Bug 141048
Summary: | ntpd dies with "out of memory" due to misconfiguration | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Thomas Zehetbauer <thomasz> | ||||||
Component: | ntp | Assignee: | Petr Raszyk <praszyk> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | rawhide | CC: | g.eustace, rh-bugzilla | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | ntp-4.2.0.a.20050816 Release 10 | Doc Type: | Bug Fix | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2005-11-10 10:02:10 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Thomas Zehetbauer
2004-11-28 19:46:58 UTC
tweaking of /etc/security/limits.conf should be the fix? This cannot work, the /etc/security/limits.conf file is processed by /lib/security/pam_limits.so which is only called by pam enabled applications and only if it is enabled in /etc/pam.d/system-auth. But like most daemons ntpd does not use pam but direct calls to setuid() and setgid(). I've managed to make it reliably run for 8H, so I'm telling cron to bounce it every 8H. At least I can use it, kinda... I upgraded from FC1 to FC3 yesterday on our two time servers and are now getting this error. I have tried reducing the number of servers we query but the only thing so far that has enabled me to get the daemon to stay running was to add 'disable monitor' to the config. Having managed to get the ntpd process to stay running, it now will not accept synchronisation from any of the configured servers. It used to only take a couple of minutes. ntpq> lpeer remote refid st t when poll reach delay offset jitter ============================================================================== 132.181.10.44 .RSTR. 16 u - 64 0 0.000 0.000 4000.00 timekeeper.isi. .RSTR. 16 u - 128 0 0.000 0.000 4000.00 tick.usno.navy. .RSTR. 16 u - 256 0 0.000 0.000 4000.00 ntp1.usno.navy. .RSTR. 16 u - 512 0 0.000 0.000 4000.00 mu-relay2.masse .INIT. 16 u - 1024 0 0.000 0.000 4000.00 *LOCAL(0) LOCAL(0) 10 l 51 64 377 0.000 0.000 0.001 I got caught out. The meaning of restrict notrust has changed between 4.1 and 4.2. Removing the notrust from the restrict config line has restored the service. I have still had to reduce the number of servers we sere attempting to sync with in order to not exceed the mem_lock limit. Created attachment 118356 [details]
modified ntpd.init file to allow configuration of max locked memory
This is new version of the nptd.init script from the ntp source rpm. It allows
you to set the locked memory limits for ntpd by setting the NTPD_MEMLOCK
variable in /etc/sysconfig/ntpd.
I have already | ulimit -HS -l 1024 in my /etc/sysconfig/ntpd but the daemon still dies all 1-2 days with | 7 Sep 09:07:25 ntpd[8298]: receive: fatal error 608 for 192.168.0.13 | 7 Sep 09:08:10 ntpd[8298]: make_keys error:0306A041:bignum routines:BN_CTX_new:malloc failure | 7 Sep 09:08:12 ntpd[8298]: Exiting: No more memory! 'ulimit' in the initscript will not help as the rlimit will be set by 'ntpd' itself. Please upgrade to the recent version as it seems to be fixed there: ------ ChangeSet 1.1196 05/08/15 04:01:26 stenn.edu +1 -0 [Bug 477] Linux needs larger RLIM_MEMLOCK, from Cristoph Gysin ntpd/ntpd.c 1.55 05/08/15 04:01:12 stenn.edu +12 -0 [Bug 477] Linux needs larger RLIM_MEMLOCK, from Cristoph Gysin ------ Created attachment 120875 [details]
ntp-4.2.0.a.20050816-10.src.rpm
Fixed in ntp-4.2.0.a.20050816-10.src.rpm above.
|