이 콘텐츠는 선택한 언어로 제공되지 않습니다.

4.142. libselinux


Updated libselinux packages that fix three bugs are now available for Red Hat Enterprise Linux 6.
The libselinux packages contain the core library of an SELinux system. The libselinux library provides an API for SELinux applications to get and set process and file security contexts, and to obtain security policy decisions. It is required for any applications that use the SELinux API, and used by all applications that are SELinux-aware.

Bug Fixes

BZ#698583
Prior to this update, Python bindings for the restorecon command required a user to specify the entire path. Consequent to this, an attempt to use the selinux.restorecon() function with a relative path failed with the following error message:
OSError: [Errno 2] No such file or directory
This update corrects the Python bindings to allow the use of the selinux.restorecon() function with a relative path or just a file name.
BZ#706049
Previously, the is_selinux_enabled() function may have incorrectly returned a positive value even when the machine was disabled. This happened when the same process that made the calls to disable SELinux attempted to determine if SELinux is enabled, because the selinux_mnt variable was not properly freed and still contained old data. With this update, a patch has been applied to make sure the selinux_mnt variable is now properly freed, and the is_selinux_enabled() function works as expected.
BZ#748471
When a semanage login record was set up using a group name and the number of elements in the group was too large, login programs failed to log in the user with the correct context. This update corrects the libselinux library to return all users within a group so that the correct SELinux user record is used. As a result, users with the correct context can now log in as expected in this scenario.
All users of libselinux are advised to upgrade to these updated packages, which fix these bugs.
Enhanced libselinux packages are now available for Red Hat Enterprise Linux 6.
[Updated 6 Apr 2011] The text of this advisory has been updated to reflect the fact that these packages are not new in Red Hat Enterprise Linux 6.
Security-enhanced Linux (SELinux) is a feature of the Linux kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement, Role-based Access Control, and Multi-level Security. The libselinux library provides an API for SELinux applications to get and set process and file security contexts and to obtain security policy decisions, and is required for any applications that use the SELinux API.
This enhancement update moves the selinux-ruby package from the Red Hat Enterprise Linux 6 Optional channels to the Red Hat Enterprise Linux 6 base channels. This update does not make any other changes to these packages. (BZ#810119)
All users who require SELinux should install these enhanced packages.
Updated libselinux packages that add one enhancement are now available for Red Hat Enterprise Linux 6 Extended Update Support.
The libselinux packages contain the core library of an SELinux system. The libselinux library provides an API for SELinux applications to get and set process and file security contexts, and to obtain security policy decisions. It is required for any applications that use the SELinux API, and used by all applications that are SELinux-aware.

Enhancement

BZ#956981
Previously, a substitution of the "/" directory was not directly possible. With this update, support for a substitution of the root directory has been added to allow proper labeling of all directories and files under an alternative root directory.
Users of libselinux are advised to upgrade to these updated packages, which adds this enhancement.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.