Sender: |
|
Date: |
Thu, 27 Jun 2013 16:21:26 -0500 |
Reply-To: |
|
Subject: |
|
MIME-Version: |
1.0 |
Content-Transfer-Encoding: |
7bit |
Content-Type: |
text/plain; charset="ISO-8859-1"; format=flowed |
From: |
|
Comments: |
|
Parts/Attachments: |
|
|
Synopsis: Low: selinux-policy bug fix update
Issue date: 2013-06-27
This update fixes the following bug:
* Previously, SELinux returned AVC denial messages during attempts to
attach an LVM volume to a Red Hat OpenStack 3 instance. The relevant
SELinux policy rules have been modified to add an additional MCS
attribute for hald_t SELinux domain, and AVC denial messages are no
longer returned when attaching LVM volume to a Red Hat OpenStack 3 instance.
* When using Quantum 2013.1.2 with netns support, several SELinux
denials were produced. This update allows qemu to manage nova lib files,
hald to read svirt images, and AVC denials no longer occur in the
described scenario.
* Previously, the logrotate daemon rotated logs and tried to update the
process ID (PID) in the "/var/run/openvswitch/ovs-vswitchd.pid"
configuration, which caused AVC denials. Usually, the logrotate script
sends a SIGHUP to a daemon to order it to reopen log files after they
were rotated. This update revises the openvswitch policy, and AVC
denials no longer occur in the described scenario.
This update has been placed in the security tree to avoid selinux bugs.
SL6.x
SRPMS:
selinux-policy-3.7.19-195.el6_4.12.src.rpm
i386:
selinux-policy-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-doc-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-minimum-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-mls-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-targeted-3.7.19-195.el6_4.12.noarch.rpm
x86_64:
selinux-policy-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-doc-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-minimum-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-mls-3.7.19-195.el6_4.12.noarch.rpm
selinux-policy-targeted-3.7.19-195.el6_4.12.noarch.rpm
- Scientific Linux Development Team
|
|
|