Your message dated Sun, 19 Aug 2018 06:33:57 +0000
with message-id <[email protected]>
and subject line Bug#906276: fixed in chrony 3.3-3
has caused the Debian Bug report #906276,
regarding chrony: System startup is blocked for minutes long
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
906276: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906276
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chrony
Version: 3.3-2
Severity: important
Tags: patch

Dear Maintainer,

When trying out buster using fai-cloud-image scripts on Google cloud I
noticed that system took around 180 seconds to boot rather than 15
seconds (stretch).

After investigating, I detected it was a lack of entropy early on system
startup that caused chrony to be blocked when calling getrandom(). That
is an issue being reported on different projects[1][2] but I didn't see
anyone reporting it for chrony at the moment. (Maybe the lack of entropy
was not spotted when using buster outside of cloud providers?)

The upstream project is patched already[3], but there is no new release
for the moment. I contacted the maintainer[4] and there should be a new
release in the following month that would contain that fix[5]. I chose
to report this bug and provide a patch in order to avoid others facing
this issue which is not so trivial to understand what is going on.

Also this kind of bug is lately being discussed by debian community[6]

[1] https://github.com/libressl-portable/portable/issues/274
[2] 
https://github.com/openbsd/src/commit/edb2eeb7da8494998d0073f8aaeb8478cee5e00b
[3] 
https://git.tuxfamily.org/chrony/chrony.git/commit/?id=7c5bd948bb7e21fa0ee22f29e97748b2d0360319
[4] https://www.mail-archive.com/[email protected]/msg01898.html
[5] https://www.mail-archive.com/[email protected]/msg01899.html
[6] https://lists.debian.org/debian-release/2018/05/msg00130.html

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-1-amd64 (SMP w/1 CPU core)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages chrony depends on:
ii  adduser      3.117
ii  iproute2     4.17.0-2
ii  libc6        2.27-5
ii  libcap2      1:2.25-1.2
ii  libedit2     3.1-20180525-1
ii  libnettle6   3.4-1
ii  libseccomp2  2.3.3-3
ii  lsb-base     9.20170808
ii  ucf          3.0038

chrony recommends no packages.

Versions of packages chrony suggests:
pn  dnsutils  <none>

-- debconf information excluded
--- chrony-3.3.orig/util.c
+++ chrony-3.3/util.c
@@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, un
       if (disabled)                                                           
         break;
                         
-      if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) {
+      if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof 
(rand_buf)) {
         disabled = 1;              
         break;                              
       }   
--- chrony-3.3.orig/util.c
+++ chrony-3.3/util.c
@@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, un
       if (disabled)                                                           
         break;
                         
-      if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) {
+      if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof 
(rand_buf)) {
         disabled = 1;              
         break;                              
       }   

--- End Message ---
--- Begin Message ---
Source: chrony
Source-Version: 3.3-3

We believe that the bug you reported is fixed in the latest version of
chrony, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Vincent Blut <[email protected]> (supplier of updated chrony package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 18 Aug 2018 16:23:19 +0200
Source: chrony
Binary: chrony
Architecture: source
Version: 3.3-3
Distribution: unstable
Urgency: medium
Maintainer: Vincent Blut <[email protected]>
Changed-By: Vincent Blut <[email protected]>
Description:
 chrony     - Versatile implementation of the Network Time Protocol
Closes: 906276
Changes:
 chrony (3.3-3) unstable; urgency=medium
 .
   * debian/:
     - Normalize packaging with “wrap-and-sort -ab”.
 .
   * debian/control:
     - Bump standard-version to 4.2.0:
         ↳ Install upstream release notes as “/usr/share/doc/chrony/NEWS.gz”.
           Installing these as “/usr/share/doc/package/changelog.gz” is now
           deprecated.
 .
   * debian/patches/:
     - Cherry-pick upstream patch to avoid hangs when starting
     chronyd on newer kernels by falling back to urandom.
     Thanks to Gustavo Scalet <[email protected]> for the report and
     the initial patch. (LP: #1787366, Closes: #906276)
 .
   * debian/upstream/metadata:
     - Add DEP12 upstream metadata file.
Checksums-Sha1:
 b40c9bd62b6aa9f2cfb5362be291121d351445e3 2150 chrony_3.3-3.dsc
 ecea12a6d123fee66988db4f08acc99d71328c0e 32296 chrony_3.3-3.debian.tar.xz
Checksums-Sha256:
 7f3235f55fb6e99a36e730958b7f03f1559feff1c7feae99400fd4ac4f451b8b 2150 
chrony_3.3-3.dsc
 90541e441782194ba6e58f2b88d2c3e98d64d9b40a0b4d6c4a8e5011be9e40ca 32296 
chrony_3.3-3.debian.tar.xz
Files:
 db7c0efef509657d3f26b7938a7354d7 2150 net optional chrony_3.3-3.dsc
 9c56910adf5a272eee3a5ca446fe88f7 32296 net optional chrony_3.3-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAlt5B00ACgkQnFyZ6wW9
dQrTHAf+KuscS9aZzkDpMCBlxVfeFWylyOpFiqnErEG/B0TAdGCeR+RoOT2H9eRK
C/TsRCwap9iFDoOgB8U558B//sm8VCENTY+UBjD0aYD9MkG4L1C9mleJRrqO8Wpf
J9Hhkai1jjeVwM/xDVqLRroUCKLdO/5uCrpHxEGx31jKcfVcwJjf2j/U+Ne774dq
g7QYjyoJPXBPQBEIG0Zf2Q9wSPTHFr84IwRWo5NEp85/hyd3sbyJZDK+4DiySnOc
4LGBnZQ4ahYhDaRkZX6qCmqbOMqXKMtx+rCOTq26jZ9IyvW5iR5J5pphB+czYVQd
1Z0umwCspodEM6/2Bq23HkuDHrlUcw==
=VduO
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to