Bug 701885

Summary: typo errors in 'semanage boolean -l' output
Product: Red Hat Enterprise Linux 6 Reporter: Milos Malik <mmalik>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: low Docs Contact:
Priority: low    
Version: 6.1CC: dwalsh, mgrepl
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-3.7.19-112.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-12-06 10:07:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Milos Malik 2011-05-04 07:52:20 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
selinux-policy-3.7.19-93.el6.noarch
selinux-policy-doc-3.7.19-93.el6.noarch
selinux-policy-mls-3.7.19-93.el6.noarch
selinux-policy-minimum-3.7.19-93.el6.noarch
selinux-policy-targeted-3.7.19-93.el6.noarch

How reproducible:
always

unprived vs. unprivileged
================
# semanage boolean -l | grep unprived
sepgsql_enable_users_ddl       -> on    Allow unprived users to execute DDL statement

excessive characters ")
===============
# semanage boolean -l | grep shlib
allow_execmod                  -> on    Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t")
# semanage boolean -l | grep bugzilla\"
allow_execmem                  -> on    Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla")
allow_execstack                -> on    Allow unconfined executables to make their stack executable.  This should never, ever be necessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")

Alow, Pupper vs. Allow, Puppet
===================
# semanage boolean -l | grep Alow
puppetmaster_use_db            -> off   Alow Pupper master to use connect to mysql and postgresql database
Comment 1 Milos Malik 2011-05-04 08:42:31 UTC 
postgres vs. postgreSQL vs. postgresql
=========================
# semanage boolean -l | grep postgres
exim_can_connect_db            -> off   Allow exim to connect to databases (postgres, mysql)
allow_user_postgresql_connect  -> off   Allow users to connect to PostgreSQL
puppetmaster_use_db            -> off   Alow Pupper master to use connect to mysql and postgresql database

It would be nice if we chose one of the 3 possibilities.
Comment 2 Miroslav Grepl 2011-05-04 14:19:53 UTC 
Some of these are already fixed in F15 and I am fixing others in F15 and will fix in RHEL6.2.
Comment 3 Miroslav Grepl 2011-06-14 14:07:16 UTC 
Fixed in selinux-policy-3.7.19-98.el6
Comment 6 Miroslav Grepl 2011-07-26 15:10:37 UTC 
What is wrong? I don't see it.
Comment 9 Miroslav Grepl 2011-08-10 15:29:51 UTC 
Fixed in selinux-policy-3.7.19-107.el6
Comment 16 errata-xmlrpc 2011-12-06 10:07:38 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1511.html