This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 448608 - courier and logwatch no longer work
courier and logwatch no longer work
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
10
All Linux
low Severity low
: ---
: ---
Assigned To: Miroslav Grepl
Ben Levenson
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-27 16:18 EDT by Pierre Ossman
Modified: 2009-11-18 08:04 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-11-18 08:04:18 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
rpm -ql (95.94 KB, text/plain)
2008-06-05 16:37 EDT, Pierre Ossman
no flags Details

  None (edit)
Description Pierre Ossman 2008-05-27 16:18:49 EDT
Since the upgrade to F9, logwatch can no longer user courier for sending out
email. This is seen in the logs:

May 27 04:36:57 volvo kernel: type=1400 audit(1211855817.046:19): avc:  denied 
{ setuid } for  pid=26346 comm="sendmail" capability=7
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023 tclass=capability
May 27 04:36:57 volvo kernel: type=1400 audit(1211855817.051:20): avc:  denied 
{ setuid } for  pid=26347 comm="submit" capability=7
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023 tclass=capability
Comment 1 Daniel Walsh 2008-05-27 16:34:40 EDT
What is courier?  What is the sendmail command labeled?

Logwatch is supposed to transition to system_mail_t when executing a program
labeled sendmail_exec_t.
Comment 2 Pierre Ossman 2008-05-28 01:15:02 EDT
Heh, sorry. :)

Courier is another MTA (http://www.courier-mta.org). It is labeled bin_t though:

-r-s--x--x  root daemon system_u:object_r:bin_t:s0      
/usr/lib/courier/bin/sendmail
Comment 3 Daniel Walsh 2008-05-28 06:12:39 EDT
If you 

chcon -t sendmail_exec_t /usr/lib/courier/bin/sendmail

Does it solve your problem?
Comment 4 Pierre Ossman 2008-05-28 06:21:34 EDT
I can test. Do you have some way of running logwatch under the correct context?
sudo and newrole all refuse to change to system_r:logwatch_t (probably because
I'm unconfined_t).
Comment 5 Daniel Walsh 2008-05-28 06:35:11 EDT
Not easily you could label a script initrc_exec_t and run logwatch in it, this
should transition properly.

You can put the system in permissive mode and use runcon also.
Comment 6 Pierre Ossman 2008-05-28 08:21:45 EDT
That solved the setuid problems. But there is some problems writing stuff to the
mail spool:

type=1400 audit(1211976679.662:22): avc:  denied  { write } for  pid=8273
comm="submit" name="121197" dev=dm-0 ino=49190
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
type=1400 audit(1211976679.663:23): avc:  denied  { add_name } for  pid=8273
comm="submit" name="1211976679.8273.smtp.fordonsservice.se"
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
type=1400 audit(1211976679.663:24): avc:  denied  { create } for  pid=8273
comm="submit" name="1211976679.8273.smtp.fordonsservice.se"
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=file
type=1400 audit(1211976679.663:25): avc:  denied  { append } for  pid=8273
comm="submit" name="1211976679.8273.smtp.fordonsservice.se" dev=dm-0 ino=49191
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=file
type=1400 audit(1211976679.663:26): avc:  denied  { write } for  pid=8273
comm="submit" name="D49191" dev=dm-0 ino=49192
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=file
type=1400 audit(1211976679.679:27): avc:  denied  { remove_name } for  pid=8273
comm="submit" name="1211976679.8273.smtp.fordonsservice.se" dev=dm-0 ino=49191
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
type=1400 audit(1211976679.679:28): avc:  denied  { rename } for  pid=8273
comm="submit" name="1211976679.8273.smtp.fordonsservice.se" dev=dm-0 ino=49191
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=file
type=1400 audit(1211976679.679:29): avc:  denied  { write } for  pid=8273
comm="submit" name="trigger" dev=dm-0 ino=49183
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:var_spool_t:s0 tclass=fifo_file

I guess the problem is that the files are tagged var_spool_t instead of
mail_spool_t. So after a chcon -R -t mail_spool_t /var/spool/courier, I get this:

type=1400 audit(1211977109.784:30): avc:  denied  { transition } for  pid=8580
comm="runcon" path="/usr/share/logwatch/scripts/logwatch.pl" dev=dm-0 ino=295881
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023 tclass=process
type=1400 audit(1211977110.189:31): avc:  denied  { read } for  pid=8580
comm="0logwatch" name="spool" dev=dm-0 ino=41412
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
type=1400 audit(1211977116.107:32): avc:  denied  { write } for  pid=8707
comm="submit" name="trigger" dev=dm-0 ino=49183
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:mail_spool_t:s0 tclass=fifo_file

The first and last seem to be caused by my unconfined role, but I'm not sure
what's going on in the second one. I doubt it's courier though as the comm is
"0logwatch".
Comment 7 Răzvan Sandu 2008-05-29 01:34:22 EDT
Hello,

I'm using sendmail (stock configuration provided by Fedora plus a /root/.forward
file containing my e-mail adddress) and I still see that bug since upgrading
from F8 to F9.

