Bug 224190
Summary: | openais is requestiong bogus access in SELinux | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Daniel Walsh <dwalsh> | ||||
Component: | openais | Assignee: | Steven Dake <sdake> | ||||
Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | rawhide | CC: | ccaulfie, kanderso, ldimaggi, rkenna, triage | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | bzcl34nup | ||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-05-07 01:06:19 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Daniel Walsh
2007-01-24 15:52:13 UTC
type=AVC msg=audit(1169585959.102:12): avc: denied { write } for pid=2307 comm="aisexec" name="ringid_10.15.89.174" dev=dm-0 ino=2284808 scontext=system_u:system_r:ccs_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file type=AVC msg=audit(1169585021.617:10): avc: denied { write } for pid=2352 comm="aisexec" name="sbin" dev=dm-0 ino=1305602 scontext=system_u:system_r:ccs_t:s0 tcontext=system_u:object_r:sbin_t:s0 tclass=dir After speaking with Dan about this problem, it could be a problem with the parent process that doesn't close all of its open file descriptors before forking and execing. This could potentially be a problem with cman_tool which should be investigated. Dan suggested adding the following fcntl's for the files that are left open. *dwalsh* Make that fcntl(fd, F_SETFL, FD_CLOEXEC); *dwalsh* Before you exec Seems the writing to /sbin is caused by the application attempting to dump core. So I think openais is crashing and SELinux will not allow it to drop core. From the resulting core file (attached to this bz): gdb aisexec core.2236 GNU gdb Red Hat Linux (6.5-16.el5rh) Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"... (no debugging symbols found) Using host libthread_db library "/lib/libthread_db.so.1". warning: Can't read pathname for load map: Input/output error. Reading symbols from /lib/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/libpthread.so.0...(no debugging symbols found)...done. Loaded symbols for /lib/libpthread.so.0 Reading symbols from /lib/libc.so.6... (no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /usr/libexec/lcrso/objdb.lcrso... (no debugging symbols found)...done. Loaded symbols for /usr/libexec/lcrso/objdb.lcrso Reading symbols from /usr/libexec/lcrso/service_cman.lcrso...(no debugging symbols found)...done. Loaded symbols for /usr/libexec/lcrso/service_cman.lcrso Reading symbols from /lib/libnss_files.so.2... (no debugging symbols found)...done. Loaded symbols for /lib/libnss_files.so.2 Reading symbols from /lib/libnss_dns.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libnss_dns.so.2 Reading symbols from /lib/libresolv.so.2... (no debugging symbols found)...done. Loaded symbols for /lib/libresolv.so.2 (no debugging symbols found) Core was generated by `aisexec'. Program terminated with signal 11, Segmentation fault. #0 0x004d8353 in strlen () from /lib/libc.so.6 Created attachment 146684 [details]
openais (aisexec) core file
core caused by cman/selinux interaction in some way: Core was generated by `aisexec'. Program terminated with signal 11, Segmentation fault. #0 0x004d8353 in strlen () from /lib/libc.so.6 (gdb) where #0 0x004d8353 in strlen () from /lib/libc.so.6 #1 0x00e5067c in ais_add_ifaddr () from /usr/libexec/lcrso/service_cman.lcrso #2 0x00e55101 in process_barrier_msg () from /usr/libexec/lcrso/service_cman.lcrso #3 0x00e55e82 in read_ccs_config () from /usr/libexec/lcrso/service_cman.lcrso #4 0x00e50c09 in ais_add_ifaddr () from /usr/libexec/lcrso/service_cman.lcrso #5 0x08061194 in main () at main.c:458 (gdb) Possible blocker since segfault occurs when se linux configured enforcing. Attempted to duplicate on the smoke cluster. Could not duplicate by setting enforcing/targeted mode. Must be some other environmental condition in the system that is being tested. Need access to hardware/platform that is causing the problem. More information needed about how openais is started. From some conversations it appears cman is not started via the service cman start script but started in some other way. Attempted to recreate on the tng3 cluster (lab.msp.redhat.com) - I was able to cause the core dump by creating a new cluster via Conga on Jab 15, but not today. Fix in openais 0.80.3 which is in the 5.1 RC tree. Based on the date this bug was created, it appears to have been reported against rawhide during the development of a Fedora release that is no longer maintained. In order to refocus our efforts as a project we are flagging all of the open bugs for releases which are no longer maintained. If this bug remains in NEEDINFO thirty (30) days from now, we will automatically close it. If you can reproduce this bug in a maintained Fedora version (7, 8, or rawhide), please change this bug to the respective version and change the status to ASSIGNED. (If you're unable to change the bug's version or status, add a comment to the bug and someone will change it for you.) Thanks for your help, and we apologize again that we haven't handled these issues to this point. The process we're following is outlined here: http://fedoraproject.org/wiki/BugZappers/F9CleanUp We will be following the process here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this doesn't happen again. This bug has been in NEEDINFO for more than 30 days since feedback was first requested. As a result we are closing it. If you can reproduce this bug in the future against a maintained Fedora version please feel free to reopen it against that version. The process we're following is outlined here: http://fedoraproject.org/wiki/BugZappers/F9CleanUp |