On Wed, Feb 25, 2015 at 01:47:36PM -0700, Daniel Hjorth wrote:
https://fedorahosted.org/sssd/ticket/2592
If there is an error after ccname_file_dummy is created but before it is
renamed then the file isn't removed. This can cause a lot of files to
be created and take up inodes in a filesystem.
From f50db04f5d0cf73edb2e8aa27da9450562dae08e Mon Sep 17 00:00:00
2001
From: Daniel Hjorth <dh(a)dhjorth.com>
Date: Wed, 25 Feb 2015 13:07:35 -0700
Subject: [PATCH] LDAP: unlink ccname_file_dummy if there is an error
https://fedorahosted.org/sssd/ticket/2592
If there is an error after ccname_file_dummy is created but before it is
renamed then the file isn't removed. This can cause a lot of files to be
created and take up inodes in a filesystem.
---
src/providers/ldap/ldap_child.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c
index e9aebf5a6319b5d848aadfb27061099fc153a7f6..676f0c7c5033f1941feb24d070cbff253bdbadbf
100644
--- a/src/providers/ldap/ldap_child.c
+++ b/src/providers/ldap/ldap_child.c
@@ -499,6 +499,7 @@ done:
if (krberr != 0) KRB5_SYSLOG(krberr);
if (keytab) krb5_kt_close(context, keytab);
if (context) krb5_free_context(context);
+ if (ccname_file_dummy) unlink(ccname_file_dummy);
return krberr;
}
--
1.9.3
Thank you very much for catching the issue and the patch! I wonder if it
would be better to call talloc_zfree(ccname_file_dummy) in case the
rename(2) succeeds in order to only call the unlink if the dummy file is
still around?