* [PATCH] Fix nscd -K
@ 2009-05-13 23:22 Jakub Jelinek
0 siblings, 0 replies; only message in thread
From: Jakub Jelinek @ 2009-05-13 23:22 UTC (permalink / raw)
To: Ulrich Drepper; +Cc: Glibc hackers
Hi!
When nscd runs with SELinux enabled, running nscd -K might
segfault the daemon before exit, because avc_destroy is called
in the thread calling termination_handler, but other threads
might be busy doing other stuff and possibly calling something that
expects the avc not to be destroyed yet.
2009-05-14 Jakub Jelinek <jakub@redhat.com>
* nscd/selinux.c (nscd_avc_destroy): Removed.
* nscd/selinux.h (nscd_avc_destroy): Likewise.
* nscd/nscd.c (termination_handler): Don't call
nscd_avc_destroy.
--- libc/nscd/nscd.c.jj 2009-02-16 14:47:30.000000000 +0100
+++ libc/nscd/nscd.c 2009-05-14 01:13:59.000000000 +0200
@@ -488,10 +488,6 @@ termination_handler (int signum)
msync (dbs[cnt].head, dbs[cnt].memsize, MS_ASYNC);
}
- /* Shutdown the SELinux AVC. */
- if (selinux_enabled)
- nscd_avc_destroy ();
-
_exit (EXIT_SUCCESS);
}
--- libc/nscd/selinux.c.jj 2007-12-10 09:05:34.000000000 +0100
+++ libc/nscd/selinux.c 2009-05-14 01:15:02.000000000 +0200
@@ -1,5 +1,5 @@
/* SELinux access controls for nscd.
- Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
+ Copyright (C) 2004, 2005, 2006, 2007, 2009 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Matthew Rickard <mjricka@epoch.ncsc.mil>, 2004.
@@ -418,15 +418,4 @@ nscd_avc_print_stats (struct avc_cache_s
cstats->cav_probes, cstats->cav_misses);
}
-
-/* Clean up the AVC before exiting. */
-void
-nscd_avc_destroy (void)
-{
- avc_destroy ();
-#ifdef HAVE_LIBAUDIT
- audit_close (audit_fd);
-#endif
-}
-
#endif /* HAVE_SELINUX */
--- libc/nscd/selinux.h.jj 2007-04-23 10:54:02.000000000 +0200
+++ libc/nscd/selinux.h 2009-05-14 01:14:40.000000000 +0200
@@ -1,5 +1,5 @@
/* Header for nscd SELinux access controls.
- Copyright (C) 2004, 2006, 2007 Free Software Foundation, Inc.
+ Copyright (C) 2004, 2006, 2007, 2009 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Matthew Rickard <mjricka@epoch.ncsc.mil>, 2004.
@@ -35,8 +35,6 @@ struct avc_cache_stats;
/* Initialize the userspace AVC. */
extern void nscd_avc_init (void);
-/* Destroy the userspace AVC. */
-extern void nscd_avc_destroy (void);
/* Determine if we are running on an SELinux kernel. */
extern void nscd_selinux_enabled (int *selinux_enabled);
/* Check if the client has permission for the request type. */
@@ -55,7 +53,6 @@ extern void install_real_capabilities (c
#else
# define selinux_enabled 0
# define nscd_avc_init() (void) 0
-# define nscd_avc_destroy() (void) 0
# define nscd_selinux_enabled(selinux_enabled) (void) 0
# define nscd_request_avc_has_perm(fd, req) 0
# define nscd_avc_cache_stats(cstats) (void) 0
Jakub
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-05-13 23:22 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-05-13 23:22 [PATCH] Fix nscd -K Jakub Jelinek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).