|
|
|
|
Changelog for libselinux-python-2.0.73-1.fc10.i386.rpm :
Wed Oct 1 00:00:00 2008 Dan Walsh - 2.0.73-1 - Update to Upstream * New man pages from Dan Walsh. * Update flask headers from refpolicy trunk from Dan Walsh.
Sat Sep 27 00:00:00 2008 Dan Walsh - 2.0.71-6 - Fix matchpathcon -V call
Wed Sep 10 00:00:00 2008 Dan Walsh - 2.0.71-5 - Add flask definitions for open, X and nlmsg_tty_audit
Wed Sep 10 00:00:00 2008 Dan Walsh - 2.0.71-4 - Add missing get/setkeycreatecon man pages
Wed Sep 10 00:00:00 2008 Dan Walsh - 2.0.71-3 - Split out utilities
Wed Sep 10 00:00:00 2008 Dan Walsh - 2.0.71-2 - Add missing man page links for [lf]getfilecon
Wed Aug 6 00:00:00 2008 Dan Walsh - 2.0.71-1 - Update to Upstream * Add group support to seusers using %groupname syntax from Dan Walsh. * Mark setrans socket close-on-exec from Stephen Smalley. * Only apply nodups checking to base file contexts from Stephen Smalley.
Sat Aug 2 00:00:00 2008 Dan Walsh - 2.0.70-1 - Update to Upstream * Merge ruby bindings from Dan Walsh. - Add support for Linux groups to getseuserbyname
Sat Aug 2 00:00:00 2008 Dan Walsh - 2.0.69-2 - Allow group handling in getseuser call
Wed Jul 30 00:00:00 2008 Dan Walsh - 2.0.69-1 - Update to Upstream * Handle duplicate file context regexes as a fatal error from Stephen Smalley. This prevents adding them via semanage. * Fix audit2why shadowed variables from Stephen Smalley. * Note that freecon NULL is legal in man page from Karel Zak.
Thu Jul 10 00:00:00 2008 Dan Walsh - 2.0.67-4 - Add ruby support for puppet
Wed Jul 9 00:00:00 2008 Dan Walsh - 2.0.67-3 - Rebuild for new libsepol
Mon Jun 30 00:00:00 2008 Dan Walsh - 2.0.67-2 - Add Karel Zak patch for freecon man page
Mon Jun 23 00:00:00 2008 Dan Walsh - 2.0.67-1 - Update to Upstream * New and revised AVC, label, and mapping man pages from Eamon Walsh. * Add swig python bindings for avc interfaces from Dan Walsh.
Mon Jun 23 00:00:00 2008 Dan Walsh - 2.0.65-1 - Update to Upstream * Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call matchpathcon_init_prefix if not already initialized. * Add -q qualifier for -V option of matchpathcon and change it to indicate whether verification succeeded or failed via exit status.
Sat May 17 00:00:00 2008 Dan Walsh - 2.0.64-3 - libselinux no longer neets to telnet -u in post install
Thu May 8 00:00:00 2008 Dan Walsh - 2.0.64-2 - Add sedefaultcon and setconlist commands to dump login context
Wed Apr 23 00:00:00 2008 Dan Walsh - 2.0.64-1 - Update to Upstream * Fixed selinux_set_callback man page. * Try loading the max of the kernel-supported version and the libsepol-supported version when no manipulation of the binary policy is needed from Stephen Smalley. * Fix memory leaks in matchpathcon from Eamon Walsh.
Thu Apr 17 00:00:00 2008 Dan Walsh - 2.0.61-4 - Add Xavior Toth patch for security_id_t in swig
Fri Apr 11 00:00:00 2008 Dan Walsh - 2.0.61-3 - Add avc.h to swig code
Thu Apr 10 00:00:00 2008 Dan Walsh - 2.0.61-2 - Grab the latest policy for the kernel
Wed Apr 2 00:00:00 2008 Dan Walsh - 2.0.61-1 - Update to Upstream * Man page typo fix from Jim Meyering.
Sun Mar 23 23:00:00 2008 Dan Walsh - 2.0.60-1 - Update to Upstream * Changed selinux_init_load_policy() to not warn about a failed mount of selinuxfs if selinux was disabled in the kernel.
Thu Mar 13 23:00:00 2008 Dan Walsh - 2.0.59-2 - Fix matchpathcon memory leak
Fri Feb 29 23:00:00 2008 Dan Walsh - 2.0.59-1 - Update to Upstream * Merged new X label \"poly_selection\" namespace from Eamon Walsh.
Thu Feb 28 23:00:00 2008 Dan Walsh - 2.0.58-1 - Update to Upstream * Merged reset_selinux_config() for load policy from Dan Walsh.
Thu Feb 28 23:00:00 2008 Dan Walsh - 2.0.57-2 - Reload library on loading of policy to handle chroot
Mon Feb 25 23:00:00 2008 Dan Walsh - 2.0.57-1 - Update to Upstream * Merged avc_has_perm() errno fix from Eamon Walsh.
Fri Feb 22 23:00:00 2008 Dan Walsh - 2.0.56-1 - Update to Upstream * Regenerated Flask headers from refpolicy flask definitions.
Wed Feb 13 23:00:00 2008 Dan Walsh - 2.0.55-1 - Update to Upstream * Merged compute_member AVC function and manpages from Eamon Walsh. * Provide more error reporting on load policy failures from Stephen Smalley.
