From linux-kernel-owner+willy=40w.ods.org@vger.kernel.org Wed Jan 22 21:32:31 2003 Return-Path: Received: from vax.home.local (vax [10.2.1.2]) by alpha.home.local (8.12.4/8.12.1) with ESMTP id h0MKWVli026204 for ; Wed, 22 Jan 2003 21:32:31 +0100 Received: from vger.kernel.org (vger.kernel.org [209.116.70.75]) by vax.home.local (8.12.2/8.12.1) with ESMTP id h0MKWP1Q028813 for ; Wed, 22 Jan 2003 21:32:29 +0100 (CET) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 22 Jan 2003 15:17:48 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 22 Jan 2003 15:17:48 -0500 Received: from tsv.sws.net.au ([203.36.46.2]:42503 "EHLO tsv.sws.net.au") by vger.kernel.org with ESMTP id ; Wed, 22 Jan 2003 15:17:47 -0500 Received: from lyta.coker.com.au (localhost [127.0.0.1]) by tsv.sws.net.au (Postfix) with ESMTP id E737892666; Thu, 23 Jan 2003 07:26:50 +1100 (EST) Received: by lyta.coker.com.au (Postfix, from userid 1001) id 28EDC7AC9; Wed, 22 Jan 2003 21:26:41 +0100 (CET) Date: Wed, 22 Jan 2003 21:26:40 +0100 To: linux-kernel@vger.kernel.org Cc: alan@lxorguk.ukuu.org.uk Subject: patch for open file handles with initrd in 2.4.20 Message-ID: <20030122202640.GA17661@coker.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.3i From: russell@coker.com.au (Russell Coker) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org Status: RO Content-Length: 1000 Lines: 27 The following patch was back-ported from 2.5.x by Stephen Smalley to fix a problem where the file handle of the root of the initrd is inherited by init and other processes. The bug was discovered when running SE Linux on 2.4.20 systems with a policy that denied such inheriting of file handles and logged the operations it denied. This patch has been well tested, please include it in 2.4.21. --- linux-2.4.20.lsm-old/init/do_mounts.c 2002-12-13 19:33:23.000000000 +0100 +++ linux-2.4.20.lsm/init/do_mounts.c 2002-12-13 19:36:48.000000000 +0100 @@ -812,6 +812,8 @@ /* switch root and cwd back to / of rootfs */ sys_fchdir(root_fd); sys_chroot("."); + close(old_fd); + close(root_fd); sys_umount("/old/dev", 0); if (real_root_dev == ram0) { - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/