diff -up ntp-4.2.6p5/html/ntpd.html.mlock ntp-4.2.6p5/html/ntpd.html
--- ntp-4.2.6p5/html/ntpd.html.mlock 2012-11-23 14:58:15.401693701 +0100
+++ ntp-4.2.6p5/html/ntpd.html 2012-11-23 14:58:15.415693714 +0100
@@ -32,7 +32,7 @@
</ul>
<hr>
<h4 id="synop">Synopsis</h4>
- <tt>ntpd [ -46aAbdDgLnNqx ] [ -c <i>conffile</i> ] [ -f <i>driftfile</i> ] [ -i <i>jaildir</i> ] [ -I <i>iface</i> ] [ -k <i>keyfile</i> ] [ -l <i>logfile</i> ] [ -p <i>pidfile</i> ] [ -P <i>priority</i> ] [ -r <i>broadcastdelay</i> ] [ -s <i>statsdir</i> ] [ -t <i>key</i> ] [ -u <i>user</i>[:<i>group</i>] ] [ -U <i>interface_update_interval</i> ] [ -v <i>variable</i> ] [ -V <i>variable</i> ]</tt>
+ <tt>ntpd [ -46aAbdDgLmnNqx ] [ -c <i>conffile</i> ] [ -f <i>driftfile</i> ] [ -i <i>jaildir</i> ] [ -I <i>iface</i> ] [ -k <i>keyfile</i> ] [ -l <i>logfile</i> ] [ -p <i>pidfile</i> ] [ -P <i>priority</i> ] [ -r <i>broadcastdelay</i> ] [ -s <i>statsdir</i> ] [ -t <i>key</i> ] [ -u <i>user</i>[:<i>group</i>] ] [ -U <i>interface_update_interval</i> ] [ -v <i>variable</i> ] [ -V <i>variable</i> ]</tt>
<h4 id="descr">Description</h4>
<p>The <tt>ntpd</tt> program is an operating system daemon that synchronises the system clock with remote NTP time servers or local reference clocks. It is a complete implementation of the Network Time Protocol (NTP) version 4, but also retains compatibility with version 3, as defined by RFC-1305, and version 1 and 2, as defined by RFC-1059 and RFC-1119, respectively. The program can operate in any of several modes, as described on the <a href="assoc.html">Association Management</a> page, and with both symmetric key and public key cryptography, as described on the <a href="manyopt.html">Authentication Options</a> page.</p>
<p>The <tt>ntpd</tt> program ordinarily requires a configuration file as described on the Configuration Commands and Options collection above. However a client can discover remote servers and configure them automatically. This makes it possible to deploy a fleet of workstations without specifying configuration details specific to the local environment. Further details are on the <a href="manyopt.html">Automatic Server Discovery</a> page.</p>
@@ -123,6 +123,8 @@
<dd>Do not listen to virtual interfaces, defined as those with names containing a colon. This option is deprecated. Please consider using the configuration file <a href="miscopt.html#interface">interface</a> command, which is more versatile.</dd>
<dt><tt>-M</tt></dt>
<dd>Raise scheduler precision to its maximum (1 msec) using timeBeginPeriod. (Windows only)</dd>
+ <dt><tt>-m</tt>
+ <dd>Lock memory.
<dt><tt>-n</tt></dt>
<dd>Don't fork.</dd>
<dt><tt>-N</tt></dt>
diff -up ntp-4.2.6p5/ntpd/ntpd.c.mlock ntp-4.2.6p5/ntpd/ntpd.c
--- ntp-4.2.6p5/ntpd/ntpd.c.mlock 2012-11-23 14:58:15.369693666 +0100
+++ ntp-4.2.6p5/ntpd/ntpd.c 2012-11-23 14:58:15.416693715 +0100
@@ -723,7 +723,8 @@ ntpdmain(
}
#endif
-#if defined(HAVE_MLOCKALL) && defined(MCL_CURRENT) && defined(MCL_FUTURE)
+#if defined(MCL_CURRENT) && defined(MCL_FUTURE)
+ if (HAVE_OPT( MLOCK )) {
# ifdef HAVE_SETRLIMIT
/*
* Set the stack limit to something smaller, so that we don't lock a lot
@@ -749,7 +750,7 @@ ntpdmain(
* fail if we drop root privlege. To be useful the value
* has to be larger than the largest ntpd resident set size.
*/
- rl.rlim_cur = rl.rlim_max = 32*1024*1024;
+ rl.rlim_cur = rl.rlim_max = 128*1024*1024;
if (setrlimit(RLIMIT_MEMLOCK, &rl) == -1) {
msyslog(LOG_ERR, "Cannot set RLIMIT_MEMLOCK: %m");
}
@@ -761,6 +762,7 @@ ntpdmain(
*/
if (mlockall(MCL_CURRENT|MCL_FUTURE) < 0)
msyslog(LOG_ERR, "mlockall(): %m");
+ }
#else /* not (HAVE_MLOCKALL && MCL_CURRENT && MCL_FUTURE) */
# ifdef HAVE_PLOCK
# ifdef PROCLOCK
diff -up ntp-4.2.6p5/ntpd/ntpdbase-opts.def.mlock ntp-4.2.6p5/ntpd/ntpdbase-opts.def
--- ntp-4.2.6p5/ntpd/ntpdbase-opts.def.mlock 2009-12-09 08:36:35.000000000 +0100
+++ ntp-4.2.6p5/ntpd/ntpdbase-opts.def 2012-11-23 15:07:16.960261421 +0100
@@ -226,6 +226,14 @@ flag = {
};
flag = {
+ name = mlock;
+ value = m;
+ descrip = "Lock memory";
+ doc = <<- _EndOfDoc_
+ _EndOfDoc_;
+};
+
+flag = {
ifdef = SYS_WINNT;
name = modifymmtimer;
value = M;