Recommended update for selinux-policy

Announcement ID:	SUSE-RU-2024:4334-1
Release Date:	2024-12-16T18:31:31Z
Rating:	moderate
References:	bsc#1216052 bsc#1232496 bsc#1233789
Affected Products:	openSUSE Leap Micro 5.5 SUSE Linux Enterprise Micro 5.5

An update that has three fixes can now be installed.

Description:

This update for selinux-policy fixes the following issues:

• Remove enforcing=1 parameter from kernel command line if the system is in enforcing mode and configured for enforcing mode.
  That makes it easier for users to change the enforcing mode without having to change the kernel command line (bsc#1232496).
• Version update 20230511+git21.861b7a02.
  Allow sssd_t watch permission to net_conf_t dirs (bsc#1216052, bsc#1233789).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap Micro 5.5
  zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4334=1
• SUSE Linux Enterprise Micro 5.5
  zypper in -t patch SUSE-SLE-Micro-5.5-2024-4334=1

Package List:

• openSUSE Leap Micro 5.5 (noarch)
  • selinux-policy-20230511+git21.861b7a02-150500.3.26.1
  • selinux-policy-devel-20230511+git21.861b7a02-150500.3.26.1
  • selinux-policy-targeted-20230511+git21.861b7a02-150500.3.26.1
• SUSE Linux Enterprise Micro 5.5 (noarch)
  • selinux-policy-20230511+git21.861b7a02-150500.3.26.1
  • selinux-policy-devel-20230511+git21.861b7a02-150500.3.26.1
  • selinux-policy-targeted-20230511+git21.861b7a02-150500.3.26.1

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1216052
• https://bugzilla.suse.com/show_bug.cgi?id=1232496
• https://bugzilla.suse.com/show_bug.cgi?id=1233789