- Issued:
- 2009-09-02
- Updated:
- 2009-09-02
RHBA-2009:1292 - Bug Fix Advisory
Synopsis
policycoreutils bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated policycoreutils packages that fix several bugs are now available.
Description
policycoreutils contains the policy core utilities that are required for
the basic operation of a Security-Enhanced Linux (SELinux) system. These
utilities include load_policy to load policies, setfiles to label file
systems, newrole to switch roles, and run_init to run "/etc/init.d/"
scripts in the proper context.
These updated packages fix the following bugs:
- when attempting to change contexts, chcat reported invalid argument and
insufficient space errors because of a limit to the number of extended
attributes that could be included as an argument. This update fixes the
issue. (BZ#220813)
- executing the "semanage port -{a|d|m} [-tr] [-p protocol] port" command
failed if SELinux was disabled. This update adds support for selecting a
store with semanage so that application policies can be updated when
SELinux is disabled. (BZ#316011)
- genhomedircon could not process a HOME_DIR with a context <<none>>.
This condition has been added and the problem has been resolved.
(BZ#354361)
- restorecond.conf did not include definitions for ~/web or ~/www
directories. The paths for these directories have been added to
restorecond.conf, resolving this issue. (BZ#458687)
- chcat did not translate category IDs to name strings when a user belonged
to multiple categories. chcat and setrans.conf have been modified so that
category IDs are translated as expected on all architectures and the error
no longer presents. (BZ#459677)
- clicking on the table header in system-config-selinux network port view
should have toggled numerical sorting of values, but did not activate the
sort method. This update fixes the sort order action for the ports page.
(BZ#468170)
- policycoreutils did not support the use of "semodule -DB" when removing
dontaudit messages. Upstream "semodule -DB" support has been added so that
users have a simple mechanism to remove all dontaudit rules while
building policies. (BZ#493115)
Users of policycoreutils are advised to upgrade to these updated packages,
which resolve these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 220813 - chcat throwing error messages while changing context
- BZ - 316011 - semanage port -a -t ldap_port_t -p tcp 4389 fails if SELinux disabled
- BZ - 354361 - genhomedircon not processing HOME_DIR when context <<none>>
- BZ - 458687 - restorecond.conf does not include ~/web or ~/www
- BZ - 459677 - chcat won't translate multi-categories to strings as defined
- BZ - 468170 - system-config-selinux network port view sorting is broken
- BZ - 493115 - Need to be able to turn off dontaudit messages
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
policycoreutils-1.33.12-14.6.el5.src.rpm | SHA-256: 79bc5b04bd7b2b7124533829e4287ede6735da4c494845dbf0cb604c7de5022e |
x86_64 | |
policycoreutils-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 6a85f2955eb6cfb6547220b550dcdeb18ad270b6ba40679bdf1e99c736bc7014 |
policycoreutils-gui-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 4391de76b3396d727791036b45f14725d0211c5c98ae9a446462bab872e1360c |
policycoreutils-newrole-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 9f8b58aabc5bf9afe1f2c836e15de4a3efe66c82b6d377fcc547ae6322d27cde |
ia64 | |
policycoreutils-1.33.12-14.6.el5.ia64.rpm | SHA-256: 72d4bcaa50fe16d5d0e669b7d476ee1983fe7dcdf4eaf2b931e496c42c3709d9 |
policycoreutils-gui-1.33.12-14.6.el5.ia64.rpm | SHA-256: 03c9e126ff4690790dc7f97955abc93e64adcd757b75d28254537a3102c478af |
policycoreutils-newrole-1.33.12-14.6.el5.ia64.rpm | SHA-256: 58772be56c678d907121703aef4fb8886a1ffa9b45cf0137f3f4e65dc4c89bc0 |
i386 | |
policycoreutils-1.33.12-14.6.el5.i386.rpm | SHA-256: ddd7e1c4cb20bb905ab50b93b3277cb6b231499dc6e3051e710acffb41ac9628 |
policycoreutils-gui-1.33.12-14.6.el5.i386.rpm | SHA-256: e6f89a51da9c79a0272de41161faac69af84d9a83a450e701ece33fc38ecd84f |
policycoreutils-newrole-1.33.12-14.6.el5.i386.rpm | SHA-256: 3d0a3cd5d2de5b80667ce587456a1ac4c50251fa24967165d8518c1d418a56bd |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
