obsolete

selinux-policy-40.15-1.fc40

FEDORA-2024-883c7e0684 created by zpytela a year ago for Fedora 40

New F40 selinux-policy build

New F40 selinux-policy build

This update has been submitted for testing by zpytela.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update has obsoleted selinux-policy-40.14-2.fc40, and has inherited its bugs and notes.

a year ago

This update has been pushed to testing.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago
User Icon geraldosimiao provided feedback a year ago
karma

This update can be pushed to stable now if the maintainer wishes

a year ago
User Icon nixuser commented & provided feedback a year ago
karma

Working fine.

User Icon jrische commented & provided feedback a year ago
karma

krb5kdc and kadmind daemons are working with Berkeley DB backend with this update.

User Icon ciupicri commented & provided feedback a year ago
karma

no issues

User Icon geraldosimiao commented & provided feedback a year ago

oh dear, after e few days, now SELinux stops the creation of new VMs with TPM enabled: 

 Additional Information:        
Source Context                system_u:system_r:virtqemud_t:s0       
Target Context                system_u:object_r:virt_var_lib_t:s0       
Target Objects                tpm2 [ dir ]        
Source                        rpc-virtqemud       
Source Path                   rpc-virtqemud
User Icon geraldosimiao commented & provided feedback a year ago
karma

Yeah, I opened the bug reports. when set selinux to permissive the new VMs with TPM can be created. Will change karma here to reflect this.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

a year ago
User Icon zpytela commented & provided feedback a year ago

@geraldosimiao, you should give negative karma if this update brings a regression. Otherwise I don't see the point.

User Icon geraldosimiao commented & provided feedback a year ago

but it bring a regression, I can't start TPM VMs with this version. I downgraded to selinux-policy-40.13-1.fc40.noarch and selinux-policy-targeted-40.13-1.fc40.noarch and VMs can be created again with TPM enabled.

User Icon zpytela commented & provided feedback a year ago

We usually don't remove existing permissions, so I wonder why updating would make anything worse. Are you sure no other package was updated?

User Icon geraldosimiao commented & provided feedback a year ago

Well, I tested it downgrading the selinux-policy. The other package that could be involved on this (TPM emulator) is swtpm, and its the same since 01-28-2024 (swtpm-0.8.1-5.fc40 )

User Icon genodeftest commented & provided feedback 12 months ago
karma

No problems reported with selinux-policy-40.15-1.fc40.noarch on Fedora 40 GNOME desktop usage

User Icon frantisekz provided feedback 11 months ago
karma
User Icon bojan commented & provided feedback 11 months ago
karma

Works.

This update has been obsoleted by selinux-policy-40.16-1.fc40.

11 months ago

Please login to add feedback.

Metadata
Type
bugfix
Severity
medium
Karma
5
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-2
Stable by Karma
disabled
Stable by Time
disabled
Thresholds
Minimum Karma
+2
Minimum Testing
14 days
Dates
submitted
a year ago
in testing
a year ago
approved
11 months ago
Builds
1
selinux-policy-40.15-1.fc40
BZ#2256442 avc: denied { read write } for pid=12364 comm="plymouthd" name="kmsg" dev="devtmpfs" ino=10 scontext=system_u:system_r:plymouthd_t:s0 tcontext=system_u:object_r:kmsg_device_t:s0 tclass=chr_file permissive=1
0
0
selinux-policy-40.15-1.fc40

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-ngwjn.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy