Bug#466138: Is this LVM message actually useful?

Andras Korn korn-debbugs at elan.rulez.org
Wed Jul 8 14:37:09 UTC 2009 

On Wed, Jul 08, 2009 at 02:21:05PM +0100, Alasdair G Kergon wrote:

Hi,

> It's often an indication of a careless programming and can lead to
> security problems if a child process inherits access to a rogue file
> descriptor and can interfere with it.  The messages were added during a
> bug investigation to prove that LVM was not involved.
> 
> selinux with a strict policy now also detects this sort of bug.
> 
> They can be suppressed by setting the (deliberately-undocumented)
> environment variable LVM_SUPPRESS_FD_WARNINGS, but really, the source of
> the problem you're seeing should be addressed instead of ignoring the
> symptoms.

I don't agree; surely, following the above argumentation, each and every
program should go out of its way to close any inherited file descriptor it
didn't expect, and warn the user about them. Incidentally, this would make
chpst -l (which relies on obtaining a lock on a file and then passing this
filedescriptor on to its child, which it execs without a fork) useless.

In my case, I know where the stray FD is coming from: I'm invoking lvm
utilities from a zsh script that has a logging coprocess, and it does an
"exec >&p" early on so that all output of any programs invoked goes to the
coprocess instead of stdout. Child processes inherit a pipe to the
coprocess, but this isn't a problem that needs to be addressed; it has no
ill effects and certainly doesn't warrant an obnoxious warning I can only
turn off by relying on an undocumented feature.

I certainly agree that the warnings are a good debugging aid, but making
them unnecessarily hard to turn off is, in my opinion, contrary to the unix
philosophy, which entails letting the user shoot himself in the foot if he
wants, and not assuming that your program is necessarily smarter than the
person running it, or that the developer was able to anticipate all
circumstances his or her program might be run in. I think --quiet should get
rid of these warnings too; you should assume that anyone who goes out of
their way to specify --quiet really does want the utility to be quiet except
when critical errors occur. It's what --quiet should do, and what the
documentation implies --quiet does.

Anyway, thank you for the hint about LVM_SUPPRESS_FD_WARNINGS, and sorry
about the ranting.

Andras

-- 
 Andras Korn <korn at elan.rulez.org> - <http://chardonnay.math.bme.hu/~korn/>
        When in darkness or in doubt, run in circles, scream and shout.

More information about the pkg-lvm-maintainers mailing list