Fedora 18 Update: selinux-policy-3.11.1-18.fc18
updates at fedoraproject.org
updates at fedoraproject.org
Wed Sep 12 23:52:08 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-13554
2012-09-07 19:30:22
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 18
Version : 3.11.1
Release : 18.fc18
URL : http://oss.tresys.com/repos/refpolicy/
Summary : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2.20091117
--------------------------------------------------------------------------------
Update Information:
- nmbd wants to create /var/nmbd - Stop transitioning out of anaconda and firstboot, just causes AVC messages - Allow clamscan to read /etc files - Allow bcfg2 to bind cyphesis port - heartbeat should be run as rgmanager_t instead of corosync_t - Add labeling for /etc/openldap/certs - Add labeling for /opt/sartest directory - Make crontab_t as userdom home reader - Allow tmpreaper to list admin_home dir - Add defition for imap_0 replay cache file - Add support for gitolite3 - Allow virsh_t to send syslog messages - allow domains that can read samba content to be able to list the directories also - Add realmd_dbus_chat to allow all apps that use nsswitch to talk to realmd - Separate out sandbox from sandboxX policy so we can disable it by default - Run dmeventd as lvm_t - Mounting on any directory requires setattr and write permissions - Fix use_nfs_home_dirs() boolean - New labels for pam_krb5 - Allow init and initrc domains to sys_ptrace since this is needed to look at processes not owned by uid 0 - Add realmd_dbus_chat to allow all apps that use nsswitch to talk to realmd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #821286 - support man2html
https://bugzilla.redhat.com/show_bug.cgi?id=821286
[ 2 ] Bug #854504 - SELinux is preventing pwconv from 'read' accesses on the file /proc/<pid>/mounts.
https://bugzilla.redhat.com/show_bug.cgi?id=854504
[ 3 ] Bug #852403 - PolicyKit authentication in Fedora 18 Alpha TC3 results in selinux denial
https://bugzilla.redhat.com/show_bug.cgi?id=852403
[ 4 ] Bug #853671 - SELinux is preventing /usr/lib64/realmd/realmd from 'read' accesses on the directory samba.
https://bugzilla.redhat.com/show_bug.cgi?id=853671
[ 5 ] Bug #853732 - AVC messages from hplip after turning on my hp psc-1350 printer
https://bugzilla.redhat.com/show_bug.cgi?id=853732
[ 6 ] Bug #853733 - AVC messages from vbetool
https://bugzilla.redhat.com/show_bug.cgi?id=853733
[ 7 ] Bug #853736 - AVC messages when mounting lvm lv on /home/hans/Music
https://bugzilla.redhat.com/show_bug.cgi?id=853736
[ 8 ] Bug #854366 - will need to label /lib/security/pam_krb5/pam_krb5_cchelper as bin_t
https://bugzilla.redhat.com/show_bug.cgi?id=854366
[ 9 ] Bug #854507 - SELinux is preventing pwconv from read, write access on the file /tmp/ffihk0dG8 (deleted).
https://bugzilla.redhat.com/show_bug.cgi?id=854507
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list