SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for policycoreutils-python-2.7-106.1.x86_64.rpm :
Thu Dec 21 13:00:00 2017 jsegitzAATTsuse.com
- Removed BuildRequires for setools-devel and added new
runtime requirement for python2-networkx

Mon Nov 27 13:00:00 2017 rbrownAATTsuse.com
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)

Fri Nov 24 13:00:00 2017 jsegitzAATTsuse.com
- Update to policycoreutils version 2.6. Notable changes:

* setfiles: reverse the sense of -D option

* sandbox: Use dbus-run-session instead of dbus-launch when available

* setfiles: Utility to find security.restorecon_last entries

* setfiles: Add option to stop setting the digest

* hll/pp: Change warning for module name not matching filename to match new behavior

* sepolicy: convert to setools4

* sandbox: create a new session for sandboxed processes

* sandbox: do not try to setup directories without -X or -M

* sandbox: do not run xmodmap in a new X session

* sandbox: fix file labels on copied files

* semanage: Fix semanage fcontext -D

* semanage: Default serange to \"s0\" for port modify

* semanage: Use socket.getprotobyname for protocol

* semanage: Add auditing of changes in records

* Improve compatibility with Python 3

* Update sandbox types in sandbox manual

* hll/pp: Warn if module name different than output filename
- Update to sepolgen version 2.6. Notable changes:

* Add support for TYPEBOUNDS statement in INTERFACE policy files
- Dropped CVE-2016-7545_sandbox_escape.patch

Mon Dec 19 13:00:00 2016 jsegitzAATTnovell.com
- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998
Sandboxed session could have escaped to the parent session

Sat Jul 23 14:00:00 2016 jengelhAATTinai.de
- Trim description in line with other selinux packages

Thu Jul 14 14:00:00 2016 jsegitzAATTnovell.com
- Changes submitted by MargueriteSu:
Update to version 2.5

* sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss.

* sepolicy: Rename policy global variable conflict, from Nicolas Iooss.

* newrole: Add missing defined in #if, from Nicolas Iooss.

* newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec.

* secon: Add missing descriptions for --
*-key params in secon man page, from Lukas Vrabec

* semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach.

* chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville.

* semanage: fix \'semanage permissions -l\' subcommand, from Petr Lautrbach.

* semanage: replace string.join() with str.join(), from Petr Lautrbach.

* Man page warning fixes, from Ville Skyttä.

* sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl.

* semanage: Require at least one argument for \'semanage permissive -d\', from Petr Lautrbach.

* sepolicy: Improve sepolicy command line interface, from Petr Lautrbach.

* audit2allow/why: ignore setlocale errors, from Petr Lautrbach.

* semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy.

* audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach.

* Fix PEP8 issues, from Jason Zaman.

* semanage: fix moduleRecords deleteall method, from Stephen Smalley.

* Improve compatibility with Python 3, from Michal Srb.

* semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville.

* semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach.

* sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen.

* mcstransd: don\'t reinvent getpeercon, from Stephen Smalley.

* setfiles/restorecon: fix -r/-R option, from Petr Lautrbach.

* org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley.

* hll: Move core functions of pp to libsepol, from James Carter

* run_init: Use a ring buffer in open_init_pty, from Jason Zaman.

* run_init: fix open_init_pty availability check, from Nicolas Iooss.

* Widen Xen IOMEM context entries, from Daniel De Graaf.

* Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach.

* Fixed typo/grammatical error, from Christopher Peterson.

* Fix typo in semanage-port man page, from Andrew Spiers.
Update to version 2.4

* Fix bugs found by hardened gcc flags, from Nicolas Iooss.

* Improve support for building with different versions of python from
Nicolas Iooss.

* Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare,
from Dan Walsh

* Remove cgroups from sandbox, from Dan Walsh

* Try to use setcurrent before setexec in seunshare, from Andy Lutomirski

* Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley

* Add a store root path in semodule, from Yuli Khodorkovskiy

* Add a flag to ignore cached CIL files and recompile HLL modules, from
Yuli Khodorkovskiy

* Add and install HLL compiler for policy packages to CIL. The compiler is
installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence

* Fixes to pp compiler to better support roles and type attributes, from
Yuli Khodorkovskiy

* Deprecate base/upgrade/version in semodule. Calling these commands will
now call --install on the backend, from Yuli Khodorkovskiy

* Add ability to install modules with a specified priority, from Caleb
Case

* Use /tmp for permissive module creation, by Caleb Case

* Update semanage to use new source policy infrastructure, from Jason Dana

* Add RuntimeDirectory to mcstrans systemd unit file, from Laurent
Bigonville

Wed Nov 5 13:00:00 2014 jsegitzAATTnovell.com
- added Requires: python-yum, yum-metadata-parser to fix sepolicy
(bnc#903841)

Mon Sep 8 14:00:00 2014 jsegitzAATTsuse.com
- removed execute permission from systemd unit file

Sun May 18 14:00:00 2014 crrodriguezAATTopensuse.org
- Version 2.3
sepolgen: Add back attributes flag to fix exception crash from Dan Walsh.
(drop policycoreutils-sepolgen_missing_attributes.patch)

* Add -P semodule option to man page from Dan Walsh.

