An updated selinux-policy package that fixes several bugs is now available forRed Hat Enterprise Linux 7.

The selinux-policy package contains the rules that govern how confined processesrun on the system.This update fixes the following bugs:* When running Nagios with the PNP4Nagios module, PNP4Nagios failed toload. With this update, the nagios_run_sudo boolean has been updated to allowNagios to execute files with the nagios_log_t SELinux label, and PNP4Nagios nowloads as expected. (BZ#1230292)* When some Nagios plug-ins executed remotely via Nagios Remote Plug-in Executor(NRPE) needed to be run using sudo, these plug-ins terminated unexpectedly ifSELinux was in enforcing mode. A new nagios_run_sudo boolean has been added tofix this bug, and Nagios plug-ins are now called successfully. (BZ#1230299)* While running Red Hat Gluster Storage distributed hash table (DHT) automationon Red Hat Enterprise Linux 7, SELinux Access Vector Cache (AVC) error messageswere previously returned. The underlying source code has been fixed, and AVCmessages are no longer displayed. (BZ#1231649) * Due to missing SELinux policy rules, when running the “gluster snapshot create[snapName]” command, snapshot create operation failed on Red Hat EnterpriseLinux 7 when SELinux was in enforcing mode. With this update, snapshot issupported for thinly provisioned Logical Volumes (LVs), and snapshot creationwith SELinux in enforcing mode now succeeds. (BZ#1231930)* With SELinux in enforcing mode, when a gluster volume was started,gluster hook scripts were not executed by the glusterd daemon because of wrongSELinux security labels for these hooks. As a consequence, the samba start hookscript failed to execute and did not create a share in the smb.conf file. TheSELinux security context has been updated for these hooks to be of a bin_tSELinux type, and the samba share is now created in smb.conf after a glustervolume starts. (BZ#1231942)Users of selinux-policy are advised to upgrade to this updated package, whichfixes these bugs.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
selinux-policy-3.13.1-23.el7_1.8.src.rpm
    MD5: fa456f8261ccb575120e764f1a1c625aSHA-256: f4b665083ffed7522186b880355261953e11aac81f5290a098f541e9668b6055
 
x86_64:
selinux-policy-3.13.1-23.el7_1.8.noarch.rpm
    MD5: dca1b90c3d8fc0bf789507d37d148f1eSHA-256: 722c07c103fe375381f7e76efe3d3c172a439b7c0e64030de180777033a058d3
selinux-policy-devel-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 3e8f7ae0fae704c0be2dd5303c29d0a2SHA-256: 975e76e462ea17c8df77d0e38b2b38b386d5455904d7b0b2693853135bdf4b09
selinux-policy-doc-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 1050d83d7e32cb5dd9b64d38a5860560SHA-256: 99fc7eed831990b45a3e5cc6d4386fd189b3c8385a916ef454945ec6245fed1d
selinux-policy-minimum-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 0ed8a4605871f4a24f1268fa961f8525SHA-256: ec4d233edcf930b713ae0392eacdc040b169c6aa27bb23575385854d5e24d6fe
selinux-policy-mls-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 2d2a8b24c4fc36087004f6439c7046ddSHA-256: 8bc523308afa61f50cd91fa0638cf6164d856344478f3ef96c05ff5728c74fd0
selinux-policy-sandbox-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 5ab17357cda427f84ce9b1cb0577b41cSHA-256: eea220df58a67bcb35b4544a311abd979cd097b5e42a34473c55c9761bdcfe87
selinux-policy-targeted-3.13.1-23.el7_1.8.noarch.rpm
    MD5: be81f3b6f76f0b424423c5377bc99b15SHA-256: 5d6934abc473e6b33c0a001d3c0946a3caa6e5071fcc034f981cf89beab78987
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
selinux-policy-3.13.1-23.el7_1.8.src.rpm
    MD5: fa456f8261ccb575120e764f1a1c625aSHA-256: f4b665083ffed7522186b880355261953e11aac81f5290a098f541e9668b6055
 
