1 |
Hi guys, |
2 |
|
3 |
Assuming you don't kill me for not using hexadecimal notations, rev 10 is |
4 |
now out right after rev 9. Revision 10 of selinux-base-policy comes with |
5 |
fixes for the following: |
6 |
|
7 |
- <bug #389577> Fix fail2ban issues |
8 |
- <bug #396331> Allow mkhomedir_helper to work |
9 |
- <bug #396241> Add a bacula policy |
10 |
- <no bug> Fix postfix startup issue (can't create files when started immediately in enforcing mode) |
11 |
- <no bug> Dont audit unix_stream_socket stuff for sending mails |
12 |
|
13 |
The push comes with sec-policy/selinux-bacula and sec-policy/selinux-oddjob. |
14 |
Once these are in the Portage tree, the necessary dependencies will be added |
15 |
as well (can't do that as long as they're not in of course). |
16 |
|
17 |
With this push, I also brought out policycoreutils-2.1.0-r2. |
18 |
|
19 |
I would **really** appreciated people telling me when they have upgraded |
20 |
their policycoreutils package and seen anything (or nothing). The package |
21 |
updates the newrole issue we had earlier (bug #375475) but also adds the |
22 |
IUSE="pam audit" parameters to support bug #393401. |
23 |
|
24 |
As long as you USE="pam" all should be okay. Dropping this will cause issues |
25 |
with the current policy as applications now suddenly need access to shadow_t |
26 |
and such (whereas this was previously nicely shielded off through the PAM |
27 |
helpers). I don't know how to handle this case yet. I can definitely start |
28 |
updating the policies so they work without PAM, but I'd first like to know |
29 |
if there are people using SELinux without PAM... |
30 |
|
31 |
Wkr, |
32 |
Sven Vermeulen |