On Thu, 2009-10-22 at 11:44 +0200, Marco Nenciarini wrote: > This morning it happened another time, another time during the daily > cron execution. > > Oct 22 06:26:57 server dovecot: pop3-login: Panic: Leaked file fd 5: dev > 0.12 inode 1005
Can you apply the attached patch and see what it logs the next time it happens?
diff -r ab32d7e2c0d6 src/login-common/main.c --- a/src/login-common/main.c Tue Oct 20 15:49:01 2009 -0400 +++ b/src/login-common/main.c Thu Oct 22 12:50:52 2009 -0400 @@ -18,6 +18,7 @@ #include <stdlib.h> #include <unistd.h> #include <syslog.h> +#include <sys/stat.h> bool disable_plaintext_auth, process_per_connection; bool verbose_proctitle, verbose_ssl, verbose_auth, auth_debug; @@ -427,6 +428,13 @@ restrict_access_by_env() is called */ lib_init(); + for (i = 3; i < 20; i++) { + struct stat st; + + if (fstat(i, &st) == 0 && major(st.st_dev) == 0 && minor(st.st_dev) == 12) + i_panic("login fd %d is ino %ld", i, (long)st.st_ino); + } + if (is_inetd) { /* running from inetd. create master process before dropping privileges. */ diff -r ab32d7e2c0d6 src/master/listener.c --- a/src/master/listener.c Tue Oct 20 15:49:01 2009 -0400 +++ b/src/master/listener.c Thu Oct 22 12:50:52 2009 -0400 @@ -8,6 +8,41 @@ #include <stdlib.h> #include <unistd.h> +#include <sys/stat.h> + +static void check_listeners(struct settings *set) +{ + const struct listener *listens; + unsigned int i, listen_count; + + if (array_is_created(&set->listens)) { + listens = array_get(&set->listens, &listen_count); + for (i = 0; i < listen_count; i++) { + struct stat st; + + if (listens[i].fd < 0) continue; + if (net_getsockname(listens[i].fd, NULL, NULL) == 0) continue; + + if (fstat(listens[i].fd, &st) < 0) i_panic("fstat(%d) failed: %m", listens[i].fd); + i_panic("listener %d is dev %d.%d ino %ld", i, + major(st.st_dev), minor(st.st_dev), (long)st.st_ino); + } + } + + if (array_is_created(&set->ssl_listens)) { + listens = array_get(&set->ssl_listens, &listen_count); + for (i = 0; i < listen_count; i++) { + struct stat st; + + if (listens[i].fd < 0) continue; + if (net_getsockname(listens[i].fd, NULL, NULL) == 0) continue; + + if (fstat(listens[i].fd, &st) < 0) i_panic("fstat(ssl %d) failed: %m", listens[i].fd); + i_panic("ssl listener %d is dev %d.%d ino %ld", i, + major(st.st_dev), minor(st.st_dev), (long)st.st_ino); + } + } +} static void resolve_ip(const char *set_name, const char *name, struct ip_addr *ip, unsigned int *port) @@ -345,10 +380,14 @@ } for (server = settings_root; server != NULL; server = server->next) { - if (server->imap != NULL) + if (server->imap != NULL) { listener_listen_missing(server->imap, "imap", retry); - if (server->pop3 != NULL) + check_listeners(server->imap); + } + if (server->pop3 != NULL) { listener_listen_missing(server->pop3, "pop3", retry); + check_listeners(server->pop3); + } } } diff -r ab32d7e2c0d6 src/master/login-process.c --- a/src/master/login-process.c Tue Oct 20 15:49:01 2009 -0400 +++ b/src/master/login-process.c Thu Oct 22 12:50:52 2009 -0400 @@ -698,15 +698,31 @@ cur_fd = LOGIN_MASTER_SOCKET_FD + 1; if (array_is_created(&group->set->listens)) { listens = array_get(&group->set->listens, &listen_count); - for (i = 0; i < listen_count; i++, cur_fd++) + for (i = 0; i < listen_count; i++, cur_fd++) { + struct stat st; + + if (net_getsockname(listens[i].fd, NULL, NULL) < 0) { + if (fstat(listens[i].fd, &st) < 0) i_panic("fstat(%d) failed: %m", listens[i].fd); + i_panic("ssl listener %d is dev %d.%d ino %ld", i, + major(st.st_dev), minor(st.st_dev), (long)st.st_ino); + } dup2_append(&dups, listens[i].fd, cur_fd); + } } if (array_is_created(&group->set->ssl_listens)) { listens = array_get(&group->set->ssl_listens, &ssl_listen_count); - for (i = 0; i < ssl_listen_count; i++, cur_fd++) + for (i = 0; i < ssl_listen_count; i++, cur_fd++) { + struct stat st; + + if (net_getsockname(listens[i].fd, NULL, NULL) < 0) { + if (fstat(listens[i].fd, &st) < 0) i_panic("fstat(%d) failed: %m", listens[i].fd); + i_panic("ssl listener %d is dev %d.%d ino %ld", i, + major(st.st_dev), minor(st.st_dev), (long)st.st_ino); + } dup2_append(&dups, listens[i].fd, cur_fd); + } } /* make sure we don't leak syslog fd. try to do it as late as possible,
signature.asc
Description: This is a digitally signed message part