184129 – xen appears to leak file descriptors, and doesn't work with SELinux

Bug 184129 - xen appears to leak file descriptors, and doesn't work with SELinux

Summary: xen appears to leak file descriptors, and doesn't work with SELinux

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	xen
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jeremy Katz
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	179629
TreeView+	depends on / blocked

Reported:	2006-03-06 17:57 UTC by Bill Nottingham
Modified:	2014-03-17 02:58 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-09-25 20:37:39 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
avc errors (78.68 KB, text/plain) 2006-03-06 17:57 UTC, Bill Nottingham	no flags	Details
View All

Description Bill Nottingham 2006-03-06 17:57:21 UTC

See attached logs.

Comment 1 Bill Nottingham 2006-03-06 17:57:21 UTC

Created attachment 125714 [details]
avc errors

Comment 2 Bill Nottingham 2006-03-06 17:58:59 UTC

audit2allow yields:

allow ifconfig_t initrc_t:unix_stream_socket { read write };
allow ifconfig_t proc_t:file write;
allow ifconfig_t var_log_t:file append;
allow netutils_t initrc_t:unix_stream_socket { read write };
allow netutils_t proc_t:file { read write };
allow netutils_t var_log_t:file append;

which is almost certainly wrong.

Comment 3 Daniel Walsh 2006-03-06 22:44:21 UTC

If we want to allow these utilities to write to the xend*log file, we need to
setup a xend policy, (Which we need to add this anyways.)

Dan

Comment 4 Jeremy Katz 2006-09-25 20:37:39 UTC

Things are a little better now

Note You need to log in before you can comment on or make changes to this bug.