Comment # 2 on bug 1190926 from 
With default hardening enabled:

# systemctl status chronyd.service 
������ chronyd.service - NTP client/server
     Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor
preset: disabled)
     Active: failed (Result: exit-code) since Fri 2021-10-01 21:45:08 CEST; 43s
ago
       Docs: man:chronyd(8)
             man:chrony.conf(5)
        CPU: 37ms

Oct 01 21:45:08 mail systemd[1]: Starting NTP client/server...
Oct 01 21:45:08 mail chronyd[38831]: chronyd version 4.1 starting (+CMDMON +NTP
+REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +NTS +SECHASH +IPV6 -DEBUG)
Oct 01 21:45:08 mail chronyd[38831]: Could not open /dev/ptp0 : No such file or
directory
Oct 01 21:45:08 mail chronyd[38831]: Fatal error : Could not enable HW
timestamping on eth0
Oct 01 21:45:08 mail chronyd[38829]: Could not enable HW timestamping on eth0
Oct 01 21:45:08 mail systemd[1]: chronyd.service: Control process exited,
code=exited, status=1/FAILURE
Oct 01 21:45:08 mail systemd[1]: chronyd.service: Failed with result
'exit-code'.
Oct 01 21:45:08 mail systemd[1]: Failed to start NTP client/server.

With `PrivateDevices=true`, `ProtectControlGroups=true` and
`DeviceAllow=char-rtc` commented out:

# systemctl status chronyd.service 
��������� chronyd.service - NTP client/server
     Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor
preset: disabled)
     Active: active (running) since Fri 2021-10-01 21:49:35 CEST; 13ms ago
       Docs: man:chronyd(8)
             man:chrony.conf(5)
    Process: 40010 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited,
status=0/SUCCESS)
    Process: 40014 ExecStartPost=/usr/libexec/chrony/helper update-daemon
(code=exited, status=0/SUCCESS)
   Main PID: 40012 (chronyd)
      Tasks: 1 (limit: 9374)
        CPU: 59ms
     CGroup: /system.slice/chronyd.service
             ������������������40012 /usr/sbin/chronyd

Oct 01 21:49:35 mail systemd[1]: Starting NTP client/server...
Oct 01 21:49:35 mail chronyd[40012]: chronyd version 4.1 starting (+CMDMON +NTP
+REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +NTS +SECHASH +IPV6 -DEBUG)
Oct 01 21:49:35 mail chronyd[40012]: Enabled HW timestamping on eth0
Oct 01 21:49:35 mail chronyd[40012]: Frequency 77.294 +/- 240.772 ppm read from
/var/lib/chrony/drift
Oct 01 21:49:35 mail systemd[1]: Started NTP client/server.

You are receiving this mail because: