Product SiteDocumentation Site

1.162. policycoreutils

1.162.1. RHBA-2010:0208: bug fix update

Updated policycoreutils packages that fix several bugs are now available.
The policycoreutils packages contain the core utilities that are required for the basic operation of a Security-Enhanced Linux (SELinux) system and its policies. These utilities include load_policy to load policies, setfiles to label file systems, newrole to switch roles, and run_init to run /etc/init.d/ scripts in their proper context.
These updated packages fix the following bugs:
* executing the semanage command with the translation option caused denials and undesired mode changes to the setrans.conf file. This update removes the translation functionality from the semanage command. (BZ#460970)
* the semanage command allowed an invalid network port number to be passed to it. This update adds proper verification of the port number option to semanage. Any invalid port number is now rejected. (BZ#505521)
* the use of the #!/usr/bin/env python option at the top of python scripts is being phased out, in favour of the #!/usr/bin/python option. There was one instance of the former option in a policycoreutils python script. This fix replaces this line with the latter option in this file. (BZ#521298)
* the semanage command did not support the node option being passed to it and resulted in an error when it was used. This fix adds the node option to the semanage command. This option allows you to list, add and modify nodes in SELinux policy. (BZ#527487)
Users of policycoreutils are advised to upgrade to these updated packages, which resolve these issues.

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.