systemctl status警告:Configuration file is marked executable. Please remove executable permission bits
它们被设置为了可执行(executable)和全局可写(world-writable),这是不安全的,因为它允许任何用户更改配置文件。在执行上述命令之后,系统应该不会再报告关于这些配置文件权限的警告。(644),这意味着所有者具有读写权限,组成员具有读权限,而其他人只有读权限。要解决这个问题,你需要移除这些文件的可执行权限以及全局写权限。文件的执行权限,第二条命令移除其他用户的写权限。如果你想查看
参考文章:局域网ntp服务器设置(windows时间同步服务器NetTime)(ubuntu systemd-timesyncd ntp客户端)123端口、ntp校时、ntp同步
问题:timedatectl status报警告了
root@ubuntu:~# systemctl status systemd-timesyncd.service --no-pager
● systemd-timesyncd.service - Network Time Synchronization
Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-11-22 09:27:52 HKT; 24min ago
Docs: man:systemd-timesyncd.service(8)
Main PID: 2287 (systemd-timesyn)
Status: "Initial synchronization to time server 192.168.1.134:123 (192.168.1.134)."
Tasks: 2 (limit: 8134)
Memory: 1.0M
CGroup: /system.slice/systemd-timesyncd.service
└─2287 /lib/systemd/systemd-timesyncd
Nov 20 00:05:11 ubuntu systemd[1]: Starting Network Time Synchronization...
Nov 20 00:05:11 ubuntu systemd-timesyncd[2287]: System clock time unset or jumped backwards, restoring from recorded timestamp: Wed 2023-11-22 09:27:52 HKT
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf is marked executable. Please remove executable permission bits. Proceeding anyway.
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf is marked world-writable. Please remove world writability permission bits. Proceeding anyway.
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf is marked executable. Please remove executable permission bits. P…ceeding anyway.
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf is marked world-writable. Please remove world writability permiss…ceeding anyway.
Nov 22 09:27:52 ubuntu systemd[1]: Started Network Time Synchronization.
Nov 22 09:35:33 ubuntu systemd-timesyncd[2287]: Initial synchronization to time server 192.168.1.134:123 (192.168.1.134).
Hint: Some lines were ellipsized, use -l to show in full.
root@ubuntu:~#
root@ubuntu:~# timedatectl status
Local time: Wed 2023-11-22 09:40:48 HKT
Universal time: Wed 2023-11-22 01:40:48 UTC
RTC time: Wed 2023-11-22 01:40:49
Time zone: Asia/Hong_Kong (HKT, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
root@ubuntu:~#
root@ubuntu:~# systemctl status systemd-timesyncd.service --no-pager
● systemd-timesyncd.service - Network Time Synchronization
Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-11-22 09:27:52 HKT; 13min ago
Docs: man:systemd-timesyncd.service(8)
Main PID: 2287 (systemd-timesyn)
Status: “Initial synchronization to time server 192.168.1.134:123 (192.168.1.134).”
Tasks: 2 (limit: 8134)
Memory: 1.0M
CGroup: /system.slice/systemd-timesyncd.service
└─2287 /lib/systemd/systemd-timesyncd
Nov 20 00:05:11 ubuntu systemd[1]: Starting Network Time Synchronization…
Nov 20 00:05:11 ubuntu systemd-timesyncd[2287]: System clock time unset or jumped backwards, restoring from recorded timestamp: Wed 2023-11-22 09:27:52 HKT
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf is marked executable. Please remove executable permission bits. Proceeding anyway.
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf is marked world-writable. Please remove world writability permission bits. Proceeding anyway.
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf is marked executable. Please remove executable permission bits. P…ceeding anyway.
Nov 22 09:27:52 ubuntu systemd-timesyncd[2287]: Configuration file /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf is marked world-writable. Please remove world writability permiss…ceeding anyway.
Nov 22 09:27:52 ubuntu systemd[1]: Started Network Time Synchronization.
Nov 22 09:35:33 ubuntu systemd-timesyncd[2287]: Initial synchronization to time server 192.168.1.134:123 (192.168.1.134).
Hint: Some lines were ellipsized, use -l to show in full.
root@ubuntu:~#
解决办法
警告信息提示你的配置文件 /etc/systemd/timesyncd.conf 和 /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf 权限设置不当。它们被设置为了可执行(executable)和全局可写(world-writable),这是不安全的,因为它允许任何用户更改配置文件。
要解决这个问题,你需要移除这些文件的可执行权限以及全局写权限。可以使用 chmod 命令来修复权限。打开终端并输入以下命令:
sudo chmod -x /etc/systemd/timesyncd.conf
sudo chmod o-w /etc/systemd/timesyncd.conf
# 或者
sudo chmod 644 /etc/systemd/timesyncd.conf
sudo chmod -x /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf
sudo chmod o-w /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf
# 或者
sudo chmod 644 /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf
chmod 644 /etc/systemd/timesyncd.conf
chmod 644 /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf
第一条命令移除 timesyncd.conf 文件的执行权限,第二条命令移除其他用户的写权限。然后对于 nv-fallback-ntp.conf 文件也执行相同的操作。
确保文件的正确权限通常是 -rw-r--r--(644),这意味着所有者具有读写权限,组成员具有读权限,而其他人只有读权限。
如果你想查看当前权限设置,可以使用 ls -l 命令查看特定文件的权限:
ls -l /etc/systemd/timesyncd.conf
ls -l /etc/systemd/timesyncd.conf.d/nv-fallback-ntp.conf
在执行上述命令之后,系统应该不会再报告关于这些配置文件权限的警告。如果还有问题,重启 systemd-timesyncd 服务可能有助于重新加载配置并消除错误消息:
sudo systemctl restart systemd-timesyncd
我直接使用:
timedatectl set-ntp false
timedatectl set-ntp true
发现没再警告了:
有“AI”的1024 = 2048,欢迎大家加入2048 AI社区
更多推荐
1
0- 0
已为社区贡献215条内容
所有评论(0)