Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net: UnixListener unlinks socket files inherited via socket activation #11826

Closed
mischief opened this issue Jul 22, 2015 · 3 comments
Closed

net: UnixListener unlinks socket files inherited via socket activation #11826

mischief opened this issue Jul 22, 2015 · 3 comments
Labels
FrozenDueToAge
Milestone
Go1.6

Comments

@mischief
Copy link
Contributor

docker can use systemd for socket activation. docker creates a net.UnixListener using net.FileListener on the inherited fd. naturally, upon shutdown, docker calls Close on the net.Listener.

in unixsock_posix.go, Close calls syscall.Unlink on the file name that was found via getsockname. this code has been there since at least 2011.

the result of this is that upon the socket-activated service (docker) restarting, the service will reconnect to the inherited file descriptor, but clients of that socket will no longer be able to reach it because the socket file in the filesystem is gone, and never recreated.

this seems to have been worked around in docker in moby/moby@053c355, but this affects any socket-activated go program that 'properly' Closes it's UnixListeners.

if the UnixListener was not responsible for creating the socket file, it should not unlink the socket file on Close.
@tv42
Copy link

tv42 commented Jul 22, 2015

This can be triggered without docker, systemd, etc by e.g. passing an FD of a listening unix domain socket to multiple children, each child using net.FileListener and running its own Listen+Accept loop. When the first child exits, it'll also remove the socket file, preventing new client connections.

mischief pushed a commit to mischief/coreos-overlay that referenced this issue Jul 22, 2015
app-emulation/docker: sync systemd socket unit with upstream
5d662bd 
without PartOf=docker.service, the docker socket gets permanently
unlinked when docker is restarted, resulting in a running docker daemon
but inability to contact it.

see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and
 golang/go#11826 for more details.
mischief pushed a commit to mischief/coreos-overlay that referenced this issue Jul 22, 2015
app-emulation/docker: sync systemd socket unit with upstream
6f518d0 
without PartOf=docker.service, the docker socket gets permanently
unlinked when docker is restarted, resulting in a running docker daemon
but inability to contact it.

see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and
 golang/go#11826 for more details.
mischief pushed a commit to mischief/coreos-overlay that referenced this issue Jul 22, 2015
app-emulation/docker: sync systemd socket unit with upstream
ccdf0fe 
without PartOf=docker.service, the docker socket gets permanently
unlinked when docker is restarted, resulting in a running docker daemon
but inability to contact it.

see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and
 golang/go#11826 for more details.
mischief pushed a commit to mischief/coreos-overlay that referenced this issue Jul 22, 2015
app-emulation/docker: sync systemd socket unit with upstream
4c55649 
without PartOf=docker.service, the docker socket gets permanently
unlinked when docker is restarted, resulting in a running docker daemon
but inability to contact it.

see docker commit 053c3557b3198466ecfbe066fefdbab2a78771d5 and
 golang/go#11826 for more details.
@ianlancetaylor ianlancetaylor added this to the Go1.6 milestone Jul 22, 2015
@ianlancetaylor ianlancetaylor changed the title net.UnixListener unlinks socket files inherited via socket activation net: UnixListener unlinks socket files inherited via socket activation Jul 22, 2015
@gopherbot
Copy link

CL https://golang.org/cl/17458 mentions this issue.

@rsc rsc closed this as completed in a4fd325 Dec 11, 2015
@gopherbot
Copy link

CL https://golang.org/cl/17725 mentions this issue.

rsc added a commit that referenced this issue Dec 14, 2015
@rsc @bradfitz
net: add test for CL 17458
2190750 
I thought that we avoided creating on-disk Unix sockets,
but I was mistaken. Use one to test CL 17458.

Fixes #11826.

Change-Id: Iaa1fb007b95fa6be48200586522a6d4789ecd346
Reviewed-on: https://go-review.googlesource.com/17725
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
@golang golang locked and limited conversation to collaborators Dec 14, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
Go1.6
Development

No branches or pull requests
4 participants
@tv42 @mischief @ianlancetaylor @gopherbot