x86_64:
selinux-policy-3.13.1-23.el7_1.8.noarch.rpm
    MD5: dca1b90c3d8fc0bf789507d37d148f1eSHA-256: 722c07c103fe375381f7e76efe3d3c172a439b7c0e64030de180777033a058d3
selinux-policy-devel-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 3e8f7ae0fae704c0be2dd5303c29d0a2SHA-256: 975e76e462ea17c8df77d0e38b2b38b386d5455904d7b0b2693853135bdf4b09
selinux-policy-doc-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 1050d83d7e32cb5dd9b64d38a5860560SHA-256: 99fc7eed831990b45a3e5cc6d4386fd189b3c8385a916ef454945ec6245fed1d
selinux-policy-minimum-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 0ed8a4605871f4a24f1268fa961f8525SHA-256: ec4d233edcf930b713ae0392eacdc040b169c6aa27bb23575385854d5e24d6fe
selinux-policy-mls-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 2d2a8b24c4fc36087004f6439c7046ddSHA-256: 8bc523308afa61f50cd91fa0638cf6164d856344478f3ef96c05ff5728c74fd0
selinux-policy-sandbox-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 5ab17357cda427f84ce9b1cb0577b41cSHA-256: eea220df58a67bcb35b4544a311abd979cd097b5e42a34473c55c9761bdcfe87
selinux-policy-targeted-3.13.1-23.el7_1.8.noarch.rpm
    MD5: be81f3b6f76f0b424423c5377bc99b15SHA-256: 5d6934abc473e6b33c0a001d3c0946a3caa6e5071fcc034f981cf89beab78987
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
selinux-policy-3.13.1-23.el7_1.8.src.rpm
    MD5: fa456f8261ccb575120e764f1a1c625aSHA-256: f4b665083ffed7522186b880355261953e11aac81f5290a098f541e9668b6055
 
PPC:
selinux-policy-3.13.1-23.el7_1.8.noarch.rpm
    MD5: dca1b90c3d8fc0bf789507d37d148f1eSHA-256: 722c07c103fe375381f7e76efe3d3c172a439b7c0e64030de180777033a058d3
selinux-policy-devel-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 3e8f7ae0fae704c0be2dd5303c29d0a2SHA-256: 975e76e462ea17c8df77d0e38b2b38b386d5455904d7b0b2693853135bdf4b09
selinux-policy-doc-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 1050d83d7e32cb5dd9b64d38a5860560SHA-256: 99fc7eed831990b45a3e5cc6d4386fd189b3c8385a916ef454945ec6245fed1d
selinux-policy-minimum-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 0ed8a4605871f4a24f1268fa961f8525SHA-256: ec4d233edcf930b713ae0392eacdc040b169c6aa27bb23575385854d5e24d6fe
selinux-policy-mls-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 2d2a8b24c4fc36087004f6439c7046ddSHA-256: 8bc523308afa61f50cd91fa0638cf6164d856344478f3ef96c05ff5728c74fd0
selinux-policy-sandbox-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 5ab17357cda427f84ce9b1cb0577b41cSHA-256: eea220df58a67bcb35b4544a311abd979cd097b5e42a34473c55c9761bdcfe87
selinux-policy-targeted-3.13.1-23.el7_1.8.noarch.rpm
    MD5: be81f3b6f76f0b424423c5377bc99b15SHA-256: 5d6934abc473e6b33c0a001d3c0946a3caa6e5071fcc034f981cf89beab78987
 
s390x:
selinux-policy-3.13.1-23.el7_1.8.noarch.rpm
    MD5: dca1b90c3d8fc0bf789507d37d148f1eSHA-256: 722c07c103fe375381f7e76efe3d3c172a439b7c0e64030de180777033a058d3
selinux-policy-devel-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 3e8f7ae0fae704c0be2dd5303c29d0a2SHA-256: 975e76e462ea17c8df77d0e38b2b38b386d5455904d7b0b2693853135bdf4b09
selinux-policy-doc-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 1050d83d7e32cb5dd9b64d38a5860560SHA-256: 99fc7eed831990b45a3e5cc6d4386fd189b3c8385a916ef454945ec6245fed1d
selinux-policy-minimum-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 0ed8a4605871f4a24f1268fa961f8525SHA-256: ec4d233edcf930b713ae0392eacdc040b169c6aa27bb23575385854d5e24d6fe
selinux-policy-mls-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 2d2a8b24c4fc36087004f6439c7046ddSHA-256: 8bc523308afa61f50cd91fa0638cf6164d856344478f3ef96c05ff5728c74fd0
selinux-policy-sandbox-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 5ab17357cda427f84ce9b1cb0577b41cSHA-256: eea220df58a67bcb35b4544a311abd979cd097b5e42a34473c55c9761bdcfe87
selinux-policy-targeted-3.13.1-23.el7_1.8.noarch.rpm
    MD5: be81f3b6f76f0b424423c5377bc99b15SHA-256: 5d6934abc473e6b33c0a001d3c0946a3caa6e5071fcc034f981cf89beab78987
 
