FEDORA-2018-59cbf1effc

bugfix update in Fedora 28 for selinux-policy

Status: stable 6 months ago

Comments 17

This update has been submitted for testing by lvrabec.

It resolves #1543807, #1541564 and #1541202 but introduces #1554776

karma: -1 critpath: +1

@zdenek, #1554776 looks like its caused by new version of systemd.

This update has been pushed to testing.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

No regressions found

karma: +1

I have not had an issue in the last couple of days-

karma: +1

lvrabec edited this update.

New build(s):

  • selinux-policy-3.14.1-14.fc28

Removed build(s):

  • selinux-policy-3.14.1-13.fc28

Karma has been reset.

This update has been submitted for testing by lvrabec.

lvrabec edited this update.

lvrabec edited this update.

This update has been pushed to testing.

Last update fixed the remaining issue. Thank you

karma: +1 critpath: +1

Looks good here.

karma: +1 critpath: +1

This update has been submitted for batched by adamwill.

This update has been submitted for stable by adamwill.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines
#1502164 missing permissions for systemd-rfkill , systemd-rfkill.service: Failed to set up special execution directory in /var/lib: Permission denied Failed at step STATE_DIRECTORY spawning /usr/lib/systemd/systemd-rfkill: Permission denied
#1539327 SELinux is preventing logrotate from using the 'dac_override' capabilities.
#1541202 SELinux is preventing systemd from 'write' accesses on the sock_file cups.sock.
#1541564 SELinux is preventing spice-vdagentd from 'search' accesses on the directory /sys/fs/cgroup.
#1543576 freeIPA: AVC denial for write to KRB5 KDC DEFAULT.socket
#1543807 SELinux is preventing systemd from 'write' accesses on the sock_file virtlogd-sock.
#1549247 SELinux is preventing bluetoothd from 'listen' accesses on the bluetooth_socket Unknown.
#1550926 SELinux is preventing bluetoothd from 'create' accesses on the bluetooth_socket Unknown.
#1550927 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
#1550928 SELinux is preventing bluetoothd from 'getattr' accesses on the bluetooth_socket bluetooth_socket.
#1552144 SELinux is preventing systemd-network from 'create' accesses on the netlink_generic_socket Unknown.
#1553759 SELinux is preventing iscsid from 'map' accesses on the file /usr/lib/modules/4.16.0-0.rc3.git0.1.fc28.x86_64/modules.dep.bin.
#1553957 selinux prevents chpasswd from using chroot (which is a feature it has)
#1554142 the motion service triggers SELinux denials
#1554410 SELinux is preventing bluetoothd from 'create' accesses on the alg_socket Unknown.
#1554411 SELinux is preventing bluetoothd from 'bind' accesses on the alg_socket Unknown.
#1554776 SELinux is preventing (ostnamed) from 'remount' accesses on the souborový systém .
Does the system's basic functionality continue to work after this update?
Is the update generally functional?
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
bugfix
Update Severity
high
Karma
+2
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 6 months ago
in testing 6 months ago
in stable 6 months ago
modified 6 months ago

Related Bugs 17

00 #1502164 missing permissions for systemd-rfkill , systemd-rfkill.service: Failed to set up special execution directory in /var/lib: Permission denied Failed at step STATE_DIRECTORY spawning /usr/lib/systemd/systemd-rfkill: Permission denied
00 #1539327 SELinux is preventing logrotate from using the 'dac_override' capabilities.
00 #1541202 SELinux is preventing systemd from 'write' accesses on the sock_file cups.sock.
00 #1541564 SELinux is preventing spice-vdagentd from 'search' accesses on the directory /sys/fs/cgroup.
00 #1543576 freeIPA: AVC denial for write to KRB5 KDC DEFAULT.socket
00 #1543807 SELinux is preventing systemd from 'write' accesses on the sock_file virtlogd-sock.
00 #1549247 SELinux is preventing bluetoothd from 'listen' accesses on the bluetooth_socket Unknown.
00 #1550926 SELinux is preventing bluetoothd from 'create' accesses on the bluetooth_socket Unknown.
00 #1550927 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
00 #1550928 SELinux is preventing bluetoothd from 'getattr' accesses on the bluetooth_socket bluetooth_socket.
00 #1552144 SELinux is preventing systemd-network from 'create' accesses on the netlink_generic_socket Unknown.
00 #1553759 SELinux is preventing iscsid from 'map' accesses on the file /usr/lib/modules/4.16.0-0.rc3.git0.1.fc28.x86_64/modules.dep.bin.
00 #1553957 selinux prevents chpasswd from using chroot (which is a feature it has)
00 #1554142 the motion service triggers SELinux denials
00 #1554410 SELinux is preventing bluetoothd from 'create' accesses on the alg_socket Unknown.
00 #1554411 SELinux is preventing bluetoothd from 'bind' accesses on the alg_socket Unknown.
00 #1554776 SELinux is preventing (ostnamed) from 'remount' accesses on the souborový systém .

Automated Test Results