Bug 846086

Summary: lxdm: leaks file descriptors
Product: [Fedora] Fedora Reporter: Tomas Hoger <thoger>
Component: lxdmAssignee: Mamoru TASAKA <mtasaka>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 22CC: cwickert
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: lxdm-0.4.1-10.fc22 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-10-17 18:55:28 EDT Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Tomas Hoger 2012-08-06 15:11:27 EDT
Description of problem:
lxdm leaks open file descriptors to user sessions.  Looking at the processes started from the xfce4 session menus, lot of them have /var/log/lxdm.log opened as fd 1, allowing user to write to the file that is root:root 640.

$ ll /proc/2114/fd
total 0
lr-x------. 1 user user 64 Aug  6 20:26 0 -> /dev/null
l-wx------. 1 user user 64 Aug  6 20:26 1 -> /var/log/lxdm.log
l-wx------. 1 user user 64 Aug  6 20:26 2 -> /home/user/.xsession-errors
lr-x------. 1 user user 64 Aug  6 21:09 255 -> /etc/xdg/xfce4/xinitrc

2114 is "/bin/sh /etc/xdg/xfce4/xinitrc" and is a direct child of the lxdm-binary process.

It seems lxdm should ensure to close the log or fcntl FD_CLOEXEC its file descriptor before running Xsession.

Version-Release number of selected component (if applicable):
lxdm-0.4.1-1.fc16.x86_64
Comment 1 Fedora End Of Life 2013-01-16 07:49:37 EST
This message is a reminder that Fedora 16 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 16. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '16'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 16's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 16 is end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" and open it against that version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 2 Tomas Hoger 2013-01-16 08:27:23 EST
lxdm-0.4.1-1 is current in F17.  F18 has lxdm-0.4.1-4, but no relevant change mentioned in the %changelog, assuming it's affected too.
Comment 4 Tomas Hoger 2014-12-27 15:32:35 EST
Upstream fixed this issue shortly after the upstream bug mentioned in comment 3 above was filed.  Upstream commit is:

http://git.lxde.org/gitweb/?p=lxde/lxdm.git;a=commitdiff;h=6c894635b7703ee6c51835b39526e7e7330f59c5

I can no longer reproduce the issue after applying the above patch.
Comment 5 Fedora Update System 2015-10-08 10:33:12 EDT
lxdm-0.4.1-10.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-adbae85c55
Comment 6 Fedora Update System 2015-10-08 10:33:59 EDT
lxdm-0.4.1-10.fc21 has been submitted as an update to Fedora 21. https://bodhi.fedoraproject.org/updates/FEDORA-2015-7766c0d939
Comment 7 Fedora Update System 2015-10-09 08:51:38 EDT
lxdm-0.4.1-10.fc21 has been pushed to the Fedora 21 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update lxdm'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-7766c0d939
Comment 8 Fedora Update System 2015-10-09 09:54:52 EDT
lxdm-0.4.1-10.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update lxdm'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-adbae85c55
Comment 9 Fedora Update System 2015-10-17 18:55:22 EDT
lxdm-0.4.1-10.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2015-10-17 19:20:28 EDT
lxdm-0.4.1-10.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.