RHBA-2011:0980 - Bug Fix Advisory

Topic

An updated ntp package that fixes various bugs and provides an enhancement is
now available for Red Hat Enterprise Linux 5.

Description

The Network Time Protocol (NTP) is used to synchronize a computer's time with a
referenced time source.

This updated ntp package includes fixes for the following bugs:

• The ntpd man pages suggested that the "-L" command option could be issued

without an argument. However, the user needs to define the virtual interfaces as
arguments of the option. This update corrects the ntp help page. (BZ#460434)

• Prior to this update, if the /usr directory was mounted on an NFS file system,

the ntpd service could not be started before the netfs service. This update
moves the NTP applications to the /sbin directory so the user may change the
ntpd startup priority to start prior to the netfs service. Note that if you wish
to mount NFS version 4 with Kerberos authentication, you should consider
changing the ntpd startup priority to start prior to the netfs service.
Otherwise authentication may fail due to the non-synchronized date. (BZ#470945)

• Prior to this update, verifying the ntp package with the "rpm -V" command

failed on the package configuration file if the configuration file had changed.
However, changes to the configuration file should not impact the verification
test. This update adapts the spec file and the package verify test passes
successfully. (BZ#481151)

• The ntpd daemon could terminate unexpectedly due to a low memory lock limit.

With this update, the memory lock limit has been doubled. (BZ#575874)

• The "-q" command line option causes the ntpd service to exit immediately after

the clock is set. Prior to this update, the man page ntpd(8) did not document
that this only occurs if there are servers configured for ntpd to set the clock
against. The user could conclude that ntpd was misbehaving when it did not quit
if run with the "-q" switch but with no configured servers. With this update,
the ntpd(8) man page notes that "ntpd -q" only exits if used to set the clock
with configured servers. (BZ#591838)

• Prior to this update, the ntpd daemon could terminate unexpectedly with a

segmentation fault on a machine with more than 512 local IP addresses. This
happened because of a limit set for scanning. With this update, the limit scan
has been changed to scan to the maximum number of interfaces and the ntpd daemon
no longer crashes in such circumstances. (BZ#661934)

• Prior to this update, the ntp-keygen(8) patch man page contained multiple

typos. This update fixes the typos. (BZ#664524, BZ#664525)

• The "ntpstat" command printed an incorrect maximum error estimate. This

occurred because the "time correct to within" value did not include the root
delay. With this update, the value includes the root delay and the displayed
"time correct to within" value is correct. (BZ#679034)

In addition, this updated ntp package provides the following enhancement:

• Prior to this update, the ntpd daemon did not allow the specification of

multiple interfaces which it should be listening on. With this update, the user
can define multiple interfaces the daemon should be listening on. (BZ#528799)

All ntp users are advised to upgrade to this updated package, which resolves
these issues and provides this enhancement.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 460434 - ntpd -L does not work as advertised
• BZ - 470945 - NFS4 with kerberos authetication fails because date has yet to be synced
• BZ - 481151 - ntp rpm verification fails on /etc/ntp.conf
• BZ - 575874 - ntpd can die due to ulimit on 64bit arch
• BZ - 591838 - ntpd -q does not exit when no servers are defined in /etc/ntpd.conf
• BZ - 661934 - ntpd crashes if a machine has more than 512 IPs
• BZ - 664524 - ntp-keygen 8 manpage fixes
• BZ - 664525 - ntpq(8) manpage fixes
• BZ - 679034 - ntpstat doesn't include root delay in maximum error estimate

CVEs

(none)

References

(none)