diff -Nru chrony-3.2/debian/changelog chrony-3.2/debian/changelog --- chrony-3.2/debian/changelog 2018-05-23 14:22:13.000000000 +0000 +++ chrony-3.2/debian/changelog 2018-08-20 09:36:18.000000000 +0000 @@ -1,3 +1,11 @@ +chrony (3.2-4ubuntu4.2) bionic; urgency=medium + + * d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting + the service on newer kernels by falling back to urandom. + (LP: #1787366, Closes: #906276) + + -- Christian Ehrhardt Mon, 20 Aug 2018 11:36:18 +0200 + chrony (3.2-4ubuntu4.1) bionic; urgency=medium * debian/usr.sbin.chronyd: diff -Nru chrony-3.2/debian/patches/lp-1787366-fall-back-to-urandom.patch chrony-3.2/debian/patches/lp-1787366-fall-back-to-urandom.patch --- chrony-3.2/debian/patches/lp-1787366-fall-back-to-urandom.patch 1970-01-01 00:00:00.000000000 +0000 +++ chrony-3.2/debian/patches/lp-1787366-fall-back-to-urandom.patch 2018-08-20 09:35:42.000000000 +0000 @@ -0,0 +1,42 @@ +From 7c5bd948bb7e21fa0ee22f29e97748b2d0360319 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar +Date: Thu, 17 May 2018 14:16:58 +0200 +Subject: [PATCH] util: fall back to reading /dev/urandom when getrandom() + blocks + +With recent changes in the Linux kernel, the getrandom() system call may +block for a long time after boot on machines that don't have enough +entropy. It blocks the chronyd's initialization before it can detach +from the terminal and may cause a chronyd service to fail to start due +to a timeout. + +At least for now, enable the GRND_NONBLOCK flag to make the system call +non-blocking and let the code fall back to reading /dev/urandom (which +never blocks) if the system call failed with EAGAIN or any other error. + +This makes the start of chronyd non-deterministic with respect to files +that it needs to open and possibly also makes it slightly easier to +guess the transmit/receive timestamp in client requests until the +urandom source is fully initialized. + +Author: Christian Ehrhardt +Original-Author: Miroslav Lichvar +Origin: backport, https://git.tuxfamily.org/chrony/chrony.git/commit/?id=7c5bd948bb7e21fa0ee22f29e97748b2d0360319 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1787366 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906276 +Last-Update: 2018-08-16 +--- + util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/util.c ++++ b/util.c +@@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, un + if (disabled) + break; + +- if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) { ++ if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof (rand_buf)) { + disabled = 1; + break; + } diff -Nru chrony-3.2/debian/patches/series chrony-3.2/debian/patches/series --- chrony-3.2/debian/patches/series 2018-05-23 14:21:02.000000000 +0000 +++ chrony-3.2/debian/patches/series 2018-08-20 09:34:58.000000000 +0000 @@ -1,3 +1,4 @@ lp1589780-sys_linux-don-t-keep-CAP_SYS_TIME-with-x-option.patch lp-1718227-ignore-non-up-down-events-in-nm-dispatcher.patch lp-1718227-nm-dispatcher-for-networkd.patch +lp-1787366-fall-back-to-urandom.patch