rpc.lockd brokenness (2)

Miguel Lopes Santos Ramos miguel at anjos.strangled.net
Thu Mar 9 02:15:04 UTC 2006

> From: Kris Kennaway <kris at obsecurity.org>
> The bug is triggered because the file is locked in the parent
> (i.e. the daemon process, which creates the pidfile) but unlocked by
> the child after the fork (in this case, when the child is killed).  On
> the server, rpc.lockd compares the svid (=3D pid of process on the
> client that is doing the lock call) of the lock and unlock requests,
> notices they're different and assumes that the unlock request is
> coming from some random process on the client that didn't hold the
> lock in the first place.
> In reality, the file descriptor was passed from parent to child by the
> fork(), and the child does actually hold the lock.

Thank you. That is a very good explanation.

> Fixing this is probably hard (also: I can't see how this could have
> ever worked with pidfile locking in cron, since it always acquired the
> lock before forking, as now.  Perhaps something else about your
> configuration changed.).

Because the lock is somehow persisting through reboots, even though I 
stop nfslocking, remove /var/db/statd.status and restart it...

> Anyway, the workaround for you is probably not to use rpc.lockd on
> your NFS mounted /var (e.g. use mount_nfs -L).  Since you don't have
> multiple machines accessing this filesystem (which wouldn't work
> anyway, as noted before), you don't need it anyway.
> Kris

Oh yes, I must try that again. I had problems in the past with using the -L
option, gnome didn't run. Probably it was because it was a single / filesystem
mounted on boot and the option on fstab was ignored, I must try it again.


More information about the freebsd-stable mailing list