net: UnixListener unlinks socket files inherited via socket activation #11826
Labels
Milestone
Comments
|
This can be triggered without docker, systemd, etc by e.g. passing an FD of a listening unix domain socket to multiple children, each child using |
mischief
pushed a commit
to mischief/coreos-overlay
that referenced
this issue
Jul 22, 2015
without PartOf=docker.service, the docker socket gets permanently unlinked when docker is restarted, resulting in a running docker daemon but inability to contact it. see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and golang/go#11826 for more details.
mischief
pushed a commit
to mischief/coreos-overlay
that referenced
this issue
Jul 22, 2015
without PartOf=docker.service, the docker socket gets permanently unlinked when docker is restarted, resulting in a running docker daemon but inability to contact it. see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and golang/go#11826 for more details.
mischief
pushed a commit
to mischief/coreos-overlay
that referenced
this issue
Jul 22, 2015
without PartOf=docker.service, the docker socket gets permanently unlinked when docker is restarted, resulting in a running docker daemon but inability to contact it. see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and golang/go#11826 for more details.
mischief
pushed a commit
to mischief/coreos-overlay
that referenced
this issue
Jul 22, 2015
without PartOf=docker.service, the docker socket gets permanently unlinked when docker is restarted, resulting in a running docker daemon but inability to contact it. see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and golang/go#11826 for more details.
ianlancetaylor
changed the title
|
CL https://golang.org/cl/17458 mentions this issue. |
|
CL https://golang.org/cl/17725 mentions this issue. |
rsc
added a commit
that referenced
this issue
Dec 14, 2015
I thought that we avoided creating on-disk Unix sockets, but I was mistaken. Use one to test CL 17458. Fixes #11826. Change-Id: Iaa1fb007b95fa6be48200586522a6d4789ecd346 Reviewed-on: https://go-review.googlesource.com/17725 Run-TryBot: Brad Fitzpatrick <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> TryBot-Result: Gobot Gobot <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
docker can use systemd for socket activation. docker creates a net.UnixListener using net.FileListener on the inherited fd. naturally, upon shutdown, docker calls Close on the net.Listener.
in unixsock_posix.go, Close calls syscall.Unlink on the file name that was found via getsockname. this code has been there since at least 2011.
the result of this is that upon the socket-activated service (docker) restarting, the service will reconnect to the inherited file descriptor, but clients of that socket will no longer be able to reach it because the socket file in the filesystem is gone, and never recreated.
this seems to have been worked around in docker in moby/moby@053c355, but this affects any socket-activated go program that 'properly' Closes it's UnixListeners.
if the UnixListener was not responsible for creating the socket file, it should not unlink the socket file on Close.
The text was updated successfully, but these errors were encountered: