SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libsemanage-2.0.43-5.1.el6.i686.rpm :
Mon Mar 16 13:00:00 2015 Petr Lautrbach 2.0.43-5.1
- Detect already enabled/disabled modules in semanage_direct_{enable,disable} functions
Resolves: rhbz#872700
- Fix sources to pass all tests
Rsolves: rhbz#591451

Mon Oct 15 14:00:00 2012 Miroslav Grepl - 2.0.43-4.2
-
* Add usepasswd flag to semanage.conf to disable genhomedircon using passwd
Resolves:#798332

Wed Oct 19 14:00:00 2011 Dan Walsh - 2.0.43-4.1
- Fix handling of umask, so files get created with the correct label.
Resolves: #747345

Thu Jan 28 13:00:00 2010 Dan Walsh - 2.0.43-4
- Cleanup spec file
Resolves: #555835

Mon Jan 18 13:00:00 2010 Dan Walsh - 2.0.43-3
- Splect libsemanage.a into a static subpackage to keep fedora packaging guidelines happy

Wed Dec 16 13:00:00 2009 Dan Walsh - 2.0.43-2
- Rebuild all c programs with -fPIC

Tue Dec 1 13:00:00 2009 Dan Walsh - 2.0.43-1
- Update to upstream

* Move libsemanage.so to /usr/lib

* Add NAME lines to man pages from Manoj Srivastava

Wed Nov 18 13:00:00 2009 Dan Walsh - 2.0.42-1
- Update to upstream

* Move load_policy from /usr/sbin to /sbin from Dan Walsh.

Mon Nov 2 13:00:00 2009 Dan Walsh - 2.0.41-1
- Update to upstream

* Add pkgconfig file from Eamon Walsh.

* Add semanage_set_check_contexts() function to disable calling
setfiles

Mon Sep 28 14:00:00 2009 Dan Walsh - 2.0.39-1
- Update to upstream

* make swigify

Sun Sep 20 14:00:00 2009 Dan Walsh - 2.0.38-2
- Dont relabel /root with genhomedircon

Thu Sep 17 14:00:00 2009 Dan Walsh - 2.0.38-1
- Update to upstream

* Change semodule upgrade behavior to install even if the module
is not present from Dan Walsh.

* Make genhomedircon trim excess \'/\' from homedirs from Dan Walsh.

Wed Sep 9 14:00:00 2009 Dan Walsh - 2.0.37-1
- Update to upstream

* Fix persistent dontaudit support to rebuild policy if the
dontaudit state is changed from Chad Sellers.
- Move load_policy to /sbin

Fri Aug 28 14:00:00 2009 Dan Walsh - 2.0.36-2
- Add enable/disable modules

Wed Aug 26 14:00:00 2009 Dan Walsh - 2.0.36-1
- Update to upstream

* Changed bzip-blocksize=0 handling to support existing compressed
modules in the store.

Wed Aug 26 14:00:00 2009 Dan Walsh - 2.0.35-2
- Make sure /root is not used in genhomedircon

Wed Aug 5 14:00:00 2009 Dan Walsh - 2.0.35-1

* Revert hard linking of files between tmp/active/previous.

* Enable configuration of bzip behavior from Stephen Smalley.
bzip-blocksize=0 to disable compression and decompression support.
bzip-blocksize=1..9 to set the blocksize for compression.
bzip-small=true to reduce memory usage for decompression.

Sat Jul 25 14:00:00 2009 Fedora Release Engineering - 2.0.33-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Fri Jul 10 14:00:00 2009 Dan Walsh - 2.0.33-2
- Put check for /root back into genhomedircon

Tue Jul 7 14:00:00 2009 Dan Walsh - 2.0.33-1
- Update to upstream

Mon Jun 8 14:00:00 2009 Dan Walsh - 2.0.32-1
- Update to upstream

* Ruby bindings from David Quigley.

