This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
This update adds the following enhancements :
- Previously, the pacemaker resource manager did not have
its own policy defined and started in the initrc_t
domain. With this update, the wrong context has been
fixed and proper permissions have been set for
pacemaker, thus fixing the bug.
- Previously, the SELinux policy prevented running virtual
machines based on volumes under the VDSM's deamon
directory, /var/run/vdsm/storage/. As a consequence,
trying to a run virtual machine with these settings
resulted in an error. This update fixes the ability of
the svirt_t SELinux process domain to read symbolic
links in the /var/run/ directory, and now virtual
machines based on volumes can be used under the VDSM's
- Previously, due to SELinux permission errors, trying to
run a QEMU process using the libvirt library resulted in
and error and the process being terminated. This bug has
now been fixed, and QEMU processes start and run
successfully in this scenario.
This update has been placed in the security tree to avoid selinux
See also :
Update the affected packages.
Risk factor :