[Zope-dev] WebDAV File Descriptor Leak
Hello, We've run into a problem where we get messages like this in our Zope logs: 2003-05-23T18:56:08 PROBLEM(100) ZServer Server accept() threw an exception we occasionally get a lot of these and then restart Zope on the ZEO Client and everything is okay. After a little more investigation we found that these occur when we run out of File Descriptors. So, why are we running out of file descriptors??? Tracked it down to this: each time a WebDAV client connects to zope cluster a temporary file is created. lsof shows the following: python19005 httpd 1016u REG0,9 227 15857725 [EMAIL PROTECTED] (deleted) python19005 httpd 1017u REG0,9 227 15857727 [EMAIL PROTECTED] (deleted) python19005 httpd 1018u REG0,9 227 15857732 [EMAIL PROTECTED] (deleted) python19005 httpd 1019u REG0,9 227 15857738 [EMAIL PROTECTED] (deleted) python19005 httpd 1020u REG0,9 227 15857740 [EMAIL PROTECTED] (deleted) python19005 httpd 1021u REG0,9 227 15857743 [EMAIL PROTECTED] (deleted) python19005 httpd 1022u REG0,9 227 15857745 [EMAIL PROTECTED] (deleted) python19005 httpd 1023u REG0,9 227 15857886 [EMAIL PROTECTED] (deleted) they are all roughly the same size. There seems to be a file descriptor leak. Is this a known problem? We are running Zope 2.5.1 right now. Any ideas? Thanks, -Brian ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] WebDAV File Descriptor Leak
Can you reproduce the behaviour with 2.6.2? -aj --On Dienstag, 27. Mai 2003 11:07 Uhr -0500 Brian Brinegar [EMAIL PROTECTED] wrote: Hello, We've run into a problem where we get messages like this in our Zope logs: 2003-05-23T18:56:08 PROBLEM(100) ZServer Server accept() threw an exception we occasionally get a lot of these and then restart Zope on the ZEO Client and everything is okay. After a little more investigation we found that these occur when we run out of File Descriptors. So, why are we running out of file descriptors??? Tracked it down to this: each time a WebDAV client connects to zope cluster a temporary file is created. lsof shows the following: python19005 httpd 1016u REG0,9 227 15857725 [EMAIL PROTECTED] (deleted) python19005 httpd 1017u REG 0,9 227 15857727 [EMAIL PROTECTED] (deleted) python19005 httpd 1018u REG0,9 227 15857732 [EMAIL PROTECTED] (deleted) python19005 httpd 1019u REG0,9 227 15857738 [EMAIL PROTECTED] (deleted) python19005 httpd 1020u REG 0,9 227 15857740 [EMAIL PROTECTED] (deleted) python19005 httpd 1021u REG0,9 227 15857743 [EMAIL PROTECTED] (deleted) python19005 httpd 1022u REG0,9 227 15857745 [EMAIL PROTECTED] (deleted) python19005 httpd 1023u REG 0,9 227 15857886 [EMAIL PROTECTED] (deleted) they are all roughly the same size. There seems to be a file descriptor leak. Is this a known problem? We are running Zope 2.5.1 right now. Any ideas? Thanks, -Brian ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] WebDAV File Descriptor Leak
Don't have a 2.6.2 setup right now. It will take it a while for us to get a system running Zope 2.6.2 up. Though we are planning to migrate to Zope 2.6.2 in early July. Are there changes in Zope 2.6.2 that would effect this? -Brian Andreas Jung wrote: Can you reproduce the behaviour with 2.6.2? -aj --On Dienstag, 27. Mai 2003 11:07 Uhr -0500 Brian Brinegar [EMAIL PROTECTED] wrote: Hello, We've run into a problem where we get messages like this in our Zope logs: 2003-05-23T18:56:08 PROBLEM(100) ZServer Server accept() threw an exception we occasionally get a lot of these and then restart Zope on the ZEO Client and everything is okay. After a little more investigation we found that these occur when we run out of File Descriptors. So, why are we running out of file descriptors??? Tracked it down to this: each time a WebDAV client connects to zope cluster a temporary file is created. lsof shows the following: python19005 httpd 1016u REG0,9 227 15857725 [EMAIL PROTECTED] (deleted) python19005 httpd 1017u REG 0,9 227 15857727 [EMAIL PROTECTED] (deleted) python19005 httpd 1018u REG0,9 227 15857732 [EMAIL PROTECTED] (deleted) python19005 httpd 1019u REG0,9 227 15857738 [EMAIL PROTECTED] (deleted) python19005 httpd 1020u REG 0,9 227 15857740 [EMAIL PROTECTED] (deleted) python19005 httpd 1021u REG0,9 227 15857743 [EMAIL PROTECTED] (deleted) python19005 httpd 1022u REG0,9 227 15857745 [EMAIL PROTECTED] (deleted) python19005 httpd 1023u REG 0,9 227 15857886 [EMAIL PROTECTED] (deleted) they are all roughly the same size. There seems to be a file descriptor leak. Is this a known problem? We are running Zope 2.5.1 right now. Any ideas? Thanks, -Brian ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] WebDAV File Descriptor Leak
--On Dienstag, 27. Mai 2003 11:26 Uhr -0500 Brian Brinegar [EMAIL PROTECTED] wrote: Don't have a 2.6.2 setup right now. It will take it a while for us to get a system running Zope 2.6.2 up. Though we are planning to migrate to Zope 2.6.2 in early July. Are there changes in Zope 2.6.2 that would effect this? No idea but there have been a bunch of changes so it might be fixed. I do not want to spent too much time for bug hunting in older versions. -aj ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] ZEO install/runtime issues
