selinux-policy-targeted update is dangerous
Dan Track
dan.track at gmail.com
Tue Jun 28 14:01:36 UTC 2005
Hi
I sympathise with those who have suffered with these updated selinux
policies. As soon as I updated mine my dhcpd server stopped working
and wouldn't bind to the interface.
I know this OT but thought I'd just mention the problems that SElinux
are causing.
Dan
On 6/28/05, Stephen Smalley <sds at tycho.nsa.gov> wrote:
> On Mon, 2005-06-27 at 20:26 -0400, Arthur Pemberton wrote:
> > From /var/log/yum.log:
> >
> > Jun 27 04:25:18 Updated: selinux-policy-targeted.noarch 1.17.30-3.13
> > Jun 27 04:26:21 Updated: selinux-policy-targeted-sources.noarch 1.17.30-3.13
> > ------------------------------------------------
> >
> > Since then things have come tumbling down here are samples of the errors:
> >
> > Jun 27 04:25:27 Romeo kernel: audit(1119860727.362:0): avc: denied {
> > execmod } for pid=6990 comm=sendmail path=/lib/tls/libm-2.3.5.so
> > dev=dm-0 ino=5455897 scontext=user_u:system_r:unconfined_t
> > tcontext=system_u:object_r:lib_t tclass=file
>
> Yes, that policy update is broken. See:
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161834
>
> --
> Stephen Smalley
> National Security Agency
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list