AppArmor

apparmor_parser 2.5 doesn't close file descriptors

Bug #588012 reported by Arkadiusz Miśkiewicz on 2010-05-31

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	AppArmor	Fix Released	Undecided	Unassigned
	2.5	Fix Released	High	Unassigned	AppArmor 2.5.1

Bug Description

My apache profile consists over 1335 #include directives. Unfortunately parser fails with mystic message with these:

AppArmor parser error in /etc/apparmor.d/usr.sbin.httpd.prefork at line 93616: Could not open '(null)'

It turns out that the problem is with not closing of file descriptors, likely opened for #include directive. strace confirms that:

3865 open("/etc/apparmor.d/abstractions/base", O_RDONLY) = -1 EMFILE (Too many open files)

while the limit was 1024.

parser should open and close policy files after using them.

Revision history for this message

Arkadiusz Miśkiewicz (arekm) wrote on 2010-06-01:

Likely fixed by, so closing.

revno: 1379
committer: Steve Beattie
branch nick: master
timestamp: Fri 2010-03-12 01:50:26 -0800
message:
Fix leaking file descriptors on included files.

Changed in apparmor:
status:	New → Fix Committed

Revision history for this message

Steve Beattie (sbeattie) wrote on 2010-06-07:

Fixed in trunk, should be included in a 2.5.1 release

Changed in apparmor:
status:	Fix Committed → Fix Released

Revision history for this message

Steve Beattie (sbeattie) wrote on 2010-09-21:

AppArmor 2.5.1 has been released: https://launchpad.net/apparmor/2.5/2.5.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.