Thu Apr 9 14:00:00 2009 Dan Walsh - 2.0.31-5
- Return error on invalid file

Wed Mar 11 13:00:00 2009 Dan Walsh - 2.0.31-4
- Fix typo

Wed Feb 25 13:00:00 2009 Fedora Release Engineering - 2.0.31-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

Thu Jan 15 13:00:00 2009 Dan Walsh - 2.0.31-2
- Fix link to only link on sandbox

Mon Jan 12 13:00:00 2009 Dan Walsh - 2.0.31-1
- Update to upstream

* Policy module compression (bzip) support from Dan Walsh.

* Hard link files between tmp/active/previous from Dan Walsh.

Mon Jan 12 13:00:00 2009 Dan Walsh - 2.0.30-3
- Fix up patch to get it upstreamed

Thu Dec 4 13:00:00 2008 Ignacio Vazquez-Abrams - 2.0.30-2
- Rebuild for Python 2.6

Thu Dec 4 13:00:00 2008 Dan Walsh - 2.0.30-1

* Add semanage_mls_enabled() interface from Stephen Smalley.

Sat Nov 29 13:00:00 2008 Ignacio Vazquez-Abrams - 2.0.29-2
- Rebuild for Python 2.6

Mon Sep 15 14:00:00 2008 Dan Walsh - 2.0.28-1
- Update to upstream

* Add USER to lines to homedir_template context file from Chris PeBenito.

Mon Sep 15 14:00:00 2008 Dan Walsh - 2.0.28-2
- Add compression support

Mon Sep 15 14:00:00 2008 Dan Walsh - 2.0.28-1
- Update to upstream

* allow fcontext and seuser changes without rebuilding the policy from Dan Walsh

Wed Sep 10 14:00:00 2008 Dan Walsh - 2.0.27-3
- Additional fixes for Don\'t rebuild on fcontext or seuser modifications

Tue Sep 2 14:00:00 2008 Dan Walsh - 2.0.27-2
- Don\'t rebuild on fcontext or seuser modifications

Tue Aug 5 14:00:00 2008 Dan Walsh - 2.0.27-1
- Update to upstream

* Modify genhomedircon to skip groupname entries.
Ultimately we need to expand them to the list of users to support per-role homedir labeling when using the groupname syntax.

Tue Jul 29 14:00:00 2008 Dan Walsh - 2.0.26-1
- Update to upstream

* Fix bug in genhomedircon fcontext matches logic from Dan Walsh.
Strip any trailing slash before appending /
*$.

Tue Jun 17 14:00:00 2008 Dan Walsh - 2.0.25-3
- Another fix for genhomedircon

Wed May 28 14:00:00 2008 Tom \"spot\" Callaway - 2.0.25-2
- fix license tag

Tue Feb 5 13:00:00 2008 Dan Walsh - 2.0.25-1
- Update to upstream

* Do not call genhomedircon if the policy was not rebuilt from Stephen Smalley.
Fixes semanage boolean -D seg fault (bug 441379).

Tue Feb 5 13:00:00 2008 Dan Walsh - 2.0.24-1
- Update to upstream

* make swigify

Tue Feb 5 13:00:00 2008 Dan Walsh - 2.0.23-1
- Update to upstream

* Use vfork rather than fork for libsemanage helpers to reduce memory overhead as suggested by Todd Miller.

Mon Feb 4 13:00:00 2008 Dan Walsh - 2.0.22-1
- Update to upstream

* Free policydb before fork from Joshua Brindle.

* Drop the base module immediately after expanding to permit memory re-use from Stephen Smalley.

Sat Feb 2 13:00:00 2008 Dan Walsh - 2.0.20-1
- Update to upstream

* Use sepol_set_expand_consume_base to reduce peak memory usage when
using semodule

Fri Feb 1 13:00:00 2008 Dan Walsh - 2.0.19-1
- Update to upstream

* Fix genhomedircon to not override a file context with a homedir context from Todd Miller.

Tue Jan 29 13:00:00 2008 Dan Walsh - 2.0.18-1
- Update to upstream

* Fix spurious out of memory error reports.

* Merged second version of fix for genhomedircon handling from Caleb Case.

Tue Jan 22 13:00:00 2008 Dan Walsh - 2.0.16-1
- Update to upstream

* Merged fix for genhomedircon handling of missing HOME_DIR or HOME_ROOT templates from Caleb Case.

