[Bug 215540] ntpd fails to start when ran via ssh with pseudo-terminal and terminals/connection are closed before child opens new fds
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Dec 24 19:55:36 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215540
Bug ID: 215540
Summary: ntpd fails to start when ran via ssh with
pseudo-terminal and terminals/connection are closed
before child opens new fds
Product: Base System
Version: 11.0-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: bin
Assignee: freebsd-bugs at FreeBSD.org
Reporter: dereks at lifeofadishwasher.com
ntpd fails to start if terminals are closed before ntpd's child process can
open new fds. Testing with HAVE_CLOSEFROM in config.h doesn't have this issue.
Before restrarting ntpd from A:
$ ntpq -pn
remote refid st t when poll reach delay offset
jitter
==============================================================================
north-america.p .POOL. 16 p - 64 0 0.000 0.000
0.002
*50.22.155.163 209.51.161.238 2 u 1 64 1 87.964 -2.998
2.572
...
Using something like the following to restart ntp on an array of machines:
for m in A B C; do ssh -t "$m" 'sudo service ntpd restart' ; done
Later from host A:
...
Dec 23 18:40:57 <ntp.notice> A ntpd[80966]: ntpd 4.2.8p9-a (1): Starting
...
$ ntpq -pn
ntpq: read: Connection refused
...
ntpd fails to finish starting up and silently fails. The same is true from B
and C.
Running the same without ssh's -t or sleeping before the connection closes
allows ntpd child to startup. This assumes the user can run sudo without a
password:
for m in A B C; do ssh "$m" 'sudo service ntpd restart' ; done
or
for m in A B C; do ssh -t "$m" 'sudo service ntpd restart; sleep 1' ; done
Testing ntpd from the relang/11.0 branch with '#define HAVE_CLOSEFROM 1' in
config.h appears to solve the problem.
This will cause libntp/ntp_worker.c close_all_beyond() to use closefrom(2) that
appears to not suffer the same issue as the two other ifdef's.
However, the issue appears to be contrib/ntp/ doesn't have a test to see if the
system has closefrom(2) so it appears we have to add it manually?
This was initially found when restarting ntpd on a legion of machines via
ansible. I'd suspect other config management tools that use ssh with
pseudo-terminals would suffer the same issue. The above is a raw example of
what something like ansible might perform.
This is also a problem in 9.3 and 10.x
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list