Date: Wed, 4 Apr 2007 23:26:54 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Jun Kuriyama <kuriyama@imgsrc.co.jp> Cc: Miguel Lopes Santos Ramos <miguel@anjos.strangled.net>, freebsd-stable@freebsd.org, Kris Kennaway <kris@obsecurity.org> Subject: Re: rpc.lockd brokenness (2) Message-ID: <20070405032654.GA68925@xor.obsecurity.org> In-Reply-To: <7mabxnfr38.wl%kuriyama@imgsrc.co.jp> References: <20060308224531.GA53611@xor.obsecurity.org> <200603090026.k290Qihj002701@compaq.anjos.strangled.net> <20060309005722.GA55432@xor.obsecurity.org> <7mabxnfr38.wl%kuriyama@imgsrc.co.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
--Kj7319i9nmIyA2yE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Apr 05, 2007 at 12:16:43PM +0900, Jun Kuriyama wrote: > At Wed, 8 Mar 2006 19:57:22 -0500, > Kris Kennaway wrote: > > > No, no, you got me wrong. The pidfile is left locked after cron stopp= ed > > > running (with /etc/rc.d/cron stop). This behaviour must be wrong. > >=20 > > OK, I misunderstood. The rc.d script will signal cron to kill it, > > which should be closing the file descriptors and causing rpc.lockd to > > release the lock. Perhaps this part is broken. OK, I tested this > > with daemon -p, and it indeed seems to be broken: > >=20 > > haessal# daemon -p pid_file sleep 100000 > > haessal# kill -KILL `cat pid_file` > > haessal# ps -p `cat pid_file` > > PID TT STAT TIME COMMAND > > haessal# lockf -t 0 pid_file echo Yay > > lockf: pid_file: already locked >=20 > Interesting. I just do little investigation. Our daemon(8) locks a > file before fork(2), which makes NFS lock registration with svid(PID) > of daemon(8) process. >=20 > When above sleep(1) killed, this process has another PID than > daemon(8)'s, and request NFS unlock call with sleep(1)'s svid(PID). >=20 > Our rpc.lockd(8) refuses this request because of svid unmatch. >=20 > Which side should be fixed, daemon(8) and rpc.lockd(8)? You're replying to a year-old mail...but rpc.lockd is the broken thing, it assumes the pid that unlocks a file must be the pid that locks it. But this is false because in UNIX file descriptors may be passed around between processes, as in the above situation. Kris --Kj7319i9nmIyA2yE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFGFGx+Wry0BWjoQKURAr/jAKCXIOYU2WlpBvNTq9WeU90qdjcVyACg7PIh 6n8s0+qXwNO/lKU08NwpLtg= =IS0w -----END PGP SIGNATURE----- --Kj7319i9nmIyA2yE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070405032654.GA68925>