File descriptor leak in pam_winbind.so

Steve Langasek vorlon at netexpress.net
Thu Aug 29 08:50:01 GMT 2002


On Thu, Aug 29, 2002 at 07:49:22AM -0400, jra at dp.samba.org wrote:
> On Thu, Aug 29, 2002 at 05:44:51PM +0100, Paul Flinders wrote:
> >   	return retval;
> > + }
> > + 
> > + void __attribute__ ((destructor))  unload () 
> > + {
> > + 	/* Make sure socket is closed on unload of dll, some apps use PAM in
> > + 	   a manner which leaks FDs otherwise */
> > + 	close_sock();

> This is *horribly* non-portable I'm afraid. If you need this
> can you provide an autoconf test that will determine if this
> hideous construct (__attribute__ ((destructor))  unload ()) is
> supported on the current platform/compiler.

The portable solution in PAM is to register a module cleanup function
using pam_data(), to ensure that the socket is closed when pam_end() is
called.

Any PAM application that doesn't call pam_end() when it's done with a PAM
handle is broken beyond all hope, and it's not Samba's business to try to
save it from the inevitable.

Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020829/974c6276/attachment.bin


More information about the samba-technical mailing list