Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-4751

Optimize & Secure safe_posix_fork

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 3.8.2, PUP 4.2.1
    • Component/s: None
    • Labels:
      None
    • Template:
    • Story Points:
      1
    • Sprint:
      Client 2015-08-05
    • Release Notes:
      Bug Fix
    • Release Notes Summary:
      When puppet forks (e.g. for a daemonized agent) it could leak file descriptors (with an fd > 255). It could also be slow. Both of those are addressed by this change.

      Description

      The way we are forking (on POSIX) could possibly leak File Descriptors (when fileno>= 256). Moreover it's really slow...

      3.upto(256){|fd| IO::new(fd).close rescue nil}
      

      I've fixed it by listing files in "/proc/self/fd", falling back to the original method if it raises a Errno::ENOENT.

      And it's much faster ! I see better performances in Package ressources (lot's of rpm -q in EL).

      # ./close_fd.rb 
             user     system      total        real
      /proc/self/fd  0.040000   0.290000   3.320000 (  3.631934)
      Ugly for loop  0.070000   0.540000   9.370000 (  9.425917)
      

      Would be nice if it can be in 3.8.2.

        Attachments

          Issue Links

            Activity

              jsd-sla-details-panel

                People

                • Assignee:
                  qa qa
                  Reporter:
                  aimnor Romain Fihue
                  QA Contact:
                  Eric Thompson
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Zendesk Support