Skip Menu |

From: Ken Raeburn <raeburn@MIT.EDU>
To: krb5-bugs@MIT.EDU
Subject: mmap for kdb update log
Date: Wed, 21 Jan 2009 12:26:04 -0500
Just noting for the future: We should be more paranoid about the
handling of the KDB update log file. The use of mmap makes me a bit
nervous -- what if the page isn't there and can't be allocated?

I did change the update log creation not to create sparse files on
some operating systems. However, I think it may be possible in the
current code for the file setup to fail if the file system is full at
setup time, but leave the file in a state where a later invocation
might assume it to be ready to use.

Granted, if your KDC's disk fills, you've got other things to worry
about, but we don't need the KDC crashing and leaving incomplete files
around to add to it. A clean exit, and more importantly leaving the
update log file in a state where the next invocation will still
recognize the need to allocate storage, would be an improvement.
Using fread instead of mmap would help us trap the errors at run time
instead of crashing, too, if some case gets missed.

(Alternatively: If we don't use mmap, we could forego the initial file
setup and just allocate the space as we need it.)