Bug 1734188
Summary: | SELinux is preventing sssd_be from 'search' accesses on the directory /var/kerberos/krb5. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Adam Williamson <awilliam> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 31 | CC: | dwalsh, lslebodn, lvrabec, mgrepl, plautrba, tdudlak, zpytela |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:e8c02170fe102e3da1fcadeac1fea94186d3917220ec0d969f249c440925a1c1;VARIANT_ID=workstation; | ||
Fixed In Version: | selinux-policy-3.14.4-39.fc31 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-10-29 01:27:49 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Adam Williamson
2019-07-29 22:08:20 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 31 development cycle. Changing version to '31'. This bug appears to have been reported against 'rawhide' during the Fedora 31 development cycle. Changing version to 31. The issue was introduced in 3.14.4-22 - Label /var/kerberos/krb5 as krb5_keytab_t And IIRC similar avcs were for certmonger_t, dirsrv_t, ipa_dnskey_t, named_t And it is not allowed for ipa_dnskey_t in selinux-policy-3.14.4-29.fc31.noarch Providing more info for previous comment Aug 16 11:39:35 host.testrelm.test systemd[1]: Starting Certificate monitoring and PKI enrollment... Aug 16 11:39:35 host.testrelm.test certmonger[25433]: 2019-08-16 11:39:35 [25433] Changing to root directory. Aug 16 11:39:35 host.testrelm.test certmonger[25433]: 2019-08-16 11:39:35 [25433] Obtaining system lock. Aug 16 11:39:35 host.testrelm.test systemd[1]: Started Certificate monitoring and PKI enrollment. Aug 16 11:39:35 host.testrelm.test audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=certmonger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Aug 16 11:39:35 host.testrelm.test ipa-submit[25436]: GSSAPI client step 1 Aug 16 11:39:35 host.testrelm.test ipa-submit[25436]: GSSAPI client step 1 Aug 16 11:39:35 host.testrelm.test audit[25436]: AVC avc: granted { search } for pid=25436 comm="ipa-submit" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:certmonger_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:39:35 host.testrelm.test audit[25436]: AVC avc: granted { search } for pid=25436 comm="ipa-submit" name="user" dev="dm-0" ino=17009975 scontext=system_u:system_r:certmonger_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:39:35 host.testrelm.test audit[25436]: SYSCALL arch=c000003e syscall=257 success=no exit=-2 a0=ffffff9c a1=55b00b8c9de0 a2=0 a3=0 items=1 ppid=25433 pid=25436 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ipa-submit" exe="/usr/libexec/certmonger/ipa-submit" subj=system_u:system_r:certmonger_t:s0 key=(null) Aug 16 11:39:35 host.testrelm.test audit: CWD cwd="/" Aug 16 11:39:35 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/0/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:39:35 host.testrelm.test audit: PROCTITLE proctitle="/usr/libexec/certmonger/ipa-submit" Aug 16 11:39:35 host.testrelm.test ipa-submit[25436]: GSSAPI client step 1 Aug 16 11:39:35 host.testrelm.test ipa-submit[25436]: GSSAPI client step 1 Aug 16 11:39:35 host.testrelm.test ipa-submit[25436]: GSSAPI client step 2 Aug 16 11:41:10 host.testrelm.test ipa-submit[26330]: GSSAPI client step 1 Aug 16 11:41:10 host.testrelm.test ipa-submit[26330]: GSSAPI client step 1 Aug 16 11:41:10 host.testrelm.test audit[26330]: AVC avc: granted { search } for pid=26330 comm="ipa-submit" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:certmonger_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:41:10 host.testrelm.test audit[26330]: AVC avc: granted { search } for pid=26330 comm="ipa-submit" name="user" dev="dm-0" ino=17009975 scontext=system_u:system_r:certmonger_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:41:10 host.testrelm.test audit[26330]: SYSCALL arch=c000003e syscall=257 success=no exit=-2 a0=ffffff9c a1=55e8600e8de0 a2=0 a3=0 items=1 ppid=25433 pid=26330 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ipa-submit" exe="/usr/libexec/certmonger/ipa-submit" subj=system_u:system_r:certmonger_t:s0 key=(null) Aug 16 11:41:10 host.testrelm.test audit: CWD cwd="/" Aug 16 11:41:10 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/0/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:41:10 host.testrelm.test audit: PROCTITLE