From: Amir Yalon <amiryal@yxejamir.net>
To: Christos Trochalakis <yatiohi@ideopolis.gr>, Eric Wong <e@80x24.org>
Cc: unicorn-public@bogomips.org
Subject: Re: Systemd socket inheritance fails with “not a socket file descriptor”
Date: Thu, 10 Mar 2016 11:48:15 +0200 [thread overview]
Message-ID: <1457603295.3001779.545065762.73AD820D@webmail.messagingengine.com> (raw)
In-Reply-To: <20160309140604.GB25830@luke.ws.skroutz.gr>
Christos Trochalakis wrote:
> Ok, this is my theory, systemd correctly passes the sockets and the
> environment to the process, but Amir is using rvm which probably runs
> one more exec than usual. In this extra step rvm/ruby closes the fds for
> security reasons but the ENV variables remain. In the newly forked ruby
> process the timer gets fd=3 (which is now consider internal) and when
> unicorn tries to example fd=3 breaks.
Very plausible!
I ran a few straces to confirm at least part of the theory, and it turns
out RVM runs not one, but 20 more exec than usual. :)
The way my application is launched with RVM:
$ strace -c -e trace=execve /usr/local/rvm/bin/rvm default exec ruby -e
''
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
0.00 0.000000 0 21 16 execve
------ ----------- ----------- --------- --------- ----------------
100.00 0.000000 21 16 total
Using system Ruby:
$ strace -c -e trace=execve ruby -e ''
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
0.00 0.000000 0 1 execve
------ ----------- ----------- --------- --------- ----------------
100.00 0.000000 1 total
Using RVM ruby without RVM wrapper:
$ strace -c -e trace=execve /usr/local/rvm/rubies/default/bin/ruby -e ''
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
0.00 0.000000 0 1 execve
------ ----------- ----------- --------- --------- ----------------
100.00 0.000000 1 total
I will try to run my app using the 3rd method and report back as soon as
I can.
Thanks,
Amir
next prev parent reply other threads:[~2016-03-10 9:48 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-07 23:08 Systemd socket inheritance fails with “not a socket file descriptor” Amir Yalon
2016-03-08 3:31 ` Eric Wong
2016-03-08 7:45 ` Amir Yalon
2016-03-08 17:39 ` Eric Wong
2016-03-08 20:32 ` Amir Yalon
2016-03-09 3:51 ` Eric Wong
2016-03-09 13:19 ` Systemd socket inheritance fails with “not a socket file descriptor” [take2] Christos Trochalakis
2016-03-09 14:06 ` Systemd socket inheritance fails with “not a socket file descriptor” Christos Trochalakis
2016-03-10 9:48 ` Amir Yalon [this message]
2016-03-12 5:30 ` Eric Wong
2016-03-12 23:19 ` Amir Yalon
2016-03-17 0:27 ` [PATCH] doc: reference --keep-file-descriptors for "bundle exec" Eric Wong
2016-03-17 13:09 ` Amir Yalon
2016-03-17 16:37 ` Eric Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://yhbt.net/unicorn/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1457603295.3001779.545065762.73AD820D@webmail.messagingengine.com \
--to=amiryal@yxejamir.net \
--cc=e@80x24.org \
--cc=unicorn-public@bogomips.org \
--cc=yatiohi@ideopolis.gr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhbt.net/unicorn.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).