Univention Bugzilla – Bug 34812
udm-cli inherits unclean environment on fork()
Last modified: 2022-06-24 13:56:40 CEST
$ lsof -p `pgrep -f /usr/share/univention-directory-manager-tools/univention-cli-server` ... univentio 23858 root 0u CHR 1,3 0t0 1028 /dev/null univentio 23858 root 1u CHR 1,3 0t0 1028 /dev/null univentio 23858 root 2u CHR 1,3 0t0 1028 /dev/null univentio 23858 root 3u unix 0xffff88021d6248c0 0t0 141270 socket univentio 23858 root 4u CHR 1,3 0t0 1028 /dev/null univentio 23858 root 5u REG 254,0 452191 8258968 /var/log/univention/directory-manager-cmd.log univentio 23858 root 6u unix 0xffff880235fd7200 0t0 141597 /tmp/admincli_0/sock FD 3 & 4 should be closes, as 3 is for the client and 4 is only temporary for daemonizing FD 0-2. diff --git a/management/univention-directory-manager-modules/univention-cli-client b/management/univention-directory-manager-modules/univention-cli-client index 709466f..25b02e7 100755 --- management/univention-directory-manager-modules/univention-cli-client +++ management/univention-directory-manager-modules/univention-cli-client @@ -58,10 +58,11 @@ def fork_server(sock, socket_path): # start new server pid = os.fork() if pid == 0: # child - null = os.open(os.path.devnull, os.O_RDWR) - os.dup2(null, sys.stdin.fileno()) - os.dup2(null, sys.stdout.fileno()) - os.dup2(null, sys.stderr.fileno()) + with open(os.path.devnull, "rb+") as null: + os.dup2(null.fileno(), sys.stdin.fileno()) + os.dup2(null.fileno(), sys.stdout.fileno()) + os.dup2(null.fileno(), sys.stderr.fileno()) + sock.close() argv = ['univention-cli-server'] logfile = get_logfile() if logfile:
As a daemon the process should also close all other inherited file descriptors using <https://docs.python.org/2.6/library/os.html#os.closerange>
Happened again in one of the ucs-test scripts that opened a TCP socket on a specific port. The opened TCP socket was inherited to the UDM CLI server and blocked the port during it's runtime.
This hit me when writing ucs-test scripts.
Reported in https://help.univention.com/t/udm-zombie-prozess/16156/2