proctitle="/usr/libexec/certmonger/ipa-submit" Aug 16 11:41:10 host.testrelm.test ipa-submit[26330]: GSSAPI client step 1 Aug 16 11:41:10 host.testrelm.test ipa-submit[26330]: GSSAPI client step 1 Aug 16 11:41:10 host.testrelm.test ipa-submit[26330]: GSSAPI client step 2 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: set up managed keys zone for view _default, file '/var/named/dynamic/managed-keys.bind' Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: loading DynDB instance 'ipa' driver '/usr/lib64/bind/ldap.so' Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: bind-dyndb-ldap version 11.1 compiled at 00:00:00 Jul 24 2019, compiler 9.1.1 20190605 (Red Hat 9.1.1-2) Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 1 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 1 Aug 16 11:43:01 host.testrelm.test audit[27806]: AVC avc: granted { search } for pid=27806 comm="isc-worker0001" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:43:01 host.testrelm.test audit[27806]: AVC avc: granted { search } for pid=27806 comm="isc-worker0001" name="user" dev="dm-0" ino=17009975 scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:43:01 host.testrelm.test audit[27806]: SYSCALL arch=c000003e syscall=257 success=no exit=-2 a0=ffffff9c a1=7f6fc17a6780 a2=0 a3=0 items=1 ppid=27805 pid=27806 auid=4294967295 uid=25 gid=25 euid=25 suid=25 fsuid=25 egid=25 sgid=25 fsgid=25 tty=(none) ses=4294967295 comm="isc-worker0001" exe="/usr/sbin/named-pkcs11" subj=system_u:system_r:named_t:s0 key=(null) Aug 16 11:43:01 host.testrelm.test audit: CWD cwd="/var/named" Aug 16 11:43:01 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/25/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:43:01 host.testrelm.test audit: PROCTITLE proctitle=2F7573722F7362696E2F6E616D65642D706B63733131002D75006E616D6564002D63002F6574632F6E616D65642E636F6E66 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 1 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 2 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 1 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 1 Aug 16 11:43:01 host.testrelm.test audit[27806]: AVC avc: granted { search } for pid=27806 comm="isc-worker0001" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:43:01 host.testrelm.test audit[27806]: AVC avc: granted { search } for pid=27806 comm="isc-worker0001" name="user" dev="dm-0" ino=17009975 scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:43:01 host.testrelm.test audit[27806]: SYSCALL arch=c000003e syscall=257 success=no exit=-2 a0=ffffff9c a1=7f6fc17a9230 a2=0 a3=0 items=1 ppid=27805 pid=27806 auid=4294967295 uid=25 gid=25 euid=25 suid=25 fsuid=25 egid=25 sgid=25 fsgid=25 tty=(none) ses=4294967295 comm="isc-worker0001" exe="/usr/sbin/named-pkcs11" subj=system_u:system_r:named_t:s0 key=(null) Aug 16 11:43:01 host.testrelm.test audit: CWD cwd="/var/named" Aug 16 11:43:01 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/25/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:43:01 host.testrelm.test audit: PROCTITLE proctitle=2F7573722F7362696E2F6E616D65642D706B63733131002D75006E616D6564002D63002F6574632F6E616D65642E636F6E66 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 1 Aug 16 11:43:01 host.testrelm.test named-pkcs11[27806]: GSSAPI client step 2 Aug 16 11:43:04 host.testrelm.test ipa-dnskeysyncd[27794]: ipa-dnskeysyncd: INFO LDAP bind... Aug 16 11:43:04 host.testrelm.test python3[27794]: GSSAPI client step 1 Aug 16 11:43:04 host.testrelm.test python3[27794]: GSSAPI client step 1 Aug 16 11:43:04 host.testrelm.test audit[27794]: AVC avc: denied { search } for pid=27794 comm="ipa-dnskeysyncd" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:ipa_dnskey_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir permissive=0 Aug 16 11:43:04 host.testrelm.test audit[27794]: SYSCALL arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=558ddead8f50 a2=0 a3=0 items=1 ppid=1 pid=27794 auid=4294967295 uid=991 gid=25 euid=991 suid=991 fsuid=991 egid=25 sgid=25 fsgid=25 tty=(none) ses=4294967295 comm="ipa-dnskeysyncd" exe="/usr/bin/python3.7" subj=system_u:system_r:ipa_dnskey_t:s0 key=(null) Aug 16 11:43:04 host.testrelm.test audit: CWD cwd="/" Aug 16 11:43:04 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/991/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:43:04 