Description
Describe the bug
Keepalived fails to resolve script group names when group have large numbers of members.
The call to getgrnam_r()
in lib/notify.c
returns with errno
ERANGE
, indicating the provided buffer is not large enough.
To Reproduce
Have a group foogroup
in /etc/group
with many members, so that the list of all the names exceeds ~1024 bytes, the glibc default for sysconf(_SC_GETGR_R_SIZE_MAX)
on many systems. (This is just a glibc hard coded suggested default for the buffersize for the getgrnam_r()
call).
In the keepalived.conf
file global_defs
section set script_user baruser foogroup
. That will be enough for keepalived
to emit Unable to resolve default script group name ...
message, griping about the group name, even though it exists in the /etc/group
file.
Expected behavior
keepalived
allows setting script group to a group with a large number of member without error.
Keepalived version
Keepalived v2.1.5 (07/13,2020)
Distro (please complete the following information):
- Name: CentOS 7.6, AlmaLinux 8.8
- Architecture: x86_64
Did keepalived coredump?
No.
Additional context
The proper way to deal with getgrnam_r()
returning with an errno
of ERANGE
is to resize/reallocate the buffer to a larger buffer and try the call to getgrnam_r()
again.
See this blog post:
https://tomlee.co/2012/10/problems-with-large-linux-unix-groups-and-getgrgid_r-getgrnam_r/