Bug 501368

Summary: avc during live install due to leaked fd
Product: [Fedora] Fedora Reporter: Jeremy Katz <katzj>
Component: rhplAssignee: Chris Lumens <clumens>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 11CC: clumens, jlaska, msivak, rmaximo, tcallawa, vanmeeuwen+fedora
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-07-22 11:04:48 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 495965    

Description Jeremy Katz 2009-05-18 14:56:26 EDT
We're leaking an open fd of /dev/mapper/control when we go to exec loadkeys on the live install.

To work around this, we have a few options
a) Figure out where we're opening it and ensure we close /dev/mapper/control
b) Patch libdevice-mapper to open /dev/mapper/control with O_CLOEXEC
c) Patch rhpl to close fds when doing execWith*

c is probably the easiest, but also could have the widest side effects although I don't see how it could break anything off-hand
Comment 1 Chris Lumens 2009-05-19 14:14:56 EDT
While we're digging around in rhpl, we should probably convert the execWith* functions to use subprocess, finally.  Then maybe we could make anaconda use rhpl.executil instead of stuff out of iutil.  Wishful thinking, I know.
Comment 2 Jeremy Katz 2009-05-19 14:26:56 EDT
I'd be more inclined to try to finish killing off rhpl...
Comment 3 Chris Lumens 2009-05-19 15:00:32 EDT
Sure, we can do that too.
Comment 4 James Laska 2009-05-22 13:09:53 EDT
This bug is currently on the F11AnacondaBlocker ... is this a must have for Fedora 11?  Is the  "killing of rhpl" a post-F11 action?
Comment 5 Chris Lumens 2009-05-22 13:17:36 EDT
Choice (c) above is an F11 thing, and killing rhpl is post-F11.  There's more things than just anaconda using it so it's too late to get rid of it.
Comment 6 Jeremy Katz 2009-05-22 14:26:12 EDT
Yeah, killing rhpl is a post-F11 action.

But we should fix the avc as otherwise, people will have it pop up while they're doing installs from the live media (which is at least some high percentage of our install cases) and then file bugs.  We don't want to have to see those bugs for the entire life of F11 :)
Comment 7 Jeremy Katz 2009-05-26 11:36:22 EDT
Simple version of c just for the case that we know we need it sent to anaconda-devel-list for review
Comment 8 Jeremy Katz 2009-05-26 14:56:35 EDT
And built and tag requested
Comment 9 Bug Zapper 2009-06-09 12:04:15 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here: