Bug 807734 - SELinux is preventing /usr/sbin/xl2tpd from read, write access on the chr_file ptmx.
SELinux is preventing /usr/sbin/xl2tpd from read, write access on the chr_fil...
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: l2tpd (Show other bugs)
16
x86_64 Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Orphan Owner
Fedora Extras Quality Assurance
abrt_hash:7f4d9eac01616c2d796acf94b2e...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-28 11:14 EDT by Francisco Miguel Biete
Modified: 2013-02-13 20:13 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-13 20:13:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Francisco Miguel Biete 2012-03-28 11:14:44 EDT
libreport version: 2.0.8
executable:     /usr/bin/python
hashmarkername: setroubleshoot
kernel:         3.3.0-4.fc16.x86_64
reason:         SELinux is preventing /usr/sbin/xl2tpd from read, write access on the chr_file ptmx.
time:           mié 28 mar 2012 17:14:12 CEST

description:
:SELinux is preventing /usr/sbin/xl2tpd from read, write access on the chr_file ptmx.
:
:*****  Plugin catchall (100. confidence) suggests  ***************************
:
:If you believe that xl2tpd should be allowed read write access on the ptmx chr_file by default.
:Then you should report this as a bug.
:You can generate a local policy module to allow this access.
:Do
:allow this access for now by executing:
:# grep xl2tpd /var/log/audit/audit.log | audit2allow -M mypol
:# semodule -i mypol.pp
:
:Additional Information:
:Source Context                system_u:system_r:l2tpd_t:s0
:Target Context                system_u:object_r:ptmx_t:s0
:Target Objects                ptmx [ chr_file ]
:Source                        xl2tpd
:Source Path                   /usr/sbin/xl2tpd
:Port                          <Desconocido>
:Host                          (removed)
:Source RPM Packages           xl2tpd-1.3.1-1.fc16.x86_64
:Target RPM Packages           
:Policy RPM                    selinux-policy-3.10.0-80.fc16.noarch
:Selinux Enabled               True
:Policy Type                   targeted
:Enforcing Mode                Enforcing
:Host Name                     (removed)
:Platform                      Linux (removed) 3.3.0-4.fc16.x86_64 #1
:                              SMP Tue Mar 20 18:05:40 UTC 2012 x86_64 x86_64
:Alert Count                   1
:First Seen                    mié 28 mar 2012 17:11:24 CEST
:Last Seen                     mié 28 mar 2012 17:11:24 CEST
:Local ID                      c9e9ec4a-6f2b-4323-80c8-ba2b1db56c43
:
:Raw Audit Messages
:type=AVC msg=audit(1332947484.480:127): avc:  denied  { read write } for  pid=27145 comm="xl2tpd" name="ptmx" dev="devtmpfs" ino=6530 scontext=system_u:system_r:l2tpd_t:s0 tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
:
:
:type=SYSCALL msg=audit(1332947484.480:127): arch=x86_64 syscall=open success=no exit=EACCES a0=413af3 a1=2 a2=ffffffff a3=e items=0 ppid=1 pid=27145 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=xl2tpd exe=/usr/sbin/xl2tpd subj=system_u:system_r:l2tpd_t:s0 key=(null)
:
:Hash: xl2tpd,l2tpd_t,ptmx_t,chr_file,read,write
:
:audit2allow
:
:#============= l2tpd_t ==============
:allow l2tpd_t ptmx_t:chr_file { read write };
:
:audit2allow -R
:
:#============= l2tpd_t ==============
:allow l2tpd_t ptmx_t:chr_file { read write };
:
Comment 1 Daniel Walsh 2012-03-28 12:08:14 EDT
Does l2tpd use pseudo terminals?
Comment 2 Francisco Miguel Biete 2012-03-30 11:09:15 EDT
I'm trying to connect to a xl2tp server, Fedora 16 is the client:

/etc/xl2tpd/xl2tpd.conf
[global]
;empty

[lac WorkServer]
lns = XXX.XXX.XXX.XXX
require chap = yes
refuse pap = yes
require authentication = yes
name = XXXXXXX
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd.client
length bit = yes

/etc/ppp/options.xl2tpd.client
ipcp-accept-local
ipcp-accept-remote
refuse-eap
noccp
noauth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
connect-delay 5000

The selinux appears after this:
echo "c WorkServer" > /var/run/xl2tpd/l2tp-control


I executed, as sugested, to get rid of the problem:
grep xl2tpd /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp
Comment 3 Francisco Miguel Biete 2012-03-30 11:26:14 EDT
After mounting the ipsec tunnel, and executing I get this:

Mar 30 17:23:33 localhost xl2tpd[20009]: getPtyMaster_ptmx: unable to open /dev/ptmx to allocate pty
Mar 30 17:23:33 localhost xl2tpd[20009]: getPtyMaster: failed to use pts -- using legacy ptys
Mar 30 17:23:33 localhost xl2tpd[20009]: getPtyMaster_pty: No more free pseudo-tty's
Mar 30 17:23:33 localhost xl2tpd[20009]: start_pppd: unable to allocate pty, abandoning!

And again a selinux error:

type=AVC msg=audit(1333121013.670:136): avc:  denied  { open } for  pid=20009 comm="xl2tpd" name="ptmx" dev="devtmpfs" ino=10241 scontext=system_u:system_r:l2tpd_t:s0 tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file


type=SYSCALL msg=audit(1333121013.670:136): arch=x86_64 syscall=open success=no exit=EACCES a0=413af3 a1=2 a2=ffffffff a3=e items=0 ppid=1 pid=20009 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=xl2tpd exe=/usr/sbin/xl2tpd subj=system_u:system_r:l2tpd_t:s0 key=(null)

Hash: xl2tpd,l2tpd_t,ptmx_t,chr_file,open
Comment 4 Francisco Miguel Biete 2012-03-30 11:27:42 EDT
It seem to be a duplicate of: 748726
https://bugzilla.redhat.com/show_bug.cgi?id=748726
Comment 5 Francisco Miguel Biete 2012-03-30 11:29:23 EDT
And https://bugzilla.redhat.com/show_bug.cgi?id=748724
Comment 6 Miroslav Grepl 2012-04-22 16:07:05 EDT
Fixed in selinux-policy-3.10.0-86.fc16
Comment 7 Francisco Miguel Biete 2012-05-12 01:17:25 EDT
(In reply to comment #6)
> Fixed in selinux-policy-3.10.0-86.fc16

Sorry for the delay.

# systemctl start xl2tpd.service

Produces:

May 12 07:08:56 localhost systemd[1]: Cannot add dependency job for unit openswan.service, ignoring: Unit openswan.service failed to load: No such file or directory. See system logs and 'systemctl status openswan.service' for details.
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: setsockopt recvref[30]: Protocol not available
May 12 07:08:56 localhost dbus[1127]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
May 12 07:08:56 localhost dbus-daemon[1127]: dbus[1127]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
May 12 07:08:56 localhost kernel: [  474.593206] PPP generic driver version 2.4.2
May 12 07:08:56 localhost kernel: [  474.595378] NET: Registered protocol family 24
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: L2TP kernel support not detected.
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: xl2tpd version xl2tpd-1.3.1 started on localhost.localdomain PID:6460
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: Forked by Scott Balmos and David Stipp, (C) 2001
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: Inherited by Jeff McAdams, (C) 2002
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: Forked again by Xelerance (www.xelerance.com) (C) 2006
May 12 07:08:56 localhost xl2tpd[6460]: xl2tpd[6460]: Listening on IP address 0.0.0.0, port 1701
May 12 07:08:57 localhost dbus[1127]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
May 12 07:08:57 localhost dbus-daemon[1127]: dbus[1127]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
May 12 07:08:57 localhost setroubleshoot: Deleting alert a3dbdac6-e742-460c-8a75-cf61427bca08, it is allowed in current policy
May 12 07:09:00 localhost setroubleshoot: SELinux is preventing /usr/sbin/xl2tpd from read access on the file modules. For complete SELinux messages. run sealert -l 94160e94-07a2-4ca8-8cae-52202066bce0

----------------------------------
# LANG=C; sealert -l 94160e94-07a2-4ca8-8cae-52202066bce0
SELinux is preventing /usr/sbin/xl2tpd from read access on the file modules.

*****  Plugin catchall (100. confidence) suggests  ***************************

If you believe that xl2tpd should be allowed read access on the modules file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep xl2tpd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp


Additional Information:
Source Context                system_u:system_r:l2tpd_t:s0
Target Context                system_u:object_r:proc_t:s0
Target Objects                modules [ file ]
Source                        xl2tpd
Source Path                   /usr/sbin/xl2tpd
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           xl2tpd-1.3.1-5.fc16.x86_64
Target RPM Packages           
Policy RPM                    selinux-policy-3.10.0-84.fc16.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 3.3.4-3.fc16.x86_64 #1
                              SMP Thu May 3 14:46:44 UTC 2012 x86_64 x86_64
Alert Count                   1
First Seen                    Sat May 12 07:08:56 2012
Last Seen                     Sat May 12 07:08:56 2012
Local ID                      94160e94-07a2-4ca8-8cae-52202066bce0

