From d28385a684903b09f6587e55cb872face58c2b60 Mon Sep 17 00:00:00 2001 From: picca Date: Fri, 25 Mar 2016 14:25:19 +0000 Subject: --- ...ock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket.mdwn | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket.mdwn (limited to 'doc') diff --git a/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket.mdwn b/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket.mdwn new file mode 100644 index 00000000..b1a113ff --- /dev/null +++ b/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket.mdwn @@ -0,0 +1,7 @@ +Hello, + +when I try to run propellor, I get this error message. + + unix_listener: "/home/experiences/instrumentation/picca/.ssh/propellor/diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I" too long for Unix domain socket + [2016-03-25 15:20:44 CET] process done ExitFailure 255 + propellor: user error (ssh ["-o","ControlPath=/home/experiences/instrumentation/picca/.ssh/propellor/diffabs6.exp.synchrotron-soleil.fr.sock","-o","ControlMaster=auto","-o","ControlPersist=yes","root@diffabs6.exp.synchrotron-soleil.fr","sh -c 'if [ ! -d /usr/local/propellor/.git ] ; then (if ! git --version >/dev/null; then apt-get update && DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends --no-upgrade -y install git; fi && echo STATUSNeedGitClone) || echo STATUSNeedPrecompiled ; else cd /usr/local/propellor && if ! cabal configure >/dev/null 2>&1; then ( apt-get update ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install gnupg ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install ghc ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install cabal-install ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-async-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-missingh-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-hslogger-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-unix-compat-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-ansi-terminal-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-ifelse-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-network-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-mtl-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-transformers-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-exceptions-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-stm-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install libghc-text-dev ; DEBIAN_FRONTEND=noninteractive apt-get --no-upgrade --no-install-recommends -y install make ; cabal update ; cabal install --only-dependencies ) || true; fi&& if ! test -x ./propellor; then cabal configure && cabal build && ln -sf dist/build/propellor-config/propellor-config propellor; fi;if test -x ./propellor && ! ./propellor --check 2>/dev/null; then cabal clean && cabal configure && cabal build && ln -sf dist/build/propellor-config/propellor-config propellor; fi && ./propellor --boot diffabs6.exp.synchrotron-soleil.fr ; fi'"] exited 255) -- cgit v1.3-2-g0d8e From 9c97ec26003581b1b1238b3921b43ba9baaaa80f Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 25 Mar 2016 17:24:54 -0400 Subject: Avoid generating excessively long paths to the unix socket file used for ssh connection caching. Mostly. Can still generate a too long one if $HOME is longer than 60 bytes. --- debian/changelog | 8 +++++ ...ent_1_9d72cfc76d5ef15de5de54be2567a23e._comment | 33 +++++++++++++++++ src/Propellor/Ssh.hs | 41 ++++++++++++++++++++-- 3 files changed, 79 insertions(+), 3 deletions(-) create mode 100644 doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_1_9d72cfc76d5ef15de5de54be2567a23e._comment (limited to 'doc') diff --git a/debian/changelog b/debian/changelog index 2c2b2ea7..86add5db 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +propellor (2.17.1) UNRELEASED; urgency=medium + + * Avoid generating excessively long paths to the unix socket file + used for ssh connection caching. Mostly. Can still generate a too long + one if $HOME is longer than 60 bytes. + + -- Joey Hess Fri, 25 Mar 2016 17:23:25 -0400 + propellor (2.17.0) unstable; urgency=medium * Added initial support for FreeBSD. diff --git a/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_1_9d72cfc76d5ef15de5de54be2567a23e._comment b/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_1_9d72cfc76d5ef15de5de54be2567a23e._comment new file mode 100644 index 00000000..642eae7b --- /dev/null +++ b/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_1_9d72cfc76d5ef15de5de54be2567a23e._comment @@ -0,0 +1,33 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2016-03-25T20:39:29Z" + content=""" +What's going on here is propellor has asked ssh to use that as a socket, +but unix has a hoary old