The Samba-Bugzilla – Attachment 13379 Details for
Bug 12898
fd leak to ctdb sub-processes leads to SELinux AVC denial in audit logs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v4-6
BZ12898-v4-6.patch (text/plain), 1.12 KB, created by
Amitay Isaacs
on 2017-07-14 07:49:36 UTC
(
hide
)
Description:
Patches for v4-6
Filename:
MIME Type:
Creator:
Amitay Isaacs
Created:
2017-07-14 07:49:36 UTC
Size:
1.12 KB
patch
obsolete
>From b380f956afbc96e3a1e78fa9dde987bbba34be91 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Wed, 12 Jul 2017 13:41:17 +1000 >Subject: [PATCH] ctdb-common: Set close-on-exec when creating PID file > >Otherwise, for example, the file descriptor for the main PID file will >leak all the way down to event scripts. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12898 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit 3e85cbfd7541d8f30ce1f3244ebcc44332b394fe) >--- > ctdb/common/pidfile.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > >diff --git a/ctdb/common/pidfile.c b/ctdb/common/pidfile.c >index b3f29e3..51c0c25 100644 >--- a/ctdb/common/pidfile.c >+++ b/ctdb/common/pidfile.c >@@ -22,6 +22,8 @@ > > #include <talloc.h> > >+#include "lib/util/blocking.h" >+ > #include "common/pidfile.h" > > struct pidfile_context { >@@ -61,6 +63,12 @@ int pidfile_create(TALLOC_CTX *mem_ctx, const char *pidfile, > goto fail; > } > >+ if (! set_close_on_exec(fd)) { >+ close(fd); >+ ret = EIO; >+ goto fail; >+ } >+ > pid_ctx->fd = fd; > > lck = (struct flock) { >-- >2.9.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
martins
:
review+
Actions:
View
Attachments on
bug 12898
:
13378
| 13379 |
13380