On Sun, Feb 15, 2004 at 07:37:42PM +0300, Maxim Konovalov wrote: +> > I have yet to figure out what triggers the bug, but I end up with 'running' +> > jails, without any processes. So I thought I'd create 'jld' to remove a jail. +> > However - prison_find isn't exported to userland. Probably for good reason. +> > +> > Should I worry about these jails or is it harmless: +> [...] +> +> Yes, it is a known bug, see kern/54163 for example. It seems we are +> leaking ucred reference somewhere. TIME_WAIT handling is involved +> too. You can reproduce it easily: +> +> 1/ Start a jail: +> +> # jail / j 127.0.0.1 /usr/local/bin/nc -p 1973 -l 127.0.0.1 +> +> 2/ Telnet to it: +> +> # telnet 127.0.0.1 1973 +> +> 3/ Kill the jail: +> +> # killall nc +> +> 4/ Watch a leak: +> +> # jls +> ... +> +> or +> +> # sysctl -o security.jail.list +> ... +> +> I were trying to fix this for a long time but no success. Yeah, there is a cred leak and I am the one who track it down!:) http://garage.freebsd.pl/patches/tcp_subr.c.patch Don't do 'jls' just after killing 'nc', because cred will be freed after timeout, so wait few minutes and then try 'jls'. If there is no objections I'm going to commit it tomorrow. Am I Evil?:) -- Pawel Jakub Dawidek http://www.FreeBSD.org pjd_at_FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am!
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:43 UTC