Bug 236479 - LSPP: bad aide fc regex
LSPP: bad aide fc regex
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
5.0
All Linux
medium Severity high
: ---
: ---
Assigned To: Daniel Walsh
: OtherQA
Depends On:
Blocks: RHEL5LSPPCertTracker
  Show dependency treegraph
 
Reported: 2007-04-14 17:58 EDT by George C. Wilson
Modified: 2009-06-19 12:41 EDT (History)
6 users (show)

See Also:
Fixed In Version: RHBA-2007-0544
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-07 11:39:06 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to remove leading l from aide fc regex (550 bytes, patch)
2007-04-14 17:58 EDT, George C. Wilson
no flags Details | Diff

  None (edit)
Description George C. Wilson 2007-04-14 17:58:11 EDT
Description of problem:

I noticed aide no longer transitioned and that it was labeled sbin_t. semanage
fcontext --list | grep aide showed a leading 'l' for its regex.

Version-Release number of selected component (if applicable):

selinux-policy-mls-2.4.6-57.el5

How reproducible:

Install the LSPP evaluated configuration and ls -Z /usr/bin/aide. Also, running
aide will complain on s few files.

Steps to Reproduce:
1. Install the LSPP evaluated configuration.
2. aide_run( domain , role , terminal )
3. semanage fcontext --list | grep aide
4. look for a leading 'l' on the aide binary regex.
  
Actual results:

aide is mislabeled and does not transition.

Expected results:

aide should get the correct label and transition.
Comment 1 George C. Wilson 2007-04-14 17:58:11 EDT
Created attachment 152630 [details]
Patch to remove leading l from aide fc regex
Comment 2 RHEL Product and Program Management 2007-04-14 20:23:01 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 4 Daniel Walsh 2007-04-16 09:34:33 EDT
Fixed in selinux-policy-2.4.6-58
Comment 5 George C. Wilson 2007-04-16 16:34:39 EDT
I verified this is fixed in 58.
Comment 6 Steve Grubb 2007-04-16 16:35:08 EDT
Verified good. Removing tracker. Thanks.
Comment 9 John Poelstra 2007-08-14 15:43:17 EDT
A fix for this issue has been included in the packages contained in the beta
(RHN channel) or most recent snapshot (partners.redhat.com) for RHEL5.1.  Please
verify that your issue is fixed.

After you (Red Hat Partner) have verified that this issue has been addressed,
please perform the following:
1) Change the *status* of this bug to VERIFIED.
2) Add *keyword* of PartnerVerified (leaving the existing keywords unmodified)

If this issue is not fixed, please add a comment describing the most recent
symptoms of the problem you are having and change the status of the bug to ASSIGNED.
Comment 10 John Poelstra 2007-08-24 01:14:24 EDT
A fix for this issue should have been included in the packages contained in the
most recent snapshot (partners.redhat.com) for RHEL5.1.  

Requested action: Please verify that your issue is fixed as soon as possible to
ensure that it is included in this update release.

After you (Red Hat Partner) have verified that this issue has been addressed,
please perform the following:
1) Change the *status* of this bug to VERIFIED.
2) Add *keyword* of PartnerVerified (leaving the existing keywords unmodified)

If this issue is not fixed, please add a comment describing the most recent
symptoms of the problem you are having and change the status of the bug to FAILS_QA.

More assistance: If you cannot access bugzilla, please reply with a message to
Issue Tracker and I will change the status for you.  If you need assistance
accessing ftp://partners.redhat.com, please contact your Partner Manager.
Comment 11 George C. Wilson 2007-08-24 17:19:51 EDT
Verified in RHEL 5.1 Snap 3 on ppc64.
Comment 13 errata-xmlrpc 2007-11-07 11:39:06 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0544.html

Note You need to log in before you can comment on or make changes to this bug.