Bug 466087
Summary: | SELinux is preventing the $command from using potentially mislabeled files (/tmp/kde-${USER}zHTeRF/konsoleat5970.tmp) | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Giacomo Montagner <gmontagner> |
Component: | kdebase | Assignee: | Than Ngo <than> |
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | 9 | CC: | jreznik, kevin, ltinkl, rdieter, than, tuxbrewr |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-02-06 14:49:59 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Giacomo Montagner
2008-10-08 08:51:55 UTC
The problem here is a leaked file descriptor in konsole. konsole is opening (/tmp/kde-${USER}zHTeRF/konsoleat5970.tmp) And not closing on exec the file descriptor, this means that all confined domains started from console will get handed this open file descriptor and SELinux will close them, while generating the error message. They can be ignored for now but konsole should execute fcntl(fd, F_SETFD, FD_CLOEXEC) On the file desctriptor *** This bug has been marked as a duplicate of bug 484370 *** |