Logs don't arrive via e-mail anymore (they used to).

Regards,
Răzvan
Comment 8 Pierre Ossman 2008-05-30 10:18:17 EDT
So what's the next step here? Is it possible to get courier's paths added to the
policy?
Comment 9 Daniel Walsh 2008-05-30 10:44:39 EDT
Try selinux-policy-3.3.1-60

It has 

+/usr/lib(64)?/courier/sendmail	--	gen_context(system_u:object_r:courier_exec_t,s0)
+/var/spool/courier(/.*)?	gen_context(system_u:object_r:mail_spool_t,s0)
-bash-3.2$ 
Comment 10 Pierre Ossman 2008-05-31 05:09:48 EDT
Close, but not quite. You forgot a bin there:

/usr/lib(64)?/courier/bin/sendmail	--
gen_context(system_u:object_r:courier_exec_t,s0)

Still needs a bit more though, as now neither logwatch nor cron are able to fire
off any mail:

May 31 10:25:02 fiat kernel: type=1400 audit(1212222302.159:44): avc:  denied  {
read } for  pid=15942 comm="0logwatch" name="root" dev=dm-0 ino=229377
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
May 31 10:25:02 fiat kernel: type=1400 audit(1212222302.166:45): avc:  denied  {
read } for  pid=15942 comm="0logwatch" name="root" dev=dm-0 ino=229377
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
May 31 10:25:02 fiat kernel: type=1400 audit(1212222302.167:46): avc:  denied  {
read } for  pid=15942 comm="0logwatch" name="root" dev=dm-0 ino=229377
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
May 31 10:25:02 fiat kernel: type=1400 audit(1212222302.172:47): avc:  denied  {
read } for  pid=15942 comm="0logwatch" name="root" dev=dm-0 ino=229377
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
May 31 10:25:02 fiat kernel: type=1400 audit(1212222302.173:48): avc:  denied  {
read } for  pid=15942 comm="0logwatch" name="root" dev=dm-0 ino=229377
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
May 31 10:25:02 fiat kernel: type=1400 audit(1212222302.178:49): avc:  denied  {
read } for  pid=15942 comm="0logwatch" name="root" dev=dm-0 ino=229377
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
May 31 10:25:02 fiat kernel: type=1400 audit(1212222302.184:50): avc:  denied  {
read } for  pid=15942 comm="0logwatch" name="root" dev=dm-0 ino=229377
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
May 31 10:25:07 fiat kernel: printk: 87 messages suppressed.
May 31 10:25:07 fiat kernel: type=1400 audit(1212222307.675:80): avc:  denied  {
search } for  pid=16308 comm="submit" name="courier" dev=dm-0 ino=173523
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_etc_t:s0 tclass=dir
Comment 11 Pierre Ossman 2008-05-31 05:16:11 EDT
Did some more testing and enabled one thing after the other. Finally I composed
this rule set to get courier running:

allow system_mail_t courier_etc_t:dir search;
allow system_mail_t courier_etc_t:file { read lock getattr };
allow system_mail_t mail_spool_t:dir create;
allow system_mail_t mail_spool_t:fifo_file write;

The first two are for courier to read the alias configuration. The third is for
it to put the mail in the queue, and the third is to give courierd a kick to
notice the new mail.

The log messages used to compose the rules:

May 31 10:25:07 fiat kernel: type=1400 audit(1212222307.675:80): avc:  denied  {
search } for  pid=16308 comm="submit" name="courier" dev=dm-0 ino=173523
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_etc_t:s0 tclass=dir
type=1400 audit(1212223207.726:124): avc:  denied  { read } for  pid=16749
comm="submit" name="enablefiltering" dev=dm-0 ino=173536
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_etc_t:s0 tclass=file
type=1400 audit(1212223808.013:166): avc:  denied  { getattr } for  pid=17148
comm="submit" path="/etc/courier/enablefiltering" dev=dm-0 ino=173536
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_etc_t:s0 tclass=file
type=1400 audit(1212224287.769:205): avc:  denied  { lock } for  pid=17542
comm="submit" path="/etc/courier/aliases.dat" dev=dm-0 ino=172872
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_etc_t:s0 tclass=file
type=1400 audit(1212224647.406:240): avc:  denied  { create } for  pid=17947
comm="submitmkdir" name="121222"
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:mail_spool_t:s0 tclass=dir
May 31 11:08:07 fiat kernel: type=1400 audit(1212224887.629:311): avc:  denied 
{ write } for  pid=18485 comm="submit" name="trigger" dev=dm-0 ino=49183
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:mail_spool_t:s0 tclass=fifo_file
Comment 12 Daniel Walsh 2008-06-02 13:31:42 EDT
Fixed in selinux-policy-3.3.1-63.fc9.noarch
Comment 13 Pierre Ossman 2008-06-03 03:13:49 EDT
I've noticed you've added a lot of courier stuff to the policy, which is very
nice. But the paths are mostly wrong. What packages are you using as a base?

