* [PATCH] Rescue failed pipe resizes due to permissions
@ 2019-05-03 22:20 sdemjanenko
2019-05-03 22:53 ` Eric Wong
0 siblings, 1 reply; 2+ messages in thread
From: sdemjanenko @ 2019-05-03 22:20 UTC (permalink / raw)
To: unicorn-public; +Cc: Stephen Demjanenko
From: Stephen Demjanenko <sdemjanenko@gmail.com>
When running: ```
require 'kgio'
require 'raindrops'
F_SETPIPE_SZ = 1031 if RUBY_PLATFORM =~ /linux/
Kgio::Pipe.new.each do |io|
io.close_on_exec = true
if defined?(F_SETPIPE_SZ)
begin
puts "setting"
io.fcntl(F_SETPIPE_SZ, Raindrops::PAGE_SIZE)
rescue Errno::EINVAL
puts "rescued"
rescue => e
puts ["FAILED HARD", e].inspect
end
end
end
```
on a few servers to test some Unicorn boot failures I saw:
```
["FAILED HARD", #<Errno::EPERM: Operation not permitted>]
```
The `EPERM` error gets raised by the Linux kernel if:
```
(too_many_pipe_buffers_hard(pipe->user) ||
too_many_pipe_buffers_soft(pipe->user)) &&
!capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN)
```
Given that the resize is not strictly necessary Unicorn should
rescue the error and continue booting.
---
lib/unicorn.rb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/unicorn.rb b/lib/unicorn.rb
index 5f2134d..dd5dff4 100644
--- a/lib/unicorn.rb
+++ b/lib/unicorn.rb
@@ -123,6 +123,9 @@ def self.pipe # :nodoc:
io.fcntl(F_SETPIPE_SZ, Raindrops::PAGE_SIZE)
rescue Errno::EINVAL
# old kernel
+ rescue Errno::EPERM
+ # resizes fail if Linux is close to the pipe limit for the user
+ # or if the user does not have permissions to resize
end
end
end
--
2.7.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] Rescue failed pipe resizes due to permissions
2019-05-03 22:20 [PATCH] Rescue failed pipe resizes due to permissions sdemjanenko
@ 2019-05-03 22:53 ` Eric Wong
0 siblings, 0 replies; 2+ messages in thread
From: Eric Wong @ 2019-05-03 22:53 UTC (permalink / raw)
To: Stephen Demjanenko; +Cc: unicorn-public
sdemjanenko@gmail.com wrote:
Thanks, patch looks good; though I'd like to confirm
some things below for the sake of documentation.
> The `EPERM` error gets raised by the Linux kernel if:
> ```
> (too_many_pipe_buffers_hard(pipe->user) ||
> too_many_pipe_buffers_soft(pipe->user)) &&
> !capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN)
> ```
Which kernel are you running?
Modern kernels prefix that condition with:
if (nr_pages > pipe->buffers &&
Scanning kernel changes with `git log -p -L:pipe_set_size:fs/pipe.c',
I see that check was added in b0b91d18e2e97b741b294af9333824ecc3fadfd8
("pipe: fix limit checking in pipe_set_size()")
which was fixed in Linux v4.9+ and v3.16.57+
https://80x24.org/mirrors/linux.git/commit?id=b0b91d18e2e97b741b294af9333824ecc3fadfd8
https://lore.kernel.org/lkml/?q=s%3A%22fix+limit+checking+in+pipe_set_size%22
> Given that the resize is not strictly necessary Unicorn should
> rescue the error and continue booting.
Agreed. Applied, tested and pushed to master as
commit 5c613c6ea98541df587193e861364c858a8a0abd
Thanks!
Will tag and release v5.5.1 in a day or two.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-05-03 22:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-03 22:20 [PATCH] Rescue failed pipe resizes due to permissions sdemjanenko
2019-05-03 22:53 ` Eric Wong
Code repositories for project(s) associated with this public inbox
https://yhbt.net/unicorn.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).