[Mimedefang] Tracking down file descriptors

[Kelson]

David F. Skoll wrote:
> On Thu, 11 Nov 2004, Kelson wrote:
> 
>>I've searched through my filter, and every single open call is inside a
>>function.  Despite this, I still get the "Something in your Perl filter
>>appears to have opened a file descriptor outside of any function"
>>warning in my logs.
> 
> Are you running Solaris, by any chance?  I've seen this on a Solaris
> machine.  Something opens a file called /var/run/name_service_door and
> seems to leave it open.  It's probably something deep in the guts of
> Sun's C library.  It seems to be harmless, though.
> 
> If you're *not* running Solaris, then I'm at a loss.

Unfortunately, no.  It's a Red Hat 7.3 system with post-EOL updates
through Fedora Legacy.  We have an RH9 system set up to mirror the same
mail config, and it does the same thing.

I tried replacing the filter on the backup with
mimedefang-filter.example, to see what would happen.  It still logged
the error.  So I don't think it's my filter anymore.

I decided to attack it from the other end, and found something
interesting:  I ran lsof, looking for files opened by the defang user,
and once I filtered out all the /lib/ and /bin/ results, what remained
were the MD socket, some pipes, connections to /dev/null.... and a TCP
connection to the local LDAP port.  The filter doesn't use any LDAP
features, but we authenticate against LDAP.  Something I hadn't realized
is that every process on the system that has to deal with user accounts
keeps an LDAP connection open.  I would expect this to be opened before 
the perl, though.

So next I need to find a machine running few enough services that I can 
mess with the auth settings and see whether I can reliably trigger/avoid 
the warning by changing them.  And time to mess around with it.

-- 
Kelson Vibber
SpeedGate Communications <www.speed.net>