Fedora 16 Update: selinux-policy-3.10.0-28.fc16

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 15 15:14:30 UTC 2011


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-12631
2011-09-13 22:01:15
--------------------------------------------------------------------------------

Name        : selinux-policy
Product     : Fedora 16
Version     : 3.10.0
Release     : 28.fc16
URL         : http://oss.tresys.com/repos/refpolicy/
Summary     : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision  2.20091117

--------------------------------------------------------------------------------
Update Information:

- Allow systemd-tmpfiles to set the correct labels on /var/run, /tmp and other files 
- We want any file type that is created in /tmp by a process running as initrc_t to be labeled initrc_tmp_t
- Allow collectd to read hardware state information 
- Add loop_control_device_t 
- Allow mdadm to request kernel to load module
- Allow domains that start other domains via systemctl to search unit dir 
- systemd_tmpfiles, needs to list any file systems mounted on /tmp
- Label content unde /var/run/user/NAME/dconf as config_home_t
- Allow sa-update to execute shell
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #734928 - certmaster fails to start on f16 (selinux denial)
        https://bugzilla.redhat.com/show_bug.cgi?id=734928
  [ 2 ] Bug #736530 - mdadm fails to auto-start md arrays on f16-beta.tc1 live media due to avc denials
        https://bugzilla.redhat.com/show_bug.cgi?id=736530
  [ 3 ] Bug #737382 - SELinux is preventing ssh-keygen from 'read' accesses on the file fips_enabled.
        https://bugzilla.redhat.com/show_bug.cgi?id=737382
  [ 4 ] Bug #737837 - systemd-tmpfiles: Failed to set security context ... for /var: Permission denied
        https://bugzilla.redhat.com/show_bug.cgi?id=737837
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list