>From 4d9988b2ffd3caafc056f3b590a0514ea84d142a Mon Sep 17 00:00:00 2001 From: Daniel Hjorth Date: Wed, 25 Feb 2015 13:07:35 -0700 Subject: [PATCH 10/24] LDAP: unlink ccname_file_dummy if there is an error https://fedorahosted.org/sssd/ticket/2592 If there is an error after ccname_file_dummy is created but before it is renamed then the file isn't removed. This can cause a lot of files to be created and take up inodes in a filesystem. Reviewed-by: Jakub Hrozek Reviewed-by: Sumit Bose (cherry picked from commit 2b20ff2e33ad3993a9cad910c4b4b828513613df) (cherry picked from commit 0b5036e4c652e6983a3352c045c8701d6573587b) --- src/providers/ldap/ldap_child.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c index fbdf89a26030944967dad595dd5ae7f50fcac319..8fd9b20f8277459a8736a9e9fbf9036290dbd50e 100644 --- a/src/providers/ldap/ldap_child.c +++ b/src/providers/ldap/ldap_child.c @@ -187,7 +187,7 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, int kdc_time_offset_usec; int ret; TALLOC_CTX *tmp_ctx; - char *ccname_file_dummy; + char *ccname_file_dummy = NULL; char *ccname_file; krberr = krb5_init_context(&context); @@ -401,16 +401,26 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, "rename failed [%d][%s].\n", ret, strerror(ret)); goto done; } + ccname_file_dummy = NULL; krberr = 0; *ccname_out = talloc_steal(memctx, ccname); *expire_time_out = my_creds.times.endtime - kdc_time_offset; done: - talloc_free(tmp_ctx); if (krberr != 0) KRB5_SYSLOG(krberr); if (keytab) krb5_kt_close(context, keytab); if (context) krb5_free_context(context); + if (ccname_file_dummy) { + DEBUG(SSSDBG_TRACE_INTERNAL, "Unlinking [%s]\n", ccname_file_dummy); + ret = unlink(ccname_file_dummy); + if (ret == -1) { + ret = errno; + DEBUG(SSSDBG_MINOR_FAILURE, + "Unlink failed [%d][%s].\n", ret, strerror(ret)); + } + } + talloc_free(tmp_ctx); return krberr; } -- 2.4.3