diff options
Diffstat (limited to 'hal-0.5.11-patches/0003-don-t-leak-file-descriptor-on-umount.patch')
-rw-r--r-- | hal-0.5.11-patches/0003-don-t-leak-file-descriptor-on-umount.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/hal-0.5.11-patches/0003-don-t-leak-file-descriptor-on-umount.patch b/hal-0.5.11-patches/0003-don-t-leak-file-descriptor-on-umount.patch new file mode 100644 index 00000000..bc3ef1a2 --- /dev/null +++ b/hal-0.5.11-patches/0003-don-t-leak-file-descriptor-on-umount.patch @@ -0,0 +1,31 @@ +From 56f627caf0f8990faed67dcadbf6d8ef1ddd7e2d Mon Sep 17 00:00:00 2001 +From: Daniel Walsh <dwalsh@redhat.com> +Date: Fri, 13 Jun 2008 08:14:39 +0100 +Subject: [PATCH 03/48] don't leak file descriptor on umount + +I think this is a leaked file descriptor from hal. Hal opens the lock +file for write and then fails to call fcntl(fd,F_SETFD, FD_CLOSEXEC) + +When the confined mount program runs, the SELinux kernel notices the open file +descriptor, checks the domain to see if it has access, then closes it with the +error. +--- + tools/hal-storage-shared.c | 2 ++ + 1 files changed, 2 insertions(+), 0 deletions(-) + +diff --git a/tools/hal-storage-shared.c b/tools/hal-storage-shared.c +index b10be10..422f00e 100644 +--- a/tools/hal-storage-shared.c ++++ b/tools/hal-storage-shared.c +@@ -706,6 +706,8 @@ lock_hal_mtab (void) + if (lock_mtab_fd < 0) + return FALSE; + ++ fcntl(lock_mtab_fd, F_SETFD, FD_CLOEXEC); ++ + tryagain: + #if sun + if (lockf (lock_mtab_fd, F_LOCK, 0) != 0) { +-- +1.6.1.2 + |