Fri Feb 8 23:00:00 2008 Dan Walsh - 2.0.53-1 - Update to Upstream * Merged new X label \"poly_prop\" namespace from Eamon Walsh.
Wed Feb 6 23:00:00 2008 Dan Walsh - 2.0.52-1 - Update to Upstream * Disable setlocaldefs if no local boolean or users files are present from Stephen Smalley. * Skip userspace preservebools processing for Linux >= 2.6.22 from Stephen Smalley.
Tue Jan 29 23:00:00 2008 Dan Walsh - 2.0.50-1 - Update to Upstream * Merged fix for audit2why from Dan Walsh.
Fri Jan 25 23:00:00 2008 Dan Walsh - 2.0.49-2 - Fix audit2why to grab latest policy versus the one selected by the kernel
Wed Jan 23 23:00:00 2008 Dan Walsh - 2.0.49-1
* Merged audit2why python binding from Dan Walsh.
Wed Jan 23 23:00:00 2008 Dan Walsh - 2.0.48-1
* Merged updated swig bindings from Dan Walsh, including typemap for pid_t.
Mon Jan 21 23:00:00 2008 Dan Walsh - 2.0.47-4 - Update to use libsepol-static library
Wed Jan 16 23:00:00 2008 Adel Gadllah - 2.0.47-3 - Move libselinux.a to -static package - Spec cleanups
Tue Jan 15 23:00:00 2008 Dan Walsh - 2.0.47-2 - Put back libselinux.a
Fri Jan 11 23:00:00 2008 Dan Walsh - 2.0.47-1 - Fix memory references in audit2why and change to use tuples - Update to Upstream * Fix for the avc: granted null message bug from Stephen Smalley.
Fri Jan 11 23:00:00 2008 Dan Walsh - 2.0.46-6 - Fix __init__.py specification
Tue Jan 8 23:00:00 2008 Dan Walsh - 2.0.46-5 - Add audit2why python bindings
Tue Jan 8 23:00:00 2008 Dan Walsh - 2.0.46-4 - Add pid_t typemap for swig bindings
Thu Jan 3 23:00:00 2008 Dan Walsh - 2.0.46-3 - smp_mflag
Thu Jan 3 23:00:00 2008 Dan Walsh - 2.0.46-2 - Fix spec file caused by spec review
Fri Nov 30 23:00:00 2007 Dan Walsh - 2.0.46-1 - Upgrade to upstream * matchpathcon(8) man page update from Dan Walsh.
Fri Nov 30 23:00:00 2007 Dan Walsh - 2.0.45-1 - Upgrade to upstream * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley. * Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley. * A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.
Thu Nov 15 23:00:00 2007 Dan Walsh - 2.0.43-1 - Upgrade to upstream * Regenerated Flask headers from policy.
Thu Nov 15 23:00:00 2007 Dan Walsh - 2.0.42-1 - Upgrade to upstream * AVC enforcing mode override patch from Eamon Walsh. * Aligned attributes in AVC netlink code from Eamon Walsh. - Move libselinux.so back into devel package, procps has been fixed
Tue Nov 6 23:00:00 2007 Dan Walsh - 2.0.40-1 - Upgrade to upstream * Merged refactored AVC netlink code from Eamon Walsh. * Merged new X label namespaces from Eamon Walsh. * Bux fix and minor refactoring in string representation code.
Sat Oct 6 00:00:00 2007 Dan Walsh - 2.0.37-1 - Upgrade to upstream * Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.
Sat Sep 29 00:00:00 2007 Dan Walsh - 2.0.36-1 - Upgrade to upstream * Fix segfault resulting from missing file_contexts file.
Fri Sep 28 00:00:00 2007 Dan Walsh - 2.0.35-2 - Fix segfault on missing file_context file
Thu Sep 27 00:00:00 2007 Dan Walsh - 2.0.35-1 - Upgrade to upstream * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh. * Pass CFLAGS when using gcc for linking from Dennis Gilmore.
Tue Sep 25 00:00:00 2007 Dan Walsh - 2.0.34-3 - Add sparc patch to from Dennis Gilmore to build on Sparc platform
Tue Sep 25 00:00:00 2007 Dan Walsh - 2.0.34-2 - Remove leaked file descriptor
Wed Sep 19 00:00:00 2007 Dan Walsh - 2.0.34-1 - Upgrade to latest from NSA * Fix selabel option flag setting for 64-bit from Stephen Smalley.
Wed Sep 19 00:00:00 2007 Dan Walsh - 2.0.33-2 - Change matchpatcon to use syslog instead of syserror
Fri Sep 14 00:00:00 2007 Dan Walsh - 2.0.33-1 - Upgrade to latest from NSA * Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley. * Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley. * Fix swig binding for rpm_execcon from James Athey.
Fri Sep 7 00:00:00 2007 Dan Walsh - 2.0.31-4 - Apply James Athway patch to fix rpm_execcon python binding
Wed Aug 29 00:00:00 2007 Dan Walsh - 2.0.31-3 - Move libselinux.so back into main package, breaks procps
Fri Aug 24 00:00:00 2007 Dan Walsh - 2.0.31-2 - Upgrade to upstream * Fix file_contexts.homedirs path from Todd Miller.
