Bug 1394715 - systemd generates USER_AVCs after selinux-policy update
Summary: systemd generates USER_AVCs after selinux-policy update
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: selinux-policy
Version: 7.3
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: rc
: ---
Assignee: Lukas Vrabec
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On: 1393505
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-11-14 09:59 UTC by Marcel Kolaja
Modified: 2016-12-06 17:12 UTC (History)
15 users (show)

Fixed In Version: selinux-policy-3.13.1-102.el7_3.7
Doc Type: Bug Fix
Doc Text:
Cause: Updating systemd on RHEL-7.2 to version from RHEL-7.3 and then as a separate yum command update the selinux policy. Consequence: systemd starts generating USER_AVC denials and will start returning "Access Denied" errors to DBus clients. Fix: Reexec systemd daemon after update selinux-policy package when updating from rhel-7.2 to rhel-7.3 (or higher) Result: After separate update selinux-policy, systemd doesn't generate any AVC denials.
Clone Of: 1393505
Environment:
Last Closed: 2016-12-06 17:12:41 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:2865 0 normal SHIPPED_LIVE Selinux-policy bug fix update 2016-12-06 22:01:54 UTC

Description Marcel Kolaja 2016-11-14 09:59:27 UTC 
This bug has been copied from bug #1393505 and has been proposed
to be backported to 7.3 z-stream (EUS).
Comment 7 errata-xmlrpc 2016-12-06 17:12:41 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2865.html
Note You need to log in before you can comment on or make changes to this bug.