Package: libpam-smbpass Version: 2:4.1.9+dfsg-1 Severity: important It appears that libpam-smbpass, at least when used in some services, leaks file descriptors. This eventually causes the service in question to become non-functional when the open FD limit is exceeded.
In my case, the service is openvpn. I see many many copies of this set of file descriptors: lr-x------ 1 root root 64 Jul 18 06:39 979 -> /dev/urandom lrwx------ 1 root root 64 Jul 18 06:39 98 -> /var/lib/samba/private/passdb.tdb lrwx------ 1 root root 64 Jul 18 06:39 980 -> /var/lib/samba/private/passdb.tdb lrwx------ 1 root root 64 Jul 18 06:39 981 -> /var/lib/samba/account_policy.tdb lrwx------ 1 root root 64 Jul 18 06:39 982 -> /var/cache/samba/gencache.tdb lrwx------ 1 root root 64 Jul 18 06:39 983 -> /run/samba/gencache_notrans.tdb lrwx------ 1 root root 64 Jul 18 06:39 984 -> /var/lib/samba/group_mapping.tdb lrwx------ 1 root root 64 Jul 18 06:39 985 -> /var/lib/samba/private/secrets.tdb Once the FD limit is reached, nobody can connect to the VPN until it is restarted. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.14-1-amd64 (SMP w/12 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libpam-smbpass depends on: ii dpkg 1.17.10 ii libbsd0 0.6.0-2 ii libc6 2.19-5 ii libpam-runtime 1.1.8-3 ii libpam0g 1.1.8-3 ii libtalloc2 2.1.1-1 ii libwbclient0 2:4.1.9+dfsg-1 ii samba-common 2:4.1.9+dfsg-1 ii samba-libs 2:4.1.9+dfsg-1 libpam-smbpass recommends no packages. Versions of packages libpam-smbpass suggests: ii samba 2:4.1.9+dfsg-1 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
