Description of problem: cupsd repeatedly calls avc_init, each call allocates file descriptors until resources run out. Version-Release number of selected component (if applicable): F10-rawhade (f15) How reproducible: Run cupsd with selinux features enabled, file descriptor count will increase over time, about 5 per job queued or cups queries, etc. We were able to prevent this by only calling avc_init the first time through the code. Actual results: Number of file descriptors grows Expected results: Numberof file descriptors should be about the same. Additional info: ipp.c and job.c contain the call.s
Thanks Christopher for the report. Can you attach the patch that prevents the issue for you ?
Created attachment 465015 [details] demonstration on how to fix cups fd leak This will stop the leaks in cupsd but is a sloppy way to do it - not the way to do it but should give an idea how to fix it. The avc open call is deprecated as well. When we applied this to cupsd to leak went away. BTW the leak is quite severe, 4-6 fds per cups request.
Thanks. Patch applied as it is.
cups-1.4.6-1.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/cups-1.4.6-1.fc14
cups-1.4.6-1.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/cups-1.4.6-1.fc13
Will this be submitted to RHEL6 as well?
Thanks for reminding me. I've filed tracking bugs for that now.
cups-1.4.6-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update cups'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/cups-1.4.6-1.fc13
cups-1.4.6-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
cups-1.4.6-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.