Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 533232 - net-misc/ntp-4.2.8 - ntpd crashes saying "out of memory"
Summary: net-misc/ntp-4.2.8 - ntpd crashes saying "out of memory"
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: AMD64 Linux
: Normal normal (vote)
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
: 535926 (view as bug list)
Depends on:
Blocks: CVE-2014-9293
  Show dependency tree
 
Reported: 2014-12-21 21:35 UTC by Dennis Lichtenthäler
Modified: 2015-04-08 21:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
emerge --info (emerge.info,4.84 KB, text/plain)
2014-12-21 21:36 UTC, Dennis Lichtenthäler
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Dennis Lichtenthäler 2014-12-21 21:35:20 UTC
After the update to net-misc/ntp-4.2.8 via bug 533076 the daemon reproducibly crashes a few seconds after launch reporting "out of memory" to syslog (there is plenty of memory available). I've tried running it with the default configuration file which makes no difference.

On the same machine, 4.2.6_p5-r10 has been running great for multiple months.

Reproducible: Always

Steps to Reproduce:
1. update to net-misc/ntp-4.2.8
2. /etc/init.d/ntpd start
Actual Results:  
Crashes a few seconds after launch.


I've seen some bug reports at redhat (https://bugzilla.redhat.com/show_bug.cgi?id=141048) and other places with the same symptoms but these are ancient and none of the remedies seem to help here.
Comment 1 Dennis Lichtenthäler 2014-12-21 21:36:22 UTC
Created attachment 392196 [details]
emerge --info
Comment 2 Jeroen Roovers gentoo-dev 2014-12-22 09:33:07 UTC
Please post the entire output of the failing command. Also include dmesg/syslog messages if appropriate.
Comment 3 Dennis Lichtenthäler 2014-12-22 11:29:59 UTC
It seems to be connected to running the daemon as a non-privileged user. If I run it as root it runs fine for a couple of minutes but as 'ntp' it produces the following output:

Dec 22 12:24:55 ridcully ntpd[2386]: ntpd 4.2.8@1.3265-o Sun Dec 21 21:28:02 UTC 2014 (1): Starting
Dec 22 12:24:55 ridcully ntpd[2386]: Command line: ntpd -u ntp:ntp -I 188.40.99.69 -n -D 9
Dec 22 12:24:55 ridcully ntpd[2386]: proto: precision = 0.114 usec (-23)
Dec 22 12:24:55 ridcully ntpd[2386]: Listen and drop on 0 v6wildcard [::]:123
Dec 22 12:24:55 ridcully ntpd[2386]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Dec 22 12:24:55 ridcully ntpd[2386]: Listen normally on 2 lo 127.0.0.1:123
Dec 22 12:24:55 ridcully ntpd[2386]: Listen normally on 3 eth0 188.40.99.69:123
Dec 22 12:24:55 ridcully ntpd[2386]: Listen normally on 4 lo [::1]:123
Dec 22 12:24:55 ridcully ntpd[2386]: Listening on routing socket on fd #21 for interface updates
Dec 22 12:25:10 ridcully out of memory [2386]

This is a hardened system, all ntp updates on regular systems are running fine.
Comment 4 Dennis Lichtenthäler 2014-12-22 11:56:57 UTC
Turns out the ntpd process was killed by grsec:

grsec: denied resource overstep by requesting 250421248 for RLIMIT_MEMLOCK against limit 67108864 for /usr/sbin/ntpd[ntpd:2601] uid/euid:123/123 gid/egid:123/123, parent /bin/zsh[zsh:5856] uid/euid:0/0 gid/egid:0/0

Adding the following to /etc/ntp.conf fixed the problem for me:

rlimit memlock 128

Sorry for the noise...
Comment 5 Tobias Heinlein (RETIRED) gentoo-dev 2014-12-22 14:08:36 UTC
Dennis, would you consider this bug resolved then? Or is your scenario something that other users might run into, not knowing how to fix it?
Comment 6 Dennis Lichtenthäler 2014-12-22 14:49:40 UTC
(In reply to Tobias Heinlein from comment #5)
> Dennis, would you consider this bug resolved then? Or is your scenario
> something that other users might run into, not knowing how to fix it?

I'd consider it resolved, I especially wouldn't want this blocking the stabilization of 4.2.8!
Comment 7 SpanKY gentoo-dev 2015-04-08 20:48:42 UTC
*** Bug 535926 has been marked as a duplicate of this bug. ***
Comment 8 SpanKY gentoo-dev 2015-04-08 21:13:26 UTC
should be all set now in the tree; thanks for the report!

Commit message: Increase default rlimit to 256MiB
http://sources.gentoo.org/net-misc/ntp/ntp-4.2.8_p2.ebuild?rev=1.1