[Bug 82599] Please sync refpolicy (universe) from unstable (main)
Andrew Mitchell
ajmitch at ihug.co.nz
Thu Feb 1 03:41:59 GMT 2007
Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects distros/ubuntu/refpolicy
status confirmed
subscribe ubuntu-archive
Please sync refpolicy (universe) from Debian unstable (main).
Changelog since current feisty version 0.0.20061018-1:
refpolicy (0.0.20061018-3) unstable; urgency=high
* Bug fix: "refpolicy: FTBFS: /bin/sh: debian/stamp/config-strict: No
such file or directory", thanks to Lucas Nussbaum. This was fixed by
moving all the stamps into ./debian instead. I'll re-visit the
./debian/stamp/ directory in lenny. This is a pretty minor packaging
change. (Closes: #405613).
* Bug fix: "selinux-policy-refpolicy-targeted: Policy for dcc misses
Debian's FHS paths", thanks to Devin Carraway. From the bug report:
Many of the files in these packages are overlooked when labelling
files, because refpolicy's dcc module stipulates paths not consistent
with the Debian FHS layout. The files go unlabelled and dcc-client
(at least) stops working. The two major problems are the references
to /usr/libexec/dcc (damons, placed in /usr/sbin by the Debian
packages) and to /var/dcc (all sorts of things, placed under
/var/lib/dcc). A side effect of the latter is that dccifd_t and
probably others need search on var_lib_t, through which it must pass
to get to /var/lib/dcc. Fixed the policy; will send upstream.
(Closes: #404309).
* Bug fix: "selinux-policy-refpolicy-targeted: clamav policy forbids
clamd_t search on /var/lib", thanks to Devin Carraway. This is a
simple one line change, and obviously an oversight; I think getting
clamd to work is fairly important. (Closes: #404895).
* Bug fix: "selinux-policy-refpolicy-targeted: Multiple problems with
courier policy", thanks to Devin Carraway. There is detailed
information of the changes made in the bug report, and in the commit
logs. Again, fixing courier daemons seems pretty important; SELinux
tends to get used a lot on remote mail servers, and this fixes issues
with the policy. (Closes: #405103).
-- Manoj Srivastava <srivasta at debian.org> Mon, 15 Jan 2007 13:20:30
-0600
refpolicy (0.0.20061018-2) unstable; urgency=high
* The This update enables MCS for targeted and strict, uses 1024
categories (as Fedora uses - necessary for compatability). Please note
that enabling MCS categories is required for compatibility with
filesystems created on Fedora Core 5 and above, RHEL 5 and above, and
CentOS 5 and above. MCS categories is also a feature that we plan for
all future releases of SE Linux and does not have a nice upgrade path
- releasing etch without MCS will make things painful for SE Linux
users on the upgrade to lenny. This feature has been extensively
tested by Russel Coker and myself, and does not otherwise impact the
install.
* Allow semanage to use the initrd file descriptor in targeted policy.
* Fix a bug with restorecon.
* Bug fix: "refpolicy: qemu should have execmem permissions", thanks to
David Härdeman (Closes: #402293).
-- Manoj Srivastava <srivasta at debian.org> Fri, 22 Dec 2006 10:33:22
-0600
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFwWGDggkdmlkhtdgRAuXhAJ9TJBfnTCnBwCu6m5BLcdNCig6U3QCfREId
+l+pG5m8t5dscXfkVh69J1o=
=RFKv
-----END PGP SIGNATURE-----
** Affects: refpolicy (Ubuntu)
Importance: Undecided
Status: Confirmed
--
Please sync refpolicy (universe) from unstable (main)
https://launchpad.net/bugs/82599
More information about the ubuntu-archive
mailing list