|author||Joey Hess||2016-03-25 17:24:54 -0400|
|committer||Joey Hess||2016-03-25 17:24:54 -0400|
Avoid generating excessively long paths to the unix socket file used for ssh connection caching.
Mostly. Can still generate a too long one if $HOME is longer than 60 bytes.
Diffstat (limited to 'doc')
1 files changed, 33 insertions, 0 deletions
diff --git a/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_1_9d72cfc76d5ef15de5de54be2567a23e._comment b/doc/forum/unix__95__listener:___34____47__home__47__experiences__47__instrumentation__47__picca__47__.ssh__47__propellor__47__diffabs6.exp.synchrotron-soleil.fr.sock.j3awdJtqk5r3HB1I__34___too_long_for_Unix_domain_socket/comment_1_9d72cfc76d5ef15de5de54be2567a23e._comment
new file mode 100644
@@ -0,0 +1,33 @@
+ subject="""comment 1"""
+What's going on here is propellor has asked ssh to use that as a socket,
+but unix has a hoary old limit on the length of filenames to unix domain
+sockets -- something around 100 characters max depending on the OS (108 on
+linux I believe).
+40 characters of that budget is used up by the somewhat long HOME path, 17
+characters are tacked on by ssh (for no really good reason given the
+limited budget). This leaves propellor 57 characters to make a unique
+socket name that's not too ugly, but it decided to put the whole hostname
+in there, which blows past the budget in this case.
+So, I have changed the code to try to respect the budget while still coming
+up with the best filename it can.
+So in your case the new path will be something like
+-- 91 bytes, so under the limit.
+If someone has HOME set to something longer than ~60 characters,
+propellor will still break. Since the socket file has to be at a
+stable location, and so more or less needs to live under HOME, it's hard to
+avoid the problem entirely.
+I did consider moving the sockets to /tmp to avoid HOME length causing a
+problem, but then other users on the system could DOS propellor by creating
+the directory in /tmp, which would at best make it fall back to not using
+the ssh socket and so asking repeatedly for passwords.