[collectd] Ohhhh jeeee, libgcrypt 1.4.1 + collectd 4.7.2

Florian Forster octo at verplant.org
Mon Aug 31 17:51:23 CEST 2009


Hi Luke,

On Sun, Aug 30, 2009 at 10:31:55PM -0700, Luke Heberling wrote:
> When using collectd 4.7.2 with libgcrypt 1.4.1 I'm getting an error
> message: Ohhhh jeeee: operation is not possible without initialized
> secure memory

wow, very German sounding error message ;) I guess the daemon / the
library needs privileges to allocate and initialize “secure” memory.
Under Linux I guess providing the daemon with the CAP_IPC_LOCK
capability (see capabilities(7)) should be enough.

> A collectd client dies with this message and SIGABRT as soon as it
> starts up, a server dies with this message and SIGABRT when it first
> receives an encrypted or signed network packet.

Argh! I hate libraries that terminate the running program. This is a
condition the application using the library could handle gracefully in
many cases …

> upgrading libgcrypt to 1.4.4 (squeeze) fixes the problem, …

The NEWS.gz of the libgcrypt11-dev package has this to say (regarding
new stuff in version 1.4.3):

 * Auto-initialize the secure memory to 32k instead of aborting the
   process.

Without knowing what *exactly* is going on it's hard to decide what to
do against this problem, especially since this kind of problem appears
to be “fixed” in later versions of the library.

Regards,
-octo
-- 
Florian octo Forster
Hacker in training
GnuPG: 0x91523C3D
http://verplant.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.verplant.org/pipermail/collectd/attachments/20090831/cd68695e/attachment.pgp 


More information about the collectd mailing list