Bug 801282

Summary: SELinux is preventing /sbin/dhclient from read, write access on the None /dev/dri/card0.
Product: [Fedora] Fedora Reporter: hkoba <buribullet>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED CANTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: dominick.grift, dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:c6d17ee6a6716ef37807229283f8a627d329bac3c3990168c2f0e9f6ca363559
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-03-08 15:00:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
File: description none

Description hkoba 2012-03-08 07:36:15 UTC
libreport version: 2.0.8
executable:     /usr/bin/python
hashmarkername: setroubleshoot
kernel:         3.2.9-1.fc16.x86_64
reason:         SELinux is preventing /sbin/dhclient from read, write access on the None /dev/dri/card0.
time:           2012年03月09日 00時35分31秒

description:    Binary file, 2275 bytes

Comment 1 hkoba 2012-03-08 07:36:18 UTC
Created attachment 568527 [details]
File: description

Comment 2 Daniel Walsh 2012-03-08 15:00:28 UTC
This is a leaked file descriptor from whatever app launched dhclient.  Please update your machine to the latest code.

yum -y update

Comment 3 hkoba 2012-03-08 15:38:04 UTC
Hmm, I use yum-cron and my system is up-to-date.

Anyway, I understand it is fd leakage problem. I agree to close this.
Thank you for your comment.

Comment 4 Daniel Walsh 2012-03-08 15:46:48 UTC
Well it would be nice to know who is leaking it.

I actually blogged on this last night..


http://danwalsh.livejournal.com/53603.html

Comment 5 hkoba 2012-03-08 15:58:33 UTC
Thank you for your good article.

I now understand how *_CLOEXEC flag is important. Thank you:-)