[Csync2] Csync failing with xinetd, working in standalone mode

Hamish Currie hamish.currie at icemedia.com.au
Tue Jun 21 06:17:24 CEST 2016 

Hi,

I'm having a problem with csync2 failing if the server is being run via xinetd (csync2 -i), but is working in stand-alone mode (csync2 -ii).

This is only happening on a pair of RHEL7 servers . Its working fine on our centos7 servers.

I've provided information from my attempts to debug the problem below, Any suggestions you can provide would be appreciated.

thanks

Hamish

---

The csync software was compiled from the current latest release.
http://oss.linbit.com/csync2/csync2-2.0.tar.gz

xinetd is running
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root     54179  0.0  0.0  29304  1120 ?        Ss   13:24   0:00 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid

/etc/xinetd.d/csync2 contains:
service csync2
{
        disable = no
        protocol = tcp
        socket_type = stream
        wait = no
        user = root
        group = root
        server = /usr/local/sbin/csync2
        server_args = -i
        log_type = FILE /tmp/data_csync2.log
        log_on_failure  += USERID
}

When running the server in standalone mode, I run it as root.

I found this stack overflow question - but adding -l to the server_args did not solve the problem for me.
http://stackoverflow.com/questions/30235086/error-in-csync2-two-server-data-using-csync2-tools

I ran strace on the client side and diffed the 2 scenarios.
When connecting to the xinetd version of the server I get:
write(5, "CONFIG \n", 8)                = 8
read(5, 0x631f60, 512)                  = -1 ECONNRESET (Connection reset by peer)
write(2, "Config command failed.\n", 23) = 23

When connecting to the standalone server I get:
write(5, "CONFIG \n", 8)                = 8
read(5, "OK (cmd_finished).\n", 512)    = 19
lstat("/var/data/www/a.txt", {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
write(5, "HELLO wfe01\n", 15)        = 15
read(5, "OK (cmd_finished).\n", 512)    = 19

I did an strace on the server - when running standalone the config file is read almost immediately, but in xinetd mode the server fails before attempting to read the config file.

Standalone:
13:45:11.264501 set_robust_list(0x7fe910b70b20, 24) = 0
13:45:11.264739 rt_sigaction(SIGCHLD, {SIG_DFL, [CHLD], SA_RESTORER|SA_RESTART, 0x7fe90fe8f670}, {SIG_IGN, [CHLD], SA_RESTORER|SA_RESTART, 0x7fe90fe8f670}, 8) = 0
13:45:11.265032 dup2(5, 0)              = 0
13:45:11.265109 dup2(5, 1)              = 1
13:45:11.265162 close(5)                = 0
13:45:11.265229 setsockopt(1, SOL_TCP, TCP_NODELAY, [1], 4) = 0
13:45:11.265322 read(0, "CONFIG \n", 512) = 8
13:45:11.265517 open("/etc/csync2/csync2.cfg", O_RDONLY) = 5
13:45:11.266016 ioctl(5, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, 0x7fffbaef5650) = -1 ENOTTY (Inappropriate ioctl for device)
13:45:11.266160 fstat(5, {st_mode=S_IFREG|0644, st_size=178, ...}) = 0
13:45:11.266232 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe910b84000
13:45:11.266299 read(5, "# item: ignore\nnossl * *;\ngroup "..., 8192) = 178
13:45:11.266360 read(5, "", 4096)       = 0
13:45:11.266461 open("/etc/csync2/csync2.key", O_RDONLY) = 6
[snip...]

Xinetd:
13:43:30.696844 set_robust_list(0x7f08ab5f9ae0, 24) = 0
13:43:30.696954 rt_sigaction(SIGPIPE, {SIG_DFL, [PIPE], SA_RESTORER|SA_RESTART, 0x7f08aa4da670}, {SIG_IGN, [], SA_RESTORER, 0x7f08aa4da670}, 8) = 0
13:43:30.697032 rt_sigaction(SIGTSTP, {SIG_DFL, [TSTP], SA_RESTORER|SA_RESTART, 0x7f08aa4da670}, {SIG_IGN, [], SA_RESTORER, 0x7f08aa4da670}, 8) = 0
13:43:30.697070 rt_sigaction(SIGTTIN, {SIG_DFL, [TTIN], SA_RESTORER|SA_RESTART, 0x7f08aa4da670}, {SIG_IGN, [], SA_RESTORER, 0x7f08aa4da670}, 8) = 0
13:43:30.697102 rt_sigaction(SIGTTOU, {SIG_DFL, [TTOU], SA_RESTORER|SA_RESTART, 0x7f08aa4da670}, {SIG_IGN, [], SA_RESTORER, 0x7f08aa4da670}, 8) = 0
13:43:30.697142 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
13:43:30.697178 close(3)                = 0
13:43:30.697208 close(4)                = 0
13:43:30.697235 close(0)                = 0
13:43:30.697261 close(1)                = 0
13:43:30.697286 close(2)                = 0
13:43:30.697312 setgid(0)               = 0
13:43:30.697439 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 0
13:43:30.699488 fstat(0, {st_mode=S_IFREG|0644, st_size=1800, ...}) = 0
13:43:30.699597 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f08ab608000
13:43:30.699685 read(0, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 1800
13:43:30.699760 close(0)                = 0
13:43:30.699834 munmap(0x7f08ab608000, 4096) = 0
13:43:30.699935 open("/proc/sys/kernel/ngroups_max", O_RDONLY) = 0
13:43:30.700450 read(0, "65536\n", 31)  = 6
13:43:30.700518 close(0)                = 0
13:43:30.700630 open("/etc/group", O_RDONLY|O_CLOEXEC) = 0
13:43:30.700994 lseek(0, 0, SEEK_CUR)   = 0
13:43:30.701082 fstat(0, {st_mode=S_IFREG|0644, st_size=780, ...}) = 0
13:43:30.701148 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f08ab608000
13:43:30.701181 read(0, "root:x:0:\nbin:x:1:\ndaemon:x:2:\ns"..., 4096) = 780
13:43:30.701280 lseek(0, 0, SEEK_CUR)   = 780

[lseek command repeated many times - snip..]

13:43:30.704273 lseek(0, 0, SEEK_CUR)   = 780
13:43:30.704299 read(0, "", 4096)       = 0
13:43:30.704359 close(0)                = 0
13:43:30.704416 munmap(0x7f08ab608000, 4096) = 0
13:43:30.704579 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 0
13:43:30.705008 fstat(0, {st_mode=S_IFREG|0644, st_size=36329, ...}) = 0
13:43:30.705086 mmap(NULL, 36329, PROT_READ, MAP_PRIVATE, 0, 0) = 0x7f08ab600000
13:43:30.705151 close(0)                = 0
13:43:30.705226 open("/lib64/libnss_sss.so.2", O_RDONLY|O_CLOEXEC) = 0
13:43:30.705957 read(0, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\30\0\0\0\0\0\0"..., 832) = 832
13:43:30.706030 fstat(0, {st_mode=S_IFREG|0755, st_size=37328, ...}) = 0
13:43:30.706109 mmap(NULL, 2131056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = 0x7f08a95e0000
13:43:30.706176 mprotect(0x7f08a95e8000, 2093056, PROT_NONE) = 0
13:43:30.706242 mmap(0x7f08a97e7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 0, 0x7000) = 0x7f08a97e7000
13:43:30.706330 close(0)                = 0
13:43:30.706448 mprotect(0x7f08a97e7000, 4096, PROT_READ) = 0
13:43:30.706517 munmap(0x7f08ab600000, 36329) = 0
13:43:30.706666 futex(0x7f08a97e81e8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
13:43:30.706805 open("/var/lib/sss/mc/initgroups", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
13:43:30.707229 futex(0x7f08a97e8268, FUTEX_WAKE_PRIVATE, 2147483647) = 0
13:43:30.707294 open("/var/lib/sss/mc/initgroups", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
13:43:30.707369 fstat(-1, 0x7ffe90431e50) = -1 EBADF (Bad file descriptor)
13:43:30.707447 socket(PF_LOCAL, SOCK_STREAM, 0) = 0
13:43:30.708712 fcntl(0, F_DUPFD, 3)    = 3
13:43:30.708780 close(0)                = 0
13:43:30.708830 fcntl(3, F_GETFL)       = 0x2 (flags O_RDWR)
13:43:30.708881 fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
13:43:30.708931 fcntl(3, F_GETFD)       = 0
13:43:30.708979 fcntl(3, F_SETFD, FD_CLOEXEC) = 0
13:43:30.709033 connect(3, {sa_family=AF_LOCAL, sun_path="/var/lib/sss/pipes/nss"}, 110) = -1 ENOENT (No such file or directory)
13:43:30.709113 close(3)                = 0
13:43:30.709177 setgroups(1, [0])       = 0
13:43:30.709239 setuid(0)               = 0
13:43:30.709292 umask(02)               = 022
13:43:30.709441 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2197, ...}) = 0
13:43:30.709493 write(6, "16/6/21 at 13:43:30: FAIL: csync2 a"..., 56) = 56
13:43:30.709695 exit_group(0)           = ?
13:43:30.709888 +++ exited with 0 +++


SELinux is set to permissive.

# sestatus -v
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

Process contexts:
Current context:                unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Init context:                   system_u:system_r:init_t:s0
/usr/sbin/sshd                  system_u:system_r:sshd_t:s0-s0:c0.c1023

File contexts:
Controlling terminal:           unconfined_u:object_r:user_devpts_t:s0
/etc/passwd                     system_u:object_r:passwd_file_t:s0
/etc/shadow                     system_u:object_r:shadow_t:s0
/bin/bash                       system_u:object_r:shell_exec_t:s0
/bin/login                      system_u:object_r:login_exec_t:s0
/bin/sh                         system_u:object_r:bin_t:s0 -> system_u:object_r:shell_exec_t:s0
/sbin/agetty                    system_u:object_r:getty_exec_t:s0
/sbin/init                      system_u:object_r:bin_t:s0 -> system_u:object_r:init_exec_t:s0
/usr/sbin/sshd                  system_u:object_r:sshd_exec_t:s0
/lib/libc.so.6                  system_u:object_r:lib_t:s0 -> system_u:object_r:lib_t:s0
/lib/ld-linux.so.2              system_u:object_r:lib_t:s0 -> system_u:object_r:ld_so_t:s0


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linbit.com/pipermail/csync2/attachments/20160621/62d1bb4c/attachment-0001.htm>

More information about the Csync2 mailing list