FEDORA-2018-a74875b364

bugfix update in Fedora 28 for selinux-policy

Status: stable 11 months ago

More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1084439

How to install

sudo dnf upgrade --advisory=FEDORA-2018-a74875b364

Comments 22

This update has been submitted for testing by lvrabec.

11 months ago

xvitaly 11 months ago

Problem with NVIDIA and SDDM is now resolved.

karma: +1 critpath: +1

nvieville 11 months ago

Problem with gnome-session-c and /dev/nvidiactl solved.

nvieville 11 months ago

egreshko 11 months ago

All working well for me. Especially nVidia and sddm

karma: +1 critpath: +1

nvieville 11 months ago

karma: +1 critpath: +1

urbenlegend 11 months ago

Works great! Nvidia drivers work again and the pesky lpqd message that keeps popping up is gone.

karma: +1 critpath: +1

anonymous 11 months ago

karma: +1 critpath: +1

diftraku 11 months ago

karma: +1

diftraku 11 months ago

Meant to add that gnome-session-c can now map /dev/nvidiactl, allowing the system to boot properly.

karma: +1

asciiwolf 11 months ago

Works without any issues. And I can confirm that the nVidia problem has been fixed.

karma: +1

This update has been pushed to testing.

11 months ago

This update has been submitted for batched by bodhi.

11 months ago

This update has been submitted for stable by bodhi.

11 months ago

sct 11 months ago

Fixes nvidia boot-to-gdm-crash issue for me.

This update has been pushed to stable.

11 months ago

jkalina 11 months ago

1575234 still present with updated package

ckujau 11 months ago

Fixes #1566706 for me - thanks!

karma: +1 critpath: +1

ckujau 11 months ago

critpath: +1

ckujau 11 months ago

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

Text fields in Bodhi2 support an enhanced version of markdown. This is a cheat sheet for your reference.

You can do headers by underlining or by prefixing with the # character:

This is an H1
=============

This is an H2
-------------

# This is another H1

## This is another H2

You can do blockquotes using email-style prefixes with the > character:

> This is a quotation
> over many lines
> > and it can be nested(!)

Lists work like you'd expect, by prefixing with any of the *, +, or - characters:

Check out this list:

* This
* is
* a list..

You need a blank line between a paragraph and the start of a list for the renderer to pick up on it.

Emphasis can be added like this:

*italics*
_italics_
**bold**
__bold__

You can save your code references from being misinterpreted as emphasis by surrounding them with backtick characters (`):

Use `the_best_function()` and _not_ that crummy one.

Links look like this:

[text](http://getfedora.org)

..but we also support bare links if you just provide a URL.

You can create code blocks by indenting every line of the block by at least 4 spaces or 1 tab.

Here is a code block:

    for i in range(4):
        print i
    print "done."

You can reference bug reports by simply writing something of the form tracker#ticketid.

This fixes PHP#1234 and Python#2345

... we will automatically generate links to the tickets in the appropriate trackers in place.

The supported bug tracker prefixes are: (these are all case-insensitive)

Fedora, RHBZ and RH (all point to the Red Hat Bugzilla)
GNOME
KDE
PEAR
PHP
Python

And you can refer to other users by prefixing their username with the @ symbol.

Thanks @mattdm!

This will generate a link to their profile, but it won't necessarily send them a notification unless they have a special FMN rule set up to catch it.

Lastly, you can embed inline images with syntax like this:

![Alt text](/path/to/img.jpg)

-1	0	+1	Feedback Guidelines
			Is the update generally functional? (karma) You need to be logged in to add karma!
			Does the system's basic functionality continue to work after this update?
			#1509054 Tang needs a policy
			#1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
			#1569724 smartd cannot save state files
			#1571328 SELinux is preventing LD_PRELOAD from working
			#1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
			#1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
			#1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
			#1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
			#1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
			#1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
			#1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
			#1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
			#1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
			#1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
			#1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
			#1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
			#1576387 Deadlock in nss-systemd and dbus-daemon during startup
			#1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
			#1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
			#1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
			#1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
			#1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
			#1578097 gssproxy AVCs for /proc/<pid>/exe</pid>
			#1578501 glusterd does not start with selinux in enforcing mode
			#1578755 certmonger gets avc on getattr for /
			#1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
			#1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
			#1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
			#1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
			#1579848 the certmaster service triggers SELinux denials
			#1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
			#1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
			#1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl

Content Type

RPM

Status

stable

Test Gating

Submitted by

lvrabec

Update Type

bugfix

Update Severity

high

Karma

+7
stable threshold: 5
unstable threshold: -3

Autopush

Enabled

Dates

submitted	11 months ago
in testing	11 months ago
in stable	11 months ago

Related Bugs 33


0	0	#1509054 Tang needs a policy
0	0	#1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
0	0	#1569724 smartd cannot save state files
0	0	#1571328 SELinux is preventing LD_PRELOAD from working
0	0	#1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
0	0	#1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
0	0	#1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
0	0	#1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
0	0	#1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
0	0	#1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
0	0	#1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
0	0	#1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
0	0	#1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
0	0	#1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
0	0	#1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
0	0	#1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
0	0	#1576387 Deadlock in nss-systemd and dbus-daemon during startup
0	0	#1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
0	0	#1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
0	0	#1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
0	0	#1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
0	0	#1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
0	0	#1578097 gssproxy AVCs for /proc/<pid>/exe</pid>
0	0	#1578501 glusterd does not start with selinux in enforcing mode
0	0	#1578755 certmonger gets avc on getattr for /
0	0	#1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
0	0	#1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
0	0	#1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
0	0	#1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
0	0	#1579848 the certmaster service triggers SELinux denials
0	0	#1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
0	0	#1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
0	0	#1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl

selinux-policy-3.14.1-29.fc28

FEDORA-2018-a74875b364

bugfix update in Fedora 28 for selinux-policy

How to install

Comments 22

1575234 still present with updated package

Add Comment & Feedback Toggle Preview

Related Bugs 33

Automated Test Results

Add Comment & Feedback
Toggle Preview