Wed Aug 22 00:00:00 2007 Dan Walsh - 2.0.30-2 - Remove requirement on setransd, Moved to selinux-policy-mls
Sat Aug 11 00:00:00 2007 Dan Walsh - 2.0.30-1 - Move libselinux.so into devel package - Upgrade to upstream * Fix segfault resulting from uninitialized print-callback pointer. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh.
Sat Aug 4 00:00:00 2007 Dan Walsh - 2.0.29-1 - Upgrade to upstream * Updated version for stable branch. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh. * Updated av_permissions.h and flask.h to include new nscd permissions from Dan Walsh. * Added swigify to top-level Makefile from Dan Walsh. * Fix for string_to_security_class segfault on x86_64 from Stephen Smalley.
Tue Jul 24 00:00:00 2007 Dan Walsh - 2.0.24-3 - Apply Steven Smalley patch to fix segfault in string_to_security_class
Thu Jul 19 00:00:00 2007 Dan Walsh - 2.0.24-2 - Fix matchpathcon to set default myprintf
Tue Jul 17 00:00:00 2007 Dan Walsh - 2.0.24-1 - Upgrade to upstream * Fix for getfilecon() for zero-length contexts from Stephen Smalley.
Thu Jul 12 00:00:00 2007 Dan Walsh - 2.0.23-3 - Update to match flask/access_vectors in policy
Wed Jul 11 00:00:00 2007 Dan Walsh - 2.0.23-2 - Fix man page markup lanquage for translations
Wed Jun 27 00:00:00 2007 Dan Walsh - 2.0.23-1 - Fix semanage segfault on x86 platform
Fri Jun 22 00:00:00 2007 Dan Walsh - 2.0.22-1 - Upgrade to upstream * Labeling and callback interface patches from Eamon Walsh.
Wed Jun 20 00:00:00 2007 Dan Walsh - 2.0.21-2 - Refactored swig
Tue Jun 12 00:00:00 2007 Dan Walsh - 2.0.21-1 - Upgrade to upstream * Class and permission mapping support patches from Eamon Walsh. * Object class discovery support patches from Chris PeBenito. * Refactoring and errno support in string representation code.
Sat Jun 2 00:00:00 2007 Dan Walsh - 2.0.18-1 - Upgrade to upstream * Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura. This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case.
2.0.17 2007-05-31 * Updated Lindent script and reindented two header files.
Sat May 5 00:00:00 2007 Dan Walsh - 2.0.16-1 - Upgrade to upstream * Merged additional swig python bindings from Dan Walsh. * Merged helpful message when selinuxfs mount fails patch from Dax Kelson.
Wed Apr 25 00:00:00 2007 Dan Walsh - 2.0.14-1 - Upgrade to upstream * Merged build fix for avc_internal.c from Joshua Brindle.
Tue Apr 24 00:00:00 2007 Dan Walsh - 2.0.13-2 - Add get_context_list funcitions to swig file
Fri Apr 13 00:00:00 2007 Dan Walsh - 2.0.13-1 - Upgrade to upstream * Merged rpm_execcon python binding fix, matchpathcon man page fix, and getsebool -a handling for EACCES from Dan Walsh.
Fri Apr 13 00:00:00 2007 Dan Walsh - 2.0.12-2 - Add missing interface
Thu Apr 12 00:00:00 2007 Dan Walsh - 2.0.12-1 - Upgrade to upstream * Merged support for getting initial contexts from James Carter.
Tue Apr 10 00:00:00 2007 Dan Walsh - 2.0.11-1 - Upgrade to upstream * Merged userspace AVC patch to follow kernel\'s behavior for permissive mode in caching previous denials from Eamon Walsh. * Merged sidput(NULL) patch from Eamon Walsh.
Fri Apr 6 00:00:00 2007 Dan Walsh - 2.0.9-2 - Make rpm_exec swig work
Wed Mar 28 00:00:00 2007 Dan Walsh - 2.0.9-1 - Upgrade to upstream * Merged class/av string conversion and avc_compute_create patch from Eamon Walsh.
Wed Mar 28 00:00:00 2007 Dan Walsh - 2.0.8-1 - Upgrade to upstream * Merged fix for avc.h #include\'s from Eamon Walsh.
Thu Mar 22 23:00:00 2007 Dan Walsh - 2.0.7-2 - Add stdint.h to avc.h
Mon Mar 12 23:00:00 2007 Dan Walsh - 2.0.7-1
* Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb. * Merged patch to drop support for old /etc/sysconfig/selinux and /etc/security policy file layout from Steve Grubb.
Thu Mar 8 23:00:00 2007 Dan Walsh - 2.0.5-2 - Do not fail on permission denied in getsebool
Tue Feb 27 23:00:00 2007 Dan Walsh - 2.0.5-1 - Upgrade to upstream * Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve Grubb.
Wed Feb 21 23:00:00 2007 Dan Walsh - 2.0.4-1 - Upgrade to upstream * Removed sending of setrans init message. * Merged matchpathcon memory leak fix from Steve Grubb.
Tue Feb 20 23:00:00 2007 Dan Walsh - 2.0.2-1 - Upgrade to upstream * Merged more swig initializers from Dan Walsh.
Tue Feb 20 23:00:00 2007 Dan Walsh - 2.0.1-1 - Upgrade to upstream * Merged patch from Todd Miller to convert int types over to C99 style.
