FEDORA-2018-a74875b364

bugfix update in Fedora 28 for selinux-policy

Status: stable 2 months ago

More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1084439

Comments 22

This update has been submitted for testing by lvrabec.

2 months ago

xvitaly 2 months ago

Problem with NVIDIA and SDDM is now resolved.

karma: +1 critpath: +1

nvieville 2 months ago

Problem with gnome-session-c and /dev/nvidiactl solved.

nvieville 2 months ago

egreshko 2 months ago

All working well for me. Especially nVidia and sddm

karma: +1 critpath: +1

nvieville 2 months ago

karma: +1 critpath: +1

urbenlegend 2 months ago

Works great! Nvidia drivers work again and the pesky lpqd message that keeps popping up is gone.

karma: +1 critpath: +1

anonymous 2 months ago

karma: +1 critpath: +1

diftraku 2 months ago

karma: +1

diftraku 2 months ago

Meant to add that gnome-session-c can now map /dev/nvidiactl, allowing the system to boot properly.

karma: +1

asciiwolf 2 months ago

Works without any issues. And I can confirm that the nVidia problem has been fixed.

karma: +1

This update has been pushed to testing.

2 months ago

This update has been submitted for batched by bodhi.

2 months ago

This update has been submitted for stable by bodhi.

2 months ago

sct 2 months ago

Fixes nvidia boot-to-gdm-crash issue for me.

This update has been pushed to stable.

2 months ago

jkalina 2 months ago

1575234 still present with updated package

ckujau 2 months ago

Fixes #1566706 for me - thanks!

karma: +1 critpath: +1

ckujau 2 months ago

critpath: +1

ckujau 2 months ago

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

Text fields in Bodhi2 support an enhanced version of markdown. This is a cheat sheet for your reference.

You can do headers by underlining or by prefixing with the # character:

This is an H1
=============

This is an H2
-------------

# This is another H1

## This is another H2

You can do blockquotes using email-style prefixes with the > character:

> This is a quotation
> over many lines
> > and it can be nested(!)

Lists work like you'd expect, by prefixing with any of the *, +, or - characters:

Check out this list:

* This
* is
* a list..

You need a blank line between a paragraph and the start of a list for the renderer to pick up on it.

Emphasis can be added like this:

*italics*
_italics_
**bold**
__bold__

You can save your code references from being misinterpreted as emphasis by surrounding them with backtick characters (`):

Use `the_best_function()` and _not_ that crummy one.

Links look like this:

[text](http://getfedora.org)

..but we also support bare links if you just provide a URL.

You can create code blocks by indenting every line of the block by at least 4 spaces or 1 tab.

Here is a code block:

    for i in range(4):
        print i
    print "done."

You can reference bug reports by simply writing something of the form tracker#ticketid.

This fixes PHP#1234 and Python#2345

... we will automatically generate links to the tickets in the appropriate trackers in place.

The supported bug tracker prefixes are: (these are all case-insensitive)

Fedora, RHBZ and RH (all point to the Red Hat Bugzilla)
GNOME
KDE
PEAR
PHP
Python

And you can refer to other users by prefixing their username with the @ symbol.

Thanks @mattdm!

This will generate a link to their profile, but it won't necessarily send them a notification unless they have a special FMN rule set up to catch it.

Lastly, you can embed inline images with syntax like this:

![Alt text](/path/to/img.jpg)

-1	0	+1	Feedback Guidelines
			#1579848 the certmaster service triggers SELinux denials
			#1578501 glusterd does not start with selinux in enforcing mode
			#1578755 certmonger gets avc on getattr for /
			#1509054 Tang needs a policy
			#1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
			#1576387 Deadlock in nss-systemd and dbus-daemon during startup
			#1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
			#1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
			#1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
			#1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl
			#1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
			#1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
			#1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
			#1569724 smartd cannot save state files
			#1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
			#1571328 SELinux is preventing LD_PRELOAD from working
			#1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
			#1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
			#1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
			#1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
			#1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
			#1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
			#1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
			#1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
			#1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
			#1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
			#1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
			#1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
			#1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
			#1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
			#1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
			#1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
			#1578097 gssproxy AVCs for /proc/<pid>/exe</pid>
			Does the system's basic functionality continue to work after this update?
			Is the update generally functional?

Content Type

RPM

Status

stable

Test Gating Status

Tests Ignored

Submitted by

lvrabec

Update Type

bugfix

Update Severity

high

Karma

+7
stable threshold: 5
unstable threshold: -3

Autopush

Enabled

Dates

submitted	2 months ago
in testing	2 months ago
in stable	2 months ago

Related Bugs 33


0	0	#1579848 the certmaster service triggers SELinux denials
0	0	#1578501 glusterd does not start with selinux in enforcing mode
0	0	#1578755 certmonger gets avc on getattr for /
0	0	#1509054 Tang needs a policy
0	0	#1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
0	0	#1576387 Deadlock in nss-systemd and dbus-daemon during startup
0	0	#1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
0	0	#1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
0	0	#1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
0	0	#1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl
0	0	#1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
0	0	#1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
0	0	#1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
0	0	#1569724 smartd cannot save state files
0	0	#1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
0	0	#1571328 SELinux is preventing LD_PRELOAD from working
0	0	#1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
0	0	#1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
0	0	#1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
0	0	#1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
0	0	#1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
0	0	#1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
0	0	#1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
0	0	#1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
0	0	#1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
0	0	#1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
0	0	#1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
0	0	#1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
0	0	#1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
0	0	#1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
0	0	#1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
0	0	#1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
0	0	#1578097 gssproxy AVCs for /proc/<pid>/exe</pid>

selinux-policy-3.14.1-29.fc28

Automated Test Results

Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.

FEDORA-2018-a74875b364

bugfix update in Fedora 28 for selinux-policy

Comments 22

1575234 still present with updated package

Add Comment & Feedback Toggle Preview

Related Bugs 33

Automated Test Results

Add Comment & Feedback
Toggle Preview