[collectd] Ohhhh jeeee, libgcrypt 1.4.1 + collectd 4.7.2

Florian Forster octo at verplant.org
Mon Aug 31 17:51:23 CEST 2009

Hi Luke,

On Sun, Aug 30, 2009 at 10:31:55PM -0700, Luke Heberling wrote:
> When using collectd 4.7.2 with libgcrypt 1.4.1 I'm getting an error
> message: Ohhhh jeeee: operation is not possible without initialized
> secure memory

wow, very German sounding error message ;) I guess the daemon / the
library needs privileges to allocate and initialize “secure” memory.
Under Linux I guess providing the daemon with the CAP_IPC_LOCK
capability (see capabilities(7)) should be enough.

> A collectd client dies with this message and SIGABRT as soon as it
> starts up, a server dies with this message and SIGABRT when it first
> receives an encrypted or signed network packet.

Argh! I hate libraries that terminate the running program. This is a
condition the application using the library could handle gracefully in
many cases …

> upgrading libgcrypt to 1.4.4 (squeeze) fixes the problem, …

The NEWS.gz of the libgcrypt11-dev package has this to say (regarding
new stuff in version 1.4.3):

 * Auto-initialize the secure memory to 32k instead of aborting the

Without knowing what *exactly* is going on it's hard to decide what to
do against this problem, especially since this kind of problem appears
to be “fixed” in later versions of the library.

Florian octo Forster
Hacker in training
GnuPG: 0x91523C3D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.verplant.org/pipermail/collectd/attachments/20090831/cd68695e/attachment.pgp 

More information about the collectd mailing list