From 464837540729687bc0c2ca3bfc2c478ede27dbb3 Mon Sep 17 00:00:00 2001 From: answer9030 Date: Thu, 9 Mar 2023 15:06:37 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dsss=5Fcli=5Fcheck=5Fsocke?= =?UTF-8?q?t=E5=87=BD=E6=95=B0=E5=AD=98=E5=9C=A8=E7=9A=84pid=E5=9B=9E?= =?UTF-8?q?=E7=BB=95=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 修复问题:https://gitee.com/src-openeuler/sssd/issues/I6HZQ8?from=project-issue --- ...pid-wrapping-in-sss_cli_check_socket.patch | 38 +++++++++++++++++++ sssd.spec | 1 + 2 files changed, 39 insertions(+) create mode 100644 Fix-pid-wrapping-in-sss_cli_check_socket.patch diff --git a/Fix-pid-wrapping-in-sss_cli_check_socket.patch b/Fix-pid-wrapping-in-sss_cli_check_socket.patch new file mode 100644 index 0000000..5ccec57 --- /dev/null +++ b/Fix-pid-wrapping-in-sss_cli_check_socket.patch @@ -0,0 +1,38 @@ +diff -Naur sssd-2.8.2/src/sss_client/common.c sssd-2.8.2-b/src/sss_client/common.c +--- sssd-2.8.2/src/sss_client/common.c 2023-03-09 14:58:11.000000000 +0800 ++++ sssd-2.8.2-b/src/sss_client/common.c 2023-03-09 15:02:20.000000000 +0800 +@@ -664,21 +664,28 @@ + int timeout) + { + static pid_t mypid; +- struct stat mysb; ++ static struct stat selfsb; ++ struct stat mypid_sb, myself_sb; + int mysd; + int ret; + +- if (getpid() != mypid) { +- ret = fstat(sss_cli_sd, &mysb); ++ ret = lstat("/proc/self/", &myself_sb); ++ ++ if (getpid() != mypid || (ret == 0 && myself_sb.st_ino != selfsb.st_ino)) { ++ ret = fstat(sss_cli_sd, &mypid_sb); + if (ret == 0) { +- if (S_ISSOCK(mysb.st_mode) && +- mysb.st_dev == sss_cli_sb.st_dev && +- mysb.st_ino == sss_cli_sb.st_ino) { ++ if (S_ISSOCK(mypid_sb.st_mode) && ++ mypid_sb.st_dev == sss_cli_sb.st_dev && ++ mypid_sb.st_ino == sss_cli_sb.st_ino) { + sss_cli_close_socket(); + } + } + sss_cli_sd = -1; + mypid = getpid(); ++ ret = lstat("/proc/self/", &selfsb); ++ if (ret) { ++ memset(&selfsb, 0, sizeof(selfsb)); ++ } + } + + /* check if the socket has been closed on the other side */ diff --git a/sssd.spec b/sssd.spec index 0155210..f0d3304 100644 --- a/sssd.spec +++ b/sssd.spec @@ -7,6 +7,7 @@ URL: https://pagure.io/SSSD/sssd/ Source0: https://github.com/SSSD/sssd/releases/download/%{version}/%{name}-%{version}.tar.gz Patch6000: MONITOR-fix-socket_activated-flag-initialization.patch +Patch6001: Fix-pid-wrapping-in-sss_cli_check_socket.patch Requires: python3-sssd = %{version}-%{release} Requires: libldb -- Gitee From ed2384e4906ffd445cf42fb530ae775cba0600df Mon Sep 17 00:00:00 2001 From: answer9030 Date: Thu, 9 Mar 2023 15:06:37 +0800 Subject: [PATCH 2/3] fix pid wrapping in sss_cli_check_socket MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit resolves:https://gitee.com/src-openeuler/sssd/issues/I6HZQ8?from=project-issue --- sssd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sssd.spec b/sssd.spec index f0d3304..acd0b5d 100644 --- a/sssd.spec +++ b/sssd.spec @@ -1,6 +1,6 @@ Name: sssd Version: 2.8.2 -Release: 4 +Release: 5 Summary: System Security Services Daemon