[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#601649: marked as done (apt: leaks fd to history.log)

Your message dated Thu, 28 Oct 2010 20:32:12 +0000
with message-id <E1PBZ8u-0001iS-L5@franck.debian.org>
and subject line Bug#601649: fixed in apt 0.8.8
has caused the Debian Bug report #601649,
regarding apt: leaks fd to history.log
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
601649: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601649
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: apt
Version: 0.8.6
Severity: normal
Tags: patch

Consider this:

master@doggy:~/src/apt$ sudo lsof -p7526
COMMAND  PID USER   FD   TYPE             DEVICE    SIZE     NODE NAME
pcscd   7526 root  cwd    DIR              254,1    4096        2 /
pcscd   7526 root  rtd    DIR              254,1    4096        2 /
pcscd   7526 root  txt    REG              254,1  102344  3481724 /usr/sbin/pcscd
pcscd   7526 root  mem    REG              254,1   90504 12165132 /lib/libgcc_s.so.1
pcscd   7526 root  mem    REG              254,1 1432968 12165514 /lib/libc-2.11.2.so
pcscd   7526 root  mem    REG              254,1   31744 12165517 /lib/librt-2.11.2.so
pcscd   7526 root  mem    REG              254,1  131260 12165516 /lib/libpthread-2.11.2.so
pcscd   7526 root  mem    REG              254,1  261656 12165152 /lib/libdbus-1.so.3.4.0
pcscd   7526 root  mem    REG              254,1   64904  7016809 /usr/lib/libhal.so.1.0.0
pcscd   7526 root  mem    REG              254,1   14696 12165512 /lib/libdl-2.11.2.so
pcscd   7526 root  mem    REG              254,1  128744 12166360 /lib/ld-2.11.2.so
pcscd   7526 root  mem    REG              254,1   65537 12681220 /var/run/pcscd/pcscd.pub
pcscd   7526 root    0u   CHR                1,3             1295 /dev/null
pcscd   7526 root    1u   CHR                1,3             1295 /dev/null
pcscd   7526 root    2u   CHR                1,3             1295 /dev/null
pcscd   7526 root    3u   REG              254,1   65537 12681220 /var/run/pcscd/pcscd.pub
pcscd   7526 root    4u  unix 0xffff88011f978000           141590 /var/run/pcscd/pcscd.comm
pcscd   7526 root    5u  unix 0xffff880138fd3600           141626 socket
pcscd   7526 root    7u  unix 0xffff88013ba94600           634363 /var/run/pcscd/pcscd.comm
pcscd   7526 root    8u  unix 0xffff88011f979b00           163816 socket
pcscd   7526 root    9u  unix 0xffff88011f9e4900           867065 /var/run/pcscd/pcscd.comm
pcscd   7526 root   46w   REG              254,1    5008 12550526 /var/log/apt/history.log


This is (most probably) the pcscd installed through "aptitude install
pcscd", which means that apt leaks the file descriptor to the
history.log all the way to started daemons!

The attached patch, not really tested, should fix this. It makes apt
incompatible with another libc than glibc, and with glibc < 2.7. This
means it makes apt incompatible with etch; policy-wise this is no
problem since Debian does not support "jumping releases" on updates,
so this patch would even be OK for squeeze, even though I understand
it could make it only to squeeze+1.

I'm not sure what would happen on e.g. Debian GNU/kFreeBSD. Maybe we
are better off either doing open() and then fcntl() to enable
FD_CLOEXEC, or even to close it by hand between fork() and exec().

-- Package-specific info:

-- apt-config dump --

APT "";
APT::Architecture "amd64";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "1";
APT::Install-Suggests "0";
APT::Acquire "";
APT::Acquire::Translation "environment";
APT::Update "";
APT::Update::Post-Invoke "";
APT::Update::Post-Invoke:: "[ ! -x /usr/lib/ia32-libs-tools/update-arch-all.list ] || /usr/lib/ia32-libs-tools/update-arch-all.list";
APT::Update::Post-Invoke-Success "";
APT::Update::Post-Invoke-Success:: "[ ! -f /var/run/dbus/system_bus_socket ] || /usr/bin/dbus-send --system --dest=org.debian.apt --type=signal /org/debian/apt org.debian.apt.CacheChanged || true";
APT::Authentication "";
APT::Authentication::TrustCDROM "true";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^linux-image.*";
APT::NeverAutoRemove:: "^kfreebsd-image.*";
APT::NeverAutoRemove:: "^linux-restricted-modules.*";
APT::NeverAutoRemove:: "^linux-ubuntu-modules-.*";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Never-MarkAuto-Sections:: "oldlibs";
APT::Never-MarkAuto-Sections:: "restricted/oldlibs";
APT::Never-MarkAuto-Sections:: "universe/oldlibs";
APT::Never-MarkAuto-Sections:: "multiverse/oldlibs";
APT::Cache-Limit "201326592";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::mirrors "mirrors/";
Dir::State::extended_states "/var/lib/apt/extended_states";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::netrc "auth.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Etc::preferencesparts "preferences.d";
Dir::Etc::trusted "trusted.gpg";
Dir::Etc::trustedparts "trusted.gpg.d";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::dpkg "/usr/bin/dpkg";
Dir::Media "";
Dir::Media::MountPath "/media/apt";
Dir::Log "var/log/apt";
Dir::Log::Terminal "term.log";
Dir::Log::History "history.log";
Dir::Ignore-Files-Silently "";
Dir::Ignore-Files-Silently:: "~$";
Dir::Ignore-Files-Silently:: "\.disabled$";
Dir::Ignore-Files-Silently:: "\.bak$";
Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
Acquire "";
Acquire::CompressionTypes "";
Acquire::CompressionTypes::Order "";
Acquire::CompressionTypes::Order:: "lzma";
Acquire::CompressionTypes::Order:: "bzip2";
Acquire::CompressionTypes::Order:: "gz";
Unattended-Upgrade "";
Unattended-Upgrade::Allowed-Origins "";
Unattended-Upgrade::Allowed-Origins:: "Debian stable";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
CommandLine "";
CommandLine::AsString "apt-config dump";