policycoreutils-1.33.12-14.6.el5.src.rpm | SHA-256: 79bc5b04bd7b2b7124533829e4287ede6735da4c494845dbf0cb604c7de5022e |
x86_64 | |
policycoreutils-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 6a85f2955eb6cfb6547220b550dcdeb18ad270b6ba40679bdf1e99c736bc7014 |
policycoreutils-gui-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 4391de76b3396d727791036b45f14725d0211c5c98ae9a446462bab872e1360c |
policycoreutils-newrole-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 9f8b58aabc5bf9afe1f2c836e15de4a3efe66c82b6d377fcc547ae6322d27cde |
i386 | |
policycoreutils-1.33.12-14.6.el5.i386.rpm | SHA-256: ddd7e1c4cb20bb905ab50b93b3277cb6b231499dc6e3051e710acffb41ac9628 |
policycoreutils-gui-1.33.12-14.6.el5.i386.rpm | SHA-256: e6f89a51da9c79a0272de41161faac69af84d9a83a450e701ece33fc38ecd84f |
policycoreutils-newrole-1.33.12-14.6.el5.i386.rpm | SHA-256: 3d0a3cd5d2de5b80667ce587456a1ac4c50251fa24967165d8518c1d418a56bd |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
policycoreutils-1.33.12-14.6.el5.src.rpm | SHA-256: 79bc5b04bd7b2b7124533829e4287ede6735da4c494845dbf0cb604c7de5022e |
x86_64 | |
policycoreutils-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 6a85f2955eb6cfb6547220b550dcdeb18ad270b6ba40679bdf1e99c736bc7014 |
policycoreutils-gui-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 4391de76b3396d727791036b45f14725d0211c5c98ae9a446462bab872e1360c |
policycoreutils-newrole-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 9f8b58aabc5bf9afe1f2c836e15de4a3efe66c82b6d377fcc547ae6322d27cde |
i386 | |
policycoreutils-1.33.12-14.6.el5.i386.rpm | SHA-256: ddd7e1c4cb20bb905ab50b93b3277cb6b231499dc6e3051e710acffb41ac9628 |
policycoreutils-gui-1.33.12-14.6.el5.i386.rpm | SHA-256: e6f89a51da9c79a0272de41161faac69af84d9a83a450e701ece33fc38ecd84f |
policycoreutils-newrole-1.33.12-14.6.el5.i386.rpm | SHA-256: 3d0a3cd5d2de5b80667ce587456a1ac4c50251fa24967165d8518c1d418a56bd |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
policycoreutils-1.33.12-14.6.el5.src.rpm | SHA-256: 79bc5b04bd7b2b7124533829e4287ede6735da4c494845dbf0cb604c7de5022e |
s390x | |
policycoreutils-1.33.12-14.6.el5.s390x.rpm | SHA-256: fdaf7c8a14d4759b0686f0fb58d8d7c6ba7e1de55e6abd48bb9605d16ace9e90 |
policycoreutils-gui-1.33.12-14.6.el5.s390x.rpm | SHA-256: f939aebba4c3369d8719528df3509b39969570e0e330c11def85852d5a0cbb6e |
policycoreutils-newrole-1.33.12-14.6.el5.s390x.rpm | SHA-256: 26d2e8ffa57a9033b208b74f9ce76b87f3810f58cc1910e0921f37e6e0eaa5b6 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
policycoreutils-1.33.12-14.6.el5.src.rpm | SHA-256: 79bc5b04bd7b2b7124533829e4287ede6735da4c494845dbf0cb604c7de5022e |
ppc | |
policycoreutils-1.33.12-14.6.el5.ppc.rpm | SHA-256: a85c4969d076d95d9406b746490a88405295b99273cf962ce5a9fb38abbe9020 |
policycoreutils-gui-1.33.12-14.6.el5.ppc.rpm | SHA-256: 37329adeb14e5b6ebb32c0f53202055fa8185c6f692615f8555743e975cb28cd |
policycoreutils-newrole-1.33.12-14.6.el5.ppc.rpm | SHA-256: 982ffd3fd36778b01e475a7a1c23d7a813ccaec9baf7d65eb5548baebcab7bc2 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
policycoreutils-1.33.12-14.6.el5.src.rpm | SHA-256: 79bc5b04bd7b2b7124533829e4287ede6735da4c494845dbf0cb604c7de5022e |
x86_64 | |
policycoreutils-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 6a85f2955eb6cfb6547220b550dcdeb18ad270b6ba40679bdf1e99c736bc7014 |
policycoreutils-gui-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 4391de76b3396d727791036b45f14725d0211c5c98ae9a446462bab872e1360c |
policycoreutils-newrole-1.33.12-14.6.el5.x86_64.rpm | SHA-256: 9f8b58aabc5bf9afe1f2c836e15de4a3efe66c82b6d377fcc547ae6322d27cde |
i386 | |
policycoreutils-1.33.12-14.6.el5.i386.rpm | SHA-256: ddd7e1c4cb20bb905ab50b93b3277cb6b231499dc6e3051e710acffb41ac9628 |
policycoreutils-gui-1.33.12-14.6.el5.i386.rpm | SHA-256: e6f89a51da9c79a0272de41161faac69af84d9a83a450e701ece33fc38ecd84f |
policycoreutils-newrole-1.33.12-14.6.el5.i386.rpm | SHA-256: 3d0a3cd5d2de5b80667ce587456a1ac4c50251fa24967165d8518c1d418a56bd |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.