Date: Thu, 4 Oct 2018 05:48:10 +0000 (UTC) From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r339176 - head/contrib/openbsm/bin/auditdistd Message-ID: <201810040548.w945mANZ097450@repo.freebsd.org>
index | next in thread | raw e-mail
Author: pjd Date: Thu Oct 4 05:48:09 2018 New Revision: 339176 URL: https://svnweb.freebsd.org/changeset/base/339176 Log: When we look for a new trail file there might be a race between find trail file name and opening it. This race was not properly handled, because we were copying new name before checking for openat(2) error and when we were trying again we were starting with the next trail file. This could result in skipping distribution of such a trail file. Fix this problem by checking for ENOENT first (only for .not_terminated files) and then updating (or not) tr_filename before restarting the search. PR: 200139 Reported by: peter Approved by: re (kib) Modified: head/contrib/openbsm/bin/auditdistd/trail.c Modified: head/contrib/openbsm/bin/auditdistd/trail.c ============================================================================== --- head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 01:46:56 2018 (r339175) +++ head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 05:48:09 2018 (r339176) @@ -361,17 +361,38 @@ again: pjdlog_debug(1, "No new trail files."); return; } - PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, - sizeof(trail->tr_filename)) < sizeof(trail->tr_filename)); dfd = dirfd(trail->tr_dirfp); PJDLOG_ASSERT(dfd >= 0); - trail->tr_filefd = openat(dfd, trail->tr_filename, O_RDONLY); + trail->tr_filefd = openat(dfd, curfile, O_RDONLY); if (trail->tr_filefd == -1) { - pjdlog_errno(LOG_ERR, - "Unable to open file \"%s/%s\", skipping", - trail->tr_dirname, trail->tr_filename); + if (errno == ENOENT && trail_is_not_terminated(curfile)) { + /* + * The .not_terminated file was most likely renamed. + * Keep trail->tr_filename as a starting point and + * search again. + */ + pjdlog_debug(1, + "Unable to open \"%s/%s\", most likely renamed in the meantime, retrying.", + trail->tr_dirname, curfile); + } else { + /* + * We were unable to open the file, but not because of + * the above. This shouldn't happen, but it did. + * We don't know why it happen, so the best we can do + * is to just skip this file - this is why we copy the + * name, so we can start and the next entry. + */ + PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, + sizeof(trail->tr_filename)) < + sizeof(trail->tr_filename)); + pjdlog_errno(LOG_ERR, + "Unable to open file \"%s/%s\", skipping", + trail->tr_dirname, curfile); + } goto again; } + PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, + sizeof(trail->tr_filename)) < sizeof(trail->tr_filename)); pjdlog_debug(1, "Found next trail file: \"%s/%s\".", trail->tr_dirname, trail->tr_filename); }help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201810040548.w945mANZ097450>