Bug Fix Advisory libcgroup bug fix and enhancement update

Advisory: RHBA-2013:1685-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2013-11-20
Last updated on: 2013-11-20
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)

Details

Updated libcgroup packages that fix several bugs and add one enhancement are now
available for Red Hat Enterprise Linux 6.

The libcgroup packages provide tools and libraries to manage and monitor control
groups.

This update fixes the following bugs:

* Previously, the pam_cgoup pluggable authentication module (PAM) did not use
caching. As a consequence, when a system had several thousand users and the
cgrules.conf file contained several thousand lines of configuration settings,
the login time could take several seconds. With this update, the libcgroup code
no longer reads the /etc/passwd file once for every line in cgrules.conf, and
the login time is no longer affected in the described scenario. (BZ#972893)

* Prior to this update, the cgroup files did not have write permissions set
correctly. Consequently, members of the group that owned the cgroup files could
not modify their content. The group permissions have been updated, and the
members of the group can now modify the content of the cgroup files. (BZ#863172)


* Previously, the behavior of the cgred service when opening the configuration
file was not set correctly. Consequently, cgred failed to start if the
configuration file was missing or empty. Explicit checks for the existence of
the configuration file have been removed, and cgred now starts with a missing or
empty configuration file as expected. (BZ#921328)

* The code in the cg_get_pid_from_flags() function assumed that every entry in
the /etc/cgrules.conf file had the process name specified. As a consequence, if
the entry in the /etc/cgrules.conf file did not specify the process name, the
cgred service terminated unexpectedly with a segmentation fault. This update
allows the code to accept empty process names and cgred no longer crashes.
(BZ#912425)

* Prior to this update, the permissions of the /bin/cgclassify file were set
incorrectly. As a consequence, the "--sticky" option of the cgclassify command
was ignored when running under a non-privileged user. The file permissions of
/bin/cgclassify have been updated, and the "--sticky" option now works correctly
for regular users. (BZ#946953)

* Previously, using commas in the lexical analyzer was not supported. As a
consequence, the cgconfig service failed to parse commas in the cgconfig.conf
file. Support for commas in the lexical analyzer has been added, and cgconfig
can now successfully parse commas in cgconfig.conf. (BZ#753334)

* The cgrulesengd daemon had different default logging level than the rest of
the library. Consequently, the log messages were inconsistent. With this update,
the logging level of the cgrulesengd daemon and the library has been unified,
and the log messages are now consistent as expected. (BZ#924399)

* Prior to this update, the cgcreate(1) manual page contained the invalid "-s"
option in the synopsis. This update removes this option. (BZ#809550)

* Previously, the cgred service was starting too early in the boot process. As a
consequence, if some services started before cgred, they could avoid being
restricted. The boot priority of cgred has been lowered, and all services are
now restricted correctly. (BZ#961844)

In addition, this update adds the following enhancement:

* After this update, the cgred daemon supports automated control groups for
every user in any UNIX group that logs in. A template is now used to create a
new control group automatically, and every process the user launches is started
in the appropriate group, which makes managing multiple users easier.
(BZ#589535)

Users of libcgroup are advised to upgrade to these updated packages, which fix
these bugs and add this enhancement.


Solution

Before applying this update, make sure all previously released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
libcgroup-0.40.rc1-5.el6.src.rpm
File outdated by:  RHBA-2017:0583
    MD5: ad6c9aa303a3d4981c737630a884f5f4
SHA-256: cae9f5f4d969e4bdd9e0f8bd6e8e3ccd99ecd374822d8715d55cab0007f9b8c8
 
IA-32:
libcgroup-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: a7888916215eae3151f1f4e66e6fcd7b
SHA-256: 74020dbc15221465194af03263ab798d22f0979a0f7bb635e5c591aa74d7980e
libcgroup-debuginfo-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 49fe0498343917c9db02213a63e574a5
SHA-256: 81057938dc96c446805ab18c1cc9800801ca456b2b1f8d7caec2513ae84f66ba
libcgroup-devel-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6fa20873048818f0f1822e2b371402af
SHA-256: ec418903301c359400f596c499f1ca25e2f791adc8ce0c626693d0cb16a398ca
libcgroup-pam-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: de8165c9a338902adcd8d7677da9177f
SHA-256: cdb14647886c708aa33368254f36132dcf7b187eab6b1ae99126e4fb75329e70
 
