-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-13554 2012-09-07 19:30:22 --------------------------------------------------------------------------------
Name : selinux-policy Product : Fedora 18 Version : 3.11.1 Release : 18.fc18 URL : http://oss.tresys.com/repos/refpolicy/ Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2.20091117 -------------------------------------------------------------------------------- Update Information: - nmbd wants to create /var/nmbd - Stop transitioning out of anaconda and firstboot, just causes AVC messages - Allow clamscan to read /etc files - Allow bcfg2 to bind cyphesis port - heartbeat should be run as rgmanager_t instead of corosync_t - Add labeling for /etc/openldap/certs - Add labeling for /opt/sartest directory - Make crontab_t as userdom home reader - Allow tmpreaper to list admin_home dir - Add defition for imap_0 replay cache file - Add support for gitolite3 - Allow virsh_t to send syslog messages - allow domains that can read samba content to be able to list the directories also - Add realmd_dbus_chat to allow all apps that use nsswitch to talk to realmd - Separate out sandbox from sandboxX policy so we can disable it by default - Run dmeventd as lvm_t - Mounting on any directory requires setattr and write permissions - Fix use_nfs_home_dirs() boolean - New labels for pam_krb5 - Allow init and initrc domains to sys_ptrace since this is needed to look at processes not owned by uid 0 - Add realmd_dbus_chat to allow all apps that use nsswitch to talk to realmd -------------------------------------------------------------------------------- References: [ 1 ] Bug #821286 - support man2html https://bugzilla.redhat.com/show_bug.cgi?id=821286 [ 2 ] Bug #854504 - SELinux is preventing pwconv from 'read' accesses on the file /proc/<pid>/mounts. https://bugzilla.redhat.com/show_bug.cgi?id=854504 [ 3 ] Bug #852403 - PolicyKit authentication in Fedora 18 Alpha TC3 results in selinux denial https://bugzilla.redhat.com/show_bug.cgi?id=852403 [ 4 ] Bug #853671 - SELinux is preventing /usr/lib64/realmd/realmd from 'read' accesses on the directory samba. https://bugzilla.redhat.com/show_bug.cgi?id=853671 [ 5 ] Bug #853732 - AVC messages from hplip after turning on my hp psc-1350 printer https://bugzilla.redhat.com/show_bug.cgi?id=853732 [ 6 ] Bug #853733 - AVC messages from vbetool https://bugzilla.redhat.com/show_bug.cgi?id=853733 [ 7 ] Bug #853736 - AVC messages when mounting lvm lv on /home/hans/Music https://bugzilla.redhat.com/show_bug.cgi?id=853736 [ 8 ] Bug #854366 - will need to label /lib/security/pam_krb5/pam_krb5_cchelper as bin_t https://bugzilla.redhat.com/show_bug.cgi?id=854366 [ 9 ] Bug #854507 - SELinux is preventing pwconv from read, write access on the file /tmp/ffihk0dG8 (deleted). https://bugzilla.redhat.com/show_bug.cgi?id=854507 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
