Re: pam application doesn't release sockets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Thank you for your response, Pavel !
Sockets? Most of those open descriptors are *pipes*.
That's right. There is a socket and few pipes open for each authentication attempt.
What have you got in your /etc/pam.d/check_user?
Those two (significant) lines? Anything else?
Actually, the file contains
auth include system-auth
account include system-auth

And there is /etc/pam.d/system-auth (default in fedora 13) :
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required
auth sufficient
auth sufficient nullok try_first_pass
auth requisite uid >= 500 quiet
auth required

account required
account sufficient
account sufficient uid < 500 quiet
account required

password requisite try_first_pass retry=3 type=
password sufficient sha512 shadow nullok try_first_pass use_authtok
password required

session optional revoke
session required
session optional
session [success=1 default=ignore] service in crond quiet use_uid
session required

I filled /etc/pam.d/check_user as it described in source comments and now the program works much more better! There is no any open sockets, pipes or other unwanted descriptors.
So I have another question:
How to properly configure pam authentication for a program in the same way as in a system? Regardless of whether it is pam_ldap or pam_unix.
Find out what opens those descriptors. Run your progrem under strace.
Run it under gdb and set a breakpoint at pipe() (or socket()?)
I'm not very experienced in linux programming, so I'll try to do this later.
Another challenge I'll try to solve is find the cause of memory leak (valgrind --leak-check=full):
==20782== HEAP SUMMARY:
==20782== in use at exit: 34 bytes in 2 blocks
==20782== total heap usage: 20,170 allocs, 20,168 frees, 7,355,050 bytes allocated
==20782== 34 bytes in 2 blocks are definitely lost in loss record 1 of 1
==20782== at 0x4005BDC: malloc (vg_replace_malloc.c:195)
==20782== by 0xA8107E: local_strdup (in /lib/
==20782== by 0xA842CB: _dl_map_object (in /lib/
==20782== by 0xA8EE5D: dl_open_worker (in /lib/
==20782== by 0xA8A975: _dl_catch_error (in /lib/
==20782== by 0xA8E945: _dl_open (in /lib/
==20782== by 0xC57C3A: dlopen_doit (in /lib/
==20782== by 0xA8A975: _dl_catch_error (in /lib/
==20782== by 0xC5803B: _dlerror_run (in /lib/
==20782== by 0xC57B70: dlopen@@GLIBC_2.1 (in /lib/
==20782== by 0x712143C: ??? (in /lib/
==20782== by 0x712255F: NSSLOW_Init (in /lib/
==20782== LEAK SUMMARY:
==20782== definitely lost: 34 bytes in 2 blocks
==20782== indirectly lost: 0 bytes in 0 blocks
==20782== possibly lost: 0 bytes in 0 blocks
==20782== still reachable: 0 bytes in 0 blocks
==20782== suppressed: 0 bytes in 0 blocks

Best regards, Evgeny Tarasov

Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux