Fedora 19 Update: selinux-policy-3.12.1-54.fc19
updates at fedoraproject.org
updates at fedoraproject.org
Sun Jun 23 06:28:13 UTC 2013
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-11355
2013-06-20 17:28:51
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 19
Version : 3.12.1
Release : 54.fc19
URL : http://oss.tresys.com/repos/refpolicy/
Summary : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2.20091117
--------------------------------------------------------------------------------
Update Information:
- Make vdagent able to request loading kernel module
- Add support for cloud-init make it as unconfined domain
- Allow snmpd to run smartctl in fsadm_t domain
- remove duplicate openshift_search_lib() interface
- Allow mysqld to search openshift lib files
- Allow openshift cgroup to interact with passedin file descriptors
- Allow colord to list directories inthe users homedir
- aide executes prelink to check files
- Make sure cupsd_t creates content in /etc/cups with the correct label
- Lest dontaudit apache read all domains, so passenger will not cause this avc
- Allow gssd to connect to gssproxy
- systemd-tmpfiles needs to be able to raise the level to fix labeling on /run/setrans in MLS
- Allow systemd-tmpfiles to relabel also lock files
- Allow useradd to add homdir in /var/lib/openshift
- Allow setfiles and semanage to write output to /run/files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #964006 - cloud-init hostname service failing on initial boot
https://bugzilla.redhat.com/show_bug.cgi?id=964006
[ 2 ] Bug #974825 - SELinux is preventing systemd-tmpfile from 'relabelfrom' accesses on the file lock.
https://bugzilla.redhat.com/show_bug.cgi?id=974825
[ 3 ] Bug #975344 - SELinux is preventing spice-vdagentd from 'module_request' accesses on the system .
https://bugzilla.redhat.com/show_bug.cgi?id=975344
[ 4 ] Bug #975737 - SELinux is preventing /usr/bin/razor-lightdm-greeter from 'execute' accesses on the file /bin/razor-power.
https://bugzilla.redhat.com/show_bug.cgi?id=975737
[ 5 ] Bug #975743 - SELinux is preventing /usr/bin/Xephyr from write, search access on the directory xkb.
https://bugzilla.redhat.com/show_bug.cgi?id=975743
[ 6 ] Bug #975817 - SELinux is preventing /usr/sbin/ntop from 'read' accesses on the chr_file usbmon11.
https://bugzilla.redhat.com/show_bug.cgi?id=975817
[ 7 ] Bug #975853 - SELinux is preventing /usr/bin/pkla-check-authorization from 'getattr' accesses on the filesystem /.
https://bugzilla.redhat.com/show_bug.cgi?id=975853
[ 8 ] Bug #976017 - Please push latest selinux policy to fix denials for gvfs and others
https://bugzilla.redhat.com/show_bug.cgi?id=976017
[ 9 ] Bug #974581 - SELinux, gssproxy, rpc.gssd
https://bugzilla.redhat.com/show_bug.cgi?id=974581
[ 10 ] Bug #975695 - SELinux prevent fail2ban (fail2ban-client werite) to start (F19-TC5)
https://bugzilla.redhat.com/show_bug.cgi?id=975695
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list