host.testrelm.test audit: PROCTITLE proctitle=2F7573722F62696E2F707974686F6E33002D45002F7573722F6C6962657865632F6970612F6970612D646E736B657973796E6364 Aug 16 11:43:04 host.testrelm.test python3[27794]: GSSAPI client step 1 Aug 16 11:43:04 host.testrelm.test python3[27794]: GSSAPI client step 2 Aug 16 11:43:04 host.testrelm.test ipa-dnskeysyncd[27794]: ipa-dnskeysyncd: INFO Commencing sync process Aug 16 11:43:04 host.testrelm.test ipa-dnskeysyncd[27794]: ipaserver.dnssec.keysyncer: INFO Initial LDAP dump is done, sychronizing with ODS and BIND Aug 16 11:43:06 host.testrelm.test python3[27900]: Configuration.cpp(95): Missing log.level in configuration. Using default value: INFO Aug 16 11:43:06 host.testrelm.test python3[27900]: Configuration.cpp(95): Missing token.mechanisms in configuration. Using default value: ALL Aug 16 11:43:06 host.testrelm.test python3[27900]: Configuration.cpp(123): Missing slots.removable in configuration. Using default value: false Aug 16 11:43:06 host.testrelm.test python3[27900]: GSSAPI client step 1 Aug 16 11:43:06 host.testrelm.test python3[27900]: GSSAPI client step 1 Aug 16 11:43:06 host.testrelm.test audit[27900]: AVC avc: denied { search } for pid=27900 comm="ipa-dnskeysync-" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:ipa_dnskey_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir permissive=0 Aug 16 11:43:06 host.testrelm.test audit[27900]: SYSCALL arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55a34b5ef590 a2=0 a3=0 items=1 ppid=27794 pid=27900 auid=4294967295 uid=991 gid=25 euid=991 suid=991 fsuid=991 egid=25 sgid=25 fsgid=25 tty=(none) ses=4294967295 comm="ipa-dnskeysync-" exe="/usr/bin/python3.7" subj=system_u:system_r:ipa_dnskey_t:s0 key=(null) Aug 16 11:43:06 host.testrelm.test audit: CWD cwd="/" Aug 16 11:43:06 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/991/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:43:06 host.testrelm.test audit: PROCTITLE proctitle=2F7573722F62696E2F707974686F6E33002D45002F7573722F6C6962657865632F6970612F6970612D646E736B657973796E632D7265706C696361 Aug 16 11:43:06 host.testrelm.test audit[27900]: AVC avc: denied { search } for pid=27900 comm="ipa-dnskeysync-" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:ipa_dnskey_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir permissive=0 Aug 16 11:43:06 host.testrelm.test audit[27900]: SYSCALL arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55a34b46b300 a2=0 a3=0 items=1 ppid=27794 pid=27900 auid=4294967295 uid=991 gid=25 euid=991 suid=991 fsuid=991 egid=25 sgid=25 fsgid=25 tty=(none) ses=4294967295 comm="ipa-dnskeysync-" exe="/usr/bin/python3.7" subj=system_u:system_r:ipa_dnskey_t:s0 key=(null) Aug 16 11:43:06 host.testrelm.test audit: CWD cwd="/" Aug 16 11:43:06 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/991/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:43:06 host.testrelm.test audit: PROCTITLE proctitle=2F7573722F62696E2F707974686F6E33002D45002F7573722F6C6962657865632F6970612F6970612D646E736B657973796E632D7265706C696361 Aug 16 11:43:06 host.testrelm.test python3[27900]: GSSAPI client step 1 Aug 16 11:43:07 host.testrelm.test [27511]: GSSAPI client step 1 Aug 16 11:43:07 host.testrelm.test [27511]: GSSAPI client step 1 Aug 16 11:43:07 host.testrelm.test [27511]: GSSAPI client step 1 Aug 16 11:43:09 host.testrelm.test [27509]: GSSAPI client step 1 Aug 16 11:43:15 host.testrelm.test systemd[1]: Starting System Security Services Daemon... Aug 16 11:43:15 host.testrelm.test sssd[27947]: Starting up Aug 16 11:43:15 host.testrelm.test sssd[be[implicit_files]][27948]: Starting up Aug 16 11:43:15 host.testrelm.test sssd[be[testrelm.test]][27949]: Starting up Aug 16 11:43:15 host.testrelm.test sssd_be[27949]: GSSAPI client step 1 Aug 16 11:43:15 host.testrelm.test sssd_be[27949]: GSSAPI client step 1 Aug 16 11:43:15 host.testrelm.test audit[27949]: AVC avc: granted { search } for pid=27949 comm="sssd_be" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:43:15 host.testrelm.test audit[27949]: AVC avc: granted { search } for pid=27949 comm="sssd_be" name="user" dev="dm-0" ino=17009975 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 11:43:15 host.testrelm.test audit[27949]: SYSCALL arch=c000003e syscall=257 success=no