Language and Page Formatting Options
Updated policycoreutils packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.
The policycoreutils packages contain the core utilities that are required for the basic operation of a Security-Enhanced Linux (SELinux) system and its policies.
- Previously, several semanage command-line options did not work as expected. With this update, these options have been corrected and now work proprerly.
- With this update, the semanage man page has been updated to be consistent with information contained in the semanage help page.
- Due to a bug in the policycoreutils package, installation of the ipa-server-selinux package failed. This bug has been fixed and ipa-server-selinux can now be installed without complications.
- Prior to this update, the sandbox utility did not accept symbolic links specified in the /etc/sysconfig/sandbox file. Consequently, executing the "sandbox -M" command failed with a "No such file or directory" message. The underlying source code has been modified and symlinks can now be configured in /etc/sysconfig/sandbox without complications.
- Previously, the fixfiles script did not recognize a change in the regular expression describing the /sbin/ip6?tables-multi* files. Consequently, these files were labeled incorrectly after updating the system with the yum update command. With this update, fixfiles has been corrected to accept the change of regular expression.
- Prior to this update, after executing the "semanage boolean -m" command, a traceback was returned. This bug has been fixed and tracebacks are no longer displayed in the aforementioned scenario.
- BZ#928320, BZ#947504
- Previously, the semanage utility did not allow to set the "none" context on directories and files. Consequently, the following message was displayed when attempting to do so:/usr/sbin/semanage: Type none is invalid, must be a file or device typeThis bug has been fixed, and it is now possible to set the "none" context without complications.
- Prior to this update, the "-o" option of the audit2allow command overwrote the contents of the output file instead of just appending the new content. This bug has been fixed, and "audit2allow -o" now works as expected.
- After attempting to enable a SELinux boolean that did not exist, a brief error message was generated. This update modifies this message to be more informative.
- After attempting to permanently change a boolean that did not exist, an incorrect error message was generated. This message has been modified to provide correct information about the cause of the problem.
- This update adds a possibility to exclude selected files when running the restorecon utility, which can significantly reduce execution times.
Users of policycoreutils are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.