[ntp:security] [Bug 2960] upgrade to 4.2.8p4 causes FAIL at name resolution; error: ntpd[9881]: giving up resolving host clock.isc.org: Servname not supported for ai_socktype (-8)

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Fri Feb 5 18:57:58 UTC 2016


https://bugs.ntp.org/show_bug.cgi?id=2960

--- Comment #22 from Juergen Perlinger <perlinger at ntp.org> 2016-02-05 18:57:58 UTC ---
(In reply to comment #21)
> Whoops, haven't you seen that I already revoked my suggestion to use
> __nss_disable_nscd() last Tuesday in a reply to Harlan's mail with you in Cc?
> <---snip--->

Ooops, my fault. Got that mail sorted into the wrong folder somehow. Well, no
damage done so far, and not much work gone to the trash bin.

Anyway, because of all the other possible problems (race between threads and
chroot() etc) I'm still working on entering the jailroot as early as possible.

It might be best to make the distinction between forking and threading DNS
worker a runtime decision instead of a compile time issue. It would also need
to fork away the worker rather early (before entering the root jail), and that
would in turn need quite some work to keep the pipe handles. Not to mention
that the async resolver no has to deal with two possible operation modes at
runtime.

-- 
Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list