[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7364) mdb: clean up POSIX semaphores on environment close.

hyc@symas.com wrote:
> cmikk@qwest.net wrote:
>> Full_Name: Chris Mikkelson
>> Version: 2.4.32
>> OS: FreeBSD
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (204.147.85.37)
>>
>>
>> When a back-mdb database is closed, the POSIX semaphores created when the mdb
>> database was opened are left behind. This prevents a different user from opening
>> the database.
>>
>> For example, if you run slapd as an unprivileged user, stop slapd, and do an
>> offline slapcat as root, slapd will not start up again as that unprivileged
>> user. The only ways to recover I've found are:
> 
> This sounds like a bug in your platform's sem_open() syscall. If you first
> started slapd as an unprivileged user, the semaphore should be owned by that
> user. Running slapcat as root should not change the semaphore owner uid, and
> the unprivileged owner should still be able to access the semaphore later.

My mistake. Your patch looks good, committed. Thanks.
> 
> Either that, or your description of the bug scenario is incomplete. I won't
> commit your patch without a more complete understanding of the bug.
> 
>> a) reboot the machine
>> b) restore the database from the slapcat, ensuring that slapadd runs as the
>> correct user, or
>> c) write a small program to re-generate the semaphore names an remove them.
>>
>> The patch at:
>>
>> http://mikk.net/~chris/patches/0002-Remove-POSIX-semaphores-when-the-last-user-closes-th.patch
>>
>> Attempts to upgrade the lockfile lock to exclusive when closing the environment.
>> If that upgrade succeeds, it removes the semaphores.
>>
>> Patch has been tested on a BSD system. WIN32 has not been tested.
> 


-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/