[nfs-utils,v3] gssd: daemonize earlier
diff mbox series

Message ID 20191017150844.21045-1-smayhew@redhat.com
State New
Headers show
Series
  • [nfs-utils,v3] gssd: daemonize earlier
Related show

Commit Message

Scott Mayhew Oct. 17, 2019, 3:08 p.m. UTC
daemon_init() calls closeall() which closes all fd's >= 4.  This causes
rpc.gssd to fail when it's configured to use the gssproxy interposer
plugin (via "use-gss-proxy=1" in nfs.conf or GSS_USE_PROXY="yes" in the
environment) *and* libtirpc debugging is enabled (i.e. at least one
"-r" on the command line):

1. During startup if rpc debugging is enabled then libtirpc_set_debug()
   is called, which calls openlog() which consumes fd 3.
2. If the gssproxy interposer plugin is enabled then when
   gssd_check_mechs() is called, a socket is created (fd 4) and
   connected to /var/lib/gssproxy/default.sock.  The fd is stored
   internally in a struct gpm_ctx.
3. daemon_init() runs and closes all fd's >= 4.
4. event_init() runs which calls epoll_create() which returns an epoll
   fd of 4.
5. Later when handling an upcall, gssd calls gssd_acquire_krb5_cred()
   which winds up closing the gpm_ctx->fd which was 4.
6. event_dispatch() calls epoll_wait() with epfd=4, and -EBADF is
   returned.  gssd logs the message ""ERROR: event_dispatch() returned!"
   and exits.

The solution is to call daemon_init() earlier.

Signed-off-by: Scott Mayhew <smayhew@redhat.com>
---
 utils/gssd/gssd.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Scott Mayhew Oct. 17, 2019, 3:26 p.m. UTC | #1
Note this is v1 patch.  I forgot to check my git config before creating
the patch :)

-Scott

On Thu, 17 Oct 2019, Scott Mayhew wrote:

> daemon_init() calls closeall() which closes all fd's >= 4.  This causes
> rpc.gssd to fail when it's configured to use the gssproxy interposer
> plugin (via "use-gss-proxy=1" in nfs.conf or GSS_USE_PROXY="yes" in the
> environment) *and* libtirpc debugging is enabled (i.e. at least one
> "-r" on the command line):
> 
> 1. During startup if rpc debugging is enabled then libtirpc_set_debug()
>    is called, which calls openlog() which consumes fd 3.
> 2. If the gssproxy interposer plugin is enabled then when
>    gssd_check_mechs() is called, a socket is created (fd 4) and
>    connected to /var/lib/gssproxy/default.sock.  The fd is stored
>    internally in a struct gpm_ctx.
> 3. daemon_init() runs and closes all fd's >= 4.
> 4. event_init() runs which calls epoll_create() which returns an epoll
>    fd of 4.
> 5. Later when handling an upcall, gssd calls gssd_acquire_krb5_cred()
>    which winds up closing the gpm_ctx->fd which was 4.
> 6. event_dispatch() calls epoll_wait() with epfd=4, and -EBADF is
>    returned.  gssd logs the message ""ERROR: event_dispatch() returned!"
>    and exits.
> 
> The solution is to call daemon_init() earlier.
> 
> Signed-off-by: Scott Mayhew <smayhew@redhat.com>
> ---
>  utils/gssd/gssd.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
> index 19ad4da..c38dedb 100644
> --- a/utils/gssd/gssd.c
> +++ b/utils/gssd/gssd.c
> @@ -1020,11 +1020,11 @@ main(int argc, char *argv[])
>  			    "support setting debug levels\n");
>  #endif
>  
> +	daemon_init(fg);
> +
>  	if (gssd_check_mechs() != 0)
>  		errx(1, "Problem with gssapi library");
>  
> -	daemon_init(fg);
> -
>  	event_init();
>  
>  	pipefs_dir = opendir(pipefs_path);
> -- 
> 2.17.2
>
Steve Dickson Oct. 24, 2019, 6:05 p.m. UTC | #2
On 10/17/19 11:08 AM, Scott Mayhew wrote:
> daemon_init() calls closeall() which closes all fd's >= 4.  This causes
> rpc.gssd to fail when it's configured to use the gssproxy interposer
> plugin (via "use-gss-proxy=1" in nfs.conf or GSS_USE_PROXY="yes" in the
> environment) *and* libtirpc debugging is enabled (i.e. at least one
> "-r" on the command line):
> 
> 1. During startup if rpc debugging is enabled then libtirpc_set_debug()
>    is called, which calls openlog() which consumes fd 3.
> 2. If the gssproxy interposer plugin is enabled then when
>    gssd_check_mechs() is called, a socket is created (fd 4) and
>    connected to /var/lib/gssproxy/default.sock.  The fd is stored
>    internally in a struct gpm_ctx.
> 3. daemon_init() runs and closes all fd's >= 4.
> 4. event_init() runs which calls epoll_create() which returns an epoll
>    fd of 4.
> 5. Later when handling an upcall, gssd calls gssd_acquire_krb5_cred()
>    which winds up closing the gpm_ctx->fd which was 4.
> 6. event_dispatch() calls epoll_wait() with epfd=4, and -EBADF is
>    returned.  gssd logs the message ""ERROR: event_dispatch() returned!"
>    and exits.
> 
> The solution is to call daemon_init() earlier.
> 
> Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Committed... 

steved.
> ---
>  utils/gssd/gssd.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
> index 19ad4da..c38dedb 100644
> --- a/utils/gssd/gssd.c
> +++ b/utils/gssd/gssd.c
> @@ -1020,11 +1020,11 @@ main(int argc, char *argv[])
>  			    "support setting debug levels\n");
>  #endif
>  
> +	daemon_init(fg);
> +
>  	if (gssd_check_mechs() != 0)
>  		errx(1, "Problem with gssapi library");
>  
> -	daemon_init(fg);
> -
>  	event_init();
>  
>  	pipefs_dir = opendir(pipefs_path);
>

Patch
diff mbox series

diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index 19ad4da..c38dedb 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
@@ -1020,11 +1020,11 @@  main(int argc, char *argv[])
 			    "support setting debug levels\n");
 #endif
 
+	daemon_init(fg);
+
 	if (gssd_check_mechs() != 0)
 		errx(1, "Problem with gssapi library");
 
-	daemon_init(fg);
-
 	event_init();
 
 	pipefs_dir = opendir(pipefs_path);