The Samba-Bugzilla – Bug 7684
fd leak in libwbclient.so
Last modified: 2011-01-01 23:59:39 UTC
I am using pam+winbind+AD to authenticate request. The linux version is RHEL 5.4 and winbind is 3.5.3.
The issue I met is that after our daemon is running for a while, it cannot accept any request due to fd reach the limit.
After checking the source codes of winbind, I find libwbclient.so caches privilege connection to winbindd for reuse (please refer to winbind_open_pipe_sock() in wb_common.c). However every time a process call pam API to create a new PAM session, pam_winbind.so will dynamically load libwbclient.so and then unload it after the session is done. At that time the cached privilege connection is not closed. As a result, during the process is running whenever a PAM session is created, there will be a fd leaked by libwbclient.so.
So we need either provide a way to disable cache of privilege connection or implement clean-up logic when libwbclient.so is unloaded.
Created attachment 5965 [details]
Patch for 3.5
Should be fixed with the attached patch. This is aa8d91ae8e6b4 from master.
Comment on attachment 5965 [details]
Patch for 3.5
Looks good to me.
Re-assigning for inclusion in 3.5.next.
Thanks for the patch. It works well.
Pushed to v3-5-test. Will be included in 3.5.6.
Closing out bug report.
*** Bug 7265 has been marked as a duplicate of this bug. ***