* selinux_current_policy_path will return none on a disabled SELinux system

* Add new icons for sepolicy gui from Dan Walsh.

* Only return writeable files that are enabled from Dan Walsh.

* Add domain to short list of domains, when -t and -d from Dan Walsh.

* Fix up desktop files to match current standards from Dan Walsh.

* Add support to return sensitivities and categories for python from Dan Walsh.

* Cleanup whitespace from Dan Walsh.

* Add message to tell user to install sandbox policy from Dan Walsh.

* Add systemd unit file for mcstrans from Laurent Bigonville.

* Improve restorecond systemd unit file from Laurent Bigonville.

* Minor man pages improvements from Laurent Bigonville.

* Ignore selevel/serange if MLS is disabled from Sven Vermeulen.

* Revert automatic setting of serange and seuser in seobject; was breaking non-MLS systems.

* Apply polkit check on all dbus interfaces and restrict to active user from Dan Walsh.

* Fix typo in sepolicy gui dbus.relabel_on_boot call from Dan Walsh.

* Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh.

* Make yum/extract_rpms optional for sepolicy generate from Dan Walsh.

* Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.

Fri Dec 13 13:00:00 2013 vcizekAATTsuse.com
- sepolgen: add back attributes

* fixes build of selinux-policy

* policycoreutils-sepolgen_missing_attributes.patch

Mon Dec 9 13:00:00 2013 vcizekAATTsuse.com
- fix issues which prevented accepting to Factory

* mention the dropped patches (merged upstream):
- policycoreutils-rhat.patch
- policycoreutils-sepolgen.patch

Thu Oct 31 13:00:00 2013 p.drouandAATTgmail.com
- update to version 2.2

* Properly build the swig exception file

* Fix man pages

* Support overriding PATH and INITDIR in Makefile

* Fix LDFLAGS usage

* Fix init_policy warning

* Fix semanage logging

* Open newrole stdin as read/write

* Fix sepolicy transition

* Support overriding CFLAGS

* Create correct man directory for run_init

* restorecon GLOB_BRACE change

* Extend audit2why to report additional constraint information.

* Catch IOError errors within audit2allow

* semanage export/import fixes

* Improve setfiles progress reporting

* Document setfiles -o option in usage

* Change setfiles to always return -1 on failure

* Improve setsebool error r eporting

* Major overhaul of gui

* Fix sepolicy handling of non-MLS policy

* Support returning type aliases

* Add sepolicy tests

* Add org.selinux.config.policy

* Improve range and user input checking by semanage

* Prevent source or target arguments that end with / for substitutions

* Allow use of <> for semanage fcontext

* Report customized user levels

* Support deleteall for restoring disabled modules

* Improve semanage error reporting

* Only list disabled modules for module locallist

* Fix logging

* Define new constants for file type character codes

* Improve bash completions

* Convert semanage to argparse

* Add semanage tests

* Split semanage man pages

* Move bash completion scripts

* Replace genhomedircon script with a link to semodule

* Fix fixfiles

* Add support for systemd service for restorecon

* Spelling corrections

* Improve sandbox support for home dir symlinks and file caps

* Switch sandbox to openbox window manager

* Coalesce audit2why and audit2allow

* Change audit2allow to append to output file

* Update translations

* Change audit2why to use selinux_current_policy_path
- Update sepolgen to version 1.2

* Return additional constraint information.

* Fix bug in calls to attributes

* Add support for filename transitions

* Fix sepolgen tests
- Remove restorecond.service; use upstream service file
- Don\'t provide support for sysvinit and systemd on a same system
Use either one or the other

Thu Jun 27 14:00:00 2013 vcizekAATTsuse.com
- change the source url to the official release tarballs

Wed Apr 3 14:00:00 2013 vcizekAATTsuse.com
- fixed source url
- removed old tarball

Fri Mar 29 13:00:00 2013 vcizekAATTsuse.com
- update to 2.1.14

* setfiles: estimate percent progress

* load_policy: make link at the destination directory

* Rebuild polgen.glade with glade-3

* sepolicy: new command to unite small utilities

* sepolicy: Update Makefiles and po files

* sandbox: use sepolicy to look for sandbox_t

* gui: switch to use sepolicy

* gui: sepolgen: use sepolicy to generate

* semanage: use sepolicy for boolean dictionary

* add po file configuration information

* po: stop running update-po on all

* semanage: seobject verify policy types before allowing you to assign them.

