search

owasp-modsecurity / ModSecurity-nginx

ModSecurity v3 Nginx Connector
Apache License 2.0
1.49k stars 277 forks source link

SecAction initcol causes that worker processes are stuck in shutting down state after reloading #242

Closed jtaczanowski closed 3 years ago

jtaczanowski commented 3 years ago

Hi! :) I'm using following setup: nginx 1.18.0 ModSecurity-nginx connector (latest code from master branch) libmodsecurity 3.0.4 compiled with --with-lmdb flag

Everything worked as excepted except one issue. When using LMDB collection reloading nginx causing old workers stuck in "worker process is shutting down" state.

To reproduce the problem, just add one line to the configuration: SecAction "initcol:global=%{REMOTE_ADDR},id:5,pass,phase:1" and try reload nginx: nginx -s reload

After reloads workers in "shutting down" state appears

root      4114 12101  0 01:13 pts/1    00:00:00 sudo ./nginx
root      4115  4114  0 01:13 pts/1    00:00:00 nginx: master process ./nginx
www-data  4116  4115  0 01:13 pts/1    00:00:00 nginx: worker process is shutting down
www-data  4151  4115  0 01:13 pts/1    00:00:00 nginx: worker process

GDB on stuck worker:

vagrant@ubuntu-xenial:/etc/nginx/modsec$ sudo gdb -p 4116
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1
[..]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x00007fa860941ad3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:84
84  ../sysdeps/unix/syscall-template.S: No such file or directory.
(gdb) bt
#0  0x00007fa860941ad3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:84
#1  0x0000000000440a90 in ngx_epoll_process_events (cycle=0x179f750, timer=9764, flags=1) at src/event/modules/ngx_epoll_module.c:800
#2  0x0000000000435941 in ngx_process_events_and_timers (cycle=cycle@entry=0x179f750) at src/event/ngx_event.c:247
#3  0x000000000043ead5 in ngx_worker_process_cycle (cycle=0x179f750, data=<optimized out>) at src/os/unix/ngx_process_cycle.c:750
#4  0x000000000043cfb5 in ngx_spawn_process (cycle=cycle@entry=0x179f750, proc=proc@entry=0x43ea90 <ngx_worker_process_cycle>, data=data@entry=0x0, name=name@entry=0x4e37fb "worker process", respawn=respawn@entry=-3) at src/os/unix/ngx_process.c:199
#5  0x000000000043e214 in ngx_start_worker_processes (cycle=cycle@entry=0x179f750, n=1, type=type@entry=-3) at src/os/unix/ngx_process_cycle.c:359
#6  0x000000000043f764 in ngx_master_process_cycle (cycle=cycle@entry=0x179f750) at src/os/unix/ngx_process_cycle.c:131
#7  0x000000000041380e in main (argc=<optimized out>, argv=<optimized out>) at src/core/nginx.c:382
(gdb)

Thanks in advance for help :) Regards

jtaczanowski commented 3 years ago

After recompiling nginx and ModSecurity-nginx connector I can't reproduce this problem. I am closing this issue :)