selinux-policy-targeted update is dangerous
Stephen Smalley
sds at tycho.nsa.gov
Tue Jun 28 13:53:51 UTC 2005
On Mon, 2005-06-27 at 20:26 -0400, Arthur Pemberton wrote:
> From /var/log/yum.log:
>
> Jun 27 04:25:18 Updated: selinux-policy-targeted.noarch 1.17.30-3.13
> Jun 27 04:26:21 Updated: selinux-policy-targeted-sources.noarch 1.17.30-3.13
> ------------------------------------------------
>
> Since then things have come tumbling down here are samples of the errors:
>
> Jun 27 04:25:27 Romeo kernel: audit(1119860727.362:0): avc: denied {
> execmod } for pid=6990 comm=sendmail path=/lib/tls/libm-2.3.5.so
> dev=dm-0 ino=5455897 scontext=user_u:system_r:unconfined_t
> tcontext=system_u:object_r:lib_t tclass=file
Yes, that policy update is broken. See:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161834
--
Stephen Smalley
National Security Agency
More information about the users
mailing list