x86_64:
libcgroup-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: a7888916215eae3151f1f4e66e6fcd7b
SHA-256: 74020dbc15221465194af03263ab798d22f0979a0f7bb635e5c591aa74d7980e
libcgroup-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 732912b91f219bfd9d99088a2509e34c
SHA-256: 13680019461d30743e3d09fa96f0645d21eb1005f21007334c20860935bbe91e
libcgroup-debuginfo-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 49fe0498343917c9db02213a63e574a5
SHA-256: 81057938dc96c446805ab18c1cc9800801ca456b2b1f8d7caec2513ae84f66ba
libcgroup-debuginfo-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 81b37156c3137c425784cfcbe0d589c5
SHA-256: b88820397800247fcf56343722653a32f8bc3e9397a69e2e3ac21494124d425e
libcgroup-devel-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6fa20873048818f0f1822e2b371402af
SHA-256: ec418903301c359400f596c499f1ca25e2f791adc8ce0c626693d0cb16a398ca
libcgroup-devel-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 90367b40adb6fe1b100eb3b2f9c1c86a
SHA-256: ea4b252dd7795c3801fe63574ff946ebf50bae6519eede8e19f871ae52ff9111
libcgroup-pam-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: de8165c9a338902adcd8d7677da9177f
SHA-256: cdb14647886c708aa33368254f36132dcf7b187eab6b1ae99126e4fb75329e70
libcgroup-pam-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6f265d98e6a229af354be1633d54e9de
SHA-256: 5d8b7f889aed753eb3f16bbb8e29c528a5e452aa10326f266153ac200e341a77
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
libcgroup-0.40.rc1-5.el6.src.rpm
File outdated by:  RHBA-2017:0583
    MD5: ad6c9aa303a3d4981c737630a884f5f4
SHA-256: cae9f5f4d969e4bdd9e0f8bd6e8e3ccd99ecd374822d8715d55cab0007f9b8c8
 
x86_64:
libcgroup-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: a7888916215eae3151f1f4e66e6fcd7b
SHA-256: 74020dbc15221465194af03263ab798d22f0979a0f7bb635e5c591aa74d7980e
libcgroup-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 732912b91f219bfd9d99088a2509e34c
SHA-256: 13680019461d30743e3d09fa96f0645d21eb1005f21007334c20860935bbe91e
libcgroup-debuginfo-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 49fe0498343917c9db02213a63e574a5
SHA-256: 81057938dc96c446805ab18c1cc9800801ca456b2b1f8d7caec2513ae84f66ba
libcgroup-debuginfo-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 81b37156c3137c425784cfcbe0d589c5
SHA-256: b88820397800247fcf56343722653a32f8bc3e9397a69e2e3ac21494124d425e
libcgroup-devel-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6fa20873048818f0f1822e2b371402af
SHA-256: ec418903301c359400f596c499f1ca25e2f791adc8ce0c626693d0cb16a398ca
libcgroup-devel-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 90367b40adb6fe1b100eb3b2f9c1c86a
SHA-256: ea4b252dd7795c3801fe63574ff946ebf50bae6519eede8e19f871ae52ff9111
libcgroup-pam-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: de8165c9a338902adcd8d7677da9177f
SHA-256: cdb14647886c708aa33368254f36132dcf7b187eab6b1ae99126e4fb75329e70
libcgroup-pam-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6f265d98e6a229af354be1633d54e9de
SHA-256: 5d8b7f889aed753eb3f16bbb8e29c528a5e452aa10326f266153ac200e341a77
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
libcgroup-0.40.rc1-5.el6.src.rpm
File outdated by:  RHBA-2017:0583
    MD5: ad6c9aa303a3d4981c737630a884f5f4
SHA-256: cae9f5f4d969e4bdd9e0f8bd6e8e3ccd99ecd374822d8715d55cab0007f9b8c8
 
IA-32:
libcgroup-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: a7888916215eae3151f1f4e66e6fcd7b
SHA-256: 74020dbc15221465194af03263ab798d22f0979a0f7bb635e5c591aa74d7980e
libcgroup-debuginfo-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 49fe0498343917c9db02213a63e574a5
SHA-256: 81057938dc96c446805ab18c1cc9800801ca456b2b1f8d7caec2513ae84f66ba
libcgroup-devel-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6fa20873048818f0f1822e2b371402af
SHA-256: ec418903301c359400f596c499f1ca25e2f791adc8ce0c626693d0cb16a398ca
libcgroup-pam-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: de8165c9a338902adcd8d7677da9177f
SHA-256: cdb14647886c708aa33368254f36132dcf7b187eab6b1ae99126e4fb75329e70
 
