Confirmation of syslogd bug

To: 22673@bugs.debian.org
Cc: joey@debian.org, debian-devel@lists.debian.org
Subject: Confirmation of syslogd bug
From: Valentijn Sessink <valentyn+killspam@nospam.openoffice.nl>
Date: Mon, 01 May 2000 19:33:40 +0200
Message-id: <[🔎] 390DBFF4.CC035595@nospam.openoffice.nl>
Reply-to: valentyn@nospam.openoffice.nl

Package: sysklogd
Version: 1.3-31

I can confirm bug #22673, syslogd "freezing" a system that sends syslogd
messages to a host that's down, while syslogd was started with "-r".
This is for syslogd 1.3-31 and on another system with Slackware 7.0 with
syslogd-1.3-33 (from the Debian sources).

Situation:
machine "sahara" starts "syslogd" with "-r" switch - although there is
no machine that sends log messages to it. 

At sahara, "syslog.conf" ends with a line that says: 

*.*	@192.168.112.11

Now this 192.168.112.11 machine sometimes is up without a syslogd
(killall syslogd). When that happens, I get the infamous

syslog.0:Apr 30 20:53:33 sahara syslogd: sendto: Connection refused

This, results in sahara becoming "non-responsive". This is not due to a
hang, but due to the fact that syslogd simply refuses to handle any
messages. So if I, for example, do a "telnet sahara 110" it will
connect, but it will not let me type any command.
Same with logging in at the console: I can login, but once "login" tries
to log a message, it simply "hangs" - it never returns from sending the
log message.

If I then (while the login session is still between authentication and
starting a shell) kill syslogd, I get a perfectly normal login shell.

strace -p `ps ax|grep [s]yslogd|cut -c1-5` will show a looping
recvfrom(21, 0xbffff808, 1022, 0, 0xbffffc0c, 0xbffff804) = ?
ERESTARTSYS (To be
 restarted)
--- SIGALRM (Alarm clock) ---
time(NULL)                              = 957111450
sigaction(SIGALRM, {0x804b700, [], SA_RESTART}, {0x804b700, [],
SA_RESTART}) = 0
alarm(30)                               = 0
sigreturn()                             = ? (mask now [])

... ad infinum ad nauseam.


However, if I start "syslogd" without the -r switch at sahara, it *will*
tell 
syslog.0:Apr 30 20:53:33 sahara syslogd: sendto: Connection refused
... but it keeps working - so the machine keeps working too.

There seems, however, a timeout involved, since eventually a simple
"logger hello" *will* return, even on a frozen machine, but it takes a
whole lot of time. So if you, like we have, have a machine that logs
more than 1 message per minute, your "syslogd -r" will effectively
freeze (or "hang", or "DOS" if that's a verb) the machine.

Roughly looking through the sources, it seems that syslogd -r tries to
"recvfrom" the sockets that were specially opened for sending purposes.
But unfortunately I'm not too much into socket programming so I can't
help you too good with this one.

I hope this helps.

Best regards,

Valentijn
--

Reply to:

Prev by Date: RE: potato late, goals for woody (IMHO)
Next by Date: Re: Proposal new source archive format
Previous by thread: Re: Non-configuration files in /etc
Next by thread: dbf to sql conversion
Index(es):
- Date
- Thread