Bug 248255 - ccs calls listen on udp socktets
Summary: ccs calls listen on udp socktets
Alias: None
Product: Fedora
Classification: Fedora
Component: ccs
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Jonathan Earl Brassow
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2007-07-14 12:17 UTC by Daniel Walsh
Modified: 2008-04-25 20:19 UTC (History)
0 users

Clone Of:
Last Closed: 2008-04-25 20:19:26 UTC

Attachments (Terms of Use)

Description Daniel Walsh 2007-07-14 12:17:02 UTC
Description of problem:
Some where a long the way we added listen call to a udp_socket for ccs.

allow ccs_t self:udp_socket { create_socket_perms listen recv_msg send_msg };

This does not make sense on a udp socket and is usually caused when you  call
listen on a udp_socket.  Without SELinux this causes EINVAL to be returned.  but
with SELinux it generates a nasty avc message.

Comment 1 Jonathan Earl Brassow 2008-04-02 21:47:45 UTC
Taking a quick look at the code...
[brassow@hydrogen cluster]$ grep listen -r ccs
ccs/daemon/ccsd.c:  listen(sfds[0], 5);
ccs/daemon/ccsd.c:  if (listen(sock, backlog) < 0)
ccs/daemon/cluster_mgr.c:  if (listen(ccsd_fd, 15) < 0) {
ccs/daemon/cluster_mgr.c:    log_err("Unable to listen to socket.\n");
ccs/man/ccsd.8:cluster base port.  "f" is the port number that listens for
information requests

Those sockets are all created with SOCK_STREAM.  Has this bug already been fixed?

Comment 2 Daniel Walsh 2008-04-04 20:25:07 UTC
Well if it is only listening on TCP_SOCKETS then it should be ok.

Comment 3 Jonathan Earl Brassow 2008-04-25 20:19:26 UTC
Please reopen if there are further concerns.

Note You need to log in before you can comment on or make changes to this bug.