Re: [musl] syslog does not detect a closed file descriptor

[Rich Felker <dalias@libc.org>]

On Thu, Sep 26, 2024 at 06:42:20PM +0200, Markus Wichmann wrote:
> Am Thu, Sep 26, 2024 at 09:08:59AM +0000 schrieb Jef STEELANT (EXT):
> > The syslog implementation does not detect if the file descriptor of
> > /dev/log is closed, and keeps on logging to an invalid fd.
> > This happens for instance when using lxc with musl libc ( see issue
> > https://github.com/lxc/lxc/issues/4485). LXC will at a certain point
> > close the fd of /dev/log, in the assumption that a next call to syslog
> > will detect an EBADF when writing data, and that the log will be
> > reopened. glibc does this, but musl does not. It would be better if
> > syslog would either stop logging to the invalid fd, or reopen the log
> > when s send returns EBADF.
> 
> This is why you do not close FDs you do not own. The application does
> not own the socket FD for the syslog; it belongs to libc. And the
> application can portably request the FD be closed by calling closelog().
> And it should, because that will restore the initial state in that file,
> and cause the log to be opened again.
> 
> Using EBADF for anything is a bad idea in the lib, since the lib must
> work with multiple threads, and in a multi-threaded process EBADF means
> "you could have sent this data to the wrong FD". I think the simplest
> solution is for lxc to just call closelog() before closing the other
> FDs.

Yes, if you close or replace any fds belonging to the implementation
behind its back, very bad things can happen. This is an application
bug. Any attempt to mitigate it by catching EBADF here would only bury
the bug, making it so you detect it only on fairly rare race
conditions rather than always seeing it (and thereby realizing it
needs to be fixed and fixing it).