Bug 15495
Summary: | Flood of SELinux denials on polkitd | ||
---|---|---|---|
Product: | Drivers | Reporter: | Alex Villacis Lasso (avillaci) |
Component: | Other | Assignee: | drivers_other |
Status: | CLOSED CODE_FIX | ||
Severity: | normal | CC: | maciej.rutecki, rjw |
Priority: | P1 | ||
Hardware: | All | ||
OS: | Linux | ||
Kernel Version: | 2.6.34-rc1 | Subsystem: | |
Regression: | Yes | Bisected commit-id: | |
Bug Depends on: | |||
Bug Blocks: | 15310 | ||
Attachments: |
Sample audit.log file filled with polkitd denials
Configuration used to compile faulty kernel |
Created attachment 25432 [details]
Configuration used to compile faulty kernel
Fixed in 2.6.34-rc2. Fixed by commit 3836a03d978e68b0ae00d3589089343c998cd4ff . |
Created attachment 25431 [details] Sample audit.log file filled with polkitd denials This might be in the wrong category. I could not find a category for SELinux bugs. When booting 2.6.34-rc1 on a Fedora 12 x86_64 system with the latest updates (as of 2010-03-08), I get a very strange behavior that was not present in vanilla 2.6.33. I see that the setroubleshootd daemon is constantly at around 16 percent CPU usage (as shown by top). In addition I see that the file /var/log/audit/audit.log , where SELinux denials are stored, grows to around 5 MB repeatedly and then gets truncated, over and over. A sample of the audit.log is attached. I see that all of the messages are about polkitd. Steps to reproduce: 1) Compile 2.6.34-rc1 with attached configuration. 2) Reboot with 2.6.34-rc1 and Fedora 12 x86_64 3) Watch CPU usage and size of audit.log Actual results: System (even in idle state) gets around 16 percent activity from setroubleshootd and audit.log fills itself with polkitd denials. Expected results: setroubleshootd should remain dormant and audit.log should stay static, in idle state.