sssd.git/src/monitor, branch sid_index sssd with jhrozek's patches Add missing new lines to debug messages 2015-02-18T15:16:50+00:00 Lukas Slebodnik lslebodn@redhat.com 2015-02-17T15:40:01+00:00 7bc69afc71c0b8f48bdbf0b5b79d229a47aa49f2 Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
MONITOR: Fix double free 2015-02-12T20:43:16+00:00 Lukas Slebodnik lslebodn@redhat.com 2015-02-12T18:10:34+00:00 a5d81569531c1c5bbdd26e1f3cb631b16d13f199 If kill timer was successfully executed then it will be released by libtevent. So we should not released it in mt_svc_exit_handler for the second time. [sssd] [mt_svc_exit_handler] (0x0040): Child [ifp] terminated with signal [9] [sssd] [talloc_log_fn] (0x0010): talloc: access after free error - first free may be at ../tevent_timed.c:351 [sssd] [talloc_log_fn] (0x0010): Bad talloc magic value - access after free ==19129== Invalid read of size 4 ==19129== at 0x50470CD: talloc_chunk_from_ptr (talloc.c:372) ==19129== by 0x50470CD: _talloc_free (talloc.c:1559) ==19129== by 0x11086C: mt_svc_exit_handler (monitor.c:2754) ==19129== by 0x8AF9B2F: sss_child_invoke_cb (child_common.c:181) ==19129== by 0x4E39823: tevent_common_loop_immediate (tevent_immediate.c:135) ==19129== by 0x4E3AF4D: poll_event_loop_once (tevent_poll.c:649) ==19129== by 0x4E38FEC: _tevent_loop_once (tevent.c:530) ==19129== by 0x4E3AA4A: poll_event_loop_wait (tevent_poll.c:677) ==19129== by 0x84C4B02: server_loop (server.c:668) ==19129== by 0x10D9A6: main (monitor.c:3028) ==19129== Address 0xb8a06c0 is 64 bytes inside a block of size 176 free'd ==19129== at 0x4C2ACE9: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==19129== by 0x50472F2: _talloc_free_internal (talloc.c:1057) ==19129== by 0x50472F2: _talloc_free (talloc.c:1581) ==19129== by 0x4E3D0A3: tevent_common_loop_timer_delay (tevent_timed.c:351) ==19129== by 0x4E3AF59: poll_event_loop_once (tevent_poll.c:653) ==19129== by 0x4E38FEC: _tevent_loop_once (tevent.c:530) ==19129== by 0x4E3AA4A: poll_event_loop_wait (tevent_poll.c:677) ==19129== by 0x84C4B02: server_loop (server.c:668) ==19129== by 0x10D9A6: main (monitor.c:3028) Resolves: https://fedorahosted.org/sssd/ticket/2572 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> (cherry picked from commit 373946b540eaa5d97c6efb39629195dbe2a1f015) 
If kill timer was successfully executed then it will be released by libtevent.
So we should not released it in mt_svc_exit_handler for the second time.

[sssd] [mt_svc_exit_handler] (0x0040): Child [ifp] terminated with signal [9]
[sssd] [talloc_log_fn] (0x0010): talloc: access after free error - first free
                                         may be at ../tevent_timed.c:351
[sssd] [talloc_log_fn] (0x0010): Bad talloc magic value - access after free

==19129== Invalid read of size 4
==19129==    at 0x50470CD: talloc_chunk_from_ptr (talloc.c:372)
==19129==    by 0x50470CD: _talloc_free (talloc.c:1559)
==19129==    by 0x11086C: mt_svc_exit_handler (monitor.c:2754)
==19129==    by 0x8AF9B2F: sss_child_invoke_cb (child_common.c:181)
==19129==    by 0x4E39823: tevent_common_loop_immediate (tevent_immediate.c:135)
==19129==    by 0x4E3AF4D: poll_event_loop_once (tevent_poll.c:649)
==19129==    by 0x4E38FEC: _tevent_loop_once (tevent.c:530)
==19129==    by 0x4E3AA4A: poll_event_loop_wait (tevent_poll.c:677)
==19129==    by 0x84C4B02: server_loop (server.c:668)
==19129==    by 0x10D9A6: main (monitor.c:3028)
==19129==  Address 0xb8a06c0 is 64 bytes inside a block of size 176 free'd
==19129==    at 0x4C2ACE9: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==19129==    by 0x50472F2: _talloc_free_internal (talloc.c:1057)
==19129==    by 0x50472F2: _talloc_free (talloc.c:1581)
==19129==    by 0x4E3D0A3: tevent_common_loop_timer_delay (tevent_timed.c:351)
==19129==    by 0x4E3AF59: poll_event_loop_once (tevent_poll.c:653)
==19129==    by 0x4E38FEC: _tevent_loop_once (tevent.c:530)
==19129==    by 0x4E3AA4A: poll_event_loop_wait (tevent_poll.c:677)
==19129==    by 0x84C4B02: server_loop (server.c:668)
==19129==    by 0x10D9A6: main (monitor.c:3028)

