[Bug 793] ulogd -d does not close all fds

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Mon Jul 22 17:48:53 CEST 2013 

https://bugzilla.netfilter.org/show_bug.cgi?id=793

Phil Oester <netfilter at linuxace.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |INVALID

--- Comment #13 from Phil Oester <netfilter at linuxace.com> 2013-07-22 17:48:51 CEST ---
(In reply to comment #11)
> Created attachment 407 [details]
> ulogd uses daemon() function
> 
> THis should fix the issue. If not, we are at least state of the art regarding
> daemonization.

This does not appear to fix the issue.  However, on rereading this bug report
it appears Pablo misinterpreted the issue.  The problem is not that ulogd is
leaking _it's own_ file descriptors, but instead when daemonizing it picks up
the flock FD from the calling process via the fork call:

       *  The  child  inherits  copies  of  the parent's set of open file
          descriptors.  Each file descriptor in the child
          refers to the same open file description (see open(2)) as the
          corresponding  file  descriptor  in  the  parent.

So upon closer analysis, it does not appear that ulogd is doing anything wrong
here.  The problem is in how it is being called with flock.  flock has a fix
for this issue via the -o option:

       -o, --close
              Close the file descriptor on which the lock is held before
              executing command .  This is useful  if  command
              spawns a child process which should not be holding the lock.

When testing with this command:

    valgrind --track-fds=yes /usr/bin/flock --timeout 300 \
    /var/lock/chef-client ./ulogd -d

We see this output from valgrind on ulogd exit:

    ==10769== FILE DESCRIPTORS: 4 open at exit.
    ==10769== Open file descriptor 3: /run/lock/chef-client
    ==10769==    <inherited from parent>
    ...

If we add the -o option to the flock call, valgrind produces this output:

    ==10784== FILE DESCRIPTORS: 3 open at exit.

Eric - sorry for the runaround on this one - I should have read the details
more closely.  Unclear if you want to commit your patch or not, but it won't
make a difference in this case.  

Closing - not a ulogd bug.

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list