[Nagios-devel] event_handler pipe fd inheritation

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Guest

[Nagios-devel] event_handler pipe fd inheritation

Post by Guest »

--Boundary-00=_538pJIATD0hp4XL
Content-Type: text/plain;
charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Hi,

we are using a mechanism in our event_handlers that shall try to restart=20
broken local services; eventually, normal init scripts (/etc/init.d/...) ar=
e=20
started, which in turn start arbitrary daemons (say, mysql).

nagios creates a pipe to its event_handlers (and possibly other executables=
)=20
in base/util.c for parent/child communication. The file descriptor to this=
=20
pipe is (currently) not given the FD_CLOEXEC. This results in this fd being=
=20
inherited by the event_handler (started by "popen()"), and, in our case, by=
=20
the daemon (say, mysql). (The pipe is, e.g., visible in /proc//fd=
).=20
As our daemons do not tend to close arbitrary fd's, this fd is never closed=
=20
from the event_handler. As nagios waits for the file to be closed to contin=
ue=20
its work, this results in a "denial of service" for the time that the daemo=
n=20
runs.

The pipe fd should be set the FD_CLOEXEC flag; it is then not inherited by =
the=20
event_handler.

Patch attached.

Best regards
Bastian

=2D-=20
Collax GmbH . Burkheimer Stra=DFe 3 . 79111 Freiburg . Germany
p: +49 (0) 761-45684-28
f: +49 (0) 761-45684-10 www.collax.com

Gesch=E4ftsf=FChrer: Boris Nalbach
AG M=FCnchen HRB 158898 . Ust.-IdNr: DE 814464942
\ "I am two fools, I know, for loving, and for saying so."
\ John Donne

--Boundary-00=_538pJIATD0hp4XL
Content-Type: text/x-diff; charset="iso 8859-15";
name="cloexec-pipe-in-event_handler.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="cloexec-pipe-in-event_handler.patch"

--- base/utils.c?revision=1.239 2009-02-27 12:10:02.000000000 +0100
+++ base/utils.c 2009-02-27 11:51:59.000000000 +0100
@@ -433,6 +433,7 @@

/* execute the command in the child process */
if (pid==0){
+ int flags;

/* become process group leader */
setpgid(0,0);
@@ -449,6 +450,9 @@

/* close pipe for reading */
close(fd[0]);
+ flags = fcntl(fd[1], F_GETFD, 0);
+ flags |= FD_CLOEXEC;
+ fcntl(fd[1], F_SETFD, flags);

/* trap commands that timeout */
signal(SIGALRM,my_system_sighandler);

--Boundary-00=_538pJIATD0hp4XL--





This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
Top
Locked

Return to “Open Source Nagios Projects”