* gui: Start using Popen, instead of os.spawnl

* sandbox: Copy /var/tmp to /tmp as they are the same inside

* qualifier to shred content

* semanage: Fix handling of boolean_sub names when using the -F flag

* semanage: man: roles instead of role

* gui: system-config-selinux: Catch no DISPLAY= error

* setfiles: print error if no default label found

* semanage: list logins file entries in semanage login -l

* semanage: good error message is sepolgen python module missing

* gui: system-config-selinux: do not use lokkit

* secon: add support for setrans color information in prompt output

* restorecond: remove /etc/mtab from default list

* gui: If you are not able to read enforcemode set it to False

* genhomedircon: regenerate genhomedircon more often

* restorecond: Add /etc/udpatedb.conf to restorecond.conf

* genhomedircon generation to allow spec file to pass in SEMODULE_PATH

* fixfiles: relabel only after specific date

* po: update translations

* sandbox: seunshare: do not reassign realloc value

* seunshare: do checking on setfsuid

* sestatus: rewrite to shut up coverity
- removed policycoreutils-glibc217.patch (upstream fix)
- added patches:

* policycoreutils-rhat.patch

* policycoreutils-sepolgen.patch

* loadpolicy_path.patch

Wed Jan 30 13:00:00 2013 vcizekAATTsuse.com
- update to 2.1.13
- drop policycoreutils-po.patch.bz2 (updated upstream)
- drop policycoreutils-gui.patch.bz2 (added to upstream)
- drop sandbox init scripts (shouldn\'t be needed anymore)
- numerous other changes

Tue Dec 11 13:00:00 2012 vcizekAATTsuse.com
- added service unit for restorecond

Wed Dec 5 13:00:00 2012 vcizekAATTsuse.com
- semanage needs python-xml and python-ipy to run

Sat Nov 17 13:00:00 2012 ajAATTsuse.de
- Fix compilation with glibc 2.17 (add patch policycoreutils-glibc217.patch
extracted from Fedora)

Tue Aug 7 14:00:00 2012 meissnerAATTsuse.com
- updated policycoreutils to 2.1.10
- adapated patches
- updated sepolgen to 1.1.5

Tue Feb 14 13:00:00 2012 mvyskocilAATTsuse.cz
- fix seceral rpmlint errors and warnings

* use /var/adm/fillup-template for sandbox

* don\'t use /var/lock/subsys in any of init script

* use set_permissions macro and add correct Requires(pre)

* fix the languages to new -lang package

* fix policycoreutils-sandbox Group

* remove runlevel 4 from inint scripts

Mon Feb 13 13:00:00 2012 cooloAATTsuse.com
- patch license to follow spdx.org standard

Mon Mar 14 13:00:00 2011 prusnakAATTopensuse.org
- updated to 2.0.85

* changes too numerous to list

Fri Feb 4 13:00:00 2011 toddrme2178AATTgmail.com
- fix a typo in the package group

Fri Jun 4 14:00:00 2010 prusnakAATTopensuse.org
- remove usermode-gtk from Requires of -gui subpackage

Fri May 7 14:00:00 2010 meissnerAATTsuse.de
- remove incorrect and unnecessary rpmlintrc.

Mon Mar 22 13:00:00 2010 prusnakAATTsuse.cz
- fix build by moving _GNU_SOURCE define (gnusource.patch), thx darix

Thu Feb 25 13:00:00 2010 prusnakAATTsuse.cz
- updated to 2.0.79

* changes too numerous to list

Wed Jul 15 14:00:00 2009 prusnakAATTsuse.cz
- disable Requires usermode-gtk

Fri Jun 19 14:00:00 2009 prusnakAATTsuse.cz
- added libsepol-static-devel to BuildRequires

Wed May 27 14:00:00 2009 prusnakAATTsuse.cz
- updated to 2.0.62

* Add btrfs to fixfiles from Dan Walsh.

* Remove restorecond error for matching globs with multiple hard links
and fix some error messages from Dan Walsh.

* Make removing a non-existant module a warning rather than an error
from Dan Walsh.

* Man page fixes from Dan Walsh.


  
ICM