Updated on 2022-12-08 GMT+08:00

ALM-12040 Insufficient System Entropy

Description

The system checks the entropy at 00:00:00 every day and performs five consecutive checks each time. First, the system checks whether the rng-tools tool is enabled and correctly configured. If not, the system checks the current entropy. This alarm is generated if the entropy is less than 500 in the five checks.

This alarm is cleared if the true random number mode is configured, random numbers are configured in pseudo-random number mode, or neither the true random number mode nor the pseudo-random number mode is configured but the entropy is greater than or equal to 500 in at least one check among the five checks.

Attribute

Alarm ID

Alarm Severity

Auto Clear

12040

Major

Yes

Parameters

Parameter

Description

ServiceName

Specifies the service for which the alarm is generated.

RoleName

Specifies the role for which the alarm is generated.

HostName

Specifies the host for which the alarm is generated.

Impact on the System

Decryption failures occur and functions related to decryption are affected, for example, DBService installation.

Possible Causes

The rngd service is abnormal.

Procedure

  1. Go to the cluster details page and choose Alarms.
  2. View the alarm details to obtain the value of the HostName field in Location.
  3. Log in to the node for which the alarm is generated and run the sudo su - root command to switch to user root.
  4. Run the /bin/rpm -qa | grep -w "rng-tools" command. If the command is executed successfully, run the ps -ef | grep -v "grep" | grep rngd | tr -d " " | grep "\-o/dev/random" | grep "\-r/dev/urandom" command and view the command output.

    • If the command is executed successfully, the rngd service is installed, correctly configured, and is running properly. Go to 8.
    • If the command is not executed successfully, the rngd service is not running properly. Then go to 5.

  5. Run the following command to start the rngd service:

    echo 'EXTRAOPTIONS="-r /dev/urandom -o /dev/random"' >> /etc/sysconfig/rngd

    service rngd start

  6. Run the service rngd status command to check whether the rngd service is in the running state.

    • If yes, go to 7.
    • If no, go to 8.

  7. Wait until 00:00:00 when the system checks the entropy again. Check whether the alarm is cleared automatically.

    • If yes, no further action is required.
    • If no, go to 8.

  8. Collect fault information.

    1. On MRS Manager, choose System > Export Log.
    2. Contact the O&M personnel and send the collected logs.

Reference

None