httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Kraemer <mar...@apache.org>
Subject Re: [PATCH] Have logfiles closed on exec
Date Wed, 11 Dec 2002 16:21:26 GMT
On Wed, Dec 11, 2002 at 09:25:19AM -0500, Jim Jagielski wrote:
> This patch uses the recently folded in "magic" cleanups to
> have all log files (well, access and transfer logs) set with
> CLOSEXEC. It also adds another *_ex function (ap_popenf_ex)
> and allows for the magic cleanups to be called/run whenever
> by passing a NULL pool (also protects against dumps when
> a NULL might be passed by accident).
> 
> Comments??

I applied your patch in combination with my socket-fd patch,
and see for yourself:

 -> crw-rw-rw- 1 root     wheel       2,     2 /dev/fd/0
 -> p--------- 0 root     wheel              0 /dev/fd/1
 -> -rw-r----- 1 martin   kraemer         8812 /dev/fd/2 == /tmp/apa13/logs/error_log
 -> -rw-r----- 1 martin   kraemer         8812 /dev/fd/15 == /tmp/apa13/logs/error_log
 -> -rw------- 1 martin   kraemer            0 /dev/fd/19 == /tmp/apa13/logs/httpd.lock.30423
 -> -rw------- 1 martin   kraemer            0 /dev/fd/20 == /tmp/apa13/logs/httpd.lock.30423
 -> -rw-r----- 1 martin   kraemer          209 /dev/fd/21 == /tmp/apa13/htdocs/machine.php

In contrast to the patch in my previous reply (which called
ap_note_cleanups_for_fd_ex() for *ALL* occurrences of ap_popenf()),
we now have more open fd's in PHP again. The fd's of the fcntl() lock
files are (created by ap_popenf() and) not closed.
So, there's another potential for plugging fd's.
Other candidates are the scoreboard file (where present) which needs
not be inherited to children, the rewrite_log file, and mod_log_nw.c
for netware (do they have FD_CLOEXEC? I assume not... ;-) 

Basically, this leaves over only mod_mime_magic as a user for the non-_ex
version of ap_popenf(), and that is only because it does the open...close
in a tight loop which does not offer the possibility of a fork()/exec().

As could be expected, the combined patch with the additional invocations
of ap_popenf_ex() leaves open only the well known set of fds:

 -> crw-rw-rw- 1 root     wheel       2,     2 /dev/fd/0
 -> p--------- 0 root     wheel              0 /dev/fd/1
 -> -rw-r----- 1 martin   kraemer         9064 /dev/fd/2 == /tmp/apa13/logs/error_log
 -> -rw-r----- 1 martin   kraemer         9064 /dev/fd/15 == /tmp/apa13/logs/error_log
 -> -rw-r----- 1 martin   kraemer          209 /dev/fd/21 == /tmp/apa13/htdocs/machine.php

   Martin
PS: I append the combined patch of your changes and mine, but without
the new ap_psocket_ex(). TBD
-- 
<Martin.Kraemer@Fujitsu-Siemens.com>         |     Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730  Munich,  Germany

Mime
View raw message