[Dovecot] [sfs@tc.umn.edu: Re: dovecot-auth file descriptor usage]
I hate to be a pest, but are there any revelations on file descriptor "overusage" by dovecot-auth?
----- Forwarded message from Steven F Siirila sfs@tc.umn.edu -----
Date: Sat, 20 Jan 2007 12:42:50 -0600 From: Steven F Siirila sfs@tc.umn.edu To: Dovecot Mailing List dovecot@dovecot.org User-Agent: Mutt/1.4.2.1i Subject: Re: [Dovecot] dovecot-auth file descriptor usage
Okay, here is one which has closed fds 0 and 1, so I presume it is proxying SSL:
11988: imap-login Current rlimit: unlimited file descriptors 2: S_IFIFO mode:0000 dev:295,0 ino:2692866 uid:0 gid:1 size:0 O_RDWR 4: S_IFCHR mode:0644 dev:287,0 ino:99614726 uid:0 gid:3 rdev:190,1 O_RDONLY|O_LARGEFILE FD_CLOEXEC /devices/pseudo/random@0:urandom 5: S_IFIFO mode:0000 dev:295,0 ino:2692868 uid:65 gid:65 size:0 O_RDWR FD_CLOEXEC 6: S_IFIFO mode:0000 dev:295,0 ino:2692868 uid:65 gid:65 size:0 O_RDWR FD_CLOEXEC 7: S_IFSOCK mode:0666 dev:293,0 ino:33376 uid:0 gid:0 size:0 O_RDWR|O_NONBLOCK SOCK_STREAM SO_REUSEADDR,SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49640),IP_NEXTHOP(0.0.193.232) sockname: AF_INET 134.84.119.102 port: 143 peername: AF_INET 160.94.23.17 port: 38847 8: S_IFSOCK mode:0666 dev:293,0 ino:63591 uid:0 gid:0 size:0 O_RDWR|O_NONBLOCK SOCK_STREAM SO_SNDBUF(16384),SO_RCVBUF(5120) sockname: AF_UNIX peername: AF_UNIX default 9: S_IFSOCK mode:0666 dev:293,0 ino:43728 uid:0 gid:0 size:0 O_RDWR|O_NONBLOCK SOCK_STREAM SO_SNDBUF(16384),SO_RCVBUF(5120) sockname: AF_UNIX
On Fri, Jan 19, 2007 at 11:34:44PM +0200, Timo Sirainen wrote:
On Wed, 2007-01-17 at 12:57 -0600, Steven F Siirila wrote:
Doh! Here's another one (took 3 more trials to nab one):
29058: imap-login Current rlimit: unlimited file descriptors 0: S_IFSOCK mode:0666 dev:293,0 ino:63436 uid:0 gid:0 size:0 O_RDWR|O_NONBLOCK SOCK_STREAM SO_REUSEADDR,SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49152),IP_NEXTHOP(0.0.192.0) sockname: AF_INET 0.0.0.0 port: 143 1: S_IFSOCK mode:0666 dev:293,0 ino:42189 uid:0 gid:0 size:0 O_RDWR|O_NONBLOCK SOCK_STREAM SO_REUSEADDR,SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49152),IP_NEXTHOP(0.0.192.0) sockname: AF_INET 0.0.0.0 port: 993
Almost, but not quite :) File descriptors 0 and 1 are open only when the process is listening for new connections (for ports 143 and 993). So this process wasn't proxying SSL.
2: S_IFIFO mode:0000 dev:295,0 ino:2456463 uid:0 gid:1 size:0 O_RDWR
This is logging pipe.
3: S_IFSOCK mode:0666 dev:293,0 ino:37418 uid:0 gid:0 size:0 O_RDWR SOCK_STREAM SO_SNDBUF(16384),SO_RCVBUF(5120) sockname: AF_UNIX
Connection to master process.
4: S_IFCHR mode:0644 dev:287,0 ino:99614726 uid:0 gid:3 rdev:190,1 O_RDONLY|O_LARGEFILE FD_CLOEXEC /devices/pseudo/random@0:urandom
/dev/urandom.
So it hasn't actually yet even connected to dovecot-auth.
--
Steven F. Siirila Office: Lind Hall, Room 130B Internet Services E-mail: sfs@umn.edu Office of Information Technology Voice: (612) 626-0244 University of Minnesota Fax: (612) 626-7593
----- End forwarded message -----
--
Steven F. Siirila Office: Lind Hall, Room 130B Internet Services E-mail: sfs@umn.edu Office of Information Technology Voice: (612) 626-0244 University of Minnesota Fax: (612) 626-7593
On Wed, 2007-01-24 at 14:14 -0600, Steven F Siirila wrote:
8: S_IFSOCK mode:0666 dev:293,0 ino:63591 uid:0 gid:0 size:0 O_RDWR|O_NONBLOCK SOCK_STREAM SO_SNDBUF(16384),SO_RCVBUF(5120) sockname: AF_UNIX peername: AF_UNIX default
Well this is the authentication socket.
9: S_IFSOCK mode:0666 dev:293,0 ino:43728 uid:0 gid:0 size:0 O_RDWR|O_NONBLOCK SOCK_STREAM SO_SNDBUF(16384),SO_RCVBUF(5120) sockname: AF_UNIX
This is a socket to master, but was it proxying yet? I think it should have said uid:<login process uid> if it was proxying..
Anyway I have tested this myself several times now, and it always closes it properly with me. I also don't see anything the code that could explain why it wouldn't close the connection.
Have you tried if you're able to reproduce this in a test installation? If you can reproduce it and give me access to such a system where this happens, I could fix it then.
participants (2)
-
Steven F Siirila
-
Timo Sirainen