Bug 111752 - assertion failure
Summary: assertion failure
Alias: None
Product: Red Hat Raw Hide
Classification: Retired
Component: prelink (Show other bugs)
(Show other bugs)
Version: 1.0
Hardware: All Linux
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: David Lawrence
Depends On:
TreeView+ depends on / blocked
Reported: 2003-12-09 17:34 UTC by Tim Waugh
Modified: 2007-04-18 17:00 UTC (History)
2 users (show)

Fixed In Version: 0.3.0-17
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-12-27 15:55:19 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
typescript of gdb session (28.57 KB, text/plain)
2003-12-09 17:35 UTC, Tim Waugh
no flags Details
/var/log/prelink.log after a prelink-0.3.0-15 run (42.38 KB, text/plain)
2003-12-09 18:10 UTC, Tim Waugh
no flags Details
/var/log/prelink.log after a prelink-0.3.0-15 run (335.39 KB, text/plain)
2003-12-09 18:11 UTC, Tim Waugh
no flags Details

Description Tim Waugh 2003-12-09 17:34:51 UTC
Description of problem:
Prelinking /usr/lib/libgnomesupport.so.0.0.0
/usr/sbin/prelink: cannot get security context for
/usr/lib/libgnomesupport.so.0.0.0 : No data available
prelink: dso.c:1624: close_dso: Assertion `dso->temp_filename !=
((void *)0)' failed.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Run prelink, or wait until it runs from cron.
2. See /var/log/prelink.log.
See attached gdb run.

Comment 1 Tim Waugh 2003-12-09 17:35:34 UTC
Created attachment 96429 [details]
typescript of gdb session

Comment 2 Tim Waugh 2003-12-09 17:35:55 UTC
This is on kernel 2.6.0-0.test11.1.9.

Comment 3 Tim Waugh 2003-12-09 18:06:39 UTC
0.3.0-15 does not give an assertion failure (but it also fails to
prelink anything due to lack of security contexts).

Comment 4 Tim Waugh 2003-12-09 18:10:28 UTC
Created attachment 96430 [details]
/var/log/prelink.log after a prelink-0.3.0-15 run

Comment 5 Tim Waugh 2003-12-09 18:11:48 UTC
Created attachment 96431 [details]
/var/log/prelink.log after a prelink-0.3.0-15 run

(oops, wrong file last time)

Comment 6 Jakub Jelinek 2003-12-09 18:22:29 UTC
Dan, your patch is certainly buggy in the error path handling
(it can do double free etc.).
Please look at prelink-0.3.0-15 in dist-fc2 where is some
selinux stuff already incorporated.
The main thing is that neither of these is right.
What prelink should do is around creating of the temporary files
use some very minimal setfscreatecon which will allow it only to
write the file into the system directories, but they even shouldn't
be executable at all, etc.
Then, after the file is actually written fully, right before rename,
it should be given the desired security context copied from the origin

I haven't implemented this because I have no idea how to create such

Comment 7 Daniel Walsh 2003-12-09 20:17:47 UTC
I have redone the patch in prelink-0.3.0-16.sel on Nov 19th.

Could you check out this patch.


Comment 8 Jakub Jelinek 2003-12-09 20:22:20 UTC
That's the patch I was talking about.
The abort Tim got was from 16.sel.
Now, when Tim has SELinux capable kernel, what are the reasons why
could getfilecon fail (with ENODATA)? Shoudl that be always considered
as fatal thing?
If you tell me how the very little priviledged context can be created,
I'll update prelink.

Comment 9 Jakub Jelinek 2003-12-10 08:32:36 UTC
Please try prelink-0.3.0-17 in dist-fc2-scratch.

Comment 10 Tim Waugh 2003-12-10 10:09:52 UTC
0.3.0-17 works fine.

Note You need to log in before you can comment on or make changes to this bug.