Wed Feb 7 23:00:00 2007 Dan Walsh - 2.0.0-1
* Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of the use of the non-standard format (original patch changed for style). * Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
Fri Jan 19 23:00:00 2007 Dan Walsh - 1.34.0-2 - Add context function to python to split context into 4 parts
Fri Jan 19 23:00:00 2007 Dan Walsh - 1.34.0-1 - Upgrade to upstream * Updated version for stable branch.
Wed Jan 17 23:00:00 2007 Dan Walsh - 1.33.6-1 - Upgrade to upstream * Merged man page updates to make \"apropos selinux\" work from Dan Walsh.
Mon Jan 15 23:00:00 2007 Dan Walsh - 1.33.5-1 - Upgrade to upstream * Merged getdefaultcon utility from Dan Walsh.
Mon Jan 15 23:00:00 2007 Dan Walsh - 1.33.4-3 - Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli
Fri Jan 12 23:00:00 2007 Dan Walsh - 1.33.4-2 - Add reference to selinux man page in all man pages to make apropos work Resolves: # 217881
Thu Jan 11 23:00:00 2007 Dan Walsh - 1.33.4-1 - Upstream wanted some minor changes, upgrading to keep api the same - Upgrade to upstream * Merged selinux_check_securetty_context() and support from Dan Walsh. Resolves: #200110
Fri Jan 5 23:00:00 2007 Dan Walsh - 1.33.3-3 - Cleanup patch
Fri Jan 5 23:00:00 2007 Dan Walsh - 1.33.3-2 - Add securetty handling Resolves: #200110
Thu Jan 4 23:00:00 2007 Dan Walsh - 1.33.3-1 - Upgrade to upstream * Merged patch for matchpathcon utility to use file mode information when available from Dan Walsh.
Thu Dec 7 23:00:00 2006 Jeremy Katz - 1.33.2-4 - rebuild against python 2.5
Wed Dec 6 23:00:00 2006 Dan Walsh - 1.33.2-3 - Fix matchpathcon to lstat files
Thu Nov 30 23:00:00 2006 Dan Walsh - 1.33.2-2 - Update man page
Tue Nov 14 23:00:00 2006 Dan Walsh - 1.33.2-1 - Upgrade to upstream
Fri Nov 3 23:00:00 2006 Dan Walsh - 1.33.1-2 - Add James Antill patch for login verification of MLS Levels - MLS ragnes need to be checked, Eg. login/cron. This patch adds infrastructure.
Wed Oct 25 00:00:00 2006 Dan Walsh - 1.33.1-1 - Upgrade to latest from NSA * Merged updated flask definitions from Darrel Goeddel. This adds the context security class, and also adds the string definitions for setsockcreate and polmatch.
Wed Oct 18 00:00:00 2006 Dan Walsh - 1.32-1 - Upgrade to latest from NSA * Updated version for release.
Mon Oct 2 00:00:00 2006 Jesse Keating - 1.30.29-2 - rebuilt for unwind info generation, broken in gcc-4.1.1-21
Sat Sep 30 00:00:00 2006 Dan Walsh - 1.30.29-1 - Upgrade to latest from NSA * Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.
Thu Sep 28 00:00:00 2006 Jeremy Katz - 1.30.28-3 - really make -devel depend on libsepol-devel
Tue Sep 26 00:00:00 2006 Dan Walsh - 1.30.28-2 - Add sgrubb patch for polmatch
Thu Sep 14 00:00:00 2006 Dan Walsh - 1.30.28-1 - Upgrade to latest from NSA * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
Wed Sep 6 00:00:00 2006 Jeremy Katz - 1.30.27-2 - have -devel require libsepol-devel
Fri Aug 25 00:00:00 2006 Dan Walsh - 1.30.27-1 - Upgrade to latest from NSA * Merged patch to not log avc stats upon a reset from Steve Grubb. * Applied patch to revert compat_net setting upon policy load. * Merged file context homedir and local path functions from Chris PeBenito.
Sat Aug 19 00:00:00 2006 Jesse Keating - 1.20.26-2 - rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc * (#203001)
Sun Aug 13 00:00:00 2006 Dan Walsh - 1.30.25-1 - Upgrade to latest from NSA * Merged file context homedir and local path functions from Chris PeBenito. * Rework functions that access /proc/pid/attr to access the per-thread nodes, and unify the code to simplify maintenance.
Sat Aug 12 00:00:00 2006 Dan Walsh - 1.30.24-1 - Upgrade to latest from NSA * Merged return value fix for *getfilecon() from Dan Walsh. * Merged sockcreate interfaces from Eric Paris.
Thu Aug 10 00:00:00 2006 Dan Walsh - 1.30.22-2 - Fix translation return codes to return size of buffer
Wed Aug 2 00:00:00 2006 Dan Walsh - 1.30.22-1 - Upgrade to latest from NSA * Merged no-tls-direct-seg-refs patch from Jeremy Katz. * Merged netfilter_contexts support patch from Chris PeBenito.
Wed Aug 2 00:00:00 2006 Dan Walsh - 1.30.20-1 - Upgrade to latest from NSA * Merged context_ *_set errno patch from Jim Meyering.
