- Issued:
- 2013-02-20
- Updated:
- 2013-02-20
RHBA-2013:0452 - libcgroup bug fix and enhancement update
Synopsis
libcgroup bug fix and enhancement update
Type/Severity
Bug Fix Advisory (none)
Topic
Updated libcgroup packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.
Description
The libcgroup packages provide tools and libraries to control and monitor control groups.
This update fixes the following bugs:
-
Previously, the cgrulesengd daemon ignored the "--sticky" option of the cgexec command and, as a consequence, moved a process to another cgroup when the process called the setuid() or setgid() functions even if the process had to be stuck to the current cgroup. This bug is now fixed and the cgrulesengd daemon now checks whether the process is "sticky" or not when the process calls setuid or setgid. (BZ#773544)
-
Previously, the lscgroup command dropped the first character of a path unless prefixed with a slash, which led to lscgroup generating invalid paths. This bug is now fixed and the generated paths are now correct. (BZ#819137)
-
Previously, adding a cgroup after the cgrulesengd daemon had started did not work. As a consequence, if a directory was created after cgrulesengd was already started, any /etc/cgrules.conf configuration for that directory would not be processed. With this update, a routine has been added to scan the cgrules.conf file and move matching running tasks in the /proc/pid/ directory into configured cgroups. This new routine is called at init time and also after inotify events on cgroups. With this update, a routine has been added to scan the cgrules.conf file and move matching running tasks into configured cgroups. (BZ#849757)
-
Previously, the cgconfig service was not working properly with read-only file systems. As a consequence, cgconfig was not able to start with the default configuration on a Red Hat Enterprise Virtualization Hypervisor system. This update adds a check for the read-only file systems to the cgconfig service and it now works as expected with the default configuration on Red Hat Enterprise Virtualization Hypervisor systems. (BZ#869990)
In addition, this update adds the following enhancement:
- This update improves the logging facility and error messages generated by libcgroup. (BZ#738737)
Users of libcgroup are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- libcgroup-0.37-7.el6.i686.rpm
- libcgroup-pam-0.37-7.el6.s390.rpm
- libcgroup-pam-0.37-7.el6.ppc.rpm
- libcgroup-debuginfo-0.37-7.el6.s390.rpm
- libcgroup-0.37-7.el6.x86_64.rpm
- libcgroup-0.37-7.el6.src.rpm
- libcgroup-debuginfo-0.37-7.el6.ppc.rpm
- libcgroup-pam-0.37-7.el6.i686.rpm
- libcgroup-pam-0.37-7.el6.s390x.rpm
- libcgroup-0.37-7.el6.s390.rpm
- libcgroup-devel-0.37-7.el6.x86_64.rpm
- libcgroup-devel-0.37-7.el6.i686.rpm
- libcgroup-debuginfo-0.37-7.el6.x86_64.rpm
- libcgroup-devel-0.37-7.el6.ppc.rpm
- libcgroup-devel-0.37-7.el6.ppc64.rpm
- libcgroup-0.37-7.el6.s390x.rpm
- libcgroup-devel-0.37-7.el6.s390.rpm
- libcgroup-devel-0.37-7.el6.s390x.rpm
- libcgroup-debuginfo-0.37-7.el6.i686.rpm
- libcgroup-0.37-7.el6.ppc.rpm
- libcgroup-pam-0.37-7.el6.x86_64.rpm
- libcgroup-pam-0.37-7.el6.ppc64.rpm
- libcgroup-debuginfo-0.37-7.el6.ppc64.rpm
- libcgroup-0.37-7.el6.ppc64.rpm
- libcgroup-debuginfo-0.37-7.el6.s390x.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.