[Mimedefang] Tracking down file descriptors
Kelson
kelson at speed.net
Fri Nov 12 19:06:08 EST 2004
David F. Skoll wrote:
> On Thu, 11 Nov 2004, Kelson wrote:
>
>>I've searched through my filter, and every single open call is inside a
>>function. Despite this, I still get the "Something in your Perl filter
>>appears to have opened a file descriptor outside of any function"
>>warning in my logs.
>
> Are you running Solaris, by any chance? I've seen this on a Solaris
> machine. Something opens a file called /var/run/name_service_door and
> seems to leave it open. It's probably something deep in the guts of
> Sun's C library. It seems to be harmless, though.
>
> If you're *not* running Solaris, then I'm at a loss.
Unfortunately, no. It's a Red Hat 7.3 system with post-EOL updates
through Fedora Legacy. We have an RH9 system set up to mirror the same
mail config, and it does the same thing.
I tried replacing the filter on the backup with
mimedefang-filter.example, to see what would happen. It still logged
the error. So I don't think it's my filter anymore.
I decided to attack it from the other end, and found something
interesting: I ran lsof, looking for files opened by the defang user,
and once I filtered out all the /lib/ and /bin/ results, what remained
were the MD socket, some pipes, connections to /dev/null.... and a TCP
connection to the local LDAP port. The filter doesn't use any LDAP
features, but we authenticate against LDAP. Something I hadn't realized
is that every process on the system that has to deal with user accounts
keeps an LDAP connection open. I would expect this to be opened before
the perl, though.
So next I need to find a machine running few enough services that I can
mess with the auth settings and see whether I can reliably trigger/avoid
the warning by changing them. And time to mess around with it.
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
More information about the MIMEDefang
mailing list