[Please followup to zodb-dev.] Richard, You made some changes to the mkzeoinst.py script in April. I was busy then, and I've just had a chance to look at the changes now. I'd like to discuss some of the changes, and I'm including a wider discussion list to make sure we include anyone else who is interested. A number of the changes are Zope specific. (For example, you can't even run mkzeoinst.py without having a directory named Zope hanging off of sys.path.) ZEO and ZODB are intended for use separately from the rest of Zope, so we need to find a way to factor this out into a generic configuration and a Zope-specific configuration. One other requirement for ZEO is that it work with Zope 2.6. I expect there will be a ZODB 3.2 release long before there is a Zope 2.7 release. So we can't depend on any Zope 2.7 features in mkzeoinst.py. The other question I have is about the organization of software into a Zope home and an instance home. I'm not sure what the history of this arrangement is, but I recommend that people do not configure their ZEO servers to share software with their Zope app servers. It can cause fairly severe problems! The problem with sharing software is that the ZEO server can load arbitrary modules when it attempts to perform conflict resolution. If there is a conflict for an instance of class A.B.C, then ZEO will load A.B.C and see if it has an _p_resolveConflict() method. If the modules A or B have any side-effects at import time, then those side-effects will occur in the ZEO server. I've seen this method lookup cause all of CMF to get imported and try to initialize itself. This ended up brining down the ZEO server. A safer way to run a ZEO server is to have an isolated copy of the software that only contains software for objects that need to perform conflict resolution. In practice, many sites only need conflict resolution for BTrees. So none of the other Zope or product code needs to be accessible to the ZEO server. Do you have any ideas about how to support the features you need given the requirements I've suggested here? Do those requirements make sense? Jeremy ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] WebDAV File Descriptor Leak
Andreas, Rather than waiting to setup a new ZEO to test this out I decided to poke around at the linux releases that are available. I was able to reproduce our problem using the 2.5.1 release as well as the 2.6.0 release. It appears to be fixed in the 2.6.2b1 release. Until we are able to move to 2.6.2 I will work on a way of monitoring this on or production server. Thank you, Brian Brinegar ECN Web Systems Developer Purdue University Andreas Jung wrote: --On Dienstag, 27. Mai 2003 11:26 Uhr -0500 Brian Brinegar [EMAIL PROTECTED] wrote: Don't have a 2.6.2 setup right now. It will take it a while for us to get a system running Zope 2.6.2 up. Though we are planning to migrate to Zope 2.6.2 in early July. Are there changes in Zope 2.6.2 that would effect this? No idea but there have been a bunch of changes so it might be fixed. I do not want to spent too much time for bug hunting in older versions. -aj ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] App.Permission security hole
Tooling through restructuring of my site I discovered a stupid
permissions problem. While App.Permission declares the 'Define
permission' perm it never gets initialized and thus
manage_addPermission{,Form} basically had weakened security. The
permission 'Access contents information' was still protecting the
method, but thats not adequate--that permission was never intented
(afaik) to represent write access to the zodb. By default, as the
'Access contents information' permission is granted to the Anonymous
user, anybody could fire off a request to
http://victimhost/Control_Panel/Products/x/manage_addPermission?id=footitle=bar
where 'x' is some installed product (hey, why not use the HelpSys vuln
to find one that fits your fancy!) to add a permission object to
Product x. Anonymous users being allowed to bloat the zodb at the
least, possibly other issues at the worst (I don't know, I don't use
the ZClass machinery).
A quick refactor of App/Permission.py may be found at
http://audible.transient.net/zope/Permission.py which protects the
methods in question, however I have a hunch there may be more broken
here than this permission alone.
Testimonies on #zope indicate this affects 2.6.x as well as CVS, I
don't know how far back the bug goes (only due to sheer lazyness).
Collector report will be filed shortly, expect it to be hidden.
Workarounds: use the above Permission.py, or remove 'Access contents
information' from the Control_Panel/Products folder (and possibly
others)
--
Jamie Heilman http://audible.transient.net/~jamie/
It's almost impossible to overestimate the unimportance of most things.
-John Logue
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] WebDAV File Descriptor Leak
Brian Brinegar wrote: Though we are planning to migrate to Zope 2.6.2 in early July. Are there changes in Zope 2.6.2 that would effect this? I seem to recall CVS commit messages to the effect. [EMAIL PROTECTED] (deleted) It should be noted, on a multiuser machine, /var/tmp is not a safe place to store Python 2.2.2 and earlier's insecure tempfile.py made files. Setting the TMPDIR variable for Zope to a directory which only the zope user may write to is recommended to avoid a potential DoS vulnerability. My understanding is that this is finally addressed in python 2.3. -- Jamie Heilman http://audible.transient.net/~jamie/ We must be born with an intuition of mortality. Before we know the words for it, before we know there are words, out we come bloodied and squalling with the knowledge that for all the compasses in the world, there's only one direction, and time is its only measure. -Rosencrantz ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
