Bug 63140 - pid file may get corrupted and prevent httpd from starting
Summary: pid file may get corrupted and prevent httpd from starting
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Core (show other bugs)
Version: 2.5-HEAD
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Keywords: PatchAvailable
Depends on:
Reported: 2019-02-04 10:59 UTC by Nicolas Carrier
Modified: 2020-03-13 14:36 UTC (History)
1 user (show)

Avoids pid file creation race condition by using a temporary file. (2.75 KB, patch)
2019-02-04 11:00 UTC, Nicolas Carrier
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Nicolas Carrier 2019-02-04 10:59:23 UTC
If a power outage occurs at the wrong moment, subsequent attempts to start httpd may fail with the following error:
Error retrieving pid file ...
Remove it before continuing if it is corrupted.

The way pid files are created in apache is racy. The file is created, then it's content is written to it. If a power outage happens between the two steps, the pid file may stay empty.

A temporary file should be created instead and renamed after it has been written to and flushed.
Comment 1 Nicolas Carrier 2019-02-04 11:00:58 UTC
Created attachment 36417 [details]
Avoids pid file creation race condition by using a temporary file.

The original pattern for creating the pid file was:
write(pid_file, pid)

But if a power outage occurs between open_create and write, the file will
be empty and httpd will refuse to start afterwards unless the corrupt pid
file is removed.

This patch uses the pattern:
rename(temp_pid_file, pid_file)
which is guaranteed to be atomic, provided that temp_pid_file and pid_file
are located in the same file system, which this patch does by creating
a temporary file name with the pattern:
    pid_file_name + random_suffix
Comment 2 Nicolas Carrier 2019-05-22 14:58:57 UTC
There has been no progress with this issue for more than 3 month.

Is this issue invalid somehow?
Is the patch not acceptable?
Comment 3 Giovanni Bechis 2020-02-22 00:07:25 UTC
The pid file is not created in a temporary directory but in the current directory. If the directory in which the pid file will be created is on a different filesystem than the current directory the rename call will fail.

[Sat Feb 22 00:01:33.948798 2020] [core:error] [pid 38525:tid 139718597842752] (18)Invalid cross-device link: AH00102: could not rename file httpd.pid.rK6Vaj to /usr/local/apache2/logs/httpd.pid
Comment 4 Joe Orton 2020-03-12 11:58:21 UTC
I extended Nicolas' patch here 


to create the temp file in the same directory as the pidfile and add error checking, will merge if Travis is happy.
Comment 5 Joe Orton 2020-03-13 14:36:36 UTC
Done in r1875153, thanks for the patch Nicolas.

(Made me think about a few further changes, should the pidfile be 0440 not 0660? The rename is not as good as opening the file O_EXCL... but maybe best we can do)