Wed Aug 2 00:00:00 2006 Jeremy Katz - 1.30.19-5 - only build non-fpic objects with -mno-tls-direct-seg-refs
Wed Aug 2 00:00:00 2006 Jeremy Katz - 1.30.19-4 - build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults with xen (#200783)
Tue Jul 18 00:00:00 2006 Dan Walsh 1.30.19-3 - Rebuild for new gcc
Wed Jul 12 00:00:00 2006 Dan Walsh 1.30.19-2 - Fix libselinux to not telinit during installs
Wed Jul 5 00:00:00 2006 Dan Walsh 1.30.19-1 - Upgrade to latest from NSA * Lindent. * Merged {get,set}procattrcon patch set from Eric Paris. * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. * Regenerated Flask headers from refpolicy. * Merged patch from Dan Walsh with: - Added selinux_file_context_{cmp,verify}. - Added selinux_lsetfilecon_default. - Delay translation of contexts in matchpathcon.
Thu Jun 22 00:00:00 2006 Dan Walsh 1.30.15-5 - Yet another change to matchpathcon
Thu Jun 22 00:00:00 2006 Dan Walsh 1.30.15-4 - Turn off error printing in library. Need to compile with DEBUG to get it back
Thu Jun 22 00:00:00 2006 Dan Walsh 1.30.15-3 - Fix error reporting of matchpathcon
Tue Jun 20 00:00:00 2006 Dan Walsh 1.30.15-2 - Add function to compare file context on disk versus contexts in file_contexts file.
Sat Jun 17 00:00:00 2006 Dan Walsh 1.30.15-1 - Upgrade to latest from NSA * Merged patch from Dan Walsh with: * Added selinux_getpolicytype() function. * Modified setrans code to skip processing if !mls_enabled. * Set errno in the !selinux_mnt case. * Allocate large buffers from the heap, not on stack. Affects is_context_customizable, selinux_init_load_policy, and selinux_getenforcemode.
Fri Jun 9 00:00:00 2006 Dan Walsh 1.30.12-2 - Add selinux_getpolicytype()
Fri Jun 2 00:00:00 2006 Dan Walsh 1.30.12-1 - Upgrade to latest from NSA * Merged !selinux_mnt checks from Ian Kent.
Fri Jun 2 00:00:00 2006 Dan Walsh 1.30.11-2 - Check for selinux_mnt == NULL
Wed May 31 00:00:00 2006 Dan Walsh 1.30.11-1
* Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn.
Sat May 27 00:00:00 2006 Dan Walsh 1.30.10-4 - Remove getseuser
Fri May 26 00:00:00 2006 Dan Walsh 1.30.10-3 - Bump requires to grab latest libsepol
Wed May 24 00:00:00 2006 Dan Walsh 1.30.10-2 - Add BuildRequires for swig
Wed May 24 00:00:00 2006 Dan Walsh 1.30.10-1 - Upgrade to latest from NSA * Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. * Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.
Fri May 19 00:00:00 2006 Dan Walsh 1.30.8-1 - More fixes for translation cache - Upgrade to latest from NSA * Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().
Thu May 18 00:00:00 2006 Dan Walsh 1.30.7-2 - Add simple cache to improve translation speed
Wed May 17 00:00:00 2006 Dan Walsh 1.30.7-1 - Upgrade to latest from NSA * Merged setrans client cleanup patch from Steve Grubb.
Wed May 10 00:00:00 2006 Dan Walsh 1.30.6-2 - Add Russell\'s AVC patch to handle large numbers
Tue May 9 00:00:00 2006 Dan Walsh 1.30.6-1 - Upgrade to latest from NSA * Merged getfscreatecon man page fix from Dan Walsh. * Updated booleans(8) man page to drop references to the old booleans file and to note that setsebool can be used to set the boot-time defaults via -P.
Tue May 9 00:00:00 2006 Dan Walsh 1.30.5-1 - Upgrade to latest from NSA * Merged fix warnings patch from Karl MacMillan. * Merged setrans client support from Dan Walsh. This removes use of libsetrans. * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. * Merged swig typemap fixes from Glauber de Oliveira Costa.
Thu May 4 00:00:00 2006 Dan Walsh 1.30.3-3 - Change the way translations work, Use setransd/remove libsetrans
Wed May 3 00:00:00 2006 Dan Walsh 1.30.3-2 - Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)
Sat Apr 15 00:00:00 2006 Dan Walsh 1.30.3-1 - Upgrade to latest from NSA * Added distclean target to Makefile. * Regenerated swig files. * Changed matchpathcon_init to verify that the spec file is a regular file. * Merged python binding t_output_helper removal patch from Dan Walsh.
Wed Apr 12 00:00:00 2006 Dan Walsh 1.30.1-2 - Fix python bindings for matchpathcon - Fix booleans man page
Tue Mar 28 00:00:00 2006 Dan Walsh 1.30.1-1
* Merged Makefile PYLIBVER definition patch from Dan Walsh.
Fri Mar 10 23:00:00 2006 Dan Walsh 1.30-1 - Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA * Updated version for release. * Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.
Fri Feb 10 23:00:00 2006 Jesse Keating - 1.29.7-1.2 - bump again for double-long bug on ppc(64)
Tue Feb 7 23:00:00 2006 Jesse Keating - 1.29.7-1.1 - rebuilt for new gcc4.1 snapshot and glibc changes
Fri Jan 20 23:00:00 2006 Dan Walsh 1.29.7-1 - Upgrade to latest from NSA * Merged install-pywrap Makefile patch from Joshua Brindle.
