Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Galera SST scripts shouldn't access grastate.dat #502

Open
wants to merge 1 commit into
base: 4.x
Choose a base branch
from
Open

Galera SST scripts shouldn't access grastate.dat #502

wants to merge 1 commit into from

Conversation

grooverdan
Copy link
Contributor

When SST scripts they inherit the open file descriptors.

Here we use the GLIBC extensions to fopen, 'e', to ensure
that forked processes don't inherit the file descriptor, and 'x'
which ensure exclusive access.

closes #339

@ayurchen ayurchen self-requested a review March 6, 2018 12:08
@ayurchen ayurchen self-assigned this Mar 6, 2018
@ayurchen
Copy link
Member

ayurchen commented Mar 6, 2018

Daniel, what is the license if this patch?

@grooverdan
Copy link
Contributor Author

grooverdan commented Mar 6, 2018
edited
Loading

I assume GPL-2 works for you. If so take it as that. Otherwise Apache-2 at your choice. If you have another preference let me know.

Note: glibc extensions on fopen need to be at end so I discovered https://bugzilla.kernel.org/show_bug.cgi?id=199001

@grooverdan grooverdan force-pushed the 3.x-save_state_excl_cloxec branch 2 times, most recently from f991b55 to 49d0927 Compare March 6, 2018 21:43
@vasild
Copy link
Contributor

vasild commented Mar 7, 2018

Daniel,

  • This patch would only enable the close-on-exec flag on Linux even though other operating systems also support "e".
  • It will end up with logically conflicting "a" and "x". Why would one want to append to a file that does not exist? It may work as "wx" but is at least confusing.
  • It would fix only this local case, making it hard to reuse the code elsewhere. OTOH, galerautils/src/gu_fdesc.cpp has some code which opens a file with close-on-exec that can be reused.
  • The patch is not exhaustive - maybe other fopen(3) or open(2) calls remain without close-on-exec, but I guess making it exhaustive is out of the scope of this pull request.

So, can you use gu::FileDescriptor from galerautils/src/gu_fdesc.cpp to open the file and then use fdopen(3) in galera/src/saved_state.cpp

A BSD licensed patch would be ok.

Thanks!

@grooverdan
Copy link
Contributor Author

Thanks for the review and tips. May as well make it comprehensive. I'll resubmit.

@ayurchen
Copy link
Member

ayurchen commented Mar 7, 2018

Daniel, we would rather have it as public domain. Is that possible?

@grooverdan
Copy link
Contributor Author

Contribution under the Codership Individual Contributor License Agreement on behalf of IBM (all approved - hence delay). I tried to sign up on https://www.clahub.com/agreements/codership/galera but failed (clahub/clahub#163)

@grooverdan
Copy link
Contributor Author

CLA signed now that technical barriers have been lifted.

@vasild
Copy link
Contributor

vasild commented Jul 26, 2018

Daniel, I guess you will upload an updated patch?

@williamdes
Copy link

Should this patch be rebased for newer versions ?

@grooverdan
Galera SST scripts shouldn't access grastate.dat
4d6b6f7 
When SST scripts they inherit the open file descriptors.

Here we use the GLIBC extensions to fopen, 'e', to ensure
that forked processes don't inherit the file descriptor, and 'x'
which ensure exclusive access.
@grooverdan grooverdan changed the base branch from 3.x to 4.x August 7, 2024 06:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ayurchen ayurchen Awaiting requested review from ayurchen

Assignees

@ayurchen ayurchen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

grastate.dat not opened with O_CLOEXEC flag
4 participants
@grooverdan @ayurchen @vasild @williamdes