← Back to team overview

sts-sponsors team mailing list archive

  1. sts-sponsors team
  2. Mailing list archive
  3. Message #00695

[Bug 1771805] Re: AD keytab renewal task leaks a file descriptor

  Thread PreviousDate PreviousThread Next 
The attachment "Xenial debdiff" seems to be a debdiff.  The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff.  If the attachment isn't a
patch, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe
the team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issue please contact him.]

** Tags added: patch

-- 
You received this bug notification because you are a member of STS
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1771805

Title:
  AD keytab renewal task leaks a file descriptor

Status in sssd package in Ubuntu:
  New

Bug description:
  [Impact]

  When SSSD tries to renew the machine password, a write_to_child_fd is
  open but never closed, leaking a descriptor per request until it hits
  the limit and SSSD stops.

  [Test Case]

  1. With an AD deployed, and having the machine registered, include the
  following option in sssd.conf:

  # This option should only be used to test the machine account renewal task. The option expect 2 integers seperated by a colon (':'). The first integer defines the interval in
  # seconds how often the task is run. The second specifies the inital timeout in seconds before the task is run for the first time after startup.
  # Default: 86400:750 (24h and 15m)
  ad_machine_account_password_renewal_opts = 5:5

  2. Restart the service and monitor the use of descriptors:

  root@sssd-xenial:/home/ubuntu# while true; do ll /proc/$(pidof sssd_be)/fd | wc -l; sleep 60; done
  38
  50
  62
  74
  86
  98
  110
  122
  134
  146
  158
  170
  182
  194
  206
  217
  229
  ^C

  
  [Other info]

  The bug is reported and fixed upstream: https://pagure.io/SSSD/sssd/issue/3017
  Trusty is not affected (feat not implemented) and A/B/C already include the fix

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1771805/+subscriptions
  Thread PreviousDate PreviousThread Next