From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030221 Description of problem: net-snmp 5.0.6/5.0.7 seems to leave sockets/descriptors behind. When it finally dies the only thing that appears in /var/log/messages is: Feb 25 06:43:34 ag01 snmpd[23039]: Connection from 10.0.0.82 Feb 25 06:44:23 ag01 last message repeated 4 times Feb 25 06:44:23 ag01 last message repeated 4 times Feb 25 06:44:23 ag01 snmpd[23039]: warning: cannot open /etc/hosts.allow: Too many open files Feb 25 06:44:23 ag01 snmpd[23039]: warning: cannot open /etc/hosts.deny: Too many open files Feb 25 06:44:23 ag01 snmpd[23039]: Connection from 10.0.0.82 I am able to reproduce this rather reliably on RH73, RH80, Phoebe 1/2/3 and Rawhide. Attached is output of lsof -p process which doesn't really help but shows a bunch of socks that aren't identifiable. Any pointers on how to catch this? Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Start snmpd 2. Issue queries (a lot of them) 3. Wait for snmpd to exit almost silently. Actual Results: snmpd exits after all descriptors are in use Expected Results: snmpd should not experience descriptor exhaustion. Additional info:
Created attachment 90344 [details] output of lsof -p on a snmpd
This bug is NOT reproduceable unless there the IPv6 stack is enabled (dual-stack makes it reproduceable as well.) Suppose pid 17703 is the 'snmpd' process and one monitors the descriptors with lsof as follows: % while (true) { lsof -p 17703 | wc ; sleep 2 } and one walks the IPv6 interfaces tree with snmpwalk -O n -v 2c -c quux 10.0.0.82 .1.3.6.1.2.1.55.1.5.1 the socket count goes up (as witnessed by running lsof every two seconds.) towards infinity until the open file descriptor limit is reached (at which point snmpd dies.)
Simplest reproduceable case is the following (requesting IPV6-MIB::ipv6IfAdminStatus) which leaves behind one new socket. snmpget -O n -v 2c -c quux 10.0.0.82 .1.3.6.1.2.1.55.1.5.1.9.1 Patch follows. ;-)
Created attachment 90351 [details] Patch fixing missing close for IPV6IFADMSTATUS/IPV6IFOPERSTATUS. Seems to work.
This should probably be fixed upstream, too...
Not fixed in 5.0.8, patch still applies.
Package updated and patch included in latest rawhide version (to appear real soon). Read ya, Phil
The patch is needed ONLY if using net-snmp-5.0.9 as a base. The net-snmp-5.1.2 and later releases close the socket several lines earlier in the code fragment. Please do not include net-snmp-5.0.8-ipv6-sock-close.patch in upcoming source packages that are based on net-snmp-5.1.2.