[Bug 473743] New: /etc/localtime being a symlink to separate file system can cause dead openvpn connections
https://bugzilla.novell.com/show_bug.cgi?id=473743 Summary: /etc/localtime being a symlink to separate file system can cause dead openvpn connections Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: All OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: ugayer@web.de QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (compatible; Konqueror/4.1; Linux) KHTML/4.1.3 (like Gecko) SUSE My system starts openvpn at boot time. Every time after system startup the openvpn connection worked only for a few moments then went dead. I had to restart openvpn, from that on it worked for the rest of the session. It turned out that shortly after system startup the system time was stepped back by ntpd. This seems to be deadly for openvpn connections. ntpd had to step back time because the system could not read /etc/localtime at boot time. localtime is just a symlink pointing to a separate /usr file system which becomes mounted *after* the time setting. Reproducible: Always Steps to Reproduce: 1. Set up /usr on a separate partition. 2. Choose a timezone east of Greenwich like "Europe/Berlin". 3. Run hardware clock in local time. 3. Make openvpn connect to a remote server at boot time. 4. Set up automatic time sync with ntpd. 5. Wait a few minutes after boot then ping you openvpn server peer. Actual Results: Let's assume the hardware clock shows the local time 1:00 and the local timezone is UTC+1. System boots. Unfortunately timezone information is unavailable to boot.clock because /etc/localtime points to a file in /usr which is not yet mounted. The system falls back to interpret the hardware clock in UTC. Thus the system clock is set to 01:00 UTC (wrong!). Then /usr is mounted, time zone information becomes readable. The system time is now interpreted as 02:00 CET (wrong!). Openvpn connects to remote server. For a few moments this connection works. Later on, ntpd kicks in and steps back the system time by one hour to 01:00 CET (correct). Problem: Openvpn is very sensible to time stepping back and instantly halts the connection, unfortunately without any hint in its logs. After I copied /usr/share/zoneinfo/Europe/Berlin to /etc/localtime all these problems disappeared. Expected Results: I expect the system to correctly set the time during startup even if /usr is a file system of its own (which is absolutely not a "weird" configuration). I do understand that time setting must happen at a very early boot stage but then it is not wise to rely on symlinks for the time zone information. /etc/localtime should be a *copy* of /usr/share/zoneinfo/what/ever. example openvpn log: [It starts showing the wrong time in the beginning. The correct local time was 01:51.] Sat Feb 7 02:51:52 2009 us=5246 Initialization Sequence Completed [3 Minutes later I noticed the openvpn connection was dead. The following log entries show my manual restart of openvpn. Meanwhile ntp had stepped the system clock.] Sat Feb 7 01:55:06 2009 us=515796 event_wait : Interrupted system call (code=4) Sat Feb 7 01:55:06 2009 us=516320 TCP/UDP: Closing socket Compare with /var/log/ntp: 7 Feb 02:51:56 ntpd[4175]: synchronized to 85.10.196.184, stratum 2 7 Feb 01:51:56 ntpd[4175]: time reset -3599.967174 s -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=473743 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=473743#c1 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@novell.com, | |werner@novell.com AssignedTo|bnc-team-screening@forge.pr |pbaudis@novell.com |ovo.novell.com | --- Comment #1 from Ludwig Nussel <lnussel@novell.com> 2009-02-09 05:49:31 MST --- zic installs a symlink if hardlinking /etc/localtime failed. That cannot work if /usr is a separate partition of course. -DHAVE_SYMLINK=0 should be passed when compiling zic. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=473743 User werner@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=473743#c2 Dr. Werner Fink <werner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |426270 --- Comment #2 from Dr. Werner Fink <werner@novell.com> 2009-02-09 06:02:40 MST --- See bug #426270 comment 76 and 77. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com