Wed Jan 18 23:00:00 2006 Dan Walsh 1.29.6-1 - Upgrade to latest from NSA * Merged pywrap Makefile patch from Dan Walsh.
Fri Jan 13 23:00:00 2006 Dan Walsh 1.29.5-2 - Split out pywrap in Makefile
Fri Jan 13 23:00:00 2006 Dan Walsh 1.29.5-1 - Upgrade to latest from NSA * Added getseuser test program.
Sat Jan 7 23:00:00 2006 Dan Walsh 1.29.4-1 - Upgrade to latest from NSA * Added format attribute to myprintf in matchpathcon.c and removed obsoleted rootlen variable in init_selinux_config().
Wed Jan 4 23:00:00 2006 Dan Walsh 1.29.3-2 - Build with new libsepol
Wed Jan 4 23:00:00 2006 Dan Walsh 1.29.3-1 - Upgrade to latest from NSA * Merged several fixes and improvements from Ulrich Drepper (Red Hat), including: - corrected use of getline - further calls to __fsetlocking for local files - use of strdupa and asprintf - proper handling of dirent in booleans code - use of -z relro - several other optimizations * Merged getpidcon python wrapper from Dan Walsh (Red Hat).
Sat Dec 24 23:00:00 2005 Dan Walsh 1.29.2-4 - Add build requires line for libsepol-devel
Tue Dec 20 23:00:00 2005 Dan Walsh 1.29.2-3 - Fix swig call for getpidcon
Mon Dec 19 23:00:00 2005 Dan Walsh 1.29.2-2 - Move libselinux.so to base package
Wed Dec 14 23:00:00 2005 Dan Walsh 1.29.2-1 - Upgrade to latest from NSA * Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.
Sun Dec 11 23:00:00 2005 Dan Walsh 1.29.1-3 - update to latest libsetrans - Fix potential memory leak
Fri Dec 9 23:00:00 2005 Jesse Keating - rebuilt
Thu Dec 8 23:00:00 2005 Dan Walsh 1.29.1-1 - Update to never version * Merged patch for swig interfaces from Dan Walsh.
Wed Dec 7 23:00:00 2005 Dan Walsh 1.28-1 - Update to never version
Wed Dec 7 23:00:00 2005 Dan Walsh 1.27.28-2 - Fix some of the python swig objects
Thu Dec 1 23:00:00 2005 Dan Walsh 1.27.28-1 - Update to latest from NSA * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified matchpathcon implementation to make context validation/ canonicalization optional at matchpathcon_init time, deferring it to a successful matchpathcon by default unless the new flag is set by the caller. * Added matchpathcon_init_prefix() interface, and reworked matchpathcon implementation to support selective loading of file contexts entries based on prefix matching between the pathname regex stems and the specified path prefix (stem must be a prefix of the specified path prefix).
Wed Nov 30 23:00:00 2005 Dan Walsh 1.27.26-1 - Update to latest from NSA * Change getsebool to return on/off instead of active/inactive
Tue Nov 29 23:00:00 2005 Dan Walsh 1.27.25-1 - Update to latest from NSA * Added -f file_contexts option to matchpathcon util. Fixed warning message in matchpathcon_init(). * Merged Makefile python definitions patch from Dan Walsh.
Mon Nov 28 23:00:00 2005 Dan Walsh 1.27.23-1 - Update to latest from NSA * Merged swigify patch from Dan Walsh.
Mon Nov 28 23:00:00 2005 Dan Walsh 1.27.22-4 - Separate out libselinux-python bindings into separate rpm
Thu Nov 17 23:00:00 2005 Dan Walsh 1.27.22-3 - Read libsetrans requirement
Thu Nov 17 23:00:00 2005 Dan Walsh 1.27.22-2 - Add python bindings
Wed Nov 16 23:00:00 2005 Dan Walsh 1.27.22-1 - Update to latest from NSA * Merged make failure in rpm_execcon non-fatal in permissive mode patch from Ivan Gyurdiev.
Tue Nov 15 23:00:00 2005 Dan Walsh 1.27.21-2 - Remove requirement for libsetrans
Tue Nov 8 23:00:00 2005 Dan Walsh 1.27.21-1 - Update to latest from NSA * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.
Tue Nov 8 23:00:00 2005 Dan Walsh 1.27.20-1 - Update to latest from NSA * Added security_canonicalize_context() interface and set_matchpathcon_canoncon() interface for obtaining canonical contexts. Changed matchpathcon internals to obtain canonical contexts by default. Provided fallback for kernels that lack extended selinuxfs context interface. - Patch to not translate mls when calling setfiles
Mon Nov 7 23:00:00 2005 Dan Walsh 1.27.19-1 - Update to latest from NSA * Merged seusers parser changes from Ivan Gyurdiev. * Merged setsebool to libsemanage patch from Ivan Gyurdiev. * Changed seusers parser to reject empty fields.
Fri Nov 4 23:00:00 2005 Dan Walsh 1.27.18-1 - Update to latest from NSA * Merged seusers empty level handling patch from Jonathan Kim (TCS).