You can find packages built using courier's own spec file here:

http://apt.drzeus.cx/drzeus/9/x86_64/
http://apt.drzeus.cx/drzeus/9/i386/
http://apt.drzeus.cx/drzeus/8/x86_64/

Those should give you complete lists of where the files end up.
Comment 14 Daniel Walsh 2008-06-05 14:33:37 EDT
Could you just give me the output of

rpm -ql

This policy was submitted by people upstream
Comment 15 Pierre Ossman 2008-06-05 16:37:44 EDT
Created attachment 308485 [details]
rpm -ql

As there is quite a lot of files, I've included a file with all the dumps.
Comment 16 Daniel Walsh 2008-06-10 16:07:19 EDT
Fixed file context in selinux-policy-3.3.1-67.fc9.noarch
Comment 17 Pierre Ossman 2008-06-15 05:52:46 EDT
The file globs are now correct (although the old incorrect ones are still
present), but there is still a policy problem. logwatch isn't allowed to execute
a file with type courier_exec_t:

type=1400 audit(1213497412.716:28): avc:  denied  { execute } for  pid=27542
comm="0logwatch" name="sendmail" dev=dm-0 ino=24832
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_exec_t:s0 tclass=file
Comment 18 Pierre Ossman 2008-06-20 11:34:21 EDT
Any progress? I feel like we're very close to getting this solved once and for all.
Comment 19 Daniel Walsh 2008-06-22 08:35:21 EDT
Fixed in selinux-policy-3.3.1-68.fc9.noarch
Comment 20 Pierre Ossman 2008-06-23 04:13:46 EDT
No change I'm afraid. Policy still denies logwatch_t to execute courier_exec_t.

I'm not sure everything is working as intended though. I have two F9 machines
that I test this on, and the files in /etc/selinux/targeted/context/files
differ. Oddly enough, rpm -V selinux-policy-targeted doesn't say anything about
modified files on either system. The RPM database says their size is 0, which I
take it means they're ghost files?

My real question is why these aren't updated though, and how do I do that manually?
Comment 21 Daniel Walsh 2008-06-23 06:36:04 EDT
First off policy 68 was broken, try 69.  This probably means that the policy was
never loaded so you are still looking at the old policy.  The change I added was
to tell the system to use courier as a mailclient,  This allows other
domains/processes to transition to system_mail_t when running courier_exec_t. 
This should allow logwatch_t to send mail using courier.

Fixed in selinux-policy-3.3.1-69.fc9.noarch
Comment 22 Pierre Ossman 2008-06-24 04:23:00 EDT
Almost. It properly transitions to system_mail_t now, but it needs to execute
/usr/lib/courier/libexec/courier/submit (marked courier_exec_t) to put the
message on the queue:

type=1400 audit(1214274691.825:8): avc:  denied  { execute } for  pid=4009
comm="sendmail" name="submit" dev=dm-0 ino=271483
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_exec_t:s0 tclass=file
Comment 23 Daniel Walsh 2008-06-24 05:43:11 EDT
Fixed in selinux-policy-3.3.1-71.fc9.noarch
Comment 24 Pierre Ossman 2008-06-24 06:56:56 EDT
If you queue up a build, I'll make sure it'll get tested tonight.
Comment 25 Pierre Ossman 2008-06-26 02:31:09 EDT
The execute permission now work. What's missing is that some rights did not get
transferred over for the new courier_spool_t type. The following is missing:

#============= system_mail_t ==============
allow system_mail_t courier_spool_t:dir { write search create add_name };
allow system_mail_t courier_spool_t:file { create getattr append };


Errors:

type=1400 audit(1214461712.526:19): avc:  denied  { search } for  pid=9985
comm="submit" name="courier" dev=dm-0 ino=49165
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=dir
type=1400 audit(1214461716.522:20): avc:  denied  { write } for  pid=10253
comm="submitmkdir" name="tmp" dev=dm-0 ino=49173
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=dir
type=1400 audit(1214461716.522:21): avc:  denied  { add_name } for  pid=10253
comm="submitmkdir" name="121446"
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=dir
type=1400 audit(1214461716.522:22): avc:  denied  { create } for  pid=10253
comm="submitmkdir" name="121446"
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=dir
type=1400 audit(1214461716.524:23): avc:  denied  { create } for  pid=9985
comm="submit" name="1214461716.9985.smtp.fordonsservice.se"
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=file
type=1400 audit(1214461716.525:24): avc:  denied  { append } for  pid=9985
comm="submit" name="1214461716.9985.smtp.fordonsservice.se" dev=dm-0 ino=49193
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=file
type=1400 audit(1214461716.525:25): avc:  denied  { getattr } for  pid=9985
comm="submit"
path="/var/spool/courier/tmp/121446/1214461716.9985.smtp.fordonsservice.se"
dev=dm-0 ino=49193 scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=file
Comment 26 Pierre Ossman 2008-06-30 04:52:43 EDT
ping
Comment 27 Daniel Walsh 2008-06-30 17:13:14 EDT
Fixed in selinux-policy-3.3.1-73.fc9.noarch

