FEDORA-2018-506e97bb9b

bugfix update in Fedora 29 for selinux-policy

Status: stable 10 months ago

Fixes several SELinux denials on Fedora 29 during startup.

Comments 15

This update has been submitted for testing by lvrabec.

Fixes the denials I was seeing.

karma: +1 critpath: +1 #1644313: +1 #1645331: +1

Fixes the denials I was seeing.

karma: +1 critpath: +1 #1644313: +1 #1645331: +1

A lot better now.

karma: +1 critpath: +1 #1644313: +1 #1645331: +1
karma: +1 critpath: +1 #1637358: +1

lvrabec edited this update.

karma: +1 critpath: +1 #1637358: +1

I haven't seen the denial of systemd-user-ru from reading dbus-1 I reported in #1644313 or any others since upgrading to 3.14.2-41. Thanks.

karma: +1 critpath: +1 #1644313: +1

This update has been pushed to testing.

This update has been submitted for batched by bodhi.

Fixes the AVC's I'd been seeing

karma: +1 critpath: +1 #1644313: +1

Works fixing the AVC I was seeing...

critpath: +1 #1644313: +1

This update has been submitted for stable by bodhi.

Thanks for the fix!

karma: +1 critpath: +1 #1644313: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
bugfix
Update Severity
high
Karma
+7
stable threshold: 4
unstable threshold: -2
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 10 months ago
in testing 10 months ago
in stable 10 months ago
modified 10 months ago

Related Bugs 11

0+2 #1637358 SELinux is preventing gdm-wayland-session from starting
00 #1638948 SELinux is preventing sh from 'map' accesses on the file /etc/passwd.
00 #1638949 SELinux is preventing strongswan from using the 'signal' accesses on a process.
00 #1638981 SELinux is preventing systemd-rfkill from 'sendto' accesses on the unix_dgram_socket /run/systemd/journal/socket.
00 #1639689 avc: denied { status } for auid=n/a uid=42 gid=42 cmdline="/usr/libexec/gdm-wayland-session gnome-session --autostart /usr/share/gdm/greeter/autostart"
00 #1643063 SELinux is preventing (vnstatd) from using the 'nnp_transition' accesses on a process.
0+6 #1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
00 #1645278 SELinux is preventing systemd-logind from 'read' accesses on the blk_file nvme0n1p1.
0+2 #1645331 SELinux is preventing systemd-logind from 'read' accesses on the blk_file sda2.
00 #1645567 SELinux is preventing systemd-logind from 'ioctl' accesses on the blk_file /dev/nvme0n1.
00 #1645631 SELinux is preventing systemd-logind from 'ioctl' accesses on the blk_file /dev/sda.

Automated Test Results