RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 662726 - nfs4-acl-tools: FD leak in edit_ACL()
Summary: nfs4-acl-tools: FD leak in edit_ACL()
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: nfs4-acl-tools
Version: 6.7
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: Steve Dickson
QA Contact: Yongcheng Yang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-12-13 17:45 UTC by Daniel Kobras
Modified: 2016-05-10 20:29 UTC (History)
7 users (show)

Fixed In Version: nfs4-acl-tools-0.3.3-8.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1284608 (view as bug list)
Environment:
Last Closed: 2016-05-10 20:29:16 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
nfs4_setfacl.c: Fix fd leak in edit_ACL(). (355 bytes, patch)
2010-12-13 17:45 UTC, Daniel Kobras 		no flags Details | Diff
nfs4_setfacl.c: Fix fd leak in edit_ACL() (1.60 KB, patch)
2014-06-16 18:54 UTC, J. Bruce Fields 		no flags Details | Diff
Fix fd leak in edit_ACL() (355 bytes, patch)
2014-06-17 07:37 UTC, Daniel Kobras 		no flags Details | Diff
nfs4_setfacl.c: Fix fd leak in edit_ACL() (1.62 KB, patch)
2014-07-16 20:07 UTC, J. Bruce Fields 		no flags Details | Diff
Show Obsolete (2) View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:0786 0 normal SHIPPED_LIVE nfs4-acl-tools bug fix update 2016-05-10 22:36:29 UTC

Description Daniel Kobras 2010-12-13 17:45:41 UTC 
Created attachment 468436 [details]
nfs4_setfacl.c: Fix fd leak in edit_ACL().

Description of problem:

nfs4_editfacl (aka. nfs4_setfacl -e) creates temporary files for ACL editing, but doesn't close the associated file descriptors at runtime. Therefore, the amount of files that can be adjusted with a single invocation of nfs4_editfacl (nfs4_setfacl -e) is limited by the process's RLIMIT_NOFILE setting.

Version-Release number of selected component (if applicable):

0.3.3-1

How reproducible:

Run nfs4_editfacl -R -P (or -L) on a tree with more than RLIMIT_NOFILE objects.
% EDITOR=fancy_acl_mangle.sh nfs4_editfacl -R -P .

Steps to Reproduce:
1. Assert 'ulimit -n' < 'find . -type f -o -type d | wc -l'
2. Run 'EDITOR=fancy_acl_mangle.sh nfs4_editfacl -R -P .' (EDITOR=/bin/true will do for testing purposes.)
3. Optionally run strace to watch the fds of the tempfiles increase up to RLIMIT_NOFILE.
  
Actual results:

When the fd of the current tempfile hits RLIMIT_NOFILE, the command abort with the following error message:

Failed to exec() editor "/bin/true".
An error occurred during recursive file tree walk.
Editor `/bin/true' did not exit cleanly; changes will not be saved.
An error occurred during recursive file tree walk.

Expected results:

Command finishes without error.

Additional info:

The attached oneliner fixes the fd leak.
Comment 2 RHEL Program Management 2014-03-07 13:32:47 UTC 
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.
Comment 3 RHEL Program Management 2014-06-02 13:01:35 UTC 
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).
Comment 4 Daniel Kobras 2014-06-16 12:53:23 UTC 
I've just verified that this bug still applies to nfs-acl-tools-0.3.3-6.el6 in RHEL6.5 (and presumably in RHEL7 as well, according to the changelog), but I'm not allowed to update the product for this bug report.
Comment 5 J. Bruce Fields 2014-06-16 18:54:12 UTC 
Created attachment 909209 [details]
nfs4_setfacl.c: Fix fd leak in edit_ACL()

Thanks for the report.  I think we want an fclose there, not a close.  I'm planning to commit the attached upstream with a changelog copied from your report.

Does that work for you?
Comment 6 Daniel Kobras 2014-06-17 07:37:25 UTC 
Created attachment 909435 [details]
Fix fd leak in edit_ACL()

Fixed typoed variable name.
Comment 7 Daniel Kobras 2014-06-17 07:39:54 UTC 
(In reply to J. Bruce Fields from comment #5)
> Created attachment 909209 [details]
> nfs4_setfacl.c: Fix fd leak in edit_ACL()
> 
> Thanks for the report.  I think we want an fclose there, not a close.  I'm
> planning to commit the attached upstream with a changelog copied from your
> report.
> 
> Does that work for you?

Sorry, should have been close(tmp_fd) rather than close(tmp_fp). I've revised the patch accordingly. Your version fixes the fd leak as well, but leaves a stray tmpfile if fdopen() fails.
Comment 8 J. Bruce Fields 2014-06-17 12:26:55 UTC 
(In reply to Daniel Kobras from comment #7)
> Sorry, should have been close(tmp_fd) rather than close(tmp_fp). I've
> revised the patch accordingly. Your version fixes the fd leak as well, but
> leaves a stray tmpfile if fdopen() fails.

Oops, you're right, it's missing an unlink.

But is it really correct to call close on the underlying fd once you've associated a stream with it?  At a minimum isn't there a memory leak of any state associated with the stream?

(Also, why the cast?)
Comment 9 Ondrej Vasik 2014-07-16 11:58:18 UTC 
Let's move it to RHEL 6 then - it is not something for production phase 3 release anyway.
Comment 11 J. Bruce Fields 2014-07-16 20:07:07 UTC 
Created attachment 918511 [details]
nfs4_setfacl.c: Fix fd leak in edit_ACL()

Another version, that unlinks on fdopen() failure.
Comment 13 J. Bruce Fields 2015-11-17 16:36:27 UTC 
This is fixed upstream now (see ba94f4b4d4bc "nfs4_setfacl.c: Fix fd leak in edit_ACL()" from git://linux-nfs.org:~bfields/exports/nfs4-acl-tools.git).

Steved, are you interested in taking this for RHEL?
Comment 17 Yongcheng Yang 2016-02-18 04:45:56 UTC 
Move to VERIFIED as Comment 16
Comment 19 errata-xmlrpc 2016-05-10 20:29:16 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0786.html
Note You need to log in before you can comment on or make changes to this bug.