On Mon, 2012-06-18 at 13:32 -0400, Simo Sorce wrote:
On Mon, 2012-06-18 at 11:33 -0400, Stephen Gallagher wrote:
> On Mon, 2012-06-18 at 09:33 -0400, Stephen Gallagher wrote:
> > On Mon, 2012-06-18 at 06:30 -0700, Shantanu Goel wrote:
> > > Hi Stephen,
> > >
> > >
> > > Please feel free to modify the patch in any way or shape you deem
> > > necessary for inclusion. We are just glad that you agree there is a
> > > real problem which needs fixing. One thing I ask is if you expect to
> > > have rhel 5 or 6 test RPMs that we could test with the ultimate fix
> > > any time soon, please drop me a note and we will gladly install them
> > > on some of our problematic machines here to see if they address the
> > > problems we have seen.
> > Sure, once this is done I'm going to be committing it upstream for the
> > master branch (future 1.9), the sssd-1-8 branch (our current LTM
> > release) and the sssd-1-5 branch (our previous LTM release).
> > You should be able to pull the patches from the sssd-1-5 branch and
> > build them for your systems once they're ready.
> Ok, new patches attached. Shantanu, these are currently designed for the
> master branch. We'll get them committed there first and tested out for a
> little while, then we'll backport them.
> Patch 0001: Return the correct errno value. Previously it could have
> been reset by closing the socket.
> Patch 0002: Add some additional debugging to the client_destructor()
> Patch 0003: On systems that support MSG_NOSIGNAL, we should use it. This
> way, if a client app isn't configured to listen for SIGPIPE, it will not
> Patch 0004: Add a timer to each client context. If sixty seconds pass
> (configurable in the patch 0005) without either read or write activity,
> we will free the client context and close the socket. The client code is
> already written to be tolerant of this and will reconnect on the next
> request. This will help us avoid resource exhaustion if we have clients
> that hang on to NSS and PAM file descriptors indefinitely (like 'su' and
> 'login' do for PAM).
> Patch 0005: Make the client idle timeout value configurable and add it
> to the manpages and config API.
0003 Please always use send with a default set of flags, make the ifdef
set the default set of flags (0 vs MSG_NOSIGNAL)
0004 ack (not like much the TODO but I was told 4/5 got split for
reviewability, so ok)
Thanks for the review. New patches attached.