Environment
Novell Access Management 3 Linux Novell Identity Server
Novell Access Management 3 Linux Access Gateway
VMWare workstation 5
Situation
Running the Linux Access Gateway (LAG) on a host running the VMWare workstation 5. On
VMware workstation 5 with certain CPUs (Centrino), the clock will drift in the guest
system often causing 100101014 errors during authentication with the Identity server (due to
invalid SAML timestamps).
VMware recommends to set clock=pit (or clock=pmtmr). With this setting on the Linux Access
Gateway server, the server would often coredump when running and all services become
unavailable.
Resolution
Fixed in the Linux Access Gateway build 064 and onwards - this
build is included in the Access Manager 3 SP1 IR1 build and will be
included in the final SP1 build too.
Additional Information
LAG looks for the 'CPU MHz' entry in the /proc/cpuinfo file to calculate the
CPU cycles per second and system ticks. The issue with the clock=pit is that it
sets that entry as '0'. LAG then crashes with a arithmetic exception(divide-by-zero)
while calculating the CPU cycles per second.
Fixed the issue to calculate the CPU cycles per second and ticks manually if
the entry is '0'.