PPC:
libcgroup-0.40.rc1-5.el6.ppc.rpm
File outdated by:  RHBA-2017:0583
    MD5: 1553247f670f0d69ad4c715934852216
SHA-256: 19a5c8306ceb2d75eb90efafbc78f5c82c91cc2182dd37a4462cf7c5bba3cf12
libcgroup-0.40.rc1-5.el6.ppc64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 5288937e0238086407230011860b84b3
SHA-256: 8cf75f055ad46a91cf192a8e6515af9831bad5e68490538f499c9899bba61d49
libcgroup-debuginfo-0.40.rc1-5.el6.ppc.rpm
File outdated by:  RHBA-2017:0583
    MD5: 5be7fa87f8fa59a5b68cd4446712747d
SHA-256: 5dff43d31ba2c94ebcb4d51efb29f81697270c672b6f2c8a5719313d0e2b8cfa
libcgroup-debuginfo-0.40.rc1-5.el6.ppc64.rpm
File outdated by:  RHBA-2017:0583
    MD5: bb739a2c74b6486272cb92dbc0ab343b
SHA-256: a5888723a44230b703e6a2c761a568e9ffb43ad81c72f1c37cf7b0889fa3ee39
libcgroup-devel-0.40.rc1-5.el6.ppc.rpm
File outdated by:  RHBA-2017:0583
    MD5: cb6fc7bdbf833a5977033b3e03691bd5
SHA-256: 30cc431da8a156114676c999135b86f44225e015a996288e5e752889d485a1c4
libcgroup-devel-0.40.rc1-5.el6.ppc64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 835667e4ed65bb86e15cfe746abd6fc2
SHA-256: bf0a2ac0f8114a8eaac4a4785aa6a24fa374bb2f038c863328872e1013a3ea6c
libcgroup-pam-0.40.rc1-5.el6.ppc.rpm
File outdated by:  RHBA-2017:0583
    MD5: f7f12d092a97ac0b905117e3357b7060
SHA-256: 0fe69396129fc2b5b5a9aee8dd087ae7b62804680773577c341166e3fb865cd6
libcgroup-pam-0.40.rc1-5.el6.ppc64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 533fa2d3a4bcefd9b01499cf41e3e3ef
SHA-256: 522c4bf9ebc0bca5b38fe10ece2df4e25ed3bb015dab859ec6ca11e7a3b8ab5a
 
s390x:
libcgroup-0.40.rc1-5.el6.s390.rpm
File outdated by:  RHBA-2017:0583
    MD5: 1c602a57fe2d46c652573a5217d6ecc0
SHA-256: 300f4246fee50c5a8357099210a17134fe68a0679cabe3d8b27a499495ec41c7
libcgroup-0.40.rc1-5.el6.s390x.rpm
File outdated by:  RHBA-2017:0583
    MD5: ea7cf366cd8a086f429bf42adf48c3d3
SHA-256: 6ce19acd19e044425c89d87df104751a17ea562db2baf2852f72a8b1fdac3248
libcgroup-debuginfo-0.40.rc1-5.el6.s390.rpm
File outdated by:  RHBA-2017:0583
    MD5: bebd5e9edbda9e20edf1beda11413c71
SHA-256: c56d8617e0d2be11c59bfafc227ab5e560251c1602c5ea8091c5e1ba83d21009
libcgroup-debuginfo-0.40.rc1-5.el6.s390x.rpm
File outdated by:  RHBA-2017:0583
    MD5: daf3bfa6371e4edb2e8ab1befea7c77b
SHA-256: 546d70f55a50af6ae4821f2c99727c3e77ae58657f27d4afda85a17cda852f22
libcgroup-devel-0.40.rc1-5.el6.s390.rpm
File outdated by:  RHBA-2017:0583
    MD5: 406fc0ec2419e0829780e102e82f7db1
SHA-256: 8ce682aa71585d93ad22d6f4fa0b89b5b8288b4b35ca8b14ce4539ece74ca4e8
libcgroup-devel-0.40.rc1-5.el6.s390x.rpm
File outdated by:  RHBA-2017:0583
    MD5: d3d1bafac5d5e41bf025875e2526b6d4
SHA-256: c8350eb667e2f0ae4017ca5499d47c7725712873f6cb196a155314dd1d556137
libcgroup-pam-0.40.rc1-5.el6.s390.rpm
File outdated by:  RHBA-2017:0583
    MD5: e68afafba6c120a45d276c833f1e25b3
SHA-256: a1bd2c33ce2ed8bc79c347c775861754dbf74279635aad13147075c586e90d1e
libcgroup-pam-0.40.rc1-5.el6.s390x.rpm
File outdated by:  RHBA-2017:0583
    MD5: d3748847dd29faacc3838c783e8e11ad
SHA-256: 3041c9b2e719a2ff0f2b59d8078fb6cbafb133ecc6764ced54e3185cfe67b887
 