Tue Jan 22 13:00:00 2008 Dan Walsh - 2.0.15-2
- Stop differentiating on user for homedir labeling

Thu Dec 6 13:00:00 2007 Dan Walsh - 2.0.15-1
- Update to upstream

* Fix genhomedircon handling of shells and missing user context template from Dan Walsh.

* Copy the store path in semanage_select_store from Dan Walsh.
- Add expand-check=0 to semanage.conf

Mon Dec 3 13:00:00 2007 Dan Walsh - 2.0.14-5
- Fix handling of /etc/shells so genhomedircon will work

Thu Nov 29 13:00:00 2007 Dan Walsh - 2.0.14-3
- Allow semanage_genhomedircon to work with out a USER int homedir.template

Sat Nov 10 13:00:00 2007 Dan Walsh - 2.0.14-2
- Fix semanage_select_store to allocate memory, fixes crash on invalid store

Tue Nov 6 13:00:00 2007 Dan Walsh - 2.0.14-1
- Upgrade to latest from NSA

* Call rmdir() rather than remove() on directory removal so that errno isn\'t polluted from Stephen Smalley.

* Allow handle_unknown in base to be overridden by semanage.conf from Stephen Smalley.

Fri Oct 5 14:00:00 2007 Dan Walsh - 2.0.12-1
- Upgrade to latest from NSA

* ustr cleanups from James Antill.

* Ensure that /root gets labeled even if using the default context from Dan Walsh.

Fri Sep 28 14:00:00 2007 Dan Walsh - 2.0.11-1
- Upgrade to latest from NSA

* Fix ordering of file_contexts.homedirs from Todd Miller and Dan Walsh.

Fri Sep 28 14:00:00 2007 Dan Walsh - 2.0.10-2
- Fix sort order on generated homedir context

Fri Sep 28 14:00:00 2007 Dan Walsh - 2.0.10-1
- Upgrade to latest from NSA

* Fix error checking on getpw
*_r functions from Todd Miller.

* Make genhomedircon skip invalid homedir contexts from Todd Miller.

* Set default user and prefix from seusers from Dan Walsh.

* Add swigify Makefile target from Dan Walsh.

Wed Sep 26 14:00:00 2007 Dan Walsh - 2.0.9-1
- Upgrade to latest from NSA

* Pass CFLAGS to CC even on link command, per Dennis Gilmore.

* Clear errno on non-fatal errors to avoid reporting them upon a
later error that does not set errno.

* Improve reporting of system errors, e.g. full filesystem or read-only filesystem from Stephen Smalley.

- Fix segfault in genhomedircon when using bad user names

Wed Sep 26 14:00:00 2007 Dan Walsh - 2.0.6-2
- Fix genhomedircon code to only generate valid context
- Fixes autorelabel problem

Thu Sep 13 14:00:00 2007 Dan Walsh - 2.0.6-1
- Upgrade to latest from NSA

* Change to use getpw
* function calls to the _r versions from Todd Miller.

Thu Aug 23 14:00:00 2007 Dan Walsh - 2.0.5-1
- Upgrade to latest from NSA

Mon Aug 20 14:00:00 2007 Dan Walsh - 2.0.4-1
- Upgrade to latest from NSA

* Allow dontaudits to be turned off via semanage interface when
updating policy

Sat Aug 11 14:00:00 2007 Dan Walsh - 2.0.3-5
- Add ability to load a policy without dontaudit rules
-

Tue Jun 26 14:00:00 2007 Dan Walsh - 2.0.3-4
- Rebuild to fix segfault on x86 platforms, swigify on each build

Fri Jun 1 14:00:00 2007 Dan Walsh - 2.0.3-3
- Rebuild for rawhide

Thu May 3 14:00:00 2007 Dan Walsh - 2.0.3-2
- Apply patch to fix dependencies in spec file from Robert Scheck

Wed Apr 25 14:00:00 2007 Dan Walsh - 2.0.3-1
- Upgrade to latest from NSA

* Fix to libsemanage man patches so whatis will work better from Dan Walsh

Wed Apr 25 14:00:00 2007 Dan Walsh - 2.0.2-1
- Upgrade to latest from NSA

* Merged optimizations from Stephen Smalley.
- do not set all booleans upon commit, only those whose values have changed
- only install the sandbox upon commit if something was rebuilt

