[exim-dev] [Bug 1715] New: Race condition in exicyclog

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: admin
Ημερομηνία:  
Προς: exim-dev
Αντικείμενο: [exim-dev] [Bug 1715] New: Race condition in exicyclog
https://bugs.exim.org/show_bug.cgi?id=1715

            Bug ID: 1715
           Summary: Race condition in exicyclog
           Product: Exim
           Version: 4.86
          Hardware: x86
                OS: All
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Logging
          Assignee: nigel@???
          Reporter: graeme@???
                CC: exim-dev@???


Created attachment 843
--> https://bugs.exim.org/attachment.cgi?id=843&action=edit
Fix race condition in exicyclog

There's a race condition in exicyclog which can cause Exim to panic and exit.
It appears the process flow in exicyclog is similar to that of logrotate,
being:

* If file exists, then
* Rename older versions (do the numeric shuffle)
* Move existing log to previous version (in our case, mainlog to mainlog.01)
* Touch new file
* chmod & chown new file

The race exists between the 'touch' and 'chown/chmod' steps, resulting in odd
behaviour like this which I've never seen before the weekend when one of my
MTAs decided to stop accepting mail:

2015-11-07 00:01:02 [19442] Cannot open main log file "/var/log/exim/mainlog":
Permission denied: euid=93 egid=93

The chances of this happening are magnified on high-volume systems but are
still vanishingly small - in many years of running high-volume Exim instances
this is the very first time I've come across this.

Patch attached using pid of running process as suffix for intermediate file
before moving it to be the new one.

Immediate thoughts are that some Exim instances may have more log files than
others, resulting in the pid clashing with an existing file; also that usage of
$$ might not be 100% portable. Trying to avoid usage of a fixed suffix, though,
which may cause other conflicts if sites have already used it for some reason.

--
You are receiving this mail because:
You are on the CC list for the bug.