x86_64:
libcgroup-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: a7888916215eae3151f1f4e66e6fcd7b
SHA-256: 74020dbc15221465194af03263ab798d22f0979a0f7bb635e5c591aa74d7980e
libcgroup-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 732912b91f219bfd9d99088a2509e34c
SHA-256: 13680019461d30743e3d09fa96f0645d21eb1005f21007334c20860935bbe91e
libcgroup-debuginfo-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 49fe0498343917c9db02213a63e574a5
SHA-256: 81057938dc96c446805ab18c1cc9800801ca456b2b1f8d7caec2513ae84f66ba
libcgroup-debuginfo-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 81b37156c3137c425784cfcbe0d589c5
SHA-256: b88820397800247fcf56343722653a32f8bc3e9397a69e2e3ac21494124d425e
libcgroup-devel-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6fa20873048818f0f1822e2b371402af
SHA-256: ec418903301c359400f596c499f1ca25e2f791adc8ce0c626693d0cb16a398ca
libcgroup-devel-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 90367b40adb6fe1b100eb3b2f9c1c86a
SHA-256: ea4b252dd7795c3801fe63574ff946ebf50bae6519eede8e19f871ae52ff9111
libcgroup-pam-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: de8165c9a338902adcd8d7677da9177f
SHA-256: cdb14647886c708aa33368254f36132dcf7b187eab6b1ae99126e4fb75329e70
libcgroup-pam-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6f265d98e6a229af354be1633d54e9de
SHA-256: 5d8b7f889aed753eb3f16bbb8e29c528a5e452aa10326f266153ac200e341a77
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
libcgroup-0.40.rc1-5.el6.src.rpm
File outdated by:  RHBA-2017:0583
    MD5: ad6c9aa303a3d4981c737630a884f5f4
SHA-256: cae9f5f4d969e4bdd9e0f8bd6e8e3ccd99ecd374822d8715d55cab0007f9b8c8
 
IA-32:
libcgroup-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: a7888916215eae3151f1f4e66e6fcd7b
SHA-256: 74020dbc15221465194af03263ab798d22f0979a0f7bb635e5c591aa74d7980e
libcgroup-debuginfo-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 49fe0498343917c9db02213a63e574a5
SHA-256: 81057938dc96c446805ab18c1cc9800801ca456b2b1f8d7caec2513ae84f66ba
libcgroup-devel-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6fa20873048818f0f1822e2b371402af
SHA-256: ec418903301c359400f596c499f1ca25e2f791adc8ce0c626693d0cb16a398ca
libcgroup-pam-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: de8165c9a338902adcd8d7677da9177f
SHA-256: cdb14647886c708aa33368254f36132dcf7b187eab6b1ae99126e4fb75329e70
 
x86_64:
libcgroup-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: a7888916215eae3151f1f4e66e6fcd7b
SHA-256: 74020dbc15221465194af03263ab798d22f0979a0f7bb635e5c591aa74d7980e
libcgroup-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 732912b91f219bfd9d99088a2509e34c
SHA-256: 13680019461d30743e3d09fa96f0645d21eb1005f21007334c20860935bbe91e
libcgroup-debuginfo-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 49fe0498343917c9db02213a63e574a5
SHA-256: 81057938dc96c446805ab18c1cc9800801ca456b2b1f8d7caec2513ae84f66ba
libcgroup-debuginfo-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 81b37156c3137c425784cfcbe0d589c5
SHA-256: b88820397800247fcf56343722653a32f8bc3e9397a69e2e3ac21494124d425e
libcgroup-devel-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6fa20873048818f0f1822e2b371402af
SHA-256: ec418903301c359400f596c499f1ca25e2f791adc8ce0c626693d0cb16a398ca
libcgroup-devel-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 90367b40adb6fe1b100eb3b2f9c1c86a
SHA-256: ea4b252dd7795c3801fe63574ff946ebf50bae6519eede8e19f871ae52ff9111
libcgroup-pam-0.40.rc1-5.el6.i686.rpm
File outdated by:  RHBA-2017:0583
    MD5: de8165c9a338902adcd8d7677da9177f
SHA-256: cdb14647886c708aa33368254f36132dcf7b187eab6b1ae99126e4fb75329e70
libcgroup-pam-0.40.rc1-5.el6.x86_64.rpm
File outdated by:  RHBA-2017:0583
    MD5: 6f265d98e6a229af354be1633d54e9de
SHA-256: 5d8b7f889aed753eb3f16bbb8e29c528a5e452aa10326f266153ac200e341a77
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

738620 - PID file of cgred is not labelled correctly
753334 - cgconfig fails to parse commas in the cgconfig.conf file
809550 - cgcreate man page shows "-s" option in synopsis
916397 - cgrulesengd segmentation fault
921328 - The cgred service fails to start with an empty configuration file.
924399 - cgrulesengd daemon has different default logging level than the rest of the library
951724 - Typo in cgget man page
961844 - after reboot cgred does not confine/move users' processes into relevant target...
964219 - cgred process dies
972893 - pam_cgroup is slow when cgrules.conf and /etc/passwd are large



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/