Description of problem: The following script (/etc/pm/sleep.d/02test): #!/bin/bash case "$1" in thaw|resume) lsof -p $$ | mailx -s "thaw file descriptors" root ;; esac exit $? Reveals the following open file descriptors: COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME 02test 7206 root cwd DIR 253,0 4096 2 / 02test 7206 root rtd DIR 253,0 4096 2 / 02test 7206 root txt REG 253,0 735144 31257 /bin/bash 02test 7206 root mem REG 253,0 95188 65200 /lib/libtinfo.so.5.6 02test 7206 root mem REG 253,0 128952 65179 /lib/ld-2.7.so 02test 7206 root mem REG 253,0 1692524 65181 /lib/libc-2.7.so 02test 7206 root mem REG 253,0 20564 65182 /lib/libdl-2.7.so 02test 7206 root 0r FIFO 0,5 25538 pipe 02test 7206 root 1w REG 253,1 2806 65623 /var/log/pm-suspend.log 02test 7206 root 2w REG 253,1 2806 65623 /var/log/pm-suspend.log 02test 7206 root 8u sock 0,4 25540 can't identify protocol 02test 7206 root 255r REG 253,0 112 33548 /etc/pm/sleep.d/02test 8 and 255 are leaks. #8 leads to selinux messages: Jun 5 08:44:44 shavano kernel: audit(1212677084.076:5): avc: denied { read write } for pid=7284 comm="ntpdate" path="socket:[25540]" dev=sockfs ino=25540 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=tcp_socket Jun 5 08:44:42 shavano kernel: audit(1212677082.354:6): avc: denied { read write } for pid=7286 comm="ntpd" path="socket:[25540]" dev=sockfs ino=25540 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=tcp_socket Version-Release number of selected component (if applicable): pm-utils-0.99.4-6.fc8 How reproducible: Every time.
Do you know how to fix this? I made a little test and at here it seems that the fd 255 leaks here, too: $ cat one.sh #!/bin/bash bash two.sh $ cat two.sh #!/bin/bash lsof -p $$ $ bash one.sh | grep 255r two.sh 6722 till 255r REG 0,17 24 99519 /tmp/two.sh $ I do not know what to do about it, but I can ask it on the upstream mailinglist. Can you maybe test this on a Fedora 9 Box, too? There is a newer version of pm-utils, maybe it is fixed there.
The file descriptors may be leaked earlier. How do the sleep hooks get called on restart from hibernate?
Hm.., I'm not seeing this (fd 8 socket) anymore. 255 is still there, but that is from bash.