FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

 
 
LinkBack Thread Tools
 
Old 08-14-2012, 06:55 PM
Sven Vermeulen
 
Default SELinux base policy 2.20120725 rev 2 in hardened-dev overlay

Hi folks,

Revision 2 of the SELinux base policy (based on the 20120725 release) is now
available in the hardened-dev overlay. It contains the following fixes:

<no bug> Backport file_contexts.subs_dist changes
<no bug> Backport ntp policy changes
#248485 Update publicfile daemon binary contexts
#429486 Support initrc_t creating /run/tor for the tor daemon
<no bug> Use an init_daemon_run_dir call for /run support
#429908 Correct postfix binary labels
#428686 Allow admins to run postfix administration commands
<no bug> Allow postfix to create its initial queues
<no bug> Use "chromium" as module name, not "chromium-browser"
<no bug> Backport oident policy changes
<no bug> Backport mcelog policy changes
<no bug> Backport BIRD policy
#427750 Allow init to change the attribute of the mysqld run dir
<no bug> Refactor code on init and /run
<no bug> Use proper context substitutions for /usr and /etc/init.d

I also made policycoreutils-2.1.10-r5 available, which should fix the
following bugs:

#430806 Have "semanage user" work properly
#427596 rlpkg fails on Python3

Wkr,
Sven Vermeulen
 
Old 08-15-2012, 08:05 AM
Sven Vermeulen
 
Default SELinux base policy 2.20120725 rev 2 in hardened-dev overlay

On Tue, Aug 14, 2012 at 06:55:32PM +0000, Sven Vermeulen wrote:
> Hi folks,
>
> Revision 2 of the SELinux base policy (based on the 20120725 release) is now
> available in the hardened-dev overlay. It contains the following fixes:
>
> <no bug> Backport file_contexts.subs_dist changes
[...]

This seems to break policycoreutils. If you get "too many values to unpack",
edit /etc/selinux/strict/contexts/files/file_contexts.subs_dist (or
whatever SELinux profile you have) and remove the comments from the file.

Tracked through bug #431486

Wkr,
Sven Vermeulen
 

Thread Tools




All times are GMT. The time now is 11:50 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org