Synopsis
selinux-policy bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for selinux-policy is now available for Red Hat Enterprise Linux 9.
Description
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
Fixes
-
RHEL-17346
- [rhel-9] the iio-sensor-proxy service is not confined by SELinux
-
RHEL-55133
- selinux denials for chrony/timemaster
-
RHEL-56988
- [rhel-9] selinux prevents systemd-sysctl from using /run/sysctl.d/
-
RHEL-50379
- Confined user running tmux cannot pipe panes to external programs
-
RHEL-50375
- tmux cannot read /root/.tmux.conf when user is confined to sysadm_u
-
RHEL-21168
- SELinux prevents bacula-fd from execute (access check) on /usr/bin/docker file [rhel-9]
-
RHEL-46808
- denied { getattr } for comm="httpd" path="/usr/lib/systemd/system/dirsrv@.service"
-
RHEL-52476
- qemu-ga generates "dac_override" and "dac_read_search" AVCs when freezing/thawing
-
RHEL-66584
- bootupctl failed as missing rules
-
RHEL-69433
- AVC denials happen when revert a snapshot with virtlockd running
-
RHEL-53864
- [RHEL-9.6] QAT debugfs entries not present after restarting qat service in QATlib
-
RHEL-61472
- alsa fs attr selinux denial
-
RHEL-1558
- [RHEL-9] SELinux prevents rpc.statd process from searching /proc/sys/net/
-
RHEL-46339
- [RHEL-9.5] avc: denied { sys_resource } for pid=187583 comm="(sd-parse-elf)"
-
RHEL-56955
- [rhel-9] AVC denied after starting guest with block lun disk which enables rawio capability
-
RHEL-68969
- Cannot restart auditd, "auditctl --signal stop" waiting forever and AVC being produced
-
RHEL-69916
- selinux-policy-docs contains /usr/share/man/man8/container_selinux.8.gz conflicting with container-selinux package
-
RHEL-24268
- [rhel-9] the switcheroo-control service runs under unconfined_service_t label
-
RHEL-56029
- [rhel-9] SELinux prevents the rpc-virtqemud from starting a VM which uses nbdkit
-
RHEL-61117
- [rhel-9] the power-profiles-daemon service runs under unconfined_service_t label
-
RHEL-70839
- SELinux prevents to access /sys for other devices when virt_use_usb is off
-
RHEL-58825
- in.telnetd generates an AVC when spawning
-
RHEL-76352
- Cannot start systemd-nspawn container because of AVCs
-
RHEL-37539
- [rhel-9] nbd-connect fails to connect to '/tmp/nbdkit*/socket' as non-root: Permission denied
-
RHEL-70849
- bootupctl adopt failed
-
RHEL-69666
- Add selinux-policy-automotive to RHIVOS
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| x86_64 |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| x86_64 |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| x86_64 |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| s390x |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| s390x |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| ppc64le |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| ppc64le |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| aarch64 |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| aarch64 |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| ppc64le |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| x86_64 |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| aarch64 |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
selinux-policy-38.1.53-2.el9.src.rpm
|
SHA-256: f2f2f38c0c94a5397afee7c66033bead83756b7529d96b9a2f09ab445698edc9 |
| s390x |
|
selinux-policy-38.1.53-2.el9.noarch.rpm
|
SHA-256: 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45 |
|
selinux-policy-devel-38.1.53-2.el9.noarch.rpm
|
SHA-256: eedb6d22724fc56a31ec039fb97567479ad7cbbf29176dd6cf5ad8655ecd632c |
|
selinux-policy-doc-38.1.53-2.el9.noarch.rpm
|
SHA-256: c78bd649fd9a6181f5fb23aa09035725ac5c4917182b9b1984c2ece47bed50e7 |
|
selinux-policy-mls-38.1.53-2.el9.noarch.rpm
|
SHA-256: b18b7beda747628b248e3116a4e6fbc9ba80c49335234b7a344996914cd62b27 |
|
selinux-policy-sandbox-38.1.53-2.el9.noarch.rpm
|
SHA-256: ba1898bfbbfd3f08d2e07c5f7f97c1040d876963775a6712b671f51e9099a42c |
|
selinux-policy-targeted-38.1.53-2.el9.noarch.rpm
|
SHA-256: 1268430c827dbe612e522620ed847dfe560bde2b2a7543a9f4e0e9f836f6bc0c |
