selinux-policy-3.13.1-246.fc26
FEDORA-2017-58233b1a16 created by lvrabec 5 years ago for Fedora 26
stable

Update contains fixes for all blockers for F26.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-58233b1a16

This update has been submitted for testing by lvrabec.

5 years ago
User Icon adamwill commented & provided feedback 5 years ago
karma

Seems to break hostnamectl set-hostname: https://bugzilla.redhat.com/show_bug.cgi?id=1433555

BZ#1427392 SELinux is preventing (-localed) from mounton access on the file /proc/mtrr.
BZ#1411360 SELinux is preventing (ostnamed) from 'mounton' accesses on the file /proc/mtrr.
BZ#1414910 SELinux is preventing gnome-shell from 'execute' accesses on the file 2F7661722F6C69622F67646D2F23333932363239202864656C6574656429.
BZ#1413387 SELinux is preventing spice-vdagentd from 'getattr' accesses on the filesystem /sys/fs/cgroup/systemd.

lvrabec edited this update.

New build(s):

  • selinux-policy-3.13.1-246.fc26

Removed build(s):

  • selinux-policy-3.13.1-245.fc26
5 years ago

This update has been pushed to testing.

5 years ago
User Icon besser82 commented & provided feedback 5 years ago
karma

Works great! LGTM! =)

User Icon viorel provided feedback 5 years ago
karma
BZ#1411360 SELinux is preventing (ostnamed) from 'mounton' accesses on the file /proc/mtrr.
BZ#1433555 SELinux is preventing systemd-hostnam from 'create' accesses on the file .#hostnameC0Zq0X.
User Icon renault commented & provided feedback 5 years ago
karma

No regressions

User Icon adamwill commented & provided feedback 5 years ago
karma

246 solves the set-hostname problem indeed.

BZ#1427392 SELinux is preventing (-localed) from mounton access on the file /proc/mtrr.
BZ#1411360 SELinux is preventing (ostnamed) from 'mounton' accesses on the file /proc/mtrr.
BZ#1414910 SELinux is preventing gnome-shell from 'execute' accesses on the file 2F7661722F6C69622F67646D2F23333932363239202864656C6574656429.
BZ#1433555 SELinux is preventing systemd-hostnam from 'create' accesses on the file .#hostnameC0Zq0X.
User Icon frieben provided feedback 5 years ago
karma
BZ#1427392 SELinux is preventing (-localed) from mounton access on the file /proc/mtrr.
BZ#1411360 SELinux is preventing (ostnamed) from 'mounton' accesses on the file /proc/mtrr.
BZ#1429164 SELinux is preventing abrt-dump-journ from 'write' accesses on the sock_file nss.
BZ#1427312 SELinux is preventing /usr/lib/systemd/systemd from 'mounton' accesses on the directory /usr/lib/modules.
BZ#1414910 SELinux is preventing gnome-shell from 'execute' accesses on the file 2F7661722F6C69622F67646D2F23333932363239202864656C6574656429.
BZ#1413387 SELinux is preventing spice-vdagentd from 'getattr' accesses on the filesystem /sys/fs/cgroup/systemd.
BZ#1433555 SELinux is preventing systemd-hostnam from 'create' accesses on the file .#hostnameC0Zq0X.
User Icon adamwill commented & provided feedback 5 years ago

This is pretty well-tested by now and fixes a bunch of AVCs that are commonly encountered, so let's push it.

This update has been submitted for stable by adamwill.

5 years ago

This update has been pushed to stable.

5 years ago
User Icon sumantrom provided feedback 5 years ago
karma
BZ#1427392 SELinux is preventing (-localed) from mounton access on the file /proc/mtrr.
BZ#1411360 SELinux is preventing (ostnamed) from 'mounton' accesses on the file /proc/mtrr.
BZ#1429164 SELinux is preventing abrt-dump-journ from 'write' accesses on the sock_file nss.
BZ#1414910 SELinux is preventing gnome-shell from 'execute' accesses on the file 2F7661722F6C69622F67646D2F23333932363239202864656C6574656429.
BZ#1433555 SELinux is preventing systemd-hostnam from 'create' accesses on the file .#hostnameC0Zq0X.

Please login to add feedback.

Metadata
Type
enhancement
Karma
6
Signed
Content Type
RPM
Test Gating
Builds
1
selinux-policy-3.13.1-246.fc26
Settings
Unstable by Karma
-3
Stable by Karma
7
Stable by Time
disabled
Dates
submitted
5 years ago
in testing
5 years ago
in stable
5 years ago
modified
5 years ago
BZ#1411360 SELinux is preventing (ostnamed) from 'mounton' accesses on the file /proc/mtrr.
0
3
BZ#1413387 SELinux is preventing spice-vdagentd from 'getattr' accesses on the filesystem /sys/fs/cgroup/systemd.
0
1
BZ#1414910 SELinux is preventing gnome-shell from 'execute' accesses on the file 2F7661722F6C69622F67646D2F23333932363239202864656C6574656429.
0
2
BZ#1427312 SELinux is preventing /usr/lib/systemd/systemd from 'mounton' accesses on the directory /usr/lib/modules.
-1
0
BZ#1427392 SELinux is preventing (-localed) from mounton access on the file /proc/mtrr.
0
2
BZ#1429164 SELinux is preventing abrt-dump-journ from 'write' accesses on the sock_file nss.
0
2
BZ#1433555 SELinux is preventing systemd-hostnam from 'create' accesses on the file .#hostnameC0Zq0X.
0
3

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-5.7.4 on bodhi-web-180-pwznz.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy