daemon_init() calls closeall() which closes all fd's >= 4. This causes
rpc.gssd to fail when it's configured to use the gssproxy interposer
plugin (via "use-gss-proxy=1" in nfs.conf or GSS_USE_PROXY="yes" in the
environment) *and* libtirpc debugging is enabled (i.e. at least one
"-r" on the command line):
1. During startup if rpc debugging is enabled then libtirpc_set_debug()
is called, which calls openlog() which consumes fd 3.
2. If the gssproxy interposer plugin is enabled then when
gssd_check_mechs() is called, a socket is created (fd 4) and
connected to /var/lib/gssproxy/default.sock. The fd is stored
internally in a struct gpm_ctx.
3. daemon_init() runs and closes all fd's >= 4.
4. event_init() runs which calls epoll_create() which returns an epoll
fd of 4.
5. Later when handling an upcall, gssd calls gssd_acquire_krb5_cred()
which winds up closing the gpm_ctx->fd which was 4.
6. event_dispatch() calls epoll_wait() with epfd=4, and -EBADF is
returned. gssd logs the message ""ERROR: event_dispatch() returned!"
and exits.
The solution is to call daemon_init() earlier.
Signed-off-by: Scott Mayhew <[email protected]>
---
utils/gssd/gssd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index 19ad4da..c38dedb 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
@@ -1020,11 +1020,11 @@ main(int argc, char *argv[])
"support setting debug levels\n");
#endif
+ daemon_init(fg);
+
if (gssd_check_mechs() != 0)
errx(1, "Problem with gssapi library");
- daemon_init(fg);
-
event_init();
pipefs_dir = opendir(pipefs_path);
--
2.17.2
Note this is v1 patch. I forgot to check my git config before creating
the patch :)
-Scott
On Thu, 17 Oct 2019, Scott Mayhew wrote:
> daemon_init() calls closeall() which closes all fd's >= 4. This causes
> rpc.gssd to fail when it's configured to use the gssproxy interposer
> plugin (via "use-gss-proxy=1" in nfs.conf or GSS_USE_PROXY="yes" in the
> environment) *and* libtirpc debugging is enabled (i.e. at least one
> "-r" on the command line):
>
> 1. During startup if rpc debugging is enabled then libtirpc_set_debug()
> is called, which calls openlog() which consumes fd 3.
> 2. If the gssproxy interposer plugin is enabled then when
> gssd_check_mechs() is called, a socket is created (fd 4) and
> connected to /var/lib/gssproxy/default.sock. The fd is stored
> internally in a struct gpm_ctx.
> 3. daemon_init() runs and closes all fd's >= 4.
> 4. event_init() runs which calls epoll_create() which returns an epoll
> fd of 4.
> 5. Later when handling an upcall, gssd calls gssd_acquire_krb5_cred()
> which winds up closing the gpm_ctx->fd which was 4.
> 6. event_dispatch() calls epoll_wait() with epfd=4, and -EBADF is
> returned. gssd logs the message ""ERROR: event_dispatch() returned!"
> and exits.
>
> The solution is to call daemon_init() earlier.
>
> Signed-off-by: Scott Mayhew <[email protected]>
> ---
> utils/gssd/gssd.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
> index 19ad4da..c38dedb 100644
> --- a/utils/gssd/gssd.c
> +++ b/utils/gssd/gssd.c
> @@ -1020,11 +1020,11 @@ main(int argc, char *argv[])
> "support setting debug levels\n");
> #endif
>
> + daemon_init(fg);
> +
> if (gssd_check_mechs() != 0)
> errx(1, "Problem with gssapi library");
>
> - daemon_init(fg);
> -
> event_init();
>
> pipefs_dir = opendir(pipefs_path);
> --
> 2.17.2
>
On 10/17/19 11:08 AM, Scott Mayhew wrote:
> daemon_init() calls closeall() which closes all fd's >= 4. This causes
> rpc.gssd to fail when it's configured to use the gssproxy interposer
> plugin (via "use-gss-proxy=1" in nfs.conf or GSS_USE_PROXY="yes" in the
> environment) *and* libtirpc debugging is enabled (i.e. at least one
> "-r" on the command line):
>
> 1. During startup if rpc debugging is enabled then libtirpc_set_debug()
> is called, which calls openlog() which consumes fd 3.
> 2. If the gssproxy interposer plugin is enabled then when
> gssd_check_mechs() is called, a socket is created (fd 4) and
> connected to /var/lib/gssproxy/default.sock. The fd is stored
> internally in a struct gpm_ctx.
> 3. daemon_init() runs and closes all fd's >= 4.
> 4. event_init() runs which calls epoll_create() which returns an epoll
> fd of 4.
> 5. Later when handling an upcall, gssd calls gssd_acquire_krb5_cred()
> which winds up closing the gpm_ctx->fd which was 4.
> 6. event_dispatch() calls epoll_wait() with epfd=4, and -EBADF is
> returned. gssd logs the message ""ERROR: event_dispatch() returned!"
> and exits.
>
> The solution is to call daemon_init() earlier.
>
> Signed-off-by: Scott Mayhew <[email protected]>
Committed...
steved.
> ---
> utils/gssd/gssd.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
> index 19ad4da..c38dedb 100644
> --- a/utils/gssd/gssd.c
> +++ b/utils/gssd/gssd.c
> @@ -1020,11 +1020,11 @@ main(int argc, char *argv[])
> "support setting debug levels\n");
> #endif
>
> + daemon_init(fg);
> +
> if (gssd_check_mechs() != 0)
> errx(1, "Problem with gssapi library");
>
> - daemon_init(fg);
> -
> event_init();
>
> pipefs_dir = opendir(pipefs_path);
>