Fedora 17 Update: selinux-policy-3.10.0-91.fc17
updates at fedoraproject.org
updates at fedoraproject.org
Tue Feb 28 10:35:48 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-2180
2012-02-22 03:51:40
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 17
Version : 3.10.0
Release : 91.fc17
URL : http://oss.tresys.com/repos/refpolicy/
Summary : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2.20091117
--------------------------------------------------------------------------------
Update Information:
- Add proxy class and read access for gssd_proxy - Separate out the sharing public content booleans - Allow certmonger to execute a script and send signals to apache and dirsrv to reload the certificate - Add label transition for gstream-0.10 and 12 - Add booleans to allow rsync to share nfs and cifs file sytems - chrome_sandbox wants to read the /proc/PID/exe file of the program that executed it - Fix filename transitions for cups files - Allow denyhosts to read "unix" - Add file name transition for locale.conf.new - Allow boinc projects to gconf config files - sssd needs to be able to increase the socket limit under certain loads - sge_execd needs to read /etc/passwd - Allow denyhost to check network state - NetworkManager needs to read sessions data - Allow denyhost to check network state - Allow xen to search virt images directories - Add label for /dev/megaraid_sas_ioctl_node - Add autogenerated man pages
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #794893 - SELinux denied read for NetworkManager on sessions
https://bugzilla.redhat.com/show_bug.cgi?id=794893
[ 2 ] Bug #794896 - SELinux denials for sge_execd
https://bugzilla.redhat.com/show_bug.cgi?id=794896
[ 3 ] Bug #795488 - SELinux is preventing /usr/libexec/polkit-1/polkitd from using the 'sys_ptrace' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=795488
[ 4 ] Bug #795506 - avc: denied { send_msg } for msgtype=error error_name=net.reactivated.Fprint.Error.NoSuchDevice dest=:1.17 spid=573 tpid=561 scontext=system_u:system_r:fprintd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:initrc_t:s0 tclass=dbus : exe="/usr/bin/dbus-daem
https://bugzilla.redhat.com/show_bug.cgi?id=795506
[ 5 ] Bug #795533 - SELinux is preventing /usr/libexec/totem-plugin-viewer from 'write' accesses on the None .gstreamer-0.10.
https://bugzilla.redhat.com/show_bug.cgi?id=795533
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list