fedora-selinux August 2010 archive
Main Archive Page > Month Archives  > fedora-selinux archives
fedora-selinux: Re: sandbox cleanup?

Re: sandbox cleanup?

From: Dominick Grift <domg472_at_nospam>
Date: Sat Aug 21 2010 - 14:04:38 GMT
To: selinux@lists.fedoraproject.org

On 08/21/2010 01:23 PM, Daniel J Walsh wrote:
> On 08/19/2010 04:48 PM, David P. Quigley wrote:
>> On Thu, 2010-08-19 at 13:38 -0700, Tom London wrote:
>>> On Thu, Aug 19, 2010 at 12:32 PM, Christoph A. <casmls@gmail.com> wrote:
>>>> Hi,
>>>>
>>>> I just noticed that I have over 100 processes running in the
>>>> sandbox_web_client_t domain, although I closed all my sandbox windows.
>>>>
>>>> ps auxZ|grep sandbox_web_client_t|grep -c /usr/libexec/gvfsd
>>>> 52
>>>>
>>>> ps auxZ|grep sandbox_web_client_t|grep -c '/bin/dbus-daemon --fork
>>>> --print-pid 5 --print-address 7 --session'
>>>> 51
>>>>
>>>> Shouldn't they be killed after I closed all sandbox windows?
>>>>
>>>> Kind regards,
>>>> Christoph
>>>>
>>>>
>>> I see this too.
>>>
>>> Could pulseaudio not be shutting down gracefully? Just a guess....
>>>
>>> tom
>
>> I don't believe this has anything to do with the sandbox. I am getting
>> similar problems at home on F13 when I use xming to do x forwarding
>> between my Windows and Linux machines. I was using it on virt-manager on
>> that machine and was still having the problems.
>
>> Dave
>
>> --
>> selinux mailing list
>> selinux@lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
>
> I wish there was a way to setup a different cgroup for each sandbox.
> then we could do a killall on the cgroup.

I am not sure but could cgexec (man cgexec) help here? That is how
initrc puts services in a defined cgroup.

-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux

-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux