- fixes - SELinux is preventing /sbin/iwconfig access to a leaked /dev/input/event0 file descriptor

This commit is contained in:
Jiri Skala 2010-11-03 15:02:39 +01:00
parent 792aaf025e
commit 7cbe252d21
2 changed files with 17 additions and 1 deletions

11
acpid-2.0.5-cloexec.patch Normal file
View File

@ -0,0 +1,11 @@
diff -up acpid-2.0.5/input_layer.c.cloexec acpid-2.0.5/input_layer.c
--- acpid-2.0.5/input_layer.c.cloexec 2010-11-03 14:53:16.515625864 +0100
+++ acpid-2.0.5/input_layer.c 2010-11-03 14:53:50.235623005 +0100
@@ -291,6 +291,7 @@ int open_inputfile(const char *filename)
struct connection c;
fd = open(filename, O_RDONLY | O_NONBLOCK);
+ fcntl(fd, F_SETFD, FD_CLOEXEC);
if (fd >= 0) {
/* if this file doesn't have events we need, indicate failure */

View File

@ -1,7 +1,7 @@
Summary: ACPI Event Daemon
Name: acpid
Version: 2.0.5
Release: 3%{?dist}
Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Daemons
Source: http://tedfelix.com/linux/acpid-%{version}.tar.gz
@ -13,6 +13,7 @@ Source5: acpid.service
Patch1: acpid-2.0.2-makefile.patch
Patch2: acpid-2.0.5-forking.patch
Patch3: acpid-2.0.5-cloexec.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
ExclusiveArch: ia64 x86_64 %{ix86}
@ -32,6 +33,7 @@ acpid is a daemon that dispatches ACPI events to user-space programs.
%patch1 -p1 -b .makefile
%patch2 -p1 -b .forking
%patch3 -p1 -b .cloexec
%build
make %{?_smp_mflags}
@ -113,6 +115,9 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
* Wed Nov 03 2010 Jiri Skala <jskala@redhat.com> - 2.0.5-4
- fixes #648221 - SELinux is preventing /sbin/iwconfig access to a leaked /dev/input/event0 file descriptor
* Mon Sep 13 2010 Jiri Skala <jskala@redhat.com> - 2.0.5-3
- fixes #629740 - acpid doesn't fork, but systemd unit file claims otherwise