After the update to net-misc/ntp-4.2.8 via bug 533076 the daemon reproducibly crashes a few seconds after launch reporting "out of memory" to syslog (there is plenty of memory available). I've tried running it with the default configuration file which makes no difference. On the same machine, 4.2.6_p5-r10 has been running great for multiple months. Reproducible: Always Steps to Reproduce: 1. update to net-misc/ntp-4.2.8 2. /etc/init.d/ntpd start Actual Results: Crashes a few seconds after launch. I've seen some bug reports at redhat (https://bugzilla.redhat.com/show_bug.cgi?id=141048) and other places with the same symptoms but these are ancient and none of the remedies seem to help here.
Created attachment 392196 [details] emerge --info
Please post the entire output of the failing command. Also include dmesg/syslog messages if appropriate.
It seems to be connected to running the daemon as a non-privileged user. If I run it as root it runs fine for a couple of minutes but as 'ntp' it produces the following output: Dec 22 12:24:55 ridcully ntpd[2386]: ntpd 4.2.8@1.3265-o Sun Dec 21 21:28:02 UTC 2014 (1): Starting Dec 22 12:24:55 ridcully ntpd[2386]: Command line: ntpd -u ntp:ntp -I 188.40.99.69 -n -D 9 Dec 22 12:24:55 ridcully ntpd[2386]: proto: precision = 0.114 usec (-23) Dec 22 12:24:55 ridcully ntpd[2386]: Listen and drop on 0 v6wildcard [::]:123 Dec 22 12:24:55 ridcully ntpd[2386]: Listen and drop on 1 v4wildcard 0.0.0.0:123 Dec 22 12:24:55 ridcully ntpd[2386]: Listen normally on 2 lo 127.0.0.1:123 Dec 22 12:24:55 ridcully ntpd[2386]: Listen normally on 3 eth0 188.40.99.69:123 Dec 22 12:24:55 ridcully ntpd[2386]: Listen normally on 4 lo [::1]:123 Dec 22 12:24:55 ridcully ntpd[2386]: Listening on routing socket on fd #21 for interface updates Dec 22 12:25:10 ridcully out of memory [2386] This is a hardened system, all ntp updates on regular systems are running fine.
Turns out the ntpd process was killed by grsec: grsec: denied resource overstep by requesting 250421248 for RLIMIT_MEMLOCK against limit 67108864 for /usr/sbin/ntpd[ntpd:2601] uid/euid:123/123 gid/egid:123/123, parent /bin/zsh[zsh:5856] uid/euid:0/0 gid/egid:0/0 Adding the following to /etc/ntp.conf fixed the problem for me: rlimit memlock 128 Sorry for the noise...
Dennis, would you consider this bug resolved then? Or is your scenario something that other users might run into, not knowing how to fix it?
(In reply to Tobias Heinlein from comment #5) > Dennis, would you consider this bug resolved then? Or is your scenario > something that other users might run into, not knowing how to fix it? I'd consider it resolved, I especially wouldn't want this blocking the stabilization of 4.2.8!
*** Bug 535926 has been marked as a duplicate of this bug. ***
should be all set now in the tree; thanks for the report! Commit message: Increase default rlimit to 256MiB http://sources.gentoo.org/net-misc/ntp/ntp-4.2.8_p2.ebuild?rev=1.1