mirror of
https://github.com/fleetdm/fleet
synced 2026-05-24 09:28:54 +00:00
3e38592fda
**Related issue:** Resolves #42741 ## Problem `goval_dictionary.Analyze` opened a `*sql.DB` via `LoadDb` but never closed it. `pkg/download/download.go` atomically renames the goval sqlite on each refresh, unlinking the old inode while the pool still held FDs on it. lsof showed them as `(deleted)`, accumulating over days until Fleet server restart. ## Fix - New `Database.Close()` that delegates to the underlying `*sql.DB`. - `defer func() { _ = db.Close() }()` in `Analyze` right after `LoadDb`. ## How this was tested - New unit test `TestDatabaseCloseReleasesFileHandle` opens a file-backed sqlite, runs a query to force a pool connection, then asserts Close drains the pool and blocks further queries. - `go test ./server/vulnerabilities/goval_dictionary/...` passes. - Standalone Go program reproduced the leak mechanism: `sql.Open` + query + unlink left the FD on the orphaned inode; adding Close released it. ## Confidence and QA ~90% confident. I did not reproduce end-to-end through Fleet's vuln cron locally (the analyzer never entered its query loop; likely `HostIDsByOSVersion` hadn't populated for the Rocky test host). Reviewer: flag anything that drops your confidence. @xpkoala for QA after merge: please exercise in a production-like env with enrolled RHEL hosts and confirm no `(deleted)` FDs after goval refreshes. # Checklist for submitter - [x] Changes file added for user-visible changes in `changes/` (`changes/42741-fix-goval-dictionary-fd-leak`). - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (N/A, no new input paths). - [x] Timeouts are implemented and retries are limited to avoid infinite loops (N/A, no new network calls). - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes (N/A, no endpoint changes). ## Testing - [x] Added/updated automated tests - [x] Where appropriate, automated tests simulate multiple hosts and test for host isolation (N/A, package-level unit test). - [ ] QA'd all new/changed functionality manually (pending, post-merge by @xpkoala). ## Database migrations - [x] Checked schema for modified tables for auto-updating timestamp columns (N/A, no schema changes). - [x] Confirmed timestamp updates are acceptable (N/A, no schema changes). - [x] Ensured correct collation is explicitly set for character columns (N/A, no schema changes). ## New Fleet configuration settings - [x] Setting(s) is/are explicitly excluded from GitOps (N/A, no new settings). ## fleetd/orbit/Fleet Desktop - [x] Verified compatibility with the latest released version of Fleet (N/A, server-only change). - [x] If the change applies to only one platform, confirmed `runtime.GOOS` is used (N/A). - [x] Verified fleetd runs on macOS, Linux and Windows (N/A, server-only change). - [x] Verified auto-update works (N/A, server-only change). <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Fixed a file-descriptor leak in vulnerability processing so deleted SQLite database files are properly closed without requiring a server restart, improving stability and resource usage. * **Tests** * Added a regression test to ensure database handles are released after close. * **Documentation** * Documented the fix for the file-descriptor leak. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| analyzer.go | ||
| close_test.go | ||
| database.go | ||
| database_test.go | ||
| sync.go | ||
| sync_test.go | ||