Description of problem: see http://lists.fedoraproject.org/pipermail/selinux/2010-December/013274.html for details. Version-Release number of selected component (if applicable): FC13, the latest policy loaded (-73) How reproducible: Always, provided OpenCT is used on its own without PSCS or anything else (just vanilla OpenCT) Steps to Reproduce: Actual results: Expected results: Additional info: See http://lists.fedoraproject.org/pipermail/selinux/2010-December/013292.html and http://lists.fedoraproject.org/pipermail/selinux/2010-December/013294.html for how it might be fixed
Looks like something which should be added to auth_domtrans_chk_passwd() after optional_policy(` pcscd_manage_pub_files($1) pcscd_manage_pub_pipes($1) pcscd_stream_connect($1) ')
Hmm good point. I saw your comment right after i committed this: http://git.fedorahosted.org/git/?p=selinux-policy.git;a=commitdiff;h=afc9bf6c38c9eaafde0318927cc158f4f663f74d Feel free to move it to auth_domtrans_chk_passwd if you are of the opinion that this is more appropriate.
No problem. Thanks for the fix.
Fixed in selinux-policy-3.7.19-75.fc13
selinux-policy-3.7.19-76.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-76.fc13
selinux-policy-3.7.19-76.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-76.fc13
selinux-policy-3.7.19-76.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.