Bug 490010 - [RHEL5] nscd in paranoia mode restarts with process name 'exe'
[RHEL5] nscd in paranoia mode restarts with process name 'exe'
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: glibc (Show other bugs)
5.3
All Linux
medium Severity medium
: rc
: ---
Assigned To: Jakub Jelinek
BaseOS QE
:
: 508701 509949 (view as bug list)
Depends On: 490024
Blocks:
  Show dependency treegraph
 
Reported: 2009-03-12 16:37 EDT by Jeff Bastian
Modified: 2016-11-24 10:40 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-02 07:45:28 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to correct nscd's process name (978 bytes, patch)
2009-03-12 16:38 EDT, Jeff Bastian
no flags Details | Diff

  None (edit)
Description Jeff Bastian 2009-03-12 16:37:17 EDT
Description of problem:
If running nscd in paranoia mode, it restarts with a process name of 'exe' -- as seen by /proc/PID/status -- which causes commands like 'ps -Lf -C nscd' to fail.  pgrep still works, however, since it checks /proc/PID/cmdline

This happens because it restarts itself by calling
   execv ("/proc/self/exe", argv);

Instead, it should readlink() on /proc/self/exe, and then execv() on the real executable.  See attached patch.

Version-Release number of selected component (if applicable):
glibc-2.5-34
nscd-2.5-34

How reproducible:
every time

Steps to Reproduce:
1. edit /etc/nscd.conf and enable paranoia mode and set restart-interval to something short like 30 seconds
2. start nscd
3. ps -Lf -C nscd 
4. ps -Lf -C exe
  
Actual results:
At first, 'ps -Lf -C nscd' reports all the nscd processes.  After the first restart-interval, though, it fails to report them, and instead 'ps -Lf -C exe' starts working.

Expected results:
'ps -Lf -C nscd' works all the time

Additional info:
SELinux policies also need updating to allow nscd to restart /usr/sbin/nscd (instead of /proc/self/exe)

Switch SELinux to permissive mode
   setenforce 0
to test the patch
Comment 1 Jeff Bastian 2009-03-12 16:38:31 EDT
Created attachment 335008 [details]
patch to correct nscd's process name
Comment 2 Jeff Bastian 2009-03-12 17:11:04 EDT
See bug 490024 for the SELinux policy problem
Comment 4 Ulrich Drepper 2009-03-16 18:34:05 EDT
I've applied the patch upstream.
Comment 8 Chris Ward 2009-07-03 14:27:03 EDT
~~ Attention - RHEL 5.4 Beta Released! ~~

RHEL 5.4 Beta has been released! There should be a fix present in the Beta release that addresses this particular request. Please test and report back results here, at your earliest convenience. RHEL 5.4 General Availability release is just around the corner!

If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity.

Please do not flip the bug status to VERIFIED. Only post your verification results, and if available, update Verified field with the appropriate value.

Questions can be posted to this bug or your customer or partner representative.
Comment 9 Jakub Jelinek 2009-07-07 04:20:28 EDT
*** Bug 509949 has been marked as a duplicate of this bug. ***
Comment 12 errata-xmlrpc 2009-09-02 07:45:28 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-1415.html
Comment 14 Andreas Schwab 2010-02-02 12:03:33 EST
*** Bug 508701 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.