Fedora 17 Update: selinux-policy-3.10.0-104.fc17

Wed Mar 21 18:55:34 UTC 2012

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-4248
2012-03-20 05:57:27
--------------------------------------------------------------------------------

Name        : selinux-policy
Product     : Fedora 17
Version     : 3.10.0
Release     : 104.fc17
URL         : http://oss.tresys.com/repos/refpolicy/
Summary     : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision  2.20091117

--------------------------------------------------------------------------------
Update Information:

- Add a new type for /etc/firewalld and allow firewalld to write to this directory - Add definition for ~/Maildir, and allow mail deliver domains to write there - Allow polipo to run from a cron job - Allow rtkit to schedule wine processes - Allow mozilla_plugin_t to acquire a bug, and allow it to transition gnome content in the home dir to the proper label - Allow users domains to send signals to consolehelper domains
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #801299 - AVC when first starting mysqld
        https://bugzilla.redhat.com/show_bug.cgi?id=801299
  [ 2 ] Bug #801352 - SELinux policy for OpenStack's new nova-cert service
        https://bugzilla.redhat.com/show_bug.cgi?id=801352
  [ 3 ] Bug #804083 - firewalld is not allowed to write a temporary file to /etc/firewalld if started with systemd
        https://bugzilla.redhat.com/show_bug.cgi?id=804083
  [ 4 ] Bug #755157 - SELinux is preventing /usr/libexec/colord from read, write access on the file libv4l-root:usb-0000:00:1a.0-1.4:046d:092c:Camera.
        https://bugzilla.redhat.com/show_bug.cgi?id=755157
  [ 5 ] Bug #791356 - SELinux is preventing /usr/sbin/cupsd from 'write' accesses on the None /etc/cups/subscriptions.conf.O.
        https://bugzilla.redhat.com/show_bug.cgi?id=791356
  [ 6 ] Bug #799310 - Unable to use http://extensions.gnome.org
        https://bugzilla.redhat.com/show_bug.cgi?id=799310
  [ 7 ] Bug #799313 - SELinux is preventing plugin-containe from 'create' accesses on the directory .adobe.
        https://bugzilla.redhat.com/show_bug.cgi?id=799313
  [ 8 ] Bug #799365 - SELinux is preventing /usr/bin/bash from 'read' accesses on the None /etc/passwd.
        https://bugzilla.redhat.com/show_bug.cgi?id=799365
  [ 9 ] Bug #799383 - SELinux is preventing /usr/lib/nspluginwrapper/npviewer.bin from 'create' accesses on the None .macromedia.
        https://bugzilla.redhat.com/show_bug.cgi?id=799383
  [ 10 ] Bug #799591 - SELinux is preventing /usr/sbin/NetworkManager from 'read' accesses on the fichier /etc/sysctl.conf.
        https://bugzilla.redhat.com/show_bug.cgi?id=799591
  [ 11 ] Bug #799743 - SELinux is preventing /usr/libexec/gstreamer-0.10/gst-plugin-scanner from 'create' accesses on the None .gstreamer-0.10.
        https://bugzilla.redhat.com/show_bug.cgi?id=799743
  [ 12 ] Bug #800888 - SELinux is preventing /usr/lib64/nspluginwrapper/plugin-config from read, write access on the chr_file tty2.
        https://bugzilla.redhat.com/show_bug.cgi?id=800888
  [ 13 ] Bug #801611 - SELinux is preventing /opt/google/talkplugin/GoogleTalkPlugin from 'getattr' accesses on the chr_file /dev/ptmx.
        https://bugzilla.redhat.com/show_bug.cgi?id=801611
  [ 14 ] Bug #801741 - SELinux is preventing /usr/sbin/swat from 'read' accesses on the lnk_file /sbin.
        https://bugzilla.redhat.com/show_bug.cgi?id=801741
  [ 15 ] Bug #801798 - SELinux is preventing NetworkManager from 'getattr' accesses on the file /etc/sysctl.conf.
        https://bugzilla.redhat.com/show_bug.cgi?id=801798
  [ 16 ] Bug #801870 - SELinux is preventing PipelineThread from 'shutdown' accesses on the unix_stream_socket .
        https://bugzilla.redhat.com/show_bug.cgi?id=801870
  [ 17 ] Bug #801895 - SELinux is preventing /usr/sbin/NetworkManager from 'open' accesses on the fil /etc/sysctl.conf.
        https://bugzilla.redhat.com/show_bug.cgi?id=801895
  [ 18 ] Bug #802122 - SELinux is preventing /usr/lib/nspluginwrapper/npviewer.bin from 'create' accesses on the directory .adobe.
        https://bugzilla.redhat.com/show_bug.cgi?id=802122
  [ 19 ] Bug #802129 - SELinux is preventing /usr/bin/bash from 'getattr' accesses on the 文件 /etc/passwd.
        https://bugzilla.redhat.com/show_bug.cgi?id=802129
  [ 20 ] Bug #802278 - SELinux is preventing /usr/bin/mozplugger-helper from using the 'setpgid' accesses on a process.
        https://bugzilla.redhat.com/show_bug.cgi?id=802278
  [ 21 ] Bug #802715 - arpwatch can't start due to selinux denials
        https://bugzilla.redhat.com/show_bug.cgi?id=802715
  [ 22 ] Bug #804337 - SELinux is preventing /usr/sbin/NetworkManager from 'read' accesses on the None sysctl.conf.
        https://bugzilla.redhat.com/show_bug.cgi?id=804337
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------