limit on the length of filenames to unix domain +sockets -- something around 100 characters max depending on the OS (108 on +linux I believe). + +40 characters of that budget is used up by the somewhat long HOME path, 17 +characters are tacked on by ssh (for no really good reason given the +limited budget). This leaves propellor 57 characters to make a unique +socket name that's not too ugly, but it decided to put the whole hostname +in there, which blows past the budget in this case. + +So, I have changed the code to try to respect the budget while still coming +up with the best filename it can. + +So in your case the new path will be something like +"/home/experiences/instrumentation/picca/.ssh/propellor/diffabs6.e-44ecb7d0.j3awdJtqk5r3HB1I" +-- 91 bytes, so under the limit. + +If someone has HOME set to something longer than ~60 characters, +propellor will still break. Since the socket file has to be at a +stable location, and so more or less needs to live under HOME, it's hard to +avoid the problem entirely. + +I did consider moving the sockets to /tmp to avoid HOME length causing a +problem, but then other users on the system could DOS propellor by creating +the directory in /tmp, which would at best make it fall back to not using +the ssh socket and so asking repeatedly for passwords. +"""]] diff --git a/src/Propellor/Ssh.hs b/src/Propellor/Ssh.hs index b00eb651..3e4806ea 100644 --- a/src/Propellor/Ssh.hs +++ b/src/Propellor/Ssh.hs @@ -2,9 +2,11 @@ module Propellor.Ssh where import Propellor.Base import Utility.UserInfo +import Utility.FileSystemEncoding import System.PosixCompat import Data.Time.Clock.POSIX +import qualified Data.Hash.MD5 as MD5 -- Parameters can be passed to both ssh and scp, to enable a ssh connection -- caching socket. @@ -16,9 +18,8 @@ import Data.Time.Clock.POSIX sshCachingParams :: HostName -> IO [CommandParam] sshCachingParams hn = do home <- myHomeDir - let cachedir = home ".ssh" "propellor" - createDirectoryIfMissing False cachedir - let socketfile = cachedir hn ++ ".sock" + let socketfile = socketFile home hn + createDirectoryIfMissing False (takeDirectory socketfile) let ps = [ Param "-o" , Param ("ControlPath=" ++ socketfile) @@ -42,3 +43,37 @@ sshCachingParams hn = do [ Param "localhost" ] nukeFile f tenminutes = 600 + +-- Generate a socket filename inside the home directory. +-- +-- There's a limit in the size of unix domain sockets, of approximately +-- 100 bytes. Try to never construct a filename longer than that. +-- +-- When space allows, include the full hostname in the socket filename. +-- Otherwise, include at least a partial md5sum of it, +-- to avoid using the same socket file for multiple hosts. +socketFile :: FilePath -> HostName -> FilePath +socketFile home hn = selectSocketFile + [ sshdir hn ++ ".sock" + , sshdir hn + , sshdir take 10 hn ++ "-" ++ md5 + , sshdir md5 + , home ".propellor-" ++ md5 + ] + (".propellor-" ++ md5) + where + sshdir = home ".ssh" "propellor" + md5 = take 9 $ MD5.md5s $ MD5.Str hn + +selectSocketFile :: [FilePath] -> FilePath -> FilePath +selectSocketFile [] fallback = fallback +selectSocketFile [f] _ = f +selectSocketFile (f:fs) fallback + | valid_unix_socket_path f = f + | otherwise = selectSocketFile fs fallback + +valid_unix_socket_path :: FilePath -> Bool +valid_unix_socket_path f = length (decodeW8 f) < 100 - reservedbyssh + where + -- ssh tacks on 17 or so characters when making a socket + reservedbyssh = 18 -- cgit v1.3-2-g0d8e From f019971de441c5530279b00a6ef4aad991cb3222 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 25 Mar 2016 17:31:03 -0400 Subject: comment --- .../comment_2_28706044d9cc744148c6744577afd261._comment | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_2_28706044d9cc744148c6744577afd261._comment (limited to 'doc') diff --git a/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_2_28706044d9cc744148c6744577afd261._comment b/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_2_28706044d9cc744148c6744577afd261._comment new file mode 100644 index 00000000..2423a91e --- /dev/null +++ b/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_2_28706044d9cc744148c6744577afd261._comment @@ -0,0 +1,12 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 2""" + date="2016-03-25T21:26:20Z" + content=""" +If someone wants to improve this more later, it would suffice to make +`sshCachingParams` fall back to using a temp file in /tmp for the socket +when HOME is too long, as long as repeated calls to `sshCachingParams` +inside the same propellor process returned the same temp file each time +(for a given HostName). Of course, the temp files would need to be cleaned +up when propellor exists. +"""]] -- cgit v1.3-2-g0d8e