x86_64:
selinux-policy-3.13.1-23.el7_1.8.noarch.rpm
    MD5: dca1b90c3d8fc0bf789507d37d148f1eSHA-256: 722c07c103fe375381f7e76efe3d3c172a439b7c0e64030de180777033a058d3
selinux-policy-devel-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 3e8f7ae0fae704c0be2dd5303c29d0a2SHA-256: 975e76e462ea17c8df77d0e38b2b38b386d5455904d7b0b2693853135bdf4b09
selinux-policy-doc-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 1050d83d7e32cb5dd9b64d38a5860560SHA-256: 99fc7eed831990b45a3e5cc6d4386fd189b3c8385a916ef454945ec6245fed1d
selinux-policy-minimum-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 0ed8a4605871f4a24f1268fa961f8525SHA-256: ec4d233edcf930b713ae0392eacdc040b169c6aa27bb23575385854d5e24d6fe
selinux-policy-mls-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 2d2a8b24c4fc36087004f6439c7046ddSHA-256: 8bc523308afa61f50cd91fa0638cf6164d856344478f3ef96c05ff5728c74fd0
selinux-policy-sandbox-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 5ab17357cda427f84ce9b1cb0577b41cSHA-256: eea220df58a67bcb35b4544a311abd979cd097b5e42a34473c55c9761bdcfe87
selinux-policy-targeted-3.13.1-23.el7_1.8.noarch.rpm
    MD5: be81f3b6f76f0b424423c5377bc99b15SHA-256: 5d6934abc473e6b33c0a001d3c0946a3caa6e5071fcc034f981cf89beab78987
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
selinux-policy-3.13.1-23.el7_1.8.src.rpm
    MD5: fa456f8261ccb575120e764f1a1c625aSHA-256: f4b665083ffed7522186b880355261953e11aac81f5290a098f541e9668b6055
 
x86_64:
selinux-policy-3.13.1-23.el7_1.8.noarch.rpm
    MD5: dca1b90c3d8fc0bf789507d37d148f1eSHA-256: 722c07c103fe375381f7e76efe3d3c172a439b7c0e64030de180777033a058d3
selinux-policy-devel-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 3e8f7ae0fae704c0be2dd5303c29d0a2SHA-256: 975e76e462ea17c8df77d0e38b2b38b386d5455904d7b0b2693853135bdf4b09
selinux-policy-doc-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 1050d83d7e32cb5dd9b64d38a5860560SHA-256: 99fc7eed831990b45a3e5cc6d4386fd189b3c8385a916ef454945ec6245fed1d
selinux-policy-minimum-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 0ed8a4605871f4a24f1268fa961f8525SHA-256: ec4d233edcf930b713ae0392eacdc040b169c6aa27bb23575385854d5e24d6fe
selinux-policy-mls-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 2d2a8b24c4fc36087004f6439c7046ddSHA-256: 8bc523308afa61f50cd91fa0638cf6164d856344478f3ef96c05ff5728c74fd0
selinux-policy-sandbox-3.13.1-23.el7_1.8.noarch.rpm
    MD5: 5ab17357cda427f84ce9b1cb0577b41cSHA-256: eea220df58a67bcb35b4544a311abd979cd097b5e42a34473c55c9761bdcfe87
selinux-policy-targeted-3.13.1-23.el7_1.8.noarch.rpm
    MD5: be81f3b6f76f0b424423c5377bc99b15SHA-256: 5d6934abc473e6b33c0a001d3c0946a3caa6e5071fcc034f981cf89beab78987
 
(The unlinked packages above are only available from the Red Hat Network)
1230292 – [SELinux] [RHSC] PNP4Nagios AVC denial1230299 – [SELinux] [Nagios] SELinux blocks Nagios/NRPE plugins which use sudo1231649 – [SELinux] [BVT]: Fix SELinux AVC errors produced while running RHGS DHT automation on RHEL 71231930 – [SELinux] [Snapshot] – Gluster/Snapshot creation fails when selinux is in Enforcing mode on RHEL-7.11231942 – [SELinux] RHEL7:SMB:Update SELinux policies for samba in RHEL7.1

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply