Synopsis: Low: selinux-policy bug fix update Issue date: 2013-06-27 This update fixes the following bug: * Previously, SELinux returned AVC denial messages during attempts to attach an LVM volume to a Red Hat OpenStack 3 instance. The relevant SELinux policy rules have been modified to add an additional MCS attribute for hald_t SELinux domain, and AVC denial messages are no longer returned when attaching LVM volume to a Red Hat OpenStack 3 instance. * When using Quantum 2013.1.2 with netns support, several SELinux denials were produced. This update allows qemu to manage nova lib files, hald to read svirt images, and AVC denials no longer occur in the described scenario. * Previously, the logrotate daemon rotated logs and tried to update the process ID (PID) in the "/var/run/openvswitch/ovs-vswitchd.pid" configuration, which caused AVC denials. Usually, the logrotate script sends a SIGHUP to a daemon to order it to reopen log files after they were rotated. This update revises the openvswitch policy, and AVC denials no longer occur in the described scenario. This update has been placed in the security tree to avoid selinux bugs. SL6.x SRPMS: selinux-policy-3.7.19-195.el6_4.12.src.rpm i386: selinux-policy-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-doc-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-minimum-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-mls-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-targeted-3.7.19-195.el6_4.12.noarch.rpm x86_64: selinux-policy-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-doc-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-minimum-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-mls-3.7.19-195.el6_4.12.noarch.rpm selinux-policy-targeted-3.7.19-195.el6_4.12.noarch.rpm - Scientific Linux Development Team