From 8d6ecbc445e5b08b1a03c7fab6ea4e4a24e033d8 Mon Sep 17 00:00:00 2001

From: Daniel Hjorth <dh@dhjorth.com>

Date: Wed, 25 Feb 2015 13:07:35 -0700

Subject: [PATCH 189/190] LDAP: unlink ccname_file_dummy if there is an error

https://fedorahosted.org/sssd/ticket/2592

If there is an error after ccname_file_dummy is created but before it is

renamed then the file isn't removed.  This can cause a lot of files to be

created and take up inodes in a filesystem.

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

Reviewed-by: Sumit Bose <sbose@redhat.com>

(cherry picked from commit 2b20ff2e33ad3993a9cad910c4b4b828513613df)

---

 src/providers/ldap/ldap_child.c | 12 +++++++++++-

 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c

index f7f8d1d2eab3f66fe4f7d09e50458b495739c1d2..bb61a61858abba90530150ba771053fb8abff14a 100644

--- a/src/providers/ldap/ldap_child.c

+++ b/src/providers/ldap/ldap_child.c

@@ -491,16 +491,26 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,

               "rename failed [%d][%s].\n", ret, strerror(ret));

         goto done;

     }

+    ccname_file_dummy = NULL;

     krberr = 0;

     *ccname_out = talloc_steal(memctx, ccname);

     *expire_time_out = my_creds.times.endtime - kdc_time_offset;

 done:

-    talloc_free(tmp_ctx);

     if (krberr != 0) KRB5_SYSLOG(krberr);

     if (keytab) krb5_kt_close(context, keytab);

     if (context) krb5_free_context(context);

+    if (ccname_file_dummy) {

+        DEBUG(SSSDBG_TRACE_INTERNAL, "Unlinking [%s]\n", ccname_file_dummy);

+        ret = unlink(ccname_file_dummy);

+        if (ret == -1) {

+            ret = errno;

+            DEBUG(SSSDBG_MINOR_FAILURE,

+                  "Unlink failed [%d][%s].\n", ret, strerror(ret));

+        }

+    }

+    talloc_free(tmp_ctx);

     return krberr;

 }

-- 

2.1.0