SCIENTIFIC-LINUX-ERRATA Archives

June 2013

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

Options: Use Monospaced Font
Show Text Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Sender:
Security Errata for Scientific Linux <[log in to unmask]>
Date:
Thu, 27 Jun 2013 16:21:26 -0500
Reply-To:
Bonnie King <[log in to unmask]>
Subject:
MIME-Version:
1.0
Content-Transfer-Encoding:
7bit
Content-Type:
text/plain; charset="ISO-8859-1"; format=flowed
From:
Bonnie King <[log in to unmask]>
Comments:
Parts/Attachments:
text/plain (49 lines)
Synopsis: Low: selinux-policy bug fix update
Issue date: 2013-06-27

This update fixes the following bug:

* Previously, SELinux returned AVC denial messages during attempts to 
attach an LVM volume to a Red Hat OpenStack 3 instance. The relevant
SELinux policy rules have been modified to add an additional MCS 
attribute for hald_t SELinux domain, and AVC denial messages are no 
longer returned when attaching LVM volume to a Red Hat OpenStack 3 instance.

* When using Quantum 2013.1.2 with netns support, several SELinux 
denials were produced. This update allows qemu to manage nova lib files, 
hald to read svirt images, and AVC denials no longer occur in the 
described scenario.

* Previously, the logrotate daemon rotated logs and tried to update the
process ID (PID) in the "/var/run/openvswitch/ovs-vswitchd.pid"
configuration, which caused AVC denials. Usually, the logrotate script
sends a SIGHUP to a daemon to order it to reopen log files after they 
were rotated. This update revises the openvswitch policy, and AVC 
denials no longer occur in the described scenario.

This update has been placed in the security tree to avoid selinux bugs.

SL6.x

SRPMS:

selinux-policy-3.7.19-195.el6_4.12.src.rpm

i386:

selinux-policy-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-doc-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-minimum-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-mls-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-targeted-3.7.19-195.el6_4.12.noarch.rpm

x86_64:

selinux-policy-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-doc-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-minimum-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-mls-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-targeted-3.7.19-195.el6_4.12.noarch.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2