Bug 718633
Summary: | SELinux, saslauthd & /var/tmp/host_0 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Anthony Messina <amessina> |
Component: | krb5 | Assignee: | Nalin Dahyabhai <nalin> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 15 | CC: | dwalsh, nalin, ssorce |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | krb5-1.9.1-5.fc15 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-07-18 21:06:48 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Anthony Messina
2011-07-04 05:27:27 UTC
user_tmp_t is created via a user process. Something you are running in the login session is recreating this file. Probably a kerberized application. Does the pending update at https://admin.fedoraproject.org/updates/krb5-1.9.1-5.fc15 fix this for you? (It should.) I think I've actually seen something similar today with both dirsrv and krb5kdc while playing with plugins that made them crash. The replay cache management thing is particularly fragile it seems. I'll load 1.9.1-5 and report if I see anything again. Thanks, Dan. Do you know of a way I can try to watch the host_0 file to figure out which application is modifying the file label? From what I have configured, it could possibly be any one of: nfsv4, postfix (via saslauthd), cyrus-imapd (via saslauthd), httpd (koji), ... (In reply to comment #3) > I think I've actually seen something similar today with both dirsrv and krb5kdc > while playing with plugins that made them crash. > The replay cache management thing is particularly fragile it seems. > I'll load 1.9.1-5 and report if I see anything again. I will try it out. Ok, I have installed: krb5-workstation-1.9.1-5.fc15.x86_64 krb5-libs-1.9.1-5.fc15.x86_64 and will see if this fixes the issue. It may take some time however, as I can't pinpoint when this issue occurs. So far, /var/tmp/host_0 has not had it's label changed from krb5_host_rcache_t to user_tmp_t since installing; krb5-workstation-1.9.1-5.fc15.x86_64 krb5-libs-1.9.1-5.fc15.x86_64 I'll keep an eye out throughout the week to see if that happened to be the "fix' for this strange issue. I still have not seen this issue since installing: krb5-workstation-1.9.1-5.fc15.x86_64 krb5-libs-1.9.1-5.fc15.x86_64 Somehow, the fix must have been related. I would close this bug. |