Resolves:
https://fedorahosted.org/sssd/ticket/2572

Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
(cherry picked from commit 373946b540eaa5d97c6efb39629195dbe2a1f015)
monitor: Service restart fixes 2015-01-07T11:09:32+00:00 Stephen Gallagher sgallagh@redhat.com 2014-12-10T19:16:49+00:00 152251b13a99c88054055d46600e0478c4f7bd05 There are actually two bugs here: 1) When either the kill(SIGTERM) or kill(SIGKILL) commands returned failure (for any reason), we would talloc_free(svc) which removed it from being eligible for restart, resulting in the service never starting again without an SSSD service restart. 2) There is a fairly wide race condition where it's possible for a SIGKILL timer to "catch up" to the child exit handler between us noticing the termination and actually restarting it. The race happens because we re-enter the mainloop and add a restart timeout to avoid a quick failure if we keep restarting due to a transitory issue (the mt_svc object, and therefore the SIGKILL timer, were never freed until we got to the actual service restart). We can minimize this race by recording the timer_event for the SIGKILL timeout in the mt_svc object. This way, if the process exits via SIGTERM, we will immediately remove the timer for the SIGKILL. Additionally, we'll catch the special-case of an ESRCH response from the kill(SIGKILL) and assume that it means that the process has exited. The only other two possible errors are * EINVAL: (an invalid signal was specified) - This should be impossible, obviously. * EPERM: This process doesn't have permission to send signals to this PID. If this happens, it's either an SELinux bug or else the process has terminated and a new process that SSSD doesn't control has taken the ID over. So in the incredibly unlikely case that one of those occurs, we'll just go ahead and try to start a new process. This patch also removes the incorrect talloc_free(svc) calls on the kill() failures and replaces them with an attempt to just start up the service again and hope for the best. Resolves: https://fedorahosted.org/sssd/ticket/2525 Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
There are actually two bugs here:

1) When either the kill(SIGTERM) or kill(SIGKILL) commands returned
failure (for any reason), we would talloc_free(svc) which removed it
from being eligible for restart, resulting in the service never
starting again without an SSSD service restart.

2) There is a fairly wide race condition where it's possible for a
SIGKILL timer to "catch up" to the child exit handler between us
noticing the termination and actually restarting it. The race
happens because we re-enter the mainloop and add a restart
timeout to avoid a quick failure if we keep restarting due to a
transitory issue (the mt_svc object, and therefore the SIGKILL
timer, were never freed until we got to the actual service
restart).

We can minimize this race by recording  the timer_event for the
SIGKILL timeout in the mt_svc object. This way, if the process
exits via SIGTERM, we will immediately remove the timer for the
SIGKILL. Additionally, we'll catch the special-case of an ESRCH
response from the kill(SIGKILL) and assume that it means that the
process has exited. The only other two possible errors are
 * EINVAL: (an invalid signal was specified) - This should be
           impossible, obviously.
 * EPERM: This process doesn't have permission to send signals to
          this PID. If this happens, it's either an SELinux bug or
          else the process has terminated and a new process that
          SSSD doesn't control has taken the ID over.

So in the incredibly unlikely case that one of those occurs, we'll
just go ahead and try to start a new process.

This patch also removes the incorrect talloc_free(svc) calls on the
kill() failures and replaces them with an attempt to just start up
the service again and hope for the best.

Resolves:
https://fedorahosted.org/sssd/ticket/2525

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
MONITOR: Disable inlining of function load_configuration 2014-12-11T16:37:46+00:00 Lukas Slebodnik lslebodn@redhat.com 2014-12-06T11:58:33+00:00 d72958f09ce3718019992b7a117f112e38855b55 This reverts commit cff89439b21f8573c6896b09cb1a8d5f9de3144c. The previous fix was not sufficient and similar warning appears after different change in function load_configuration. src/monitor/monitor.c: In function ‘main’: src/monitor/monitor.c:2962:24: error: ‘monitor’ may be used uninitialized in this function [-Werror=maybe-uninitialized] monitor->is_daemon = !opt_interactive; ^ cc1: all warnings being treated as errors It's better to disable optimisation of function load_configuration after fail in chown(unlink) instead of checking errno for 0 and overriding it with EINVAL. Reviewed-by: Michal Židek <mzidek@redhat.com> 
This reverts commit cff89439b21f8573c6896b09cb1a8d5f9de3144c.

The previous fix was not sufficient and similar warning appears after different
change in function load_configuration.

src/monitor/monitor.c: In function ‘main’:
src/monitor/monitor.c:2962:24: error: ‘monitor’ may be used uninitialized
                               in this function [-Werror=maybe-uninitialized]
     monitor->is_daemon = !opt_interactive;
                        ^
cc1: all warnings being treated as errors

It's better to disable optimisation of function load_configuration after fail
in chown(unlink) instead of checking errno for 0 and overriding it with EINVAL.

Reviewed-by: Michal Židek <mzidek@redhat.com>
Fix: always check return value of unlink() 2014-11-28T15:16:37+00:00 Pavel Reichl preichl@redhat.com 2014-11-28T13:17:44+00:00 aff8b0e3b41644c70704b78e15501779d52b6ff4 Resolves: https://fedorahosted.org/sssd/ticket/2506 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
Resolves:
https://fedorahosted.org/sssd/ticket/2506

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
MONITOR: Fix warning may be used uninitialized 2014-10-31T17:05:49+00:00 Michal Zidek mzidek@redhat.com 2014-10-23T08:55:08+00:00 cff89439b21f8573c6896b09cb1a8d5f9de3144c This warning is caused be change 579e5d4b7a3ca161ea7518b2996905fa22c15995 "MONITOR: Allow confdb to be accessed by nonroot user" src/monitor/monitor.c: In function ‘main’: src/monitor/monitor.c:2953:24: error: ‘monitor’ may be used uninitialized in this function [-Werror=maybe-uninitialized] monitor->is_daemon = !opt_interactive; ^ cc1: all warnings being treated as errors Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
This warning is caused be change 579e5d4b7a3ca161ea7518b2996905fa22c15995
"MONITOR: Allow confdb to be accessed by nonroot user"

src/monitor/monitor.c: In function ‘main’:
src/monitor/monitor.c:2953:24: error: ‘monitor’ may be used uninitialized
                               in this function [-Werror=maybe-uninitialized]
     monitor->is_daemon = !opt_interactive;
                        ^
cc1: all warnings being treated as errors

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
SSH: Run the ssh responder as the SSSD user 2014-10-22T13:44:53+00:00 Jakub Hrozek jhrozek@redhat.com 2014-10-17T16:14:53+00:00 76c8dafad2a18cf1514635aa766062085c23a5c8 Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
SUDO: Run the sudo responder as the SSSD user 2014-10-22T13:44:51+00:00 Jakub Hrozek jhrozek@redhat.com 2014-10-17T16:14:45+00:00 3f9e2c24dbc14b2eafbe4f5a5ee16fe9af3c3f75 Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
PAC: Run the pac responder as the SSSD user 2014-10-22T13:44:49+00:00 Jakub Hrozek jhrozek@redhat.com 2014-10-17T15:31:31+00:00 22f4bcbb211bf800af647ad1fc9595a8020a6fe6 Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
AUTOFS: Run the autofs responder as the SSSD user 2014-10-22T13:44:46+00:00 Jakub Hrozek jhrozek@redhat.com 2014-10-17T15:30:07+00:00 287cc55b9086dd3c4e2a5fb84784e09767860142 Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>