FEDORA-2015-f396e330d9 created by mgrepl 5 years ago for Fedora 22
obsolete

selinux-policy-3.13.1-128.17.fc22

  • We need to require sandbox_web_type attribute in sandbox_x_domain_template().
  • Dontaudit abrt_t to rw lvm_lock_t dir.
  • Allow abrt_t domain to write to kernel msg device.
  • Add interface lvm_dontaudit_rw_lock_dir()
  • ipsec: The NM helper needs to read the SAs
  • ipsec: Allow ipsec management to create ptys

More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=691855

This update has been submitted for testing by mgrepl.

5 years ago

mgrepl edited this update.

New build(s):

  • selinux-policy-3.13.1-128.20.fc22

Removed build(s):

  • selinux-policy-3.13.1-128.17.fc22
5 years ago

This update has been submitted for testing by mgrepl.

5 years ago

This update has obsoleted selinux-policy-3.13.1-128.19.fc22, and has inherited its bugs and notes.

5 years ago

This update has been pushed to testing.

5 years ago
User Icon jflory7 commented & provided feedback 5 years ago

Currently running the testing build without noticing any problems, but will continue using for a little while to see if anything else is caught. Been using it for a few hours now without any issues, my technical skills aren't savvy enough to know how to test / trigger some of these specific bugs.

User Icon jflory7 commented & provided feedback 5 years ago
karma

System functionality does continue as expected so I am +1'ing that. Will provide more info about specific bugs if noticed.

User Icon filiperosset commented & provided feedback 5 years ago
karma

no regressions noted

This update has been obsoleted by selinux-policy-3.13.1-128.21.fc22.

5 years ago

Please login to add feedback.

Metadata
Type
bugfix
Severity
high
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
5
Stable by Time
disabled
Dates
submitted
5 years ago
in testing
5 years ago
modified
5 years ago
BZ#1233876 SELinux is preventing systemd-hostnam from 'open' accesses on the file /proc/xen/capabilities.
0
0
BZ#1233877 SELinux is preventing systemd-hostnam from 'read' accesses on the file capabilities.
0
0
BZ#1245477 SELinux is preventing abrt-hook-ccpp from using the 'sigchld' accesses on a process.
0
0
BZ#1261856 /usr/share/nginx/html should be httpd_sys_content_t
0
0
BZ#1269193 SELinux is preventing winbindd from using the 'signull' accesses on a process.
0
0
BZ#1269916 SELinux is preventing systemd-network from getattr access on the file /proc/xen/capabilities
0
0

Automated Test Results