Thu Nov 3 23:00:00 2005 Dan Walsh 1.27.17-4 - Rebuild for latest libsepol
Mon Oct 31 23:00:00 2005 Dan Walsh 1.27.17-2 - Rebuild for latest libsepol
Thu Oct 27 00:00:00 2005 Dan Walsh 1.27.17-1 - Change default to __default__
Thu Oct 27 00:00:00 2005 Dan Walsh 1.27.14-3 - Change default to __default__
Wed Oct 26 00:00:00 2005 Dan Walsh 1.27.14-2 - Add selinux_translations_path
Wed Oct 26 00:00:00 2005 Dan Walsh 1.27.14-1 - Update to latest from NSA * Merged selinux_path() and selinux_homedir_context_path() functions from Joshua Brindle.
Sat Oct 22 00:00:00 2005 Dan Walsh 1.27.13-2 - Need to check for /sbin/telinit
Fri Oct 21 00:00:00 2005 Dan Walsh 1.27.13-1 - Update to latest from NSA * Merged fixes for make DESTDIR= builds from Joshua Brindle.
Tue Oct 18 00:00:00 2005 Dan Walsh 1.27.12-1 - Update to latest from NSA * Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red Hat). * Updated call to sepol_policydb_to_image for sepol changes. * Changed getseuserbyname to ignore empty lines and to handle no matching entry in the same manner as no seusers file.
Sat Oct 15 00:00:00 2005 Dan Walsh 1.27.9-2 - Tell init to reexec itself in post script
Sat Oct 8 00:00:00 2005 Dan Walsh 1.27.9-1 - Update to latest from NSA * Changed selinux_mkload_policy to try downgrading the latest policy version available to the kernel-supported version. * Changed selinux_mkload_policy to fall back to the maximum policy version supported by libsepol if the kernel policy version falls outside of the supported range.
Sat Oct 8 00:00:00 2005 Dan Walsh 1.27.7-1 - Update to latest from NSA * Changed getseuserbyname to fall back to the Linux username and NULL level if seusers config file doesn\'t exist unless REQUIRESEUSERS=1 is set in /etc/selinux/config. * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
Fri Oct 7 00:00:00 2005 Dan Walsh 1.27.6-1 - Update to latest from NSA * Added selinux_init_load_policy() function as an even higher level interface for the initial policy load by /sbin/init. This obsoletes the load_policy() function in the sysvinit-selinux.patch. * Added selinux_mkload_policy() function as a higher level interface for loading policy than the security_load_policy() interface.
Fri Oct 7 00:00:00 2005 Dan Walsh 1.27.4-1 - Update to latest from NSA * Merged fix for matchpathcon (regcomp error checking) from Johan Fischer. Also added use of regerror to obtain the error string for inclusion in the error message.
Wed Oct 5 00:00:00 2005 Dan Walsh 1.27.3-1 - Update to latest from NSA * Changed getseuserbyname to not require (and ignore if present) the MLS level in seusers.conf if MLS is disabled, setting *level to NULL in this case.
Tue Oct 4 00:00:00 2005 Dan Walsh 1.27.2-1 - Update to latest from NSA * Merged getseuserbyname patch from Dan Walsh.
Fri Sep 30 00:00:00 2005 Dan Walsh 1.27.1-3 - Fix patch to satisfy upstream
Thu Sep 29 00:00:00 2005 Dan Walsh 1.27.1-2 - Update to latest from NSA - Add getseuserbyname
Tue Sep 13 00:00:00 2005 Dan Walsh 1.26-6 - Fix patch call
Tue Sep 13 00:00:00 2005 Dan Walsh 1.26-5 - Fix strip_con call
Tue Sep 13 00:00:00 2005 Dan Walsh 1.26-3 - Go back to original libsetrans code
Tue Sep 13 00:00:00 2005 Dan Walsh 1.26-2 - Eliminate forth param from mls context when mls is not enabled.
Wed Sep 7 00:00:00 2005 Dan Walsh 1.25.7-1 - Update from NSA * Merged modified form of patch to avoid dlopen/dlclose by the static libselinux from Dan Walsh. Users of the static libselinux will not have any context translation by default.
Fri Sep 2 00:00:00 2005 Dan Walsh 1.25.6-1 - Update from NSA * Added public functions to export context translation to users of libselinux (selinux_trans_to_raw_context, selinux_raw_to_trans_context).
Tue Aug 30 00:00:00 2005 Dan Walsh 1.25.5-1 - Update from NSA * Remove special definition for context_range_set; use common code.
Fri Aug 26 00:00:00 2005 Dan Walsh 1.25.4-1 - Update from NSA * Hid translation-related symbols entirely and ensured that raw functions have hidden definitions for internal use. * Allowed setting NULL via context_set * functions. * Allowed whitespace in MLS component of context. * Changed rpm_execcon to use translated functions to workaround lack of MLS level on upgraded systems.
Thu Aug 25 00:00:00 2005 Dan Walsh 1.25.3-2 - Allow set_comp on unset ranges
Thu Aug 25 00:00:00 2005 Dan Walsh 1.25.3-1
* Merged context translation patch, originally by TCS, with modifications by Dan Walsh (Red Hat).
Thu Aug 18 00:00:00 2005 Dan Walsh 1.25.2-2 - Apply translation patch
Fri Aug 12 00:00:00 2005 Dan Walsh 1.25.2-1 - Update from NSA * Merged several fixes for error handling paths in the AVC sidtab, matchpathcon, booleans, context, and get_context_list code from Serge Hallyn (IBM). Bugs found by Coverity. * Removed setupns; migrated to pam. * Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original symbol is temporarily retained for compatibility until all callers are updated.
