dovecot init.d discovers the pidfile variable in a way that blocks on a low entropy system (#10320) · Issues · alpine / aports

dovecot init.d discovers the pidfile variable in a way that blocks on a low entropy system

From console

 * /run/lock: creating directory
 * /run/lock: correcting owner
 * Mounting xenfs ... [ ok ]
[    3.798024] random: doveconf: getrandom without GRND_NONBLOCK while crng not ready
[  259.681214] random: crng init done
 * Caching service dependencies ... [ ok ]
 * Remounting /dev according to fstab ... [ ok ]

Note: that GRND_NONBLOCK printout is from a patched kernel

From dovecot init.d script

cfgfile=/etc/dovecot/dovecot${instance:+.$instance}.conf
pidfile=$(doveconf -c $cfgfile -h base_dir 2>/dev/null)/master.pid
command=/usr/sbin/dovecot
command_args=${instance:+-c $cfgfile}

Commit that introduced the fault commit:7307d5b5

kernel patch used to find what cases the boot hang:

<@@ -2055,6 +2055,9 @@
        if (!crng_ready()) {
                if (flags & GRND_NONBLOCK)
                        return -EAGAIN;
+               printk(KERN_NOTICE "random: %s: getrandom without "
+                       "GRND_NONBLOCK while crng not ready\n",
+                       current->comm);
                ret = wait_for_random_bytes();
                if (unlikely(ret))
                        return ret;

(from redmine: issue id 10320, created on 2019-04-23)

From console

* /run/lock: creating directory
     * /run/lock: correcting owner
     * Mounting xenfs ... [ ok ]
    [    3.798024] random: doveconf: getrandom without GRND_NONBLOCK while crng not ready
    [  259.681214] random: crng init done
     * Caching service dependencies ... [ ok ]
     * Remounting /dev according to fstab ... [ ok ]

Note: that GRND\_NONBLOCK printout is from a patched kernel

From dovecot init.d script

cfgfile=/etc/dovecot/dovecot${instance:+.$instance}.conf
    pidfile=$(doveconf -c $cfgfile -h base_dir 2>/dev/null)/master.pid
    command=/usr/sbin/dovecot
    command_args=${instance:+-c $cfgfile}

Commit that introduced the fault
commit:7307d5b5eb03b045960b5cf85bd98af3f7a9ab54

kernel patch used to find what cases the boot hang:

<@@ -2055,6 +2055,9 @@
            if (!crng_ready()) {
                    if (flags & GRND_NONBLOCK)
                            return -EAGAIN;
    +               printk(KERN_NOTICE "random: %s: getrandom without "
    +                       "GRND_NONBLOCK while crng not ready\n",
    +                       current->comm);
                    ret = wait_for_random_bytes();
                    if (unlikely(ret))
                            return ret;

*(from redmine: issue id 10320, created on 2019-04-23)*

Discussion
Designs

The one place for your designs

To enable design management, you'll need to meet the requirements. If you need help, reach out to our support team for assistance.