Fedora 17 Update: selinux-policy-3.10.0-91.fc17

updates at fedoraproject.org updates at fedoraproject.org
Tue Feb 28 10:35:48 UTC 2012 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-2180
2012-02-22 03:51:40
--------------------------------------------------------------------------------

Name        : selinux-policy
Product     : Fedora 17
Version     : 3.10.0
Release     : 91.fc17
URL         : http://oss.tresys.com/repos/refpolicy/
Summary     : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision  2.20091117

--------------------------------------------------------------------------------
Update Information:

- Add proxy class and read access for gssd_proxy - Separate out the sharing public content booleans - Allow certmonger to execute a script and send signals to apache and dirsrv to reload the certificate - Add label transition for gstream-0.10 and 12 - Add booleans to allow rsync to share nfs and cifs file sytems - chrome_sandbox wants to read the /proc/PID/exe file of the program that executed it - Fix filename transitions for cups files - Allow denyhosts to read "unix" - Add file name transition for locale.conf.new - Allow boinc projects to gconf config files - sssd needs to be able to increase the socket limit under certain loads - sge_execd needs to read /etc/passwd - Allow denyhost to check network state - NetworkManager needs to read sessions data - Allow denyhost to check network state - Allow xen to search virt images directories - Add label for /dev/megaraid_sas_ioctl_node - Add autogenerated man pages
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #794893 - SELinux denied read for NetworkManager on sessions
        https://bugzilla.redhat.com/show_bug.cgi?id=794893
  [ 2 ] Bug #794896 - SELinux denials for sge_execd
        https://bugzilla.redhat.com/show_bug.cgi?id=794896
  [ 3 ] Bug #795488 - SELinux is preventing /usr/libexec/polkit-1/polkitd from using the 'sys_ptrace' capabilities.
        https://bugzilla.redhat.com/show_bug.cgi?id=795488
  [ 4 ] Bug #795506 - avc:  denied  { send_msg } for msgtype=error error_name=net.reactivated.Fprint.Error.NoSuchDevice dest=:1.17 spid=573 tpid=561 scontext=system_u:system_r:fprintd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:initrc_t:s0 tclass=dbus : exe="/usr/bin/dbus-daem
        https://bugzilla.redhat.com/show_bug.cgi?id=795506
  [ 5 ] Bug #795533 - SELinux is preventing /usr/libexec/totem-plugin-viewer from 'write' accesses on the None .gstreamer-0.10.
        https://bugzilla.redhat.com/show_bug.cgi?id=795533
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list