[Pkg-nagios-devel] Bug#663047: nsca: race condition when opening command file
vela at debian.org
Thu Mar 8 08:00:30 UTC 2012
Tags: patch upstream
I haven't heard back from upstream, so I hope this can at least be fixed
in the Debian package. Also <https://dev.icinga.org/issues/2400>.
> There is a race condition in src/nsca.c:open_command_file between
> stat() and fopen(). If the command file exists at the point of
> stat(), but is then removed before fopen() (typically by the Nagios
> init script), nsca will create an empty file instead of a named pipe.
> In our case, this would happen at least once every 2-3 reboots.
> It would be safer to open() the file atomically, without the O_CREAT
> that is implicit in fopen(..., "w"). Other parts of the code already use
> open() and related headers, so this shouldn't affect portability.
> Patch attached.
> To expand a bit, here's the scenario step by step:
> 1. src/nsca.c:open_command_file checks whether the named pipe exists,
> sees that it does, and decides not to use the alternate dump file:
> /* command file doesn't exist - monitoring app probably isn't running... */
> 2. An instant later, "/etc/init.d/nagios3 start" removes the pipe:
> rm -f $NagiosCommandFile
("rm -f $nagiospipe" in the Debian version.)
> 3. src/nsca.c:open_command_file opens the named pipe with fopen(3),
> either in "a" or "w" mode. Both of these imply open(2) with
> O_CREAT, so the command file gets created as an ordinary file:
> 4. Nagios calls mkfifo(3) from base/utils.c:open_command_file, gets
> EEXIST because the path already exists, and dies ignominiously.
> If we make the first step atomic -- either an existing pipe is opened
> or not -- the problem goes away.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the Pkg-nagios-devel