- Issued:
- 2015-07-22
- Updated:
- 2015-07-22
RHBA-2015:1360 - policycoreutils bug fix update
Synopsis
policycoreutils bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated policycoreutils packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
Description
The policycoreutils packages contain the core utilities that are required for the basic operation of a Security-Enhanced Linux (SELinux) system and its policies.
This update fixes the following bugs:
-
Previously, the sepolgen utility was a part of the policycore-gui package, even though it does not require any GUI. With this update, sepolgen is a part of the policycore-python package. (BZ#995778)
-
The "audit2allow -br" command did not work properly when the "LANG" environment variable was set to a different language than "US/English". The underlying source code has been modified, and "audit2allow -br" now works as expected. (BZ#1111999)
-
When running the fixfiles utility in "verify" or "check" mode, fixfiles changed certain SELinux contexts even if it was not supposed to. With this update, fixfiles has been modified to only print incorrect SELinux contexts instead of changing them when running in aforementioned modes. (BZ#1113083)
-
The semanage utility previously listed only changes made to the currently used SELinux policy. For example, when the targeted policy was loaded and changes were made to the Multi-Level Security (MLS) policy, the "semanage -S mls -o" command did not list all the changes, even when the changes were applied correctly. This bug has been fixed, and semanage now lists all changes as expected. (BZ#1122850)
-
A new "noreload" option was implemented for semanage commands in Red Hat Enterprise Linux 6.6. However, due to a missing reload initialization in the semanageRecords() function, users could not enable Booleans directly using the seobject python module that comes from the policycoreutils-python utility. This bug has been fixed, and users can now set Booleans correctly using the seobject python module. (BZ#1148062)
Users of policycoreutils are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- policycoreutils-python-2.0.83-24.el6.x86_64.rpm
- policycoreutils-2.0.83-24.el6.ppc64.rpm
- policycoreutils-gui-2.0.83-24.el6.x86_64.rpm
- policycoreutils-2.0.83-24.el6.x86_64.rpm
- policycoreutils-2.0.83-24.el6.s390x.rpm
- policycoreutils-python-2.0.83-24.el6.s390x.rpm
- policycoreutils-2.0.83-24.el6.src.rpm
- policycoreutils-python-2.0.83-24.el6.ppc64.rpm
- policycoreutils-sandbox-2.0.83-24.el6.ppc64.rpm
- policycoreutils-gui-2.0.83-24.el6.s390x.rpm
- policycoreutils-python-2.0.83-24.el6.i686.rpm
- policycoreutils-debuginfo-2.0.83-24.el6.s390x.rpm
- policycoreutils-sandbox-2.0.83-24.el6.s390x.rpm
- policycoreutils-2.0.83-24.el6.i686.rpm
- policycoreutils-debuginfo-2.0.83-24.el6.i686.rpm
- policycoreutils-newrole-2.0.83-24.el6.x86_64.rpm
- policycoreutils-newrole-2.0.83-24.el6.ppc64.rpm
- policycoreutils-gui-2.0.83-24.el6.ppc64.rpm
- policycoreutils-newrole-2.0.83-24.el6.s390x.rpm
- policycoreutils-sandbox-2.0.83-24.el6.i686.rpm
- policycoreutils-debuginfo-2.0.83-24.el6.x86_64.rpm
- policycoreutils-gui-2.0.83-24.el6.i686.rpm
- policycoreutils-newrole-2.0.83-24.el6.i686.rpm
- policycoreutils-sandbox-2.0.83-24.el6.x86_64.rpm
- policycoreutils-debuginfo-2.0.83-24.el6.ppc64.rpm
Fixes
- This content is not included.BZ - 965397
- This content is not included.BZ - 995778
- This content is not included.BZ - 1122850
- This content is not included.BZ - 1148062
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at Security Contacts and Procedures.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.