Issued:

2013-09-30

Updated:

2013-09-30

RHBA-2013:1344 - policycoreutils bug fix update

Synopsis

policycoreutils bug fix update

Type/Severity

Bug Fix Advisory

Topic

Updated policycoreutils packages that fix several bugs are now available for Red Hat Enterprise Linux 5.

Description

The policycoreutils packages contain essential utilities required for basic operation of SELinux.

This update fixes the following bugs:

• Due to unsupported locale, the semanage commands failed with the following traceback error message during the "add" and "delete" operations:

  locale.Error: unsupported locale setting

This update corrects the code, and the semanage utility no longer fails in the described scenario. (BZ#949061)

• Due to missing support for the ext4 file system, the fixfiles utility did not work on such file systems. This update adds the support for ext4 and fixfiles now works properly in the described scenario. (BZ#723950)

• Prior to this update, the genhomedircon script created duplicate SELinux context template entries in the /etc/selinux/targeted/contexts/files/file_contexts.homedirs file, when /export/home/ was defined as the default home directory location for new users and /export/home/ existed on the file system. Consequently, error messages were returned to the /var/log/messages file. A patch has been provided to fix this bug and only one set of SELinux context template entries is now maintained in the /etc/selinux/targeted/contexts/files/file_contexts.homedirs file. (BZ#805022)

• Previously, the utmp utility never triggered a change on the first user who logged in to the system. Consequently, the restorecond daemon sometimes failed to update context on files when only one user was logged in. A patch has been provided to fix utmp and restorecond now works as expected in the described scenario. (BZ#623708)

Users of policycoreutils are advised to upgrade to these updated packages, which fix these bugs.

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

Affected Products

Updated Packages

• policycoreutils-newrole-1.33.12-14.13.el5.i386.rpm
• policycoreutils-1.33.12-14.13.el5.ppc.rpm
• policycoreutils-1.33.12-14.13.el5.src.rpm
• policycoreutils-newrole-1.33.12-14.13.el5.ppc.rpm
• policycoreutils-debuginfo-1.33.12-14.13.el5.ia64.rpm
• policycoreutils-gui-1.33.12-14.13.el5.s390x.rpm
• policycoreutils-1.33.12-14.13.el5.x86_64.rpm
• policycoreutils-gui-1.33.12-14.13.el5.x86_64.rpm
• policycoreutils-debuginfo-1.33.12-14.13.el5.i386.rpm
• policycoreutils-debuginfo-1.33.12-14.13.el5.s390x.rpm
• policycoreutils-gui-1.33.12-14.13.el5.i386.rpm
• policycoreutils-newrole-1.33.12-14.13.el5.s390x.rpm
• policycoreutils-1.33.12-14.13.el5.s390x.rpm
• policycoreutils-gui-1.33.12-14.13.el5.ia64.rpm
• policycoreutils-newrole-1.33.12-14.13.el5.ia64.rpm
• policycoreutils-1.33.12-14.13.el5.ia64.rpm
• policycoreutils-debuginfo-1.33.12-14.13.el5.x86_64.rpm
• policycoreutils-1.33.12-14.13.el5.i386.rpm
• policycoreutils-debuginfo-1.33.12-14.13.el5.ppc.rpm
• policycoreutils-gui-1.33.12-14.13.el5.ppc.rpm
• policycoreutils-newrole-1.33.12-14.13.el5.x86_64.rpm

Fixes

• This content is not included.BZ - 623708
• This content is not included.BZ - 723950

CVEs

(none)

References

(none)

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.