NTP Service Hangs on OES 2015 SP1

Good afternoon 

 

Customer recently completed a migration from OES 2 SP3 to OES 2015 SP1 they are dealing with older hardware, and in some cases insufficient RAM. However; one of the items that has been troubling as of late, has been when attempting to view/check the status of the NTP service, "rcntp status" basically the response comes back nothing to do, or no response. Something to that effect, I just went through the bulk of their servers today, and forgot to actually get the error.

That said, if you go into YAST and configure ntp client, making sure that  under the Security Settings the check box for Run NTP Daemon in Chroot jail is selected, that seems to bring the correct response from the "rcntp status" command. 

I was just wondering if anyone else has seen this behavior, or knows if it might still be an issue in OES 2018 SP2 or SLES 12 SP5?

Thank you, 

-Daniel 

 

  • Never seen before. If you release the daemon from jail, does it still work then? If so, i'd suspect some sort of leftover from the SLES10 config. Other than that: apparmor is always a good candidate if something doesn't work as expected. Do you have it running?

     

  • Good morning, 

     

    If the check box next to run in chroot jail is un-selected or unchecked, we've seen the results that when doing the "rcntp status' basically nothing is returned. So we've been trying to make sure to check that box. Which to this point has been resolving the issue. Just again seems that when doing random checks that this issue seems to reappear. 

    I've heard of issues with the Apparmor application, and for that reason I don't believe the customer even installs or configures that on their OES servers. I just spot checked one of them, and I didn't see anything  related to Apparmor. 

    Thank you, 

    -Daniel 

  • There's an "Apparmor" pattern which is selected by default, so unless you explicitely uncheck while installing, you'll likely have this stuff. Does the daemon work at all, i.e. what do you get on e.g.

    ntpq -p