Scientific Linux Security Update : selinux-policy enhancement update on SL6.x i386/x86_64

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

This update adds the following enhancements :

- Previously, the pacemaker resource manager did not have
its own policy defined and started in the initrc_t
domain. With this update, the wrong context has been
fixed and proper permissions have been set for
pacemaker, thus fixing the bug.

- Previously, the SELinux policy prevented running virtual
machines based on volumes under the VDSM's deamon
directory, /var/run/vdsm/storage/. As a consequence,
trying to a run virtual machine with these settings
resulted in an error. This update fixes the ability of
the svirt_t SELinux process domain to read symbolic
links in the /var/run/ directory, and now virtual
machines based on volumes can be used under the VDSM's
daemon directory.

- Previously, due to SELinux permission errors, trying to
run a QEMU process using the libvirt library resulted in
and error and the process being terminated. This bug has
now been fixed, and QEMU processes start and run
successfully in this scenario.

This update has been placed in the security tree to avoid selinux
related problems.

See also :

http://www.nessus.org/u?7ed3230c

Solution :

Update the affected packages.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 70757 ()

Bugtraq ID:

CVE ID: