Fedora Update System

selinux-policy-3.13.1-283.35.fc27
FEDORA-2018-2a57dc63c1 created by lvrabec a year ago for Fedora 27
stable

More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1085680

How to install

sudo dnf upgrade --advisory=FEDORA-2018-2a57dc63c1
This update has been submitted for testing by lvrabec. a year ago
This update has been pushed to testing. a year ago
User Icon cserpentis commented & provided feedback a year ago
karma

works for me in a VM

User Icon filiperosset commented & provided feedback a year ago
karma

no regressions noted

User Icon thofmann commented & provided feedback a year ago
karma

works for me

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes a year ago
User Icon dustymabe commented a year ago

I see a failure in some automated tests:

Jun 25 09:46:00 atomic-host-jobs-204-e911215e.localdomain kernel: SELinux:  Context system_u:object_r:container_var_lib_t:s0 is not valid (left unmapped).
Jun 25 09:46:05 atomic-host-jobs-204-e911215e.localdomain kernel: SELinux:  Context system_u:object_r:container_config_t:s0 is not valid (left unmapped).
Jun 25 09:46:05 atomic-host-jobs-204-e911215e.localdomain kernel: SELinux:  Context system_u:object_r:container_share_t:s0 is not valid (left unmapped).

I think this is caused by the container-selinux update but would like to make sure

User Icon pwalter commented & provided feedback a year ago
karma

Works

This update has been submitted for batched by bodhi. a year ago
This update has been submitted for stable by bodhi. a year ago
This update has been pushed to stable. a year ago
User Icon rdtcustomercare commented a year ago

Bug found in GDM policies, which causes start of gdm-greeter to fail:

Jul 10 10:03:58 eve systemd[5034]: selinux: avc: denied { reload } for auid=n/a uid=42 gid=42 cmdline="/usr/libexec/gnome-session-binary --autostart /usr/share/gdm/greeter/autostart" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=system permissive=0

User Icon rdtcustomercare commented a year ago

Greeter fail:

Jul 8 02:01:35 eve systemd[3305]: selinux: avc: denied { reload } for auid=n/a uid=42 gid=42 cmdline="/usr/libexec/gnome-session-binary --autostart /usr/share/gdm/greeter/autostart" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=system permissive=0

Please login to add feedback.

Metadata
Type
bugfix
Severity
medium
Karma
4
Signed
Content Type
RPM
Test Gating
Builds
1
selinux-policy-3.13.1-283.35.fc27
Settings
Unstable by Karma
-2
Stable by Karma
4
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1529068 sudo systemctl enable tangd.socket --now failed
0
0
BZ#1553164 SELinux is preventing sosreport from 'associate' accesses on the filesystem overcommit_memory.
0
0
BZ#1569856 SELinux prevents NMB (Samba) from starting.
0
0
BZ#1570996 selinux AVC denial, nvidia-modprobe, after changing from Nouveau Drivers to Nvidia Linux Drivers.
0
0
BZ#1571373 SELinux is preventing nvidia-modprobe from create access on the chr_file nvidiactl.
0
0
BZ#1572369 SELinux is preventing httpd from 'map' accesses on public_content_t
0
0
BZ#1575628 SELinux is preventing modprobe from 'map' accesses on the file /usr/lib/modules/4.16.0/kernel/net/nsh/nsh.ko.
0
0
BZ#1577833 SELinux is preventing nscd from 'write' accesses on the sock_file system_bus_socket.
0
0
BZ#1579134 SELinux is preventing lightdm-gtk-gre from 'map' accesses on the file /var/log/lightdm/.cache/mesa_shader_cache/index.
0
0
BZ#1581674 AVC when brltty is started
0
0

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-5.0.0 on bodhi-web-128-mgqw9.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy