Bug 184129

Summary: xen appears to leak file descriptors, and doesn't work with SELinux
Product: [Fedora] Fedora Reporter: Bill Nottingham <notting>
Component: xenAssignee: Jeremy Katz <katzj>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: bstein, dwalsh, katzj, rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-09-25 16:37:39 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 179629    
Attachments:
Description Flags
avc errors none

Description Bill Nottingham 2006-03-06 12:57:21 EST
See attached logs.
Comment 1 Bill Nottingham 2006-03-06 12:57:21 EST
Created attachment 125714 [details]
avc errors
Comment 2 Bill Nottingham 2006-03-06 12:58:59 EST
audit2allow yields:

allow ifconfig_t initrc_t:unix_stream_socket { read write };
allow ifconfig_t proc_t:file write;
allow ifconfig_t var_log_t:file append;
allow netutils_t initrc_t:unix_stream_socket { read write };
allow netutils_t proc_t:file { read write };
allow netutils_t var_log_t:file append;

which is almost certainly wrong.
Comment 3 Daniel Walsh 2006-03-06 17:44:21 EST
If we want to allow these utilities to write to the xend*log file, we need to
setup a xend policy, (Which we need to add this anyways.)

Dan
Comment 4 Jeremy Katz 2006-09-25 16:37:39 EDT
Things are a little better now