[El-errata] ELBA-2015-0985 Oracle Linux 7 selinux-policy bug fix and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue May 12 14:37:26 PDT 2015
Oracle Linux Bug Fix Advisory ELBA-2015-0985
http://linux.oracle.com/errata/ELBA-2015-0985.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
selinux-policy-3.13.1-23.0.1.el7_1.7.noarch.rpm
selinux-policy-devel-3.13.1-23.0.1.el7_1.7.noarch.rpm
selinux-policy-doc-3.13.1-23.0.1.el7_1.7.noarch.rpm
selinux-policy-minimum-3.13.1-23.0.1.el7_1.7.noarch.rpm
selinux-policy-mls-3.13.1-23.0.1.el7_1.7.noarch.rpm
selinux-policy-sandbox-3.13.1-23.0.1.el7_1.7.noarch.rpm
selinux-policy-targeted-3.13.1-23.0.1.el7_1.7.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/selinux-policy-3.13.1-23.0.1.el7_1.7.src.rpm
Description of changes:
[3.13.1-23.0.1.el7_1.7]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type.
[3.13.1-23.el7_7.7]
- Label /usr/libexec/postgresql-ctl as postgresql_exec_t
- Update virt_read_pid_files() interface to allow read also symlinks
with virt_var_run_t type.
- Add labeling for /usr/libexec/mysqld_safe-scl-helper.
- Add support for /usr/libexec/mongodb-scl-helper RHSCL helper script.
Resolves:#1209942
- Allow mysqld_t to use pam.It is needed by MariDB if auth_apm.so auth
plugin is used
Resolves:#1214236
- Added label mysqld_etc_t for /etc/my.cnf.d/ dir.
Resolves:#1214235
- Add support for mongod/mongos systemd unit files.
Resolves:#1214194
[3.13.1-23.el7_7.6]
- Make mongodb_t as nsswitch domain
- ALlow mongod execmem by default
Resolves:#1212970
[3.13.1-23.el7_7.5]
- Update policy/mls for sockets related to accept.
Resolves:#1207549
[3.13.1-23.el7_7.4]
- Update policy/mls for sockets. Rules were contradictory.
Resolves:#1207549
[3.13.1-23.el7_7.3]
- Dontaudit ifconfig writing inhertited /var/log/pluto.log.
Resolves:#1205580
- Update init_rw_tcp_sockets() interface to use getopt and setopt.
[3.13.1-23.el7_7.2]
- Use enable_mls instead of enabled_mls in userdomain.if
Resolves:#1204778
[3.13.1-23.el7_7.1]
- Allow a user to login with different security level via ssh.
Resolves:#1204778
More information about the El-errata
mailing list