Tue Jul 19 00:00:00 2005 Dan Walsh 1.24.2-1 - Update makefiles
Thu Jun 30 00:00:00 2005 Dan Walsh 1.24.1-1 - Update from NSA * Merged security_setupns() from Chad Sellers. - fix selinuxenabled man page
Sat May 21 00:00:00 2005 Dan Walsh 1.23.11-1 - Update from NSA * Merged avcstat and selinux man page from Dan Walsh. * Changed security_load_booleans to process booleans.local even if booleans file doesn\'t exist.
Wed Apr 27 00:00:00 2005 Dan Walsh 1.23.10-3 - Fix avcstat to clear totals
Wed Apr 27 00:00:00 2005 Dan Walsh 1.23.10-2 - Add info to man page
Wed Apr 27 00:00:00 2005 Dan Walsh 1.23.10-1 - Update from NSA * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat). * Rewrote get_ordered_context_list and helpers, including changing logic to allow variable MLS fields.
Wed Apr 27 00:00:00 2005 Dan Walsh 1.23.8-1 - Update from NSA
Fri Apr 22 00:00:00 2005 Dan Walsh 1.23.7-3 - Add backin matchpathcon
Thu Apr 14 00:00:00 2005 Dan Walsh 1.23.7-2 - Fix selinux_policy_root man page
Thu Apr 14 00:00:00 2005 Dan Walsh 1.23.7-1 - Change assert(selinux_mnt) to if (!selinux_mnt) return -1;
Tue Apr 12 00:00:00 2005 Dan Walsh 1.23.6-1 - Update from NSA * Fixed bug in matchpathcon_filespec_destroy.
Thu Apr 7 00:00:00 2005 Dan Walsh 1.23.5-1 - Update from NSA * Fixed bug in rpm_execcon error handling path.
Tue Apr 5 00:00:00 2005 Dan Walsh 1.23.4-1 - Update from NSA * Merged fix for set_matchpathcon * functions from Andreas Steinmetz. * Merged fix for getconlist utility from Andreas Steinmetz.
Wed Mar 30 00:00:00 2005 Dan Walsh 1.23.2-3 - Update from NSA
Wed Mar 23 23:00:00 2005 Dan Walsh 1.23.2-2 - Better handling of booleans
Thu Mar 17 23:00:00 2005 Dan Walsh 1.23.2-1 - Update from NSA * Merged destructors patch from Tomas Mraz.
Thu Mar 17 23:00:00 2005 Dan Walsh 1.23.1-1 - Update from NSA * Added set_matchpathcon_flags() function for setting flags controlling operation of matchpathcon. MATCHPATHCON_BASEONLY means only process the base file_contexts file, not file_contexts.homedirs or file_contexts.local, and is for use by setfiles -c. * Updated matchpathcon.3 man page.
Thu Mar 10 23:00:00 2005 Dan Walsh 1.22-1 - Update from NSA
Tue Mar 8 23:00:00 2005 Dan Walsh 1.21.13-1 - Update from NSA * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
Tue Mar 1 23:00:00 2005 Dan Walsh 1.21.12-1 - Update from NSA * Changed matchpathcon_common to ignore any non-format bits in the mode.
Mon Feb 28 23:00:00 2005 Dan Walsh 1.21.11-2 - Default matchpathcon to regular files if the user specifies a mode
Tue Feb 22 23:00:00 2005 Dan Walsh 1.21.11-1 - Update from NSA * Merged several fixes from Ulrich Drepper.
Mon Feb 21 23:00:00 2005 Dan Walsh 1.21.10-3 - Fix matchpathcon on eof.
Thu Feb 17 23:00:00 2005 Dan Walsh 1.21.10-1 - Update from NSA * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh. * Added selinux_users_path() for path to directory containing system.users and local.users.
Thu Feb 10 23:00:00 2005 Dan Walsh 1.21.9-2 - Process file_context.homedir
Thu Feb 10 23:00:00 2005 Dan Walsh 1.21.9-1 - Update from NSA * Changed relabel Makefile target to use restorecon.
Tue Feb 8 23:00:00 2005 Dan Walsh 1.21.8-1 - Update from NSA * Regenerated av_permissions.h.
Wed Feb 2 23:00:00 2005 Dan Walsh 1.21.7-1 - Update from NSA * Modified avc_dump_av to explicitly check for any permissions that cannot be mapped to string names and display them as a hex value. * Regenerated av_permissions.h.
Mon Jan 31 23:00:00 2005 Dan Walsh 1.21.5-1 - Update from NSA * Generalized matchpathcon internals, exported more interfaces, and moved additional code from setfiles into libselinux so that setfiles can directly use matchpathcon.
Fri Jan 28 23:00:00 2005 Dan Walsh 1.21.4-1 - Update from NSA * Prevent overflow of spec array in matchpathcon. * Fixed several uses of internal functions to avoid relocations. * Changed rpm_execcon to check is_selinux_enabled() and fallback to a regular execve if not enabled (or unable to determine due to a lack of /proc, e.g. chroot\'d environment).
Wed Jan 26 23:00:00 2005 Dan Walsh 1.21.2-1 | |