Bug 595422
Summary: | AVC denials on abrtd restart | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Michal Nowak <mnowak> |
Component: | abrt | Assignee: | Jiri Moskovcak <jmoskovc> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Michal Nowak <mnowak> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 6.0 | CC: | ahecox, dfediuck, dvlasenk, dwalsh, gavin, jburke, jmoskovc, kklic, npajkovs, ohudlick |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | selinux-policy-3.7.19-21.el6.noarch | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-11-11 14:30:38 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Michal Nowak
2010-05-24 15:12:42 UTC
newman@dhcp-lab-222 ~ $ ls -laZ /var/spool/abrt/ drwxr-xr-x. abrt abrt system_u:object_r:abrt_var_cache_t:s0 . drwxr-xr-x. root root system_u:object_r:var_spool_t:s0 .. drwxr-x---. abrt root unconfined_u:object_r:abrt_var_cache_t:s0 kerneloops-1274714193-1 -rw-r--r--. root root unconfined_u:object_r:abrt_var_cache_t:s0 abrt-db It also produces AVCs on simple: sudo dumpoops -d dump1.dump Looks like abrt is leaking file descriptors to inotifyfs, abrt_var_run_t and its fifo_file. Probably abrt executes sosreport which executes dmesg. I will need to dontaudit the leak of the fifo file and abrt_var_run_t. No reason for inotify though. SELinux fixes are in selinux-policy-3.7.19-21.el6.noarch (In reply to comment #3) > Looks like abrt is leaking file descriptors to inotifyfs, abrt_var_run_t and > its fifo_file. > > Probably abrt executes sosreport which executes dmesg. > > I will need to dontaudit the leak of the fifo file and abrt_var_run_t. > > No reason for inotify though. Inotify leak is plugged in git now, will be in abrt-1.1.4 fd leaks are fixed in abrt-1.1.4.el6 Red Hat Enterprise Linux 6.0 is now available and should resolve the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you. |