-- /etc/apt/preferences --

Package: *
Pin: release a=stable
Pin-Priority: 500

Package: *
Pin: release a=testing
Pin-Priority: 400

Package: *
Pin: release a=unstable
Pin-Priority: 300

Package: *
Pin: release a=unstable-i386
Pin-Priority: 250

Package: *
Pin: release a=testing-i386
Pin-Priority: 260

Package: *
Pin: release a=stable-i386
Pin-Priority: 270

-- (/etc/apt/sources.list present, but not submitted) --


-- System Information:
Debian Release: squeeze/sid
  APT prefers stable
  APT policy: (500, 'stable'), (400, 'testing'), (300, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages apt depends on:
ii  debian-archive-keyring 2010.08.28~lenny1 GnuPG archive keys of the Debian a
ii  gnupg                  1.4.9-3+lenny1    GNU privacy guard - a free PGP rep
ii  libc6                  2.11.2-5          Embedded GNU C Library: Shared lib
ii  libgcc1                1:4.4.4-8         GCC support library
ii  libstdc++6             4.4.4-8           The GNU Standard C++ Library v3
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

apt recommends no packages.

Versions of packages apt suggests:
pn  apt-doc                       <none>     (no description available)
ii  aptitude                      0.6.3-3.1  terminal-based package manager (te
ii  bzip2                         1.0.5-1    high-quality block-sorting file co
ii  dpkg-dev                      1.15.8.4   Debian package development tools
ii  lzma                          4.43-14    Compression method of 7z format in
ii  python-apt                    0.7.97.1   Python interface to libapt-pkg

-- no debconf information

diff --recursive -uN apt-0.8.7/apt-pkg/deb/dpkgpm.cc apt-0.8.7.lio/apt-pkg/deb/dpkgpm.cc
--- apt-0.8.7/apt-pkg/deb/dpkgpm.cc	2010-09-06 18:08:43.000000000 +0200
+++ apt-0.8.7.lio/apt-pkg/deb/dpkgpm.cc	2010-10-28 06:22:33.000000000 +0200
@@ -669,7 +669,7 @@
 				   _config->Find("Dir::Log::History"));
    if (!history_name.empty())
    {
-      history_out = fopen(history_name.c_str(),"a");
+      history_out = fopen(history_name.c_str(),"ae");
       if (history_out == NULL)
 	 return _error->WarningE("OpenLog", _("Could not open file '%s'"), history_name.c_str());
       chmod(history_name.c_str(), 0644);

--- End Message ---
--- Begin Message --- 
Source: apt
Source-Version: 0.8.8

We believe that the bug you reported is fixed in the latest version of
apt, which is due to be installed in the Debian FTP archive:

