Bug#420637: [Linux-ha-dev] Re: Bug#420637: heartbeat-2: File descriptor leak?

Tue, 01 May 2007 12:31:30 -0700 

Dejan Muhamedagic wrote:
> Hi,
> 
> On Thu, Apr 26, 2007 at 11:14:46AM +0900, Simon Horman wrote:
>> On Tue, Apr 24, 2007 at 09:51:45AM +0900, Simon Horman wrote:
>>> forwarded 420637 [EMAIL PROTECTED]
>>> thanks
>>>
>>> On Mon, Apr 23, 2007 at 07:28:53PM +0200, Erich Schubert wrote:
>>>> Package: heartbeat-2
>>>> Version: 2.0.7-2
>>>> Severity: normal
>>>>
>>>> It seems that heartbeat-2 leaks a file descriptor to it's child
>>>> processes. From the SELinux audit log:
>>>>
>>>> avc:  denied  { read } for  pid=2403 comm="ip" name="heartbeat.pid"
>>>> dev=ida/c0d0p5 ino=86181 scontext=root:system_r:ifconfig_t:s0
>>>> tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
>>>>
>>>> avc:  denied  { read } for  pid=3210 comm="rndc" name="heartbeat.pid"
>>>> dev=ida/c0d0p5 ino=86181 scontext=root:system_r:ndc_t:s0
>>>> tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
>>>>
>>>> avc:  denied  { read } for  pid=3303 comm="openvpn" name="heartbeat.pid"
>>>> dev=ida/c0d0p5 ino=86181 scontext=root:system_r:openvpn_t:s0
>>>> tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
> 
> I don't speak SElinux: comm= denotes a program? I suppose that ip
> is from IPaddr2 then. Do you have openvpn and bind in your
> heartbeat config? Perhaps you could also post your heartbeat
> configuration (ha.cf and haresources/cib.xml).

I don't see any pidfile fd leaks in the code.  This code handling
pidfiles is in lib/clplumbing/cl_pidfile.c.

I also looked for references to "heartbeat.pid" which appears only in
the #define PIDFILE - from outside the functions in cl_pidfile.  I can't
find any.

I could easily believe that there are file descriptor leaks from the
LRM, but I don't know how a file descriptor pointing at "heartbeat.pid"
could have leaked.  Do I understand this correctly?

So, I wonder if I understand what's in the logs, I don't see how that
could have come from heartbeat 2.0.7.

Never mind.  This was apparently fixed sometime after 2.0.7.
http://hg.linux-ha.org/dev/rev/549c74fc1e33

-- 
    Alan Robertson <[EMAIL PROTECTED]>

"Openness is the foundation and preservative of friendship...  Let me
claim from you at all times your undisguised opinions." - William
Wilberforce


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to