide a time service to
other computers in the network.
If no configuration directives are specified on the command line, chronyd
will read them from a configuration file. The compiled-in default location of
the file is /etc/chrony.conf.
Informational messages, warnings, and errors will be logged to syslog.
With this option hostnames will be resolved only to IPv4 addresses and only
IPv4 sockets will be created.
With this option hostnames will be resolved only to IPv6 addresses and only
IPv6 sockets will be created.
This option can be used to specify an alternate location for the configuration
file. The compiled-in default value is /etc/chrony.conf.
When run in this mode, the program will not detach itself from the terminal.
When run in this mode, the program will not detach itself from the terminal,
and all messages will be written to the terminal instead of syslog. If
chronyd was compiled with enabled support for debugging, this option can be
used twice to enable debug messages.
This option enables writing of log messages to a file instead of syslog or the
This option specifies the minimum severity level of messages to be written to
the log file, syslog, or terminal. The following levels can be specified:
0 (informational), 1 (warning), 2 (non-fatal error), and 3 (fatal error). The
default value is 0.
When run in this mode, chronyd will print the configuration and exit. It will
not detach from the terminal. This option can be used to verify the syntax of
the configuration and get the whole configuration, even if it is split into
multiple files and read by the include or confdir directive.
When run in this mode, chronyd will set the system clock once and exit. It
will not detach from the terminal.
This option is similar to the -q option, except it only prints the offset
without making any corrections of the clock and it allows chronyd to be
started without root privileges.
This option will try to reload and then delete files containing sample
histories for each of the servers and reference clocks being used. The
files are expected to be in the directory specified by the
directive in the configuration file. This option is useful if you want to stop
and restart chronyd briefly for any reason, e.g. to install a new version.
However, it should be used only on systems where the kernel can maintain clock
compensation whilst not under chronyd's control (i.e. Linux, FreeBSD, NetBSD,
Solaris, and macOS 10.13 or later).
When this option is used, the initstepslew
directive and the makestep directive used with
a positive limit will be ignored. This option is useful when restarting
chronyd and can be used in conjunction with the -r option.
This option will set the system clock from the computer's real-time clock (RTC)
or to the last modification time of the file specified by the
driftfile directive. Real-time clocks are
supported only on Linux.
If used in conjunction with the -r flag, chronyd will attempt to preserve
the old samples after setting the system clock from the RTC. This can be used
to allow chronyd to perform long term averaging of the gain or loss rate
across system reboots, and is useful for systems with intermittent access to
network that are shut down when not in use. For this to work well, it relies
on chronyd having been able to determine accurate statistics for the
difference between the RTC and system clock last time the computer was on.
If the last modification time of the drift file is later than both the current
time and the RTC time, the system time will be set to it to restore the time
when chronyd was previously stopped. This is useful on computers that have no
RTC or the RTC is broken (e.g. it has no battery).
This option sets a timeout (in seconds) after which chronyd will exit. If the
clock is not synchronised, it will exit with a non-zero status. This is useful
with the -q or -Q option to shorten the maximum time waiting for
measurements, or with the -r option to limit the time when chronyd is
running, but still allow it to adjust the frequency of the system clock.
This option sets the name of the system user to which chronyd will switch
after start in order to drop root privileges. It overrides the
user directive. The compiled-in default value is
On Linux, chronyd needs to be compiled with support for the libcap library.
On macOS, FreeBSD, NetBSD and Solaris chronyd forks into two processes.
The child process retains root privileges, but can only perform a very limited
range of privileged system calls on behalf of the parent.
This option disables a check for root privileges to allow chronyd to be
started under a non-root user, assuming the process will have all capabilities
(e.g. provided by the service manager) and access to all files, directories,
and devices, needed to operate correctly in the specified configuration. Note
that different capabilities might be needed with different configurations and
different Linux kernel versions. Starting chronyd under a non-root user is
not recommended when the configuration is not known, or at least limited to
This option configures a system call filter when chronyd is compiled with
support for the Linux secure computing (seccomp) facility. In level 1 the
process is killed when a forbidden system call is made, in level -1 the SIGSYS
signal is thrown instead and in level 0 the filter is disabled. The default
value is 0.
It is recommended to enable the filter only when it is known to work on the
version of the system where chrony is installed as the filter needs to allow
also system calls made from libraries that chronyd is using (e.g. libc) and
different versions or implementations of the libraries might make different
system calls. If the filter is missing some system call, chronyd could be
killed even in normal operation.
On Linux, this option will select the SCHED_FIFO real-time scheduler at the
specified priority (which must be between 0 and 100). On macOS, this option
must have either a value of 0 to disable the thread time
constraint policy or 1 for the policy to be enabled. Other systems do not
support this option. The default value is 0.
This option will lock chronyd into RAM so that it will never be paged out.
This mode is only supported on Linux.
This option disables the control of the system clock. chronyd will not try to
make any adjustments of the clock. It will assume the clock is free running and
still track its offset and frequency relative to the estimated true time. This
option allows chronyd to be started without the capability to adjust or set
the system clock (e.g. in some containers) to operate as an NTP server.
With this option chronyd will print version number to the terminal and exit.
With this option chronyd will print a help message to the terminal and exit.
For instructions on how to report bugs, please visit
chrony was written by Richard Curnow, Miroslav Lichvar, and others.