apt-doc_0.8.8_all.deb
  to main/a/apt/apt-doc_0.8.8_all.deb
apt-transport-https_0.8.8_i386.deb
  to main/a/apt/apt-transport-https_0.8.8_i386.deb
apt-utils_0.8.8_i386.deb
  to main/a/apt/apt-utils_0.8.8_i386.deb
apt_0.8.8.dsc
  to main/a/apt/apt_0.8.8.dsc
apt_0.8.8.tar.gz
  to main/a/apt/apt_0.8.8.tar.gz
apt_0.8.8_i386.deb
  to main/a/apt/apt_0.8.8_i386.deb
libapt-pkg-dev_0.8.8_i386.deb
  to main/a/apt/libapt-pkg-dev_0.8.8_i386.deb
libapt-pkg-doc_0.8.8_all.deb
  to main/a/apt/libapt-pkg-doc_0.8.8_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 601649@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Vogt <mvo@debian.org> (supplier of updated apt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 28 Oct 2010 21:22:21 +0200
Source: apt
Binary: apt apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source all i386
Version: 0.8.8
Distribution: unstable
Urgency: low
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Michael Vogt <mvo@debian.org>
Description: 
 apt        - Advanced front-end for dpkg
 apt-doc    - Documentation for APT
 apt-transport-https - APT https transport
 apt-utils  - APT utility programs
 libapt-pkg-dev - Development files for APT's libapt-pkg and libapt-inst
 libapt-pkg-doc - Documentation for APT development
Closes: 600852 601016 601649
Changes: 
 apt (0.8.8) unstable; urgency=low
 .
   [ David Kalnischkies ]
   * apt-pkg/contrib/fileutl.cc:
     - Add a FileFd::FileSize() method to get the size of the underlying
       file and not the size of the content in the file as FileFd::Size()
       does - the sizes can differ since the direct gzip integration
   * methods/{gzip,bzip2}.cc:
     - use FileSize() to determine if the file is invalid (Closes: #600852)
   * apt-pkg/pkgcache.cc:
     - fallback always to a suitable description (Closes: #601016)
 .
   [ Michael Vogt ]
   * apt-pkg/deb/dpkgpm.cc:
     - ensure that history.log gets closed to avoid leaking a FD
       (closes: #601649)
Checksums-Sha1: 
 09c79858cf4d332bd30725be5ec3d1fabafc14fd 1295 apt_0.8.8.dsc
 ffd16cead15bc387d68b08491eb40609892864be 3134048 apt_0.8.8.tar.gz
 10726bc4b950f988dfd29ec017c4340fc5a7df0f 232368 apt-doc_0.8.8_all.deb
 8f4e1590ef8c0845e2283dd7e5078e1b8ce62fc2 689078 libapt-pkg-doc_0.8.8_all.deb
 59d432f56901faa86e814a436b8da010ee1c7b8a 2140632 apt_0.8.8_i386.deb
 b289bf88db44d2c80ebe06ddbb85d4daad34f006 150200 libapt-pkg-dev_0.8.8_i386.deb
 31a5a1ffcf2d3a563b9c1e476f67f7ea9e8db649 269594 apt-utils_0.8.8_i386.deb
 e7a4efe23af19ec1a391a4983a9c3a03d076fa2b 82102 apt-transport-https_0.8.8_i386.deb
Checksums-Sha256: 
 422d2ef7ba12122a7d734687bc7fa53d8f3a26cb36b8ad1eb7777e54a08987f5 1295 apt_0.8.8.dsc
 71c931c36b21d9c1c0a2a0436a82d4590557ae15e582051555b8fe2e9e434974 3134048 apt_0.8.8.tar.gz
 63f7901ecfb6ebcbaa656b4a68d2c839bb36c6d22baac51eb7882eb9c91a388f 232368 apt-doc_0.8.8_all.deb
 c228f9734fa93addd9f088abfc9fa7d2ce0c3b8f24dc591fad4aa091ffb8a66d 689078 libapt-pkg-doc_0.8.8_all.deb
 072dcf4359dce9698aeaa54366eb20513f860c2bb6d44a95973c0b2ad413bfab 2140632 apt_0.8.8_i386.deb
 8e4098c83bb7518c2790eccbd2d2c055bfa697ce639892dfe684823ac352c8ac 150200 libapt-pkg-dev_0.8.8_i386.deb
 2e06aada138a780cd291542e1c5177d5b6eff3e396e07fbbe78f64e1ea94e23b 269594 apt-utils_0.8.8_i386.deb
 8ef9669d2ad133c307f89abc93e49c4f0d35a206cd96790a75d341534b5939db 82102 apt-transport-https_0.8.8_i386.deb
Files: 
 beb868a12b5c3205b2a27118da8728f6 1295 admin important apt_0.8.8.dsc
 a569effd93e8541f7252b1f93164bca3 3134048 admin important apt_0.8.8.tar.gz
 4d12daa41c5d106e3da41048903eb399 232368 doc optional apt-doc_0.8.8_all.deb
 a720087fac3dfb6ef9006b72466aa90d 689078 doc optional libapt-pkg-doc_0.8.8_all.deb
 4283aa3bb751253faf1b2204e0229e4f 2140632 admin important apt_0.8.8_i386.deb
 70043ce1a193faff87fa7c7d16fe4b36 150200 libdevel optional libapt-pkg-dev_0.8.8_i386.deb
 16a8f93df883ec368b2c1820ada11987 269594 admin important apt-utils_0.8.8_i386.deb
 e1e5f78269afe1efd33b052407d52e95 82102 admin optional apt-transport-https_0.8.8_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkzJ09EACgkQliSD4VZixzQrNgCgi0eLNBrWnn+8TbDs9Za2s9yz
3xcAn1edFJZ5w78eA3r7DFBNVxUp/BgY
=gF95
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: