FEDORA-2018-a74875b364

bugfix update in Fedora 28 for selinux-policy

Status: stable 9 months ago

More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1084439

How to install

sudo dnf upgrade --advisory=FEDORA-2018-a74875b364

Comments 22

This update has been submitted for testing by lvrabec.

9 months ago

xvitaly 9 months ago

Problem with NVIDIA and SDDM is now resolved.

karma: +1 critpath: +1

nvieville 9 months ago

Problem with gnome-session-c and /dev/nvidiactl solved.

nvieville 9 months ago

egreshko 9 months ago

All working well for me. Especially nVidia and sddm

karma: +1 critpath: +1

nvieville 9 months ago

karma: +1 critpath: +1

urbenlegend 9 months ago

Works great! Nvidia drivers work again and the pesky lpqd message that keeps popping up is gone.

karma: +1 critpath: +1

anonymous 9 months ago

karma: +1 critpath: +1

diftraku 9 months ago

karma: +1

diftraku 9 months ago

Meant to add that gnome-session-c can now map /dev/nvidiactl, allowing the system to boot properly.

karma: +1

asciiwolf 9 months ago

Works without any issues. And I can confirm that the nVidia problem has been fixed.

karma: +1

This update has been pushed to testing.

9 months ago

This update has been submitted for batched by bodhi.

9 months ago

This update has been submitted for stable by bodhi.

9 months ago

sct 9 months ago

Fixes nvidia boot-to-gdm-crash issue for me.

This update has been pushed to stable.

9 months ago

jkalina 9 months ago

1575234 still present with updated package

ckujau 9 months ago

Fixes #1566706 for me - thanks!

karma: +1 critpath: +1

ckujau 9 months ago

critpath: +1

ckujau 9 months ago

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

Text fields in Bodhi2 support an enhanced version of markdown. This is a cheat sheet for your reference.

You can do headers by underlining or by prefixing with the # character:

This is an H1
=============

This is an H2
-------------

# This is another H1

## This is another H2

You can do blockquotes using email-style prefixes with the > character:

> This is a quotation
> over many lines
> > and it can be nested(!)

Lists work like you'd expect, by prefixing with any of the *, +, or - characters:

Check out this list:

* This
* is
* a list..

You need a blank line between a paragraph and the start of a list for the renderer to pick up on it.

Emphasis can be added like this:

*italics*
_italics_
**bold**
__bold__

You can save your code references from being misinterpreted as emphasis by surrounding them with backtick characters (`):

Use `the_best_function()` and _not_ that crummy one.

Links look like this:

[text](http://getfedora.org)

..but we also support bare links if you just provide a URL.

You can create code blocks by indenting every line of the block by at least 4 spaces or 1 tab.

Here is a code block:

    for i in range(4):
        print i
    print "done."

You can reference bug reports by simply writing something of the form tracker#ticketid.

This fixes PHP#1234 and Python#2345

... we will automatically generate links to the tickets in the appropriate trackers in place.

The supported bug tracker prefixes are: (these are all case-insensitive)

Fedora, RHBZ and RH (all point to the Red Hat Bugzilla)
GNOME
KDE
PEAR
PHP
Python

And you can refer to other users by prefixing their username with the @ symbol.

Thanks @mattdm!

This will generate a link to their profile, but it won't necessarily send them a notification unless they have a special FMN rule set up to catch it.

Lastly, you can embed inline images with syntax like this:

![Alt text](/path/to/img.jpg)

-1	0	+1	Feedback Guidelines
			Is the update generally functional? (karma) You need to be logged in to add karma!
			Does the system's basic functionality continue to work after this update?
			#1509054 Tang needs a policy
			#1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
			#1569724 smartd cannot save state files
			#1571328 SELinux is preventing LD_PRELOAD from working
			#1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
			#1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
			#1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
			#1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
			#1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
			#1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
			#1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
			#1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
			#1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
			#1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
			#1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
			#1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
			#1576387 Deadlock in nss-systemd and dbus-daemon during startup
			#1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
			#1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
			#1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
			#1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
			#1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
			#1578097 gssproxy AVCs for /proc/<pid>/exe</pid>
			#1578501 glusterd does not start with selinux in enforcing mode
			#1578755 certmonger gets avc on getattr for /
			#1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
			#1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
			#1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
			#1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
			#1579848 the certmaster service triggers SELinux denials
			#1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
			#1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
			#1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl

