[acpid: 1/2] - fixes #648221 - SELinux is preventing /sbin/iwconfig access to a leaked /dev/input/event0 file des
Jiri Skala
jskala at fedoraproject.org
Wed Nov 3 14:05:26 UTC 2010
commit 7cbe252d2196221cbaa425fcda6ca99ec0e87c91
Author: Jiri Skala <jskala at localhost.(none)>
Date: Wed Nov 3 15:02:39 2010 +0100
- fixes #648221 - SELinux is preventing /sbin/iwconfig access to a leaked /dev/input/event0 file descriptor
acpid-2.0.5-cloexec.patch | 11 +++++++++++
acpid.spec | 7 ++++++-
2 files changed, 17 insertions(+), 1 deletions(-)
---
diff --git a/acpid-2.0.5-cloexec.patch b/acpid-2.0.5-cloexec.patch
new file mode 100644
index 0000000..d2954b2
--- /dev/null
+++ b/acpid-2.0.5-cloexec.patch
@@ -0,0 +1,11 @@
+diff -up acpid-2.0.5/input_layer.c.cloexec acpid-2.0.5/input_layer.c
+--- acpid-2.0.5/input_layer.c.cloexec 2010-11-03 14:53:16.515625864 +0100
++++ acpid-2.0.5/input_layer.c 2010-11-03 14:53:50.235623005 +0100
+@@ -291,6 +291,7 @@ int open_inputfile(const char *filename)
+ struct connection c;
+
+ fd = open(filename, O_RDONLY | O_NONBLOCK);
++ fcntl(fd, F_SETFD, FD_CLOEXEC);
+
+ if (fd >= 0) {
+ /* if this file doesn't have events we need, indicate failure */
diff --git a/acpid.spec b/acpid.spec
index 9da505a..ebb4b70 100644
--- a/acpid.spec
+++ b/acpid.spec
@@ -1,7 +1,7 @@
Summary: ACPI Event Daemon
Name: acpid
Version: 2.0.5
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Daemons
Source: http://tedfelix.com/linux/acpid-%{version}.tar.gz
@@ -13,6 +13,7 @@ Source5: acpid.service
Patch1: acpid-2.0.2-makefile.patch
Patch2: acpid-2.0.5-forking.patch
+Patch3: acpid-2.0.5-cloexec.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
ExclusiveArch: ia64 x86_64 %{ix86}
@@ -32,6 +33,7 @@ acpid is a daemon that dispatches ACPI events to user-space programs.
%patch1 -p1 -b .makefile
%patch2 -p1 -b .forking
+%patch3 -p1 -b .cloexec
%build
make %{?_smp_mflags}
@@ -113,6 +115,9 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
+* Wed Nov 03 2010 Jiri Skala <jskala at redhat.com> - 2.0.5-4
+- fixes #648221 - SELinux is preventing /sbin/iwconfig access to a leaked /dev/input/event0 file descriptor
+
* Mon Sep 13 2010 Jiri Skala <jskala at redhat.com> - 2.0.5-3
- fixes #629740 - acpid doesn't fork, but systemd unit file claims otherwise
More information about the scm-commits
mailing list