Greetings. Is https://github.com/fedora-selinux/selinux-policy-contrib
the right place to contribute to the Fedora SELinux policy?
I added a pull request for a small update needed for a new release of
cups-pdf, but I am not sure someone is monitoring that. There is another
one from rhatdan there so I presume is the right place.
Kernel 4.13 was released this past weekend. This kernel has been
built for rawhide and is building for F27 as well. We will be
following the same upgrade procedure as in the past. F25 and F26
will get rebased to 4.13 after a few stable releases, typically
4.13.2 or 4.11.3 depending on how stable the kernel is. Upstream
does not give release dates for stable release but given past
timings, this will probably happen towards the end of September.
As always, if you have any questions please let me know.
I'm planning change the default value of httpd_graceful_shutdown boolean
in Fedora Rawhide because of improving SELinux configuration. Rawhide
builds with this change will be available in ~5 days.
Together with Dan Walsh, we agreed on that httpd_graceful_shutdown
boolean should be by default turned off. This boolean allows HTTPD to
connect to port 80 for graceful shutdown, but it's breaking the
functionality of another boolean called: httpd_can_network_connect. This
boolean allows HTTPD scripts and modules to connect to the network using
TCP and it's turned off by default.
Turning this boolean off can cause some troubles, on web-servers where
processes with httpd_t SELinux domain connecting to tcp ports: 80, 81,
443, 488, 8008, 8009, 8443, 9000
If you would like to turn in on again, use semanage command:
# semanage boolean -m --on httpd_graceful_shutdown
If you have any questions, feel free to contact me.
Software Engineer, Security Technologies
Red Hat, Inc.
Currently, AFAIK, the suggested method to upload new sources for a
package is using 'fedpkg new-sources' which uploads new sources from
your local system. I wonder if there is a method to upload new sources
from a URL rather than your local filesystem? It is specially useful for
According to the Change for F27 , all golang packages have been rebuilt
against golang 1.9beta2. In the meantime, go 1.9 stable has been released
upstream (Aug. 24, 2017) .
I suspect that some of the issues I am having with go / my golang packages
in fedora would be fixed by the update to the final release, since upstream
test suites targeting go 1.9 stable in travis aren't hitting any of those
What's the plan for rebasing golang to the stable release? The src.fd.org
repository of golang  hasn't been touched since the F27 Mass Rebuilds,
and the final update to 1.9 stable isn't mentioned in the Change page at
all ... additionally, the F27 release cycle is progressing more quickly
than I realized (and I suspect some people might not have realized yet
For ca. 3 weeks (or more) buildsys nags me with warning mails on k3d:
k3d has broken dependencies in the rawhide tree:
k3d-0.8.0.6-8.fc28.x86_64 requires libMagick++-7.Q16HDRI.so.3()(64bit)
Due to these, I bumped k3d's NEVR to k3d-0.8.0.6-9 and built it for
rawhide on 2017-09-11:
However, apparently this package never was pushed into rawhide and the
Is going on? What am I supposed to do?