Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Prevent the Phusion Passenger temp dir from being deleted by /tmp cle…

…aners. Fixes issue #365.
  • Loading branch information...
commit 5372bdb3e99c03616fcb070655560fe8285ac268 1 parent 3fe8cc4
@FooBarWidget FooBarWidget authored
Showing with 36 additions and 0 deletions.
  1. +6 −0 NEWS
  2. +30 −0 ext/common/Utils.cpp
View
6 NEWS
@@ -2,6 +2,12 @@ Release 2.2.6
-------------
* Fixed a compilation problem on Solaris. Issue #369.
+ * Some /tmp cleaner programs such as tmpwatch try to remove subdirectories
+ in /tmp/passenger.xxx after a while because they think those
+ subdirectories are unused. This could cause Phusion Passenger to
+ malfunction, requiring a web server restart. Measures have now been
+ taken to prevent those tmp cleaner programs from removing anything
+ in /tmp/passenger.xxx. Issue #365.
Release 2.2.5
View
30 ext/common/Utils.cpp
@@ -348,6 +348,31 @@ setPassengerTempDir(const string &dir) {
passengerTempDir = dir;
}
+/* Creates a non-writable FIFO file in order to prevent /tmp cleaners from removing
+ * passenger temp dir subdirectories. See http://code.google.com/p/phusion-passenger/issues/detail?id=365
+ * for details.
+ */
+static void
+createNonWritableFifo(const string &filename) {
+ int ret, e;
+
+ do {
+ ret = mkfifo(filename.c_str(), 0);
+ } while (ret == -1 && errno == EINTR);
+ if (ret == -1 && errno != EEXIST) {
+ e = errno;
+ throw FileSystemException("Cannot create FIFO file " + filename, e, filename);
+ }
+
+ do {
+ ret = chmod(filename.c_str(), 0);
+ } while (ret == -1 && errno == EINTR);
+ if (ret == -1) {
+ e = errno;
+ throw FileSystemException("Cannot set permissions on file " + filename, e, filename);
+ }
+}
+
void
createPassengerTempDir(const string &parentDir, bool userSwitching,
const string &lowestUser, uid_t workerUid, gid_t workerGid) {
@@ -364,6 +389,7 @@ createPassengerTempDir(const string &parentDir, bool userSwitching,
* whether a user may access that specific subdirectory.
*/
makeDirTree(tmpDir, "u=wxs,g=x,o=x");
+ createNonWritableFifo(tmpDir + "/.guard");
/* We want this upload buffer directory to be only accessible by the web server's
* worker processs.
@@ -377,6 +403,7 @@ createPassengerTempDir(const string &parentDir, bool userSwitching,
} else {
makeDirTree(tmpDir + "/webserver_private", "u=wxs,g=,o=");
}
+ createNonWritableFifo(tmpDir + "/webserver_private/.guard");
/* If the web server is running as root (i.e. user switching is possible to begin with)
* but user switching is off...
@@ -393,6 +420,7 @@ createPassengerTempDir(const string &parentDir, bool userSwitching,
*/
makeDirTree(tmpDir + "/info", "u=rwxs,g=,o=");
}
+ createNonWritableFifo(tmpDir + "/info/.guard");
if (geteuid() == 0) {
if (userSwitching) {
@@ -403,6 +431,7 @@ createPassengerTempDir(const string &parentDir, bool userSwitching,
} else {
makeDirTree(tmpDir + "/master", "u=wxs,g=,o=");
}
+ createNonWritableFifo(tmpDir + "/master/.guard");
if (geteuid() == 0) {
if (userSwitching) {
@@ -436,6 +465,7 @@ createPassengerTempDir(const string &parentDir, bool userSwitching,
*/
makeDirTree(tmpDir + "/backends", "u=wxs,g=,o=");
}
+ createNonWritableFifo(tmpDir + "/backends/.guard");
}
void
Please sign in to comment.
Something went wrong with that request. Please try again.