*** This bug is a security vulnerability ***
Public security bug reported:
I'm running on Ubuntu server 20.04 on a GCP VM. In some some rare cases in
which the VM memory stressed,
the chrony service is killed by the OOM.
Since chrony is a very important service which keeps the time in sync, it
mustn't crash and must remain highly available.
My suggestions are 2 low hanging fruit
1. Add a OOMScoreAdjust=-1000 setting to chrony.service file. This will
prevent as much as possible the OOM from killing the service
2. Add a Restart=Always setting to chrony.service. This will restart the
service in case of a failure.
3. Add a Nice=-20 setting to allow functionality under high cpu load
** Affects: chrony (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
I'm running on Ubuntu server 20.04 on a GCP VM. In some some rare cases in
which the VM memory stressed,
- the chrony service is killed by the OOM.
+ the chrony service is killed by the OOM.
Since chrony is a very important service which keeps the time in sync, it
mustn't crash and must remain highly available.
My suggestions are 2 low hanging fruit
1. Add a OOMScoreAdjust=-1000 setting to chrony.service file. This will
prevent as much as possible the OOM from killing the service
2. Add a Restart=Always setting to chrony.service. This will restart the
service in case of a failure.
+ 3. Add a Nice=-20 setting to allow functionality under high cpu load
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2089576
Title:
Chrony systemd service isn't restarted in case of an error
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/2089576/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