License: GPLv3+ and LGPLv3+ URL: https://pagure.io/SSSD/sssd/ @@ -535,6 +535,9 @@ fi %systemd_postun_with_restart sssd.service %changelog +* Thu Mar 09 2023 jiangjixiang - 2.8.2-5 +- fix pid wrapping in sss_cli_check_socket + * Wed Mar 08 2023 zhouchenchen123 - 2.8.2-4 - fix coredump in sssd.service -- Gitee From 839d43ec2ad258245716297eaf98f8397bb088ef Mon Sep 17 00:00:00 2001 From: answer9030 Date: Thu, 9 Mar 2023 15:06:37 +0800 Subject: [PATCH 3/3] fix pid wrapping in sss_cli_check_socket MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit resolves:https://gitee.com/src-openeuler/sssd/issues/I6HZQ8?from=project-issue --- ...pid-wrapping-in-sss_cli_check_socket.patch | 25 ++++++++++--------- sssd.spec | 5 +++- 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/Fix-pid-wrapping-in-sss_cli_check_socket.patch b/Fix-pid-wrapping-in-sss_cli_check_socket.patch index 5ccec57..160f262 100644 --- a/Fix-pid-wrapping-in-sss_cli_check_socket.patch +++ b/Fix-pid-wrapping-in-sss_cli_check_socket.patch @@ -1,21 +1,24 @@ diff -Naur sssd-2.8.2/src/sss_client/common.c sssd-2.8.2-b/src/sss_client/common.c ---- sssd-2.8.2/src/sss_client/common.c 2023-03-09 14:58:11.000000000 +0800 -+++ sssd-2.8.2-b/src/sss_client/common.c 2023-03-09 15:02:20.000000000 +0800 -@@ -664,21 +664,28 @@ +--- sssd-2.8.2/src/sss_client/common.c 2023-03-28 11:25:28.000000000 +0800 ++++ sssd-2.8.2-b/src/sss_client/common.c 2023-03-28 11:26:09.000000000 +0800 +@@ -663,22 +663,27 @@ + const char *socket_name, int timeout) { - static pid_t mypid; +- static pid_t mypid; - struct stat mysb; -+ static struct stat selfsb; ++ static pid_t mypid_s; ++ static ino_t myself_ino; + struct stat mypid_sb, myself_sb; ++ pid_t mypid_d; int mysd; int ret; - if (getpid() != mypid) { - ret = fstat(sss_cli_sd, &mysb); + ret = lstat("/proc/self/", &myself_sb); -+ -+ if (getpid() != mypid || (ret == 0 && myself_sb.st_ino != selfsb.st_ino)) { ++ mypid_d = getpid(); ++ if (mypid_d != mypid_s || (ret == 0 && myself_sb.st_ino != myself_ino)) { + ret = fstat(sss_cli_sd, &mypid_sb); if (ret == 0) { - if (S_ISSOCK(mysb.st_mode) && @@ -28,11 +31,9 @@ diff -Naur sssd-2.8.2/src/sss_client/common.c sssd-2.8.2-b/src/sss_client/common } } sss_cli_sd = -1; - mypid = getpid(); -+ ret = lstat("/proc/self/", &selfsb); -+ if (ret) { -+ memset(&selfsb, 0, sizeof(selfsb)); -+ } +- mypid = getpid(); ++ mypid_s = mypid_d; ++ myself_ino = myself_sb.st_ino; } /* check if the socket has been closed on the other side */ diff --git a/sssd.spec b/sssd.spec index f0d3304..aefc91b 100644 --- a/sssd.spec +++ b/sssd.spec @@ -1,6 +1,6 @@ Name: sssd Version: 2.8.2 -Release: 4 +Release: 5 Summary: System Security Services Daemon License: GPLv3+ and LGPLv3+ URL: https://pagure.io/SSSD/sssd/ @@ -535,6 +535,9 @@ fi %systemd_postun_with_restart sssd.service %changelog +* Tue Mar 28 2023 jiangjixiang - 2.8.2-5 +- fix pid wrapping in sss_cli_check_socket + * Wed Mar 08 2023 zhouchenchen123 - 2.8.2-4 - fix coredump in sssd.service -- Gitee