- Issued:
- 2018-08-16
- Updated:
- 2018-08-16
RHBA-2018:2437 - Bug Fix Advisory
Synopsis
Updated openvswitch selinux policy package that fixes several reported bugs.
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
The Open vSwitch suite provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. The openvswitch-selinux-extra-policy package adds an SELinux policy that enables the Open vSwitch suite of utilities to function with SELinux in enforcing mode.
Description
After an update, the selinux base policy included additional policy restrictions around hugetlb filesystem files. Add support for the openvswitch_t domain to access these files.
The installation/uninstallation stanzas for the openvswitch-selinux-extra-policy rpm would unconditionally invoke selinux macros. This comes with a change to check for the selinux status before invoking such macros.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Virtualization Manager 4.2 x86_64
- Red Hat Virtualization 4 for RHEL 7 x86_64
- Red Hat Virtualization for IBM Power LE 4 for RHEL 7 ppc64le
- Red Hat Enterprise Linux Fast Datapath 7 x86_64
- Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7 ppc64le
Fixes
- BZ - 1596232 - [OVS] Got an AVC when configuring an OVS-dpdk bridge
- BZ - 1612981 - Update openvswitch selinux policy
CVEs
(none)
References
(none)
Red Hat Virtualization Manager 4.2
SRPM | |
---|---|
openvswitch-selinux-extra-policy-1.0-6.el7fdp.src.rpm | SHA-256: d10bbe6e87325bb0d8b73bb20380c826b3465fbf5328a27a923a74d3ce453f85 |
x86_64 | |
openvswitch-selinux-extra-policy-1.0-6.el7fdp.noarch.rpm | SHA-256: 2a518af39c20ee4d94398bf7d7e5051372cbf9203bae701a25bb32a011b13b7e |
Red Hat Virtualization 4 for RHEL 7
SRPM | |
---|---|
openvswitch-selinux-extra-policy-1.0-6.el7fdp.src.rpm | SHA-256: d10bbe6e87325bb0d8b73bb20380c826b3465fbf5328a27a923a74d3ce453f85 |
x86_64 | |
openvswitch-selinux-extra-policy-1.0-6.el7fdp.noarch.rpm | SHA-256: 2a518af39c20ee4d94398bf7d7e5051372cbf9203bae701a25bb32a011b13b7e |
Red Hat Virtualization for IBM Power LE 4 for RHEL 7
SRPM | |
---|---|
openvswitch-selinux-extra-policy-1.0-6.el7fdp.src.rpm | SHA-256: d10bbe6e87325bb0d8b73bb20380c826b3465fbf5328a27a923a74d3ce453f85 |
ppc64le | |
openvswitch-selinux-extra-policy-1.0-6.el7fdp.noarch.rpm | SHA-256: 2a518af39c20ee4d94398bf7d7e5051372cbf9203bae701a25bb32a011b13b7e |
Red Hat Enterprise Linux Fast Datapath 7
SRPM | |
---|---|
openvswitch-selinux-extra-policy-1.0-6.el7fdp.src.rpm | SHA-256: d10bbe6e87325bb0d8b73bb20380c826b3465fbf5328a27a923a74d3ce453f85 |
x86_64 | |
openvswitch-selinux-extra-policy-1.0-6.el7fdp.noarch.rpm | SHA-256: 2a518af39c20ee4d94398bf7d7e5051372cbf9203bae701a25bb32a011b13b7e |
Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7
SRPM | |
---|---|
openvswitch-selinux-extra-policy-1.0-6.el7fdp.src.rpm | SHA-256: d10bbe6e87325bb0d8b73bb20380c826b3465fbf5328a27a923a74d3ce453f85 |
ppc64le | |
openvswitch-selinux-extra-policy-1.0-6.el7fdp.noarch.rpm | SHA-256: 2a518af39c20ee4d94398bf7d7e5051372cbf9203bae701a25bb32a011b13b7e |
openvswitch-selinux-extra-policy-1.0-6.el7fdp.noarch.rpm | SHA-256: 2a518af39c20ee4d94398bf7d7e5051372cbf9203bae701a25bb32a011b13b7e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.