Sorry I was on vacation...
Comment 28 Pierre Ossman 2008-07-01 09:56:36 EDT
No sweat. Wouldn't want you getting overworked and gone even longer. :)

For some reason one permission didn't appear in the test run with the last policy:

allow system_mail_t courier_spool_t:fifo_file write;

type=1400 audit(1214920412.896:96): avc:  denied  { write } for  pid=31935
comm="submit" name="trigger" dev=dm-0 ino=49183
scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:courier_spool_t:s0 tclass=fifo_file

Hopefully we're finally done after that addition.
Comment 29 Daniel Walsh 2008-07-02 09:55:24 EDT
Fixed in selinux-policy-3.3.1-75.fc9.noarch
Comment 30 Pierre Ossman 2008-07-02 11:23:45 EDT
I notice that there is no build for this version on koji yet. What's your work
flow when it comes to marking stuff and there actually appearing a new package?
Comment 31 Daniel Walsh 2008-07-02 14:44:23 EDT
I mark them fixed all day long, and then build at the end of the day.
Comment 32 Pierre Ossman 2008-07-02 17:43:48 EDT
Reasonable enough. It's just the time zone differences that makes it easy for me
to miss the build.

Anyway, runcon seems to suggest that everything is as it should now. I'll see
what a proper execution does in a few hours.
Comment 33 Pierre Ossman 2008-07-03 02:12:14 EDT
Everything ran like a charm. Thanks for all the hard work in getting this fixed.
Comment 34 Daniel Walsh 2008-07-03 11:46:26 EDT
I guess I should have said 17:00 EDT.  :^)
Comment 35 Daniel Walsh 2008-11-17 17:04:21 EST
Closing all bugs that have been in modified for over a month.  Please reopen if the bug is not actually fixed.
Comment 36 Pierre Ossman 2008-12-01 02:10:12 EST
The modifications have been working perfectly, up until yesterday. It seems anacron does things slightly different and triggers the following:

type=1400 audit(1227865697.993:6): avc:  denied  { setuid } for  pid=7421 comm="submit" capability=7 scontext=system_u:system_r:logwatch_t:s0 tcontext=system_u:system_r:logwatch_t:s0 tclass=capability

I'm not sure how to trigger new anacron runs, so I don't know how I can test any fixes though.
Comment 37 Daniel Walsh 2008-12-01 13:19:00 EST
The problem here is the submit command?  What is this?
Comment 38 Pierre Ossman 2008-12-02 05:57:49 EST
submit is the program that does all the heavy lifting of actually getting the mail into the courier mail queue. "sendmail" in courier is just a formatting frontend. "submit" is the one doing the privileged work (i.e. modifying the spool directory).
Comment 39 Daniel Walsh 2008-12-02 10:57:43 EST
If you chcon -t sendmail_exec_t /usr/bin/submit

Does it work?
Comment 40 Pierre Ossman 2008-12-09 08:44:09 EST
I'm afraid I haven't had time to fiddle with this yet. To get the ball rolling a bit though, do you have some tips for manually triggering an anacron run?
Comment 41 Pierre Ossman 2009-01-04 07:44:27 EST
Ok, I've put some more time into this. After an upgrade to F10 and the latest courier, the original problem with logwatch was back.

After running the following, everything works as it should:

chcon -t sendmail_exec_t /usr/lib/courier/bin/sendmail

So please add that to courier.fc and push to F10 updates. :)
Comment 42 Daniel Walsh 2009-01-08 13:28:36 EST
Miroslav, add 

/usr/lib/courier/bin/sendmail 	--	gen_context(system_u:object_r:sendmail_exec_t,s0)

to mta.fc
Comment 43 Miroslav Grepl 2009-01-12 09:48:52 EST
Fixed in selinux-policy-3.5.13-39.fc10.noarch
Comment 44 Bug Zapper 2009-11-18 07:31:27 EST
This message is a reminder that Fedora 10 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 10.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '10'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 10's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 10 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 45 Daniel Walsh 2009-11-18 08:04:18 EST
Closing as closed in the current release.

Note You need to log in before you can comment on or make changes to this bug.