[pkg-ntp-maintainers] Bug#874540: ntpdate vs ntp service lock not safe with systemd service
Christian Ehrhardt
christian.ehrhardt at canonical.com
Thu Sep 7 06:59:23 UTC 2017
Package: ntp
Version: 1:4.2.8p10+dfsg-5
Hi,
this is a follow on to bug 806556
Back then you fixed it for sysv-init and I can confirm it worked great.
But since recent versions the sysv script is no more used as there is a
native systemd service.
I carried forward your change in bug 806556 to the systemd wrapper and it
works just fine - again locking the start of the service against
potentially racing ntpdate ifup hook executions.
If you agree, the following change should fix the issue:
diff --git a/debian/ntp-systemd-wrapper b/debian/ntp-systemd-wrapper
index 8d5d1f2..fead246 100755
--- a/debian/ntp-systemd-wrapper
+++ b/debian/ntp-systemd-wrapper
@@ -2,6 +2,7 @@
DAEMON=/usr/sbin/ntpd
PIDFILE=/var/run/ntpd.pid
+LOCKFILE=/run/lock/ntpdate
if [ -r /etc/default/ntp ]; then
. /etc/default/ntp
@@ -17,5 +18,13 @@ if test "$(uname -s)" = "Linux"; then
NTPD_OPTS="$NTPD_OPTS -u $UGID"
fi
-exec $DAEMON -p $PIDFILE $NTPD_OPTS
+# Protect the service startup against concurrent ntpdate ifup hooks
+(
+ if flock -w 180 9; then
+ exec $DAEMON -p $PIDFILE $NTPD_OPTS
+ else
+ echo "Timeout waiting for $LOCKFILE"
+ exit 1
+ fi
+) 9>$LOCKFILE
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-ntp-maintainers/attachments/20170907/24d20b0a/attachment.html>
More information about the pkg-ntp-maintainers
mailing list