Bug 210426
Summary: | lspp: NetLabel SELinux policy is missing from RHEL5 | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Paul Moore <paul.moore> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5.0 | CC: | iboverma, linda.knippers |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | RC | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-02-08 00:16:51 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Paul Moore
2006-10-11 23:28:34 UTC
this problem should be resolved prior to rc1 Netlabel policy is present in selinux-policy-2.3.19-3 A package has been built which should help the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you. I am reopening this bug report because during further testing it was found that only the user related domains have access to NetLabel traffic. Network applications like ssh, xinetd, etc. should have access to NetLabel traffic as well as the user domains. Paul, could you tell us what's missing? As I mentioned in comment #4 the network application domains do not presently have the NetLabel permissions in the SELinux policy. The network application domains will need to be modified to so that they have the correct NetLabel permissions, similar to what has been done for the user domains. Please see the policy sources for the user domains for an example. If this doesn't answer your question can you please be more specific? This is on my list of things to-do but I am currently occupied with other issues with a higher priority, I re-opened this BZ now for tracking purposes. Do you have updated patches to apply? Not at present, I am working on some and hope to post them to the SELinux list early next week. Fixed in selinux-policy-2.4.6-24 A package has been built which should help the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you. |