Fedora 16 Update: selinux-policy-3.10.0-38.fc16
updates at fedoraproject.org
updates at fedoraproject.org
Sun Oct 9 19:37:11 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-13775
2011-10-04 20:40:57
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 16
Version : 3.10.0
Release : 38.fc16
URL : http://oss.tresys.com/repos/refpolicy/
Summary : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2.20091117
--------------------------------------------------------------------------------
Update Information:
- Allow logrotate setuid and setgid since logrotate is supposed to do it
- Fixes for thumb policy by grift
- Add new nfsd ports
- Added fix to allow confined apps to execmod on chrome
- Add labeling for additional vdsm directories
- Allow Exim and Dovecot SASL
- Add label for /var/run/nmbd
- Add fixes to make virsh and xen working together
- Colord executes ls
- /var/spool/cron is now labeled as user_cron_spool_t
- Add support for Clustered Samba commands
- Allow ricci_modrpm_t to send log msgs
- move permissive virt_qmf_t from virt.te to permissivedomains.te
- Allow ssh_t to use kernel keyrings
- Add policy for libvirt-qmf and more fixes for linux containers
- Initial Polipo
- Sanlock needs to run ranged in order to kill svirt processes
- Allow smbcontrol to stream connect to ctdbd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #733127 - SELinux prevents the NFS server from coming up.
https://bugzilla.redhat.com/show_bug.cgi?id=733127
[ 2 ] Bug #742095 - SELinux is preventing /bin/bash from 'sendto' accesses on the unix_stream_socket Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=742095
[ 3 ] Bug #743336 - SELinux is preventing /lib/systemd/systemd-logind from 'search' accesses on the directory dconf.
https://bugzilla.redhat.com/show_bug.cgi?id=743336
[ 4 ] Bug #743337 - SELinux is preventing /lib/systemd/systemd-logind from 'getattr' accesses on the directory /run/user/gdm/dconf.
https://bugzilla.redhat.com/show_bug.cgi?id=743337
[ 5 ] Bug #743339 - SELinux is preventing /sbin/ldconfig from 'write' accesses on the file /home/james.cape/.config/autostart/dropbox.desktop.
https://bugzilla.redhat.com/show_bug.cgi?id=743339
[ 6 ] Bug #743340 - SELinux is preventing /bin/systemctl from 'getattr' accesses on the file /proc/<pid>/comm.
https://bugzilla.redhat.com/show_bug.cgi?id=743340
[ 7 ] Bug #743539 - nmb.service fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=743539
[ 8 ] Bug #743701 - SELinux is preventing /bin/systemctl from 'read' accesses on the directory system.
https://bugzilla.redhat.com/show_bug.cgi?id=743701
[ 9 ] Bug #739896 - Snmpd isn't allowed to tell systemd it is up and running
https://bugzilla.redhat.com/show_bug.cgi?id=739896
[ 10 ] Bug #739946 - NFS server fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=739946
[ 11 ] Bug #741143 - Selinux avc during login systemd_logind_t
https://bugzilla.redhat.com/show_bug.cgi?id=741143
[ 12 ] Bug #741328 - The acroread plugin is denied access to a curl-ca-bundle.crt link over NFS
https://bugzilla.redhat.com/show_bug.cgi?id=741328
[ 13 ] Bug #742642 - logrotate can now switch user
https://bugzilla.redhat.com/show_bug.cgi?id=742642
[ 14 ] Bug #742704 - selinux problems accessing xen from libvirt
https://bugzilla.redhat.com/show_bug.cgi?id=742704
[ 15 ] Bug #732937 - SELinux is preventing /sbin/ldconfig from 'append' accesses on the chr_file /dev/tty3.
https://bugzilla.redhat.com/show_bug.cgi?id=732937
[ 16 ] Bug #739301 - SELinux is preventing /usr/bin/passwd from 'getattr' accesses on the chr_file /dev/autofs.
https://bugzilla.redhat.com/show_bug.cgi?id=739301
[ 17 ] Bug #739307 - inconsistent permissions on /dev/pts/ptmx after boot
https://bugzilla.redhat.com/show_bug.cgi?id=739307
[ 18 ] Bug #739326 - SELinux is preventing /usr/libexec/colord from 'getattr' accesses on the file /home/zeenix/.local/share/icc/edid-9273c8341557b23c5b028113288023e8.icc.
https://bugzilla.redhat.com/show_bug.cgi?id=739326
[ 19 ] Bug #741018 - SELinux is preventing /bin/systemctl from 'getattr' accesses on the directory /lib/systemd/system.
https://bugzilla.redhat.com/show_bug.cgi?id=741018
[ 20 ] Bug #741079 - SELinux is preventing /lib/systemd/systemd-logind from 'rmdir' accesses on the directory dconf.
https://bugzilla.redhat.com/show_bug.cgi?id=741079
[ 21 ] Bug #741223 - SELinux is preventing /lib/systemd/systemd-logind from 'getattr' accesses on the tcp_socket port None.
https://bugzilla.redhat.com/show_bug.cgi?id=741223
[ 22 ] Bug #741261 - SELinux is preventing /bin/bash from 'search' accesses on the directory /lib/systemd/system.
https://bugzilla.redhat.com/show_bug.cgi?id=741261
[ 23 ] Bug #741285 - SELinux is preventing /usr/sbin/acpid from 'ioctl' accesses on the chr_file /dev/input/event10.
https://bugzilla.redhat.com/show_bug.cgi?id=741285
[ 24 ] Bug #741368 - SELinux is preventing /bin/systemctl from 'search' accesses on the directory 1.
https://bugzilla.redhat.com/show_bug.cgi?id=741368
[ 25 ] Bug #742107 - SELinux is preventing /usr/sbin/vpnc from 'getattr' accesses on the unix_stream_socket unix_stream_socket.
https://bugzilla.redhat.com/show_bug.cgi?id=742107
[ 26 ] Bug #742630 - /usr/bin/passwd produces lots of selinux errors
https://bugzilla.redhat.com/show_bug.cgi?id=742630
[ 27 ] Bug #742900 - SELinux is preventing /usr/bin/passwd from 'getattr' accesses on the chr_file /dev/vga_arbiter.
https://bugzilla.redhat.com/show_bug.cgi?id=742900
[ 28 ] Bug #743128 - SELinux is preventing /bin/bash from 'search' accesses on the directorio /lib/systemd/system.
https://bugzilla.redhat.com/show_bug.cgi?id=743128
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list