Lucid SELinux Policy Update
Bug #568744 reported by
Steve Lawrence
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
refpolicy-ubuntu (Ubuntu) |
Fix Released
|
Medium
|
Kees Cook | ||
Lucid |
Fix Released
|
Medium
|
Kees Cook | ||
selinux (Ubuntu) |
Fix Released
|
Medium
|
Kees Cook | ||
Lucid |
Fix Released
|
Medium
|
Kees Cook |
Bug Description
Attached are two patches to update the SELinux policy for Ubuntu Lucid
Lynx.
The first patch applies to the repolicy-ubuntu package. This updates the
policy to the latest reference policy (2.20091117) and updates the
debian/patches to fix ubunutu specific policy issues. The majority of
the issues revolved around dbus starting various processes and ensuring
they transition to the correct domain.
The second patch applies to the selinux package. This adds two upstart
scripts to ensure that /var/run and /var/lock are relabeled once they
are mounted so they get the correct labels (var_run_t and var_lock_t
instead of tmpfs_t).
summary: |
- SELinux Policy Update + Lucid SELinux Policy Update |
To post a comment you must log in.
Great! I've updated the packaging for refpolicy-ubuntu to use the upstream bz2 file, and tweaked the selinux restorecon calls a little more. These changes make a large positive difference on the boot warnings now; down to just a handful instead of hundreds. Thanks!