From 3e2bd2e30bcb183804e853b6cc611387c05712e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 14 Dec 2025 00:29:44 +0100 Subject: [PATCH] services: nscd: Cause PID 1 to drop nscd database mappings on shutdown. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Partly fixes guix/guix#4269. Fixes a bug whereby shepherd (PID 1) could retain memory mappings for /var/run/nscd/dbXXX, which are created by glibc’s NSS from database file descriptors sent by nscd. Those mappings could then prevent ‘root-file-system’ from re-mounting the root file system as read-write. This change causes PID 1 to drop these mappings. PID 1 typically calls libc database functions such as ‘getgr’ when dealing with AF_UNIX endpoints for socket-activated services, to look up the socket’s owner and group. This is where the bug would manifest. The regression may have been introduced by 85ac164c41fc4c93d3cb2a5d3321c63598c2855f, which caused nscd to handle the password and group databases. * gnu/services/base.scm (nscd-shepherd-service): In ‘stop’ procedure, call ‘getpw’, ‘getgr’, and ‘getaddrinfo’. * gnu/tests/base.scm (run-root-unmount-test) <"open libc NSS database">: New test. (%test-root-unmount): Add #:imported-modules. Change-Id: I197cc8c82165c631f857415898137412ce9bd439 Reported-by: Rutherther Signed-off-by: Ludovic Courtès Merges: #4828 --- gnu/services/base.scm | 16 +++++++++++++++- gnu/tests/base.scm | 17 ++++++++++++++++- 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/gnu/services/base.scm b/gnu/services/base.scm index c43f39fe320d85dae44dfcc77428c8b835b987a4..062364bf81f12c5bb4e12c2080a6780d67466cf7 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -1557,7 +1557,21 @@ the tty to run, among other things." (string-append dir "/lib")) (list #$@name-services)) ":"))))) - (stop #~(make-kill-destructor)) + (stop #~(let ((terminate (make-kill-destructor))) + (lambda (process) + (terminate process) + + ;; PID 1 might have mapped nscd database files via + ;; '__nscd_get_mapping'. Call the relevant libc + ;; functions (those with a corresponding GETFD* request + ;; type) to cause PID 1 to notice that those mappings + ;; are stale and to unmap them. Failure to do so would + ;; prevent the root file system from being remounted + ;; read-only when shutting down. + (false-if-exception (getpw "root")) + (false-if-exception (getgr "root")) + (false-if-exception (getaddrinfo "localhost" "http")) + #f))) (modules `((ice-9 popen) ;for the actions (ice-9 rdelim) (ice-9 match) diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index dc51880d8edaea7d8e01ce2a29142b38649651a7..86fa6374efc03a644c2c22b2abf0ac617522d8c2 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -827,6 +827,18 @@ in a loop. See .") ,witness-size)))))) marionette)) + ;; Cause PID 1 to create a mapping to nscd's database files. + ;; Those mappings used to prevent 'root-file-system' to remount + ;; read-only on shutdown. See + ;; . + (test-equal "open libc NSS database" + "root" + (marionette-eval '(begin + (use-modules (gnu services herd)) + (start-service 'nscd) ;wait for nscd + (eval-there '(passwd:name (getgr "root")))) + marionette)) + ;; Halt the system. (marionette-eval '(system* "/run/current-system/profile/sbin/halt") marionette) @@ -891,7 +903,10 @@ in a loop. See .") "Make sure the root file system is cleanly unmounted when the system is halted.") (value - (let ((os (marionette-operating-system %simple-os))) + (let ((os (marionette-operating-system + %simple-os + #:imported-modules '((gnu services herd) + (guix combinators))))) (run-root-unmount-test os)))))