exit=-2 a0=ffffff9c a1=55ea36ef4120 a2=0 a3=0 items=1 ppid=27947 pid=27949 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="sssd_be" exe="/usr/libexec/sssd/sssd_be" subj=system_u:system_r:sssd_t:s0 key=(null) Aug 16 11:43:15 host.testrelm.test audit: CWD cwd="/" Aug 16 11:43:15 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/0/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 11:43:15 host.testrelm.test audit: PROCTITLE proctitle=2F7573722F6C6962657865632F737373642F737373645F6265002D2D646F6D61696E007465737472656C6D2E74657374002D2D7569640030002D2D6769640030002D2D6C6F676765723D66696C6573 Aug 16 11:43:15 host.testrelm.test sssd_be[27949]: GSSAPI client step 1 Aug 16 11:43:15 host.testrelm.test sssd_be[27949]: GSSAPI client step 2 Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: [16/Aug/2019:12:03:20.855715211 -0400] - NOTICE - NSMMReplicationPlugin - changelog program - _cl5ConstructRUV - Rebuilding the replica tion changelog RUV, this may take several minutes... Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: [16/Aug/2019:12:03:20.858393128 -0400] - NOTICE - NSMMReplicationPlugin - changelog program - _cl5ConstructRUV - Rebuilding replication changelog RUV complete. Result 0 (Success) Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: [16/Aug/2019:12:03:20.859291711 -0400] - NOTICE - NSMMReplicationPlugin - changelog program - _cl5ConstructRUV - Rebuilding the replica tion changelog RUV, this may take several minutes... Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: [16/Aug/2019:12:03:20.860096311 -0400] - NOTICE - NSMMReplicationPlugin - changelog program - _cl5ConstructRUV - Rebuilding replication changelog RUV complete. Result 0 (Success) Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: GSSAPI client step 1 Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: GSSAPI client step 1 Aug 16 12:03:20 host.testrelm.test audit[28270]: AVC avc: granted { search } for pid=28270 comm="ns-slapd" name="krb5" dev="dm-0" ino=8502749 scontext=system_u:system_r:dirsrv_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 12:03:20 host.testrelm.test audit[28270]: AVC avc: granted { search } for pid=28270 comm="ns-slapd" name="user" dev="dm-0" ino=17009975 scontext=system_u:system_r:dirsrv_t:s0 tcontext=system_u:object_r:krb5_keytab_t:s0 tclass=dir Aug 16 12:03:20 host.testrelm.test audit[28270]: SYSCALL arch=c000003e syscall=257 success=no exit=-2 a0=ffffff9c a1=7f365fc9de80 a2=0 a3=0 items=1 ppid=1 pid=28270 auid=4294967295 uid=389 gid=389 euid=389 suid=389 fsuid=389 egid=389 sgid=389 fsgid=389 tty=(none) ses=4294967295 comm="ns-slapd" exe="/usr/sbin/ns-slapd" subj=system_u:system_r:dirsrv_t:s0 key=(null) Aug 16 12:03:20 host.testrelm.test audit: CWD cwd="/var/log/dirsrv/slapd-TESTRELM-TEST" Aug 16 12:03:20 host.testrelm.test audit: PATH item=0 name="/var/kerberos/krb5/user/389/client.keytab" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Aug 16 12:03:20 host.testrelm.test audit: PROCTITLE proctitle=2F7573722F7362696E2F6E732D736C617064002D44002F6574632F6469727372762F736C6170642D5445535452454C4D2D54455354002D69002F72756E2F6469727372762F736C6170642D5445535452454C4D2D544553542E706964 Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: GSSAPI client step 1 Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: GSSAPI client step 1 Aug 16 12:03:20 host.testrelm.test ns-slapd[28270]: GSSAPI client step 2 And as you can see it happen for each application which use gssapi. but it does not cause any problem becasue neithr ot application have keytab there [root@host ~]# ls -l /var/kerberos/krb5/user/ total 0 I would reommend to ping krb5 maintainer and ask whether it needs to be really allowed for all apications which use GSSAPI authentication or there is a way how to disable it globally. FEDORA-2019-7ef1fde499 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-7ef1fde499 selinux-policy-3.14.4-38.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-7ef1fde499 FEDORA-2019-7d65c50fd6 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-7d65c50fd6 selinux-policy-3.14.4-39.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-7d65c50fd6 selinux-policy-3.14.4-39.fc31 has been pushed to the Fedora 31 stable repository. If problems still persist, please make note of it in this bug report. |