Content Type

RPM

Status

stable

Test Gating

Submitted by

lvrabec

Update Type

bugfix

Update Severity

high

Karma

+7
stable threshold: 5
unstable threshold: -3

Autopush

Enabled

Dates

submitted	9 months ago
in testing	9 months ago
in stable	9 months ago

Related Bugs 33


0	0	#1509054 Tang needs a policy
0	0	#1566706 SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS...
0	0	#1569724 smartd cannot save state files
0	0	#1571328 SELinux is preventing LD_PRELOAD from working
0	0	#1572945 SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>.</pid>
0	0	#1573945 SELinux prevents jabber router from reading /etc/krb5.keytab file
0	0	#1574170 SELinux is preventing ifconfig from 'search' accesses on the directory net.
0	0	#1574174 SELinux is preventing ifconfig from 'getattr' accesses on the file /proc/<pid>/net/dev.</pid>
0	0	#1574184 SELinux is preventing ssh from 'ioctl' accesses on the chr_file /dev/net/tun.
0	0	#1574186 SELinux is preventing ssh from 'create' accesses on the tun_socket Unknown.
0	0	#1574355 SELinux is preventing loadkeys from 'open' accesses on the chr_file /dev/tty2.
0	0	#1574553 SELinux is preventing lightdm-autolog from 'execute' accesses on the Datei /usr/lib/systemd/systemd-coredump.
0	0	#1574649 Creation of cgroup in /etc/cgconfig.cfg failing at boot; AVC denial
0	0	#1574735 SELinux is preventing cgconfigparser from using the 'dac_override' capabilities.
0	0	#1575234 SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
0	0	#1575511 SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
0	0	#1576387 Deadlock in nss-systemd and dbus-daemon during startup
0	0	#1576913 SELinux is preventing lpqd from 'sendto' accesses on the unix_dgram_socket /var/lib/samba/private/msg.sock/1966.
0	0	#1576998 SELinux is preventing kworker/u8:4 from using the 'dac_override' capabilities.
0	0	#1577100 cyrus-imapd processess run in wrong selinux context (unconfined_service_t)
0	0	#1577471 SELinux is preventing bluetoothd from 'bind' accesses on the bluetooth_socket Unknown.
0	0	#1577581 SELinux is preventing python3 from 'execute_no_trans' accesses on the file /usr/sbin/ldconfig.
0	0	#1578097 gssproxy AVCs for /proc/<pid>/exe</pid>
0	0	#1578501 glusterd does not start with selinux in enforcing mode
0	0	#1578755 certmonger gets avc on getattr for /
0	0	#1578879 SELinux is preventing certwatch from 'getattr' accesses on the filesystem /.
0	0	#1578882 SELinux is preventing plymouth from 'append' accesses on the unix_stream_socket unix_stream_socket.
0	0	#1578915 SELinux is preventing polkit-agent-he from 'open' accesses on the chr_file /dev/hidraw2.
0	0	#1579692 SELinux is preventing abrt-action-gen from 'map' accesses on the file /usr/lib64/httpd/modules/mod_systemd.so.
0	0	#1579848 the certmaster service triggers SELinux denials
0	0	#1580149 SELinux is preventing setpriv from using the 'nnp_transition' accesses on a process.
0	0	#1581790 SELinux is preventing gnome-session-c from 'map' accesses on the chr_file /dev/nvidiactl.
0	0	#1582203 SELinux is preventing sddm-greeter from map access on the chr_file /dev/nvidiactl

selinux-policy-3.14.1-29.fc28

FEDORA-2018-a74875b364

bugfix update in Fedora 28 for selinux-policy

How to install

Comments 22

1575234 still present with updated package

Add Comment & Feedback Toggle Preview

Related Bugs 33

Automated Test Results

Add Comment & Feedback
Toggle Preview