FEDORA-2018-a74875b364

bugfix update in Fedora 28 for selinux-policy

Status: stable 6 months ago

Comments 22

This update has been submitted for testing by lvrabec.

Problem with NVIDIA and SDDM is now resolved.

karma: +1 critpath: +1

Problem with gnome-session-c and /dev/nvidiactl solved.

All working well for me. Especially nVidia and sddm

karma: +1 critpath: +1
karma: +1 critpath: +1

Works great! Nvidia drivers work again and the pesky lpqd message that keeps popping up is gone.

karma: +1 critpath: +1
karma: +1 critpath: +1

Meant to add that gnome-session-c can now map /dev/nvidiactl, allowing the system to boot properly.

karma: +1

Works without any issues. And I can confirm that the nVidia problem has been fixed.

karma: +1

This update has been pushed to testing.

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

Fixes nvidia boot-to-gdm-crash issue for me.

This update has been pushed to stable.

1575234 still present with updated package

Fixes #1566706 for me - thanks!

karma: +1 critpath: +1

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1509054 Tang needs a policy
#1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
#1569724 smartd cannot save state files
#1571328 SELinux is preventing LD_PRELOAD from working
#1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
#1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
#1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
#1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
#1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
#1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
#1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
#1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
#1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
#1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
#1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
#1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
#1576387 Deadlock in nss-systemd and dbus-daemon during startup
#1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
#1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
#1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
#1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
#1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
#1578097 gssproxy AVCs for /proc/<pid>/exe</pid>
#1578501 glusterd does not start with selinux in enforcing mode
#1578755 certmonger gets avc on getattr for /
#1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
#1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
#1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
#1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
#1579848 the certmaster service triggers SELinux denials
#1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
#1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
#1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
bugfix
Update Severity
high
Karma
+7
stable threshold: 5
unstable threshold: -3
Autopush
Enabled
Dates
submitted 6 months ago
in testing 6 months ago
in stable 6 months ago

Related Bugs 33

00 #1509054 Tang needs a policy
00 #1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
00 #1569724 smartd cannot save state files
00 #1571328 SELinux is preventing LD_PRELOAD from working
00 #1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
00 #1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
00 #1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
00 #1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
00 #1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
00 #1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
00 #1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
00 #1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
00 #1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
00 #1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
00 #1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
00 #1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
00 #1576387 Deadlock in nss-systemd and dbus-daemon during startup
00 #1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
00 #1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
00 #1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
00 #1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
00 #1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
00 #1578097 gssproxy AVCs for /proc/<pid>/exe</pid>
00 #1578501 glusterd does not start with selinux in enforcing mode
00 #1578755 certmonger gets avc on getattr for /
00 #1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
00 #1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
00 #1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
00 #1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
00 #1579848 the certmaster service triggers SELinux denials
00 #1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
00 #1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
00 #1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl

Automated Test Results