Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

7.162. policycoreutils

Updated policycoreutils packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
The policycoreutils packages contain the core utilities that are required for the basic operation of a Security-Enhanced Linux (SELinux) system and its policies.

Bug Fixes

Previously, the sepolgen utility was a part of the policycore-gui package, even though it does not require any GUI. With this update, sepolgen is a part of the policycore-python package.
The "audit2allow -br" command did not work properly when the "LANG" environment variable was set to a different language than "US/English". The underlying source code has been modified, and "audit2allow -br" now works as expected.
When running the fixfiles utility in "verify" or "check" mode, fixfiles changed certain SELinux contexts even if it was not supposed to. With this update, fixfiles has been modified to only print incorrect SELinux contexts instead of changing them when running in aforementioned modes.
The semanage utility previously listed only changes made to the currently used SELinux policy. For example, when the targeted policy was loaded and changes were made to the Multi-Level Security (MLS) policy, the "semanage -S mls -o" command did not list all the changes, even when the changes were applied correctly. This bug has been fixed, and semanage now lists all changes as expected.
A new "noreload" option was implemented for semanage commands in Red Hat Enterprise Linux 6.6. However, due to a missing reload initialization in the semanageRecords() function, users could not enable Booleans directly using the seobject python module that comes from the policycoreutils-python utility. This bug has been fixed, and users can now set Booleans correctly using the seobject python module.
Users of policycoreutils are advised to upgrade to these updated packages, which fix these bugs.