654075 – avc calls leak file descriptors

Bug 654075 - avc calls leak file descriptors

Summary: avc calls leak file descriptors

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	cups
Sub Component:
Version:	13
Hardware:	Unspecified
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	---
Assignee:	Tim Waugh
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	668009 668010
TreeView+	depends on / blocked

Reported:	2010-11-16 19:47 UTC by Christopher Hailey
Modified:	2011-04-17 21:25 UTC (History)
CC List:	2 users (show)
Fixed In Version:	cups-1.4.6-1.fc13
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	668009 (view as bug list)
Environment:
Last Closed:	2011-01-18 21:33:08 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
demonstration on how to fix cups fd leak (1.81 KB, text/plain) 2010-12-06 16:27 UTC, Christopher Hailey	no flags	Details
View All

Description Christopher Hailey 2010-11-16 19:47:23 UTC

Description of problem: cupsd repeatedly calls avc_init, each call allocates file descriptors until resources run out.


Version-Release number of selected component (if applicable): F10-rawhade (f15)


How reproducible:  Run cupsd with selinux features enabled, file descriptor count will increase over time, about 5 per job queued or cups queries, etc.  We were able to prevent this by only calling avc_init the first time through the code.

  
Actual results:  Number of file descriptors grows


Expected results: Numberof file descriptors should be about the same.


Additional info:  ipp.c and job.c contain the call.s

Comment 3 Jiri Popelka 2010-11-18 14:42:08 UTC

Thanks Christopher for the report.

Can you attach the patch that prevents the issue for you ?

Comment 4 Christopher Hailey 2010-12-06 16:27:56 UTC

Created attachment 465015 [details]
demonstration on how to fix cups fd leak

This will stop the leaks in cupsd but is a sloppy way to do it - not the way to do it but should give an idea how to fix it.  The avc open call is deprecated as well.  When we applied this to cupsd to leak went away.  BTW the leak is quite severe, 4-6 fds per cups request.

Comment 5 Jiri Popelka 2010-12-13 14:19:00 UTC

Thanks.
Patch applied as it is.

Comment 6 Fedora Update System 2011-01-07 12:30:52 UTC

cups-1.4.6-1.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/cups-1.4.6-1.fc14

Comment 7 Fedora Update System 2011-01-07 12:31:53 UTC

cups-1.4.6-1.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/cups-1.4.6-1.fc13

Comment 8 Christopher Hailey 2011-01-07 16:10:46 UTC

Will this be submitted to RHEL6 as well?

Comment 9 Tim Waugh 2011-01-07 16:28:00 UTC

Thanks for reminding me.  I've filed tracking bugs for that now.

Comment 10 Fedora Update System 2011-01-07 19:57:41 UTC

cups-1.4.6-1.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update cups'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/cups-1.4.6-1.fc13

Comment 11 Fedora Update System 2011-01-18 21:32:47 UTC

cups-1.4.6-1.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2011-04-17 21:25:13 UTC

cups-1.4.6-1.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.