Re: [chrony-users] Chrony vs. Linux RNG

[Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>]

On Wed, May 9, 2018 at 8:50 AM, Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:

On Mon, May 07, 2018 at 10:11:36AM -0700, Denny Page wrote:
> For what it’s worth, I got bit by this yesterday moving from 4..14.30 to 4.14.39. I had a couple servers hang for a few minutes in chrony startup. However, I also had several servers that were still hung in chrony startup after 30 minutes. Adding background fixes the issue as noted.

I've seen it now too on one of my Fedora VMs running a server for
pool.ntp.org. The systemd service has a timeout of 90 seconds and
chronyd seems to be getting killed if it takes longer to start. Not
good.

As I understand it, this affects quite a few applications and there is
still some upstream discussion related to the RNG fix. Maybe it will
sort itself out on the kernel side.

You seem to track that already, do you have a few pointers to the Mailing list archives that cover the ongoing discussion that you could share?

 

If not, I think we should consider
releasing 3.3.1 with the fallback to /dev/urandom.

+1 on that suggestion 

I Must admit I'm almost tempted to prefer implementing a fallback mechanism in general (who knows what else than the mentioned kernel changes will happen and make chrony hit that again).

Is there any argument against implementing the fallback mechanism no matter what comes out on the kernel side of this discussion?

 

--
Miroslav Lichvar

--
To unsubscribe email chrony-users-request@chrony.tuxfamily.org
with "unsubscribe" in the subject.
For help email chrony-users-request@chrony.tuxfamily.org
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxx.org.

--

Christian Ehrhardt

Software Engineer, Ubuntu Server

Canonical Ltd