1776873 – Incorrect context applied to /etc/sysconfig/iptables.save

Bug 1776873 - Incorrect context applied to /etc/sysconfig/iptables.save

Summary: Incorrect context applied to /etc/sysconfig/iptables.save

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	selinux-policy
Sub Component:
Version:	8.2
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	rc
Target Release:	8.3
Assignee:	Zdenek Pytela
QA Contact:	Milos Malik
Docs Contact:	Jan Fiala
URL:
Whiteboard:
Depends On:	1733542
Blocks:	1825061
TreeView+	depends on / blocked

Reported:	2019-11-26 14:10 UTC by Francisco Peralta
Modified:	2020-11-04 21:36 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	.`IPTABLES_SAVE_ON_STOP` now works correctly Previously, the `IPTABLES_SAVE_ON_STOP` feature of the `iptables` service did not work because files with saved IP tables content received incorrect SELinux context. This prevented the `iptables` script from changing permissions, and the script subsequently failed to save the changes. This update defines a proper context for the `iptables.save` and `ip6tables.save` files, and creates a filename transition rule. As a consequence, the `IPTABLES_SAVE_ON_STOP` feature of the `iptables` service works correctly.
Clone Of:	1733542
Environment:
Last Closed:	2020-11-04 01:55:53 UTC
Type:	Bug
Target Upstream Version:
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1733542	0	medium	CLOSED	Incorrect context applied to /etc/sysconfig/iptables.save	2021-02-22 00:41:40 UTC
Red Hat Product Errata	RHBA-2020:4528	0	None	None	None	2020-11-04 01:56:19 UTC

Comment 1 Phil Sutter 2019-11-30 15:21:29 UTC

Reassigning to the (hopefully) right component.

Comment 19 errata-xmlrpc 2020-11-04 01:55:53 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (selinux-policy bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4528

Note You need to log in before you can comment on or make changes to this bug.