Raw Audit Messages
type=AVC msg=audit(1336799336.300:104): avc:  denied  { read } for  pid=6460 comm="xl2tpd" name="modules" dev="proc" ino=4026532009 scontext=system_u:system_r:l2tpd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file


type=SYSCALL msg=audit(1336799336.300:104): arch=x86_64 syscall=open success=no exit=EACCES a0=417914 a1=0 a2=1b6 a3=238 items=0 ppid=1 pid=6460 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=xl2tpd exe=/usr/sbin/xl2tpd subj=system_u:system_r:l2tpd_t:s0 key=(null)

Hash: xl2tpd,l2tpd_t,proc_t,file,read

audit2allow

#============= l2tpd_t ==============
allow l2tpd_t proc_t:file read;

audit2allow -R

#============= l2tpd_t ==============
allow l2tpd_t proc_t:file read;
Comment 8 Francisco Miguel Biete 2012-05-12 01:19:51 EDT
And trying to connect

# echo "c WorkServer" > /var/run/xl2tpd/l2tp-control

May 12 07:11:07 localhost xl2tpd[6460]: xl2tpd[6460]: Connecting to host vpnipsec.renr.es, port 1701
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: Connection established to X.X.X.X, 1701.  Local: 50857, Remote: 58383 (ref=0/0).
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: Calling on tunnel 50857
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: check_control: Received out of order control packet on tunnel 58383 (got 0, expected 1)
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: handle_packet: bad control packet!
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: check_control: Received out of order control packet on tunnel 58383 (got 0, expected 1)
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: handle_packet: bad control packet!
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: Call established with 213.0.95.5, Local: 54616, Remote: 10172, Serial: 1 (ref=0/0)
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: getPtyMaster_ptmx: unable to grantpt() on pty
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: getPtyMaster: failed to use pts -- using legacy ptys
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: getPtyMaster_pty: No more free pseudo-tty's
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: start_pppd: unable to allocate pty, abandoning!
May 12 07:11:09 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:09 localhost setroubleshoot: SELinux is preventing /usr/sbin/xl2tpd from ioctl access on the chr_file /dev/ptmx. For complete SELinux messages. run sealert -l cf713ab4-f969-49d7-86a0-f24fd786a035
May 12 07:11:12 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:15 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:18 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:21 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:24 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:27 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:30 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:33 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:11:36 localhost xl2tpd[6460]: xl2tpd[6460]: write_packet: tty is not open yet.
May 12 07:12:10 localhost xl2tpd[6460]: xl2tpd[6460]: check_control: Received out of order control packet on tunnel 58383 (got 2, expected 3)
May 12 07:12:10 localhost xl2tpd[6460]: xl2tpd[6460]: handle_packet: bad control packet!


======================

# LANG=C; sealert -l cf713ab4-f969-49d7-86a0-f24fd786a035
SELinux is preventing /usr/sbin/xl2tpd from ioctl access on the chr_file /dev/ptmx.

*****  Plugin catchall (100. confidence) suggests  ***************************

If you believe that xl2tpd should be allowed ioctl access on the ptmx chr_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep xl2tpd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp


Additional Information:
Source Context                system_u:system_r:l2tpd_t:s0
Target Context                system_u:object_r:ptmx_t:s0
Target Objects                /dev/ptmx [ chr_file ]
Source                        xl2tpd
Source Path                   /usr/sbin/xl2tpd
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           xl2tpd-1.3.1-5.fc16.x86_64
Target RPM Packages           
Policy RPM                    selinux-policy-3.10.0-84.fc16.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 3.3.4-3.fc16.x86_64 #1
                              SMP Thu May 3 14:46:44 UTC 2012 x86_64 x86_64
Alert Count                   3
First Seen                    Fri Mar 30 17:32:27 2012
Last Seen                     Sat May 12 07:11:09 2012
Local ID                      cf713ab4-f969-49d7-86a0-f24fd786a035

Raw Audit Messages
type=AVC msg=audit(1336799469.57:105): avc:  denied  { ioctl } for  pid=6460 comm="xl2tpd" path="/dev/ptmx" dev="devtmpfs" ino=1129 scontext=system_u:system_r:l2tpd_t:s0 tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file


type=SYSCALL msg=audit(1336799469.57:105): arch=x86_64 syscall=ioctl success=no exit=EACCES a0=5 a1=5401 a2=7fff2b7ac088 a3=0 items=0 ppid=1 pid=6460 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=xl2tpd exe=/usr/sbin/xl2tpd subj=system_u:system_r:l2tpd_t:s0 key=(null)

