Bug 782150

Summary: RPM Python Bindings are leaking. This has caused a huge leak in setroubleshoot, when it hits an AVC storm.
Product: Red Hat Enterprise Linux 6 Reporter: Daniel Walsh <dwalsh>
Component: rpmAssignee: Panu Matilainen <pmatilai>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2CC: dmalcolm, ffesti, jnovy, mgrepl, pmatilai
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 782147 Environment:
Last Closed: 2012-02-13 09:44:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 782147, 782151    
Bug Blocks:    

Description Daniel Walsh 2012-01-16 16:33:07 UTC 
+++ This bug was initially created as a clone of Bug #782147 +++

setroubleshoot uses the rpm python bindings and is a long running service, Each time an AVC arrives it checks on the version of selinux policy, the kernel, and potentially the version of the source program and the target program to identify which version of the package was being used.  If we are hit with a storm of AVC's we are seeing the memory skyrocket.  We diagnosed the problem to rpm python bindings leaking.  For now we are removing the bindings and going to executing rpm -qf PATH. Not an ideal solution, but we need this fix in RHEL5 and RHEL6. As well as Fedora.

--- Additional comment from dwalsh on 2012-01-16 11:32:37 EST ---

Dave Malcolm, believes he has a fix for this problem.

http://lists.rpm.org/pipermail/rpm-maint/2011-December/003138.html
Comment 2 RHEL Program Management 2012-02-13 09:44:47 UTC 
Development Management has reviewed and declined this request.  You may appeal
this decision by reopening this request.