Red Hat Bugzilla – Bug 501368
avc during live install due to leaked fd
Last modified: 2009-07-22 11:04:48 EDT
We're leaking an open fd of /dev/mapper/control when we go to exec loadkeys on the live install.
To work around this, we have a few options
a) Figure out where we're opening it and ensure we close /dev/mapper/control
b) Patch libdevice-mapper to open /dev/mapper/control with O_CLOEXEC
c) Patch rhpl to close fds when doing execWith*
c is probably the easiest, but also could have the widest side effects although I don't see how it could break anything off-hand
While we're digging around in rhpl, we should probably convert the execWith* functions to use subprocess, finally. Then maybe we could make anaconda use rhpl.executil instead of stuff out of iutil. Wishful thinking, I know.
I'd be more inclined to try to finish killing off rhpl...
Sure, we can do that too.
This bug is currently on the F11AnacondaBlocker ... is this a must have for Fedora 11? Is the "killing of rhpl" a post-F11 action?
Choice (c) above is an F11 thing, and killing rhpl is post-F11. There's more things than just anaconda using it so it's too late to get rid of it.
Yeah, killing rhpl is a post-F11 action.
But we should fix the avc as otherwise, people will have it pop up while they're doing installs from the live media (which is at least some high percentage of our install cases) and then file bugs. We don't want to have to see those bugs for the entire life of F11 :)
Simple version of c just for the case that we know we need it sent to anaconda-devel-list for review
And built and tag requested
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.
More information and reason for this action is here: