Fedora Core 5 Test Update: selinux-policy-2.2.36-2.fc5
Rodd Clarkson
rodd at clarkson.id.au
Thu May 4 01:10:53 UTC 2006
On Tue, 2006-05-02 at 12:09 -0400, Daniel Walsh wrote:
> ---------------------------------------------------------------------
> Fedora Test Update Notification
> FEDORA-2006-479
> 2006-05-02
> ---------------------------------------------------------------------
>
> Product : Fedora Core 5
> Name : selinux-policy
> Version : 2.2.36
> Release : 2.fc5
> Summary : SELinux policy configuration
> Description :
> SELinux Reference Policy - modular.
>
> ---------------------------------------------------------------------
>
> * Mon May 1 2006 Dan Walsh <dwalsh at redhat.com> 2.2.36-2.fc5
> - Bump for fc5
> * Mon May 1 2006 Dan Walsh <dwalsh at redhat.com> 2.2.36-2
> - Fix libjvm spec
> * Tue Apr 25 2006 Dan Walsh <dwalsh at redhat.com> 2.2.36-1
> - Update to upstream
> * Tue Apr 25 2006 James Antill <jantill at redhat.com> 2.2.35-2
> - Add xm policy
> - Fix policygentool
> * Mon Apr 24 2006 Dan Walsh <dwalsh at redhat.com> 2.2.35-1
> - Update to upstream
> - Fix postun to only disable selinux on full removal of the packages
>
> ---------------------------------------------------------------------
> This update can be downloaded from:
> http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/5/
>
> a30cd25bb591ec194c3d2e6bffebc7a34c75420a SRPMS/selinux-policy-2.2.36-2.fc5.src.rpm
> e838e4c4a5928552c23c0f8fcfd68ecb05c63277 ppc/selinux-policy-2.2.36-2.fc5.noarch.rpm
> a7239cb5043700b83c54115a63e3093cc6b6e38d ppc/selinux-policy-targeted-2.2.36-2.fc5.noarch.rpm
> f864d2ba2dbca10a6f74f72d911cc91570bf1386 ppc/selinux-policy-mls-2.2.36-2.fc5.noarch.rpm
> 1ba717c0721f3761e5388d66e90b692d31fcdc3f ppc/selinux-policy-strict-2.2.36-2.fc5.noarch.rpm
> e838e4c4a5928552c23c0f8fcfd68ecb05c63277 x86_64/selinux-policy-2.2.36-2.fc5.noarch.rpm
> a7239cb5043700b83c54115a63e3093cc6b6e38d x86_64/selinux-policy-targeted-2.2.36-2.fc5.noarch.rpm
> f864d2ba2dbca10a6f74f72d911cc91570bf1386 x86_64/selinux-policy-mls-2.2.36-2.fc5.noarch.rpm
> 1ba717c0721f3761e5388d66e90b692d31fcdc3f x86_64/selinux-policy-strict-2.2.36-2.fc5.noarch.rpm
> e838e4c4a5928552c23c0f8fcfd68ecb05c63277 i386/selinux-policy-2.2.36-2.fc5.noarch.rpm
> a7239cb5043700b83c54115a63e3093cc6b6e38d i386/selinux-policy-targeted-2.2.36-2.fc5.noarch.rpm
> f864d2ba2dbca10a6f74f72d911cc91570bf1386 i386/selinux-policy-mls-2.2.36-2.fc5.noarch.rpm
> 1ba717c0721f3761e5388d66e90b692d31fcdc3f i386/selinux-policy-strict-2.2.36-2.fc5.noarch.rpm
>
> This update can be installed with the 'yum' update program. Use 'yum update
> package-name' at the command line. For more information, refer to 'Managing
> Software with yum,' available at http://fedora.redhat.com/docs/yum/.
> ---------------------------------------------------------------------
Hmmm, after this update I see the following in dmesg:
SELinux: initialized (dev autofs, type autofs), uses genfs_contexts
audit(1146704785.848:2): avc: denied { getattr } for pid=2359
comm="hald" name="/" dev=sda7 ino=2 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
audit(1146704791.829:3): avc: denied { getattr } for pid=2359
comm="hald" name="/" dev=sda7 ino=2 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
audit(1146704811.121:4): avc: denied { use } for pid=2681
comm="bluez-pin" name="[8643]" dev=pipefs ino=8643
scontext=user_u:system_r:bluetooth_helper_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd
audit(1146704811.121:5): avc: denied { write } for pid=2681
comm="bluez-pin" name="[8643]" dev=pipefs ino=8643
scontext=user_u:system_r:bluetooth_helper_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fifo_file
ISO 9660 Extensions: Microsoft Joliet Level 3
ISO 9660 Extensions: RRIP_1991A
SELinux: initialized (dev hdc, type iso9660), uses genfs_contexts
audit(1146704814.993:6): avc: denied { getattr } for pid=2359
comm="hald" name="/" dev=sda7 ino=2 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
httpd no longer seems to work (no web page is getting displayed from the
server).
Rodd
--
"It's a fine line between denial and faith.
It's much better on my side"
More information about the fedora-test-list
mailing list