thanks @setuid for reproducer bash script that I used in description ** Also affects: ebtables (Ubuntu Precise) Importance: Undecided Status: New
** Also affects: ebtables (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: ebtables (Ubuntu Artful) Importance: Undecided Status: New ** Also affects: ebtables (Ubuntu Cosmic) Importance: Medium Assignee: Dan Streetman (ddstreet) Status: In Progress ** Also affects: ebtables (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: ebtables (Ubuntu Xenial) Importance: Undecided Status: New ** No longer affects: ebtables (Ubuntu Precise) ** Also affects: ebtables (Ubuntu Precise) Importance: Undecided Status: New ** No longer affects: ebtables (Ubuntu Precise) ** Changed in: ebtables (Ubuntu Trusty) Status: New => In Progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1772456 Title: ebtables lock file fcntl errno value not correctly checked Status in ebtables package in Ubuntu: In Progress Status in ebtables source package in Trusty: In Progress Status in ebtables source package in Xenial: New Status in ebtables source package in Artful: New Status in ebtables source package in Bionic: New Status in ebtables source package in Cosmic: In Progress Bug description: [impact] bug 1645324 introduced code to improve the existing file-based locking, by using fcntl instead of exclusive file opening. However, when fcntl fails the new code tries to check for errno of EAGAIN or EACCES, but does so incorrectly: + ret = fcntl(lockfd, F_SETLK, &fl); + if (ret == -1 && errno != (EAGAIN || EACCES)) "errno != (EAGAIN || EACCES)" is not correct, because it will always evaluate to true when errno is either EAGAIN or EACCES; the bitwise OR of EAGAIN (11) and EACCES (13) produces 15 (ENOTBLK) which will never match either, so != always is true. [test case] run ebtables in a tight loop from two separate shells, to force lockfile contention, for example: #!/bin/bash dev="$1" while test 1; do sleep 0 ebtables --concurrent -t nat -A PREROUTING -i ${dev} -j ACCEPT if [ $? -ne 0 ]; then echo "odd!" fi ebtables --concurrent -t nat -D PREROUTING -i ${dev} -j ACCEPT if [ $? -ne 0 ]; then echo "odd!" fi done that can be run with any text param (e.g. "foo" and "bar") from 2 shells, to produce the failure: Unable to create lock file /var/lib/ebtables/lock. [regression potential] like the previous patch, this change also has the potential to introduce errors in file locking that ebtables uses; however considering the file locking currently does not work at all due to the above logic error, this patch should only help. The only regression potential is see is the possibility of breaking non-contended file locking, which currently does work. [other info] see previous bug 1645324 https://launchpad.net/bugs/1645324 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ebtables/+bug/1772456/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp