[krbdev.mit.edu #7573] File descriptor leak?
Gertjan Zwartjes via RT
rt-comment at krbdev.mit.edu
Wed Feb 20 11:38:29 EST 2013
Hello,
I'm an Arch Linux user and I found the following issue with the latest Kerberos release (1.11).
With the latest krb5 bump from 1.10.x to 1.11, both Firefox and Chrome browsers break in combination with an HTTP proxy. For each browser proxy request a number (4?) of file descriptors are leaked. This will continue until the browser process has too many files open which will render both Firefox and Chrome unusable. They both stop loading internet pages. Firefox will also stop rendering fonts completely, even the user interface may degrade, where the tabs and menu's also don't show any fonts anymore.
I started noticing strange behavior with Firefox early this year. Both myself and a colleague have this issue on both i686 (my system) and x86_64 (colleague system). We've gone through great lengths figuring out what was going on, and ruled out anything else. Downgrading krb5 to 1.10.3 solves the issue.
It has something to do with the Kerberos credentials cache (the krb5cc_... file in /run/user). Another colleague using XFCE does not have this problem, because the credentials cache is not created at all for his system. The systems with the issue are running Gnome 3.
Another workaround is rm'ing the credentials cache directory before starting either Chrome or Firefox.
I have also reported this issue through the Arch Linux bug tracking system here: https://bugs.archlinux.org/task/33913. The request there is to discuss it with upstream development, that's why I am sending this email.
Please let me know if you need more information, or if there's anything I can help to debug the problem.
Thanks,
Gertjan
More information about the krb5-bugs
mailing list