Fedora 16 Update: selinux-policy-3.10.0-28.fc16

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 15 15:14:30 UTC 2011

Fedora Update Notification
2011-09-13 22:01:15

Name        : selinux-policy
Product     : Fedora 16
Version     : 3.10.0
Release     : 28.fc16
URL         : http://oss.tresys.com/repos/refpolicy/
Summary     : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision  2.20091117

Update Information:

- Allow systemd-tmpfiles to set the correct labels on /var/run, /tmp and other files 
- We want any file type that is created in /tmp by a process running as initrc_t to be labeled initrc_tmp_t
- Allow collectd to read hardware state information 
- Add loop_control_device_t 
- Allow mdadm to request kernel to load module
- Allow domains that start other domains via systemctl to search unit dir 
- systemd_tmpfiles, needs to list any file systems mounted on /tmp
- Label content unde /var/run/user/NAME/dconf as config_home_t
- Allow sa-update to execute shell

  [ 1 ] Bug #734928 - certmaster fails to start on f16 (selinux denial)
  [ 2 ] Bug #736530 - mdadm fails to auto-start md arrays on f16-beta.tc1 live media due to avc denials
  [ 3 ] Bug #737382 - SELinux is preventing ssh-keygen from 'read' accesses on the file fips_enabled.
  [ 4 ] Bug #737837 - systemd-tmpfiles: Failed to set security context ... for /var: Permission denied

This update can be installed with the "yum" update program.  Use 
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list