Hash: xl2tpd,l2tpd_t,ptmx_t,chr_file,ioctl

audit2allow

#============= l2tpd_t ==============
allow l2tpd_t ptmx_t:chr_file ioctl;

audit2allow -R

#============= l2tpd_t ==============
allow l2tpd_t ptmx_t:chr_file ioctl;
Comment 9 Francisco Miguel Biete 2012-05-12 01:22:06 EDT
(In reply to comment #6)
> Fixed in selinux-policy-3.10.0-86.fc16

Sorry, I just missed thne 86 part in "selinux-policy-3.10.0-86.fc16".
Updates has selinux-policy-3.10.0-84.fc16
Comment 10 Francisco Miguel Biete 2012-05-12 01:43:37 EDT
With the 3.10.0-86 I get the alert when starting the xl2tpd.service.

But connecting seems possible


May 12 07:28:35 localhost xl2tpd[15901]: xl2tpd[15901]: xl2tpd version xl2tpd-1.3.1 started on localhost.localdomain PID:15901
May 12 07:28:35 localhost xl2tpd[15901]: xl2tpd[15901]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
May 12 07:28:35 localhost xl2tpd[15901]: xl2tpd[15901]: Forked by Scott Balmos and David Stipp, (C) 2001
May 12 07:28:35 localhost xl2tpd[15901]: xl2tpd[15901]: Inherited by Jeff McAdams, (C) 2002
May 12 07:28:35 localhost xl2tpd[15901]: xl2tpd[15901]: Forked again by Xelerance (www.xelerance.com) (C) 2006
May 12 07:28:35 localhost xl2tpd[15901]: xl2tpd[15901]: Listening on IP address 0.0.0.0, port 1701
May 12 07:28:35 localhost setroubleshoot: SELinux is preventing /usr/sbin/xl2tpd from read access on the file modules. For complete SELinux messages. run sealert -l 94160e94-07a2-4ca8-8cae-52202066bce0

sealert -l 94160e94-07a2-4ca8-8cae-52202066bce0
SELinux is preventing /usr/sbin/xl2tpd from read access on the file modules.

*****  Plugin catchall (100. confidence) suggests  ***************************

If you believe that xl2tpd should be allowed read access on the modules file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep xl2tpd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp


Additional Information:
Source Context                system_u:system_r:l2tpd_t:s0
Target Context                system_u:object_r:proc_t:s0
Target Objects                modules [ file ]
Source                        xl2tpd
Source Path                   /usr/sbin/xl2tpd
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           xl2tpd-1.3.1-5.fc16.x86_64
Target RPM Packages           
Policy RPM                    selinux-policy-3.10.0-86.fc16.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 3.3.4-3.fc16.x86_64 #1
                              SMP Thu May 3 14:46:44 UTC 2012 x86_64 x86_64
Alert Count                   2
First Seen                    Sat May 12 07:08:56 2012
Last Seen                     Sat May 12 07:28:35 2012
Local ID                      94160e94-07a2-4ca8-8cae-52202066bce0

Raw Audit Messages
type=AVC msg=audit(1336800515.518:129): avc:  denied  { read } for  pid=15901 comm="xl2tpd" name="modules" dev="proc" ino=4026532009 scontext=system_u:system_r:l2tpd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file


type=SYSCALL msg=audit(1336800515.518:129): arch=x86_64 syscall=open success=no exit=EACCES a0=417914 a1=0 a2=1b6 a3=238 items=0 ppid=1 pid=15901 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=xl2tpd exe=/usr/sbin/xl2tpd subj=system_u:system_r:l2tpd_t:s0 key=(null)

Hash: xl2tpd,l2tpd_t,proc_t,file,read

audit2allow

#============= l2tpd_t ==============
allow l2tpd_t proc_t:file read;

audit2allow -R

#============= l2tpd_t ==============
allow l2tpd_t proc_t:file read;
Comment 11 Daniel Walsh 2012-05-18 15:24:36 EDT
I just added this to F17 policy.
Comment 12 Darrien Lambert 2012-07-28 14:03:25 EDT
Has this been fixed in F16 policy?

I also notice the same:

SELinux is preventing /usr/sbin/xl2tpd from read access on the file modules.

with selinux-policy-3.10.0-90.fc16.noarch
Comment 13 Fedora End Of Life 2013-01-16 17:41:30 EST
This message is a reminder that Fedora 16 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 16. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '16'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 16's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 16 is end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" and open it against that version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 14 Fedora End Of Life 2013-02-13 20:13:51 EST
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.