From 89ba3c0e886b13c0d686b8326989876943670713 Mon Sep 17 00:00:00 2001
From: Felipe Sanches Zanoni <Felipe.SanchesZanoni@windriver.com>
Date: Tue, 3 Dec 2024 10:03:51 -0300
Subject: [PATCH] Fix file descriptor inheritance in ceph.sh script

The ceph.sh script is called by the mtcClient process during the
system start-up. This script will then start the Ceph processes.
The mtcClient uses the UDP port 2119 to communicate with other hosts,
and these Ceph processes inherit the UDP port from the mtcClient
because the file descriptor is kept open when forking the application.

When the mtcClient process restarts, the Ceph processes with the
inherited file descriptor will automatically start using that UDP
port, blocking the mtcClient from binding to that port.

The solution is to call the ceph-init-wrapper script using the
"systemd-run" command as a transient service with "--pipe" and
"--wait" to isolate all the FDs except for the stdin/stdout/stderr.

Test-Plan:
  PASS: Multi-node system - Unmanage and stop all Ceph processes on
        controller-0, and kill the mtcClient process twice. Check if
        only mtcClient is listed using UDP port 2119 by running
        'sudo lsof -iUDP:2119'.

  PASS: Deploy AIO-SX and check if Ceph status is HEALTH_OK. The
        mtcClient will not bind UDP 2119 port in this configuration.

  PASS: Deploy AIO-DX and check if only mtcClient is listed using
        UDP port 2119 by running 'sudo lsof -iUDP:2119'.

Closes-bug: 2090928

Signed-off-by: Felipe Sanches Zanoni <Felipe.SanchesZanoni@windriver.com>
Change-Id: I5091953bc370ae60e972ef9f383aaab84f2781f0
---
 ceph/ceph/files/ceph.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ceph/ceph/files/ceph.sh b/ceph/ceph/files/ceph.sh
index ae3796abd..05cea0c62 100644
--- a/ceph/ceph/files/ceph.sh
+++ b/ceph/ceph/files/ceph.sh
@@ -8,7 +8,10 @@ INITDIR=/etc/init.d
 LOGFILE=/var/log/ceph/ceph-init.log
 CEPH_STARTED_FLAG=/var/run/.ceph_started
 CEPH_CONFIGURED_FLAG=/etc/platform/.node_ceph_configured
-CEPH_INIT="${INITDIR}/ceph-init-wrapper"
+
+# Call ceph-init-wrapper script with systemd-run to avoid inheriting any
+# unwanted file descriptor.
+CEPH_INIT="systemd-run --pipe --wait ${INITDIR}/ceph-init-wrapper"
 
 # Get system/node configuration
 . /etc/platform/platform.conf