[Bug 2085389] Re: File descriptor leak on /var/lib/sss/pipes/nss socket
Andreas Hasenack
2085389 at bugs.launchpad.net
Mon Nov 11 21:12:28 UTC 2024
Hello Jorge, or anyone else affected,
Accepted sssd into noble-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/sssd/2.9.4-1.1ubuntu6.2 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed. Your feedback will aid us getting this
update out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
noble to verification-done-noble. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-noble. In either case, without details of your testing we will
not be able to proceed.
Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance for helping!
N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.
** Changed in: sssd (Ubuntu Noble)
Status: In Progress => Fix Committed
** Tags added: verification-needed verification-needed-noble
--
You received this bug notification because you are a member of Ubuntu
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2085389
Title:
File descriptor leak on /var/lib/sss/pipes/nss socket
Status in sssd package in Ubuntu:
Fix Released
Status in sssd source package in Noble:
Fix Committed
Status in sssd source package in Oracular:
Fix Released
Status in sssd source package in Plucky:
Fix Released
Bug description:
[Impact]
When running in a multithreaded environment each pthread that opens
the /var/lib/sss/pipes/nss socket retains the file descriptor in a
thread specific structure. This file descriptor should be closed when
the thread is destroyed but due to a bug it is left open thus
generating the leak.
[Test Plan]
Start two VMs. One will be a ldap client, the other will be a ldap
server.
On the server:
$ sudo apt install slapd ldap-utils
$ sudo dpkg-reconfigure slapd
Set DNS to example.com
$ ldapsearch -x -LLL -H ldap:/// -b dc=example,dc=com dn
dn: dc=example,dc=com
$ vim add_content.ldif
dn: ou=People,dc=example,dc=com
objectClass: organizationalUnit
ou: People
dn: ou=Groups,dc=example,dc=com
objectClass: organizationalUnit
ou: Groups
dn: cn=miners,ou=Groups,dc=example,dc=com
objectClass: posixGroup
cn: miners
gidNumber: 5000
dn: uid=john,ou=People,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: john
sn: Doe
givenName: John
cn: John Doe
displayName: John Doe
uidNumber: 10000
gidNumber: 5000
userPassword: {CRYPT}x
gecos: John Doe
loginShell: /bin/bash
homeDirectory: /home/john
$ ldapsearch -x -LLL -b dc=example,dc=com '(uid=john)' cn gidNumber
dn: uid=john,ou=People,dc=example,dc=com
cn: John Doe
gidNumber: 5000
$ ldappasswd -x -D cn=admin,dc=example,dc=com -W -S uid=john,ou=people,dc=example,dc=com
New password:
Re-enter new password:
Enter LDAP Password:
On the client, open /etc/hosts and add:
$ sudo vim /etc/hosts
192.168.122.150 ldap01.example.com
$ sudo vim /etc/sssd/sssd.conf
[sssd]
config_file_version = 2
domains = example.com
[domain/example.com]
id_provider = ldap
auth_provider = ldap
ldap_uri = ldap://ldap01.example.com
cache_credentials = True
ldap_search_base = dc=example,dc=com
$ sudo chmod 600 /etc/sssd/sssd.conf
$ sudo systemctl restart sssd
$ getent passwd john
john:*:10000:5000:John Doe:/home/john:/bin/bash
Now we are set up for nss, try the reproducer:
This code generates many threads that open the mentioned socket.
$ sudo apt install sssd build-essential
$ cat > test_code.c < EOF
#include <pwd.h>
#include <unistd.h>
#include <pthread.h>
static void *client(void *arg)
{
int i = *((int *)arg);
struct passwd pwd;
char buf[10000];
struct passwd *r;
getpwuid_r(i, &pwd, buf, 10000, &r);
return NULL;
}
int main(void)
{
pthread_t thread;
int arg;
void *t_ret;
for (int i = 0; i < 1000; ++i) {
arg = 100000+i;
pthread_create(&thread, NULL, client, &arg);
pthread_join(thread, &t_ret);
}
while (1) {
sleep(1);
}
return 0;
}
EOF
$ gcc -o test_code test_code.c -lpthread
$ ./test_code
The file descriptor leak problem can be tested by compiling this code
as a test_code binary for example and running
$ lsof -p `pidof test_code` | wc -l
1015
The count can reach more than a thousand when should not be bigger
than around 20 normally.
[Where problems could occur]
The patched code correctly accesses the thread specific structure to
get the file descriptor and close the socket. Previously it just
considered the structure was null and did nothing. The only new
problems that could occur are related to the closing of the socket but
that would be not worse than the previous situation.
If a regression were to occur this would affect most sssd users, as it
is in the core sssd component, and not any subcomponents. Worst case,
it would affect fd leaks, leading to intermittent crashes when they
hit rlimits.
[Other Info]
This bug only affects Noble. This is the original github issue that was patched:
https://github.com/SSSD/sssd/issues/7189
Fixed in commit:
commit b439847bc88ad7b89f0596af822c0ffbf2a579df
From: Sumit Bose <sbose at redhat.com>
Date: Tue, 23 Jan 2024 09:28:26 +0100
Subject: sss-client: handle key value in destructor
Link: https://github.com/SSSD/sssd/commit/b439847
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/2085389/+subscriptions
More information about the Ubuntu-sponsors
mailing list