[CentOS] secpwgen

Fri Jan 20 17:03:10 UTC 2012
John Doe <jdmls at yahoo.com>

From: Helmut Drodofsky <drodofsky at internet-xs.de>

> secpwgen is always reporting
>      "mlock: Cannot allocate memory"
> even with user root.

mlock(0x7f14e3d5d000, 65536)            = -1 ENOMEM (Cannot allocate memory)

The man page says:
ENOMEM (Linux 2.6.9 and later) the caller had a non-zero RLIMIT_MEMLOCK
              soft  resource  limit,  but  tried  to lock more memory than the
              limit permitted.  This limit is not enforced if the  process  is
              privileged (CAP_IPC_LOCK).
# ulimit -l
64

Tried to raise it but still fails...
# ulimit -l 128
# ulimit -l
128
mlock(0x7f6c049ad000, 65536)            = -1 ENOMEM (Cannot allocate memory)

The man pages also says:
ENOMEM Some  of  the  specified  address  range  does not correspond to
              mapped pages in the address space of the process.

And finaly, the CHANGELOG says:
* Added an option to compile with mlock() instead of mlockall().
  - mlockall() caused problems on some Linux 2.6 distros because it would
    succeed even for ordinary users. some library component would then
    try to allocate too much memory which would exceed the process'
    resource limits for locked memory. being unable to allocate memory has
    resulted in a crash.

Tried to compile it but it is a pain and no time right now...

JD