[Bug 1191704] Re: KDCs complain about not having enough file handles for /var/lib/heimdal-kdc/heimdal

Brian Murray brian at ubuntu.com
Wed Aug 21 20:06:30 UTC 2013 

I'll take care of uploading this.

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1191704

Title:
  KDCs complain about not having enough file handles for /var/lib
  /heimdal-kdc/heimdal

Status in “heimdal” package in Ubuntu:
  Confirmed
Status in “heimdal” source package in Precise:
  New
Status in “heimdal” source package in Quantal:
  New
Status in “heimdal” source package in Raring:
  New

Bug description:
  [Impact]
  When having multiple IP addresses configured, the heimdal-kdc package might become unusable under load, due to leaking of file descriptors. This means that all outstanding connections, just created or almost finished, are ignored.

  [Test cases]
  There's a small probing program attached that helps testing, by following these instructions:

  ## Install the KDC and a C compiler.
  $ sudo apt-get install heimdal-kdc clang

  ## Add more interfaces.
  $ for ip in 192.0.2.{1..32} ; do sudo ip addr add ${ip} dev eth0 ; done

  ## Restart the KDC so it listens on the interfaces.
  $ sudo service heimdal-kdc restart

  ## There are no leaked sockets.
  $ sudo lsof -nn -p $(pgrep kdc) | tee lsof-before.txt

  ## Build the test utility.
  $ cc -o probe probe.c

  ## Hammer the KDC very briefly.
  $ for ip in 192.0.2.{1..32} 127.0.0.1 ; do for i in {1..32} ; do ./probe ${ip} 88 & done & done

  ## We have leaked sockets, as shown by the "can't identify protocol" sockets.
  $ sudo lsof -nn -p $(pgrep kdc) | tee lsof-after.txt

  [Possible regressions]
  No regressions expected. The patch has been in use by the original submitter's team for more than a year, and has been accepted by upstream for more than 8 months.

  [Original Description]
  There is a leak in the way the KDC handles file descriptors.  Under load, this bug causes connections to be dropped and a lot of seemingly unrelated messages are logged: "Failed to open database: opening /var/lib/heimdal-kdc/heimdal: Too many open files"

  Please pull the patch from upstream:

  https://github.com/heimdal/heimdal/commit/3f71aca59193785880469fd0757a651e965a594e#kdc/connect.c

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/1191704/+subscriptions

More information about the Ubuntu-sponsors mailing list