Bug 184129 - xen appears to leak file descriptors, and doesn't work with SELinux
Summary: xen appears to leak file descriptors, and doesn't work with SELinux
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: xen   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 179629
TreeView+ depends on / blocked
 
Reported: 2006-03-06 17:57 UTC by Bill Nottingham
Modified: 2014-03-17 02:58 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-25 20:37:39 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
avc errors (78.68 KB, text/plain)
2006-03-06 17:57 UTC, Bill Nottingham
no flags Details

Description Bill Nottingham 2006-03-06 17:57:21 UTC
See attached logs.

Comment 1 Bill Nottingham 2006-03-06 17:57:21 UTC
Created attachment 125714 [details]
avc errors

Comment 2 Bill Nottingham 2006-03-06 17:58:59 UTC
audit2allow yields:

allow ifconfig_t initrc_t:unix_stream_socket { read write };
allow ifconfig_t proc_t:file write;
allow ifconfig_t var_log_t:file append;
allow netutils_t initrc_t:unix_stream_socket { read write };
allow netutils_t proc_t:file { read write };
allow netutils_t var_log_t:file append;

which is almost certainly wrong.

Comment 3 Daniel Walsh 2006-03-06 22:44:21 UTC
If we want to allow these utilities to write to the xend*log file, we need to
setup a xend policy, (Which we need to add this anyways.)

Dan

Comment 4 Jeremy Katz 2006-09-25 20:37:39 UTC
Things are a little better now


Note You need to log in before you can comment on or make changes to this bug.