Bug 34351 - [W/ FIX] Broken ntp programs (ntpq, ntpd, ...) which hang on network access on alpha 164LX when using access control
Summary: [W/ FIX] Broken ntp programs (ntpq, ntpd, ...) which hang on network access o...
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: ntp   
(Show other bugs)
Version: 7.0
Hardware: alpha Linux
Target Milestone: ---
Assignee: Preston Brown
QA Contact: Brian Brock
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2001-04-02 15:08 UTC by Paul Millar
Modified: 2007-04-18 16:32 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-04-02 15:08:18 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Paul Millar 2001-04-02 15:08:14 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.17-14 alpha; en-US; 0.8)

Using package ntp with md5 hash:

ntp-4.0.99j-7.alpha.rpm: B4 32 03 78 86 4F 18 A3  7D 96 FE 6E B3 F7 D9 E4

ntpd apparently starts from init.d scripts fine, except for the syslog entry:

Apr  2 15:12:12 xxxxxxxx ntpd[5754]: is inappropriate address for
the fudge command, line ignored

(the fudge command exists in /etc/ntp.conf, but is not set to the

With an everything-allowed access policy, it works. With a deny-by-default
access policy, "ntpq -p" hangs with the following message: timed out, nothing received
***Request timed out

despite having expicit allow access lines for both and the
machines ethernet IP address. Similar problems occur when using the ntpdc
and ntptrace programs.

Reproducible: Always
Steps to Reproduce:
1.rpm -Uvh --force ntp-4.0.99j-7.alpha.rpm
2.Add a few servers and the lines:
     restrict default allow
  to the top of the file /etc/ntp.conf
3./etc/rc.d/init.d/ntpd start
4.ntpq -p
5.Change "restrict default allow" to "restrict default ignore"
6./etc/rc.d/init.d/ntpd restart
7.ntpq -p

Actual Results:  output from step 4:
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================         16 u    -   64    0    0.000    0.000 4000.00
 xxx.xxxxxxx.gla maverick.mcc.ac  3 u   51   64    3    0.337    2.150   0.001
 xxxxx.xxxxxxx.g maverick.mcc.ac  3 u   20   64    3    0.245   -3.906   0.001
 xxxxx.xxxxxxx.g veracity.mcc.ac  3 u   13   64    3    0.280    3.043   0.003

output from step7: timed out, nothing received
***Request timed out

Expected Results: 

step 4 produces correct output, step 7 should produce the following output
(as we haven't allowed access from our servers):
     remote           refid      st t when poll reach   delay   offset  jitter
 LOCAL(0)        LOCAL(0)        10 l   39   64    3    0.000    0.000   0.000
 xxx.xxxxxxx.gla         16 u    -   64    0    0.000    0.000 4000.00
 xxxxx.xxxxxxx.g         16 u    -   64    0    0.000    0.000 4000.00
 xxxxx.xxxxxxx.g         16 u    -   64    0    0.000    0.000 4000.00

FIX: recompile from the Source RPM using gcc-2.96-69. Install (using
--force option) and restart server.

Although I've tagged this bug's severity as Security, it's a minor one.
Without an access policy, unauthorised machines can alter you machines'
concept of time. This is unlikely, in itself, to be a security problem, but
it may prove "useful" when combined with other attacks.

NB this style of bug (network access on Alpha 164LX) is common to other
bugs (gdm-xdmcp, samba) which are also solved by recompiling with gcc-2.96-69.

Comment 1 Preston Brown 2001-04-03 16:25:44 UTC
NTP in 7.1 has been recompiled with the newer compiler release.  These packages
are available via rawhide, and will of course also be in the next release.

Note You need to log in before you can comment on or make changes to this bug.