Sat Mar 17 13:00:00 2007 Dan Walsh - 2.0.1-2
- Add SELinux to Man page Names so man -k will work

Mon Mar 12 13:00:00 2007 Dan Walsh - 2.0.1-1

* Merged dbase_file_flush patch from Dan Walsh.
This removes any mention of specific tools (e.g. semanage)
from the comment header of the auto-generated files,
since there are multiple front-end tools.

Tue Feb 20 13:00:00 2007 Dan Walsh - 2.0.0-1
- Upgrade to latest from NSA

* Merged Makefile test target patch from Caleb Case.

* Merged get_commit_number function rename patch from Caleb Case.

* Merged strnlen -> strlen patch from Todd Miller.

Wed Feb 7 13:00:00 2007 Dan Walsh - 1.10.1-1
- Upgrade to latest from NSA

* Merged python binding fix from Dan Walsh.

* Updated version for stable branch.

Fri Dec 22 13:00:00 2006 Dan Walsh - 1.9.2-1
- Upgrade to latest from NSA

* Merged patch to optionally reduce disk usage by removing
the backup module store and linked policy from Karl MacMillan

* Merged patch to correctly propagate return values in libsemanage

Fri Dec 22 13:00:00 2006 Dan Walsh - 1.9.1-3
- Apply Karl MacMillan patch to get proper error codes.

Thu Dec 7 13:00:00 2006 Jeremy Katz - 1.9.1-2
- rebuild against python 2.5

Tue Nov 28 13:00:00 2006 Dan Walsh - 1.9.1-1
- Upgrade to latest from NSA

* Merged patch to compile wit -fPIC instead of -fpic from
Manoj Srivastava to prevent hitting the global offest table
limit. Patch changed to include libselinux and libsemanage in
addition to libsepol.

Tue Oct 17 14:00:00 2006 Dan Walsh - 1.8-1
- Upgrade to latest from NSA

* Updated version for release.

Thu Aug 31 14:00:00 2006 Dan Walsh - 1.6.17-1
- Upgrade to latest from NSA

* Merged patch to skip reload if no active store exists and
the store path doesn\'t match the active store path from Dan Walsh.

* Merged patch to not destroy sepol handle on error path of
connect from James Athey.

* Merged patch to add genhomedircon path to semanage.conf from
James Athey.

Thu Aug 31 14:00:00 2006 Dan Walsh - 1.6.16-3
- Fix semanage to not load if is not the correct policy type and it is installing

Thu Aug 31 14:00:00 2006 Dan Walsh - 1.6.16-2
- Fix requires lines

Wed Aug 23 14:00:00 2006 Dan Walsh - 1.6.16-1
- Upgrade to latest from NSA

* Make most copy errors fatal, but allow exceptions for
file_contexts.local, seusers, and netfilter_contexts if
the source file does not exist in the store.

Sat Aug 12 14:00:00 2006 Dan Walsh - 1.6.15-1
- Upgrade to latest from NSA

* Merged separate local file contexts patch from Chris PeBenito.

* Merged patch to make most copy errors non-fatal from Dan Walsh.

Thu Aug 10 14:00:00 2006 Dan Walsh - 1.6.13-3
- Change other updates to be non-fatal

Wed Aug 9 14:00:00 2006 Dan Walsh - 1.6.13-2
- Change netfilter stuff to be non-fatal so update can proceed.

Thu Aug 3 14:00:00 2006 Dan Walsh - 1.6.13-1
- Upgrade to latest from NSA

* Merged netfilter contexts support from Chris PeBenito.

Mon Jul 17 14:00:00 2006 Dan Walsh - 1.6.12-2
- Rebuild for new gcc

Tue Jul 11 14:00:00 2006 Dan Walsh - 1.6.12-1
- Upgrade to latest from NSA

* Merged support for read operations on read-only fs from
Caleb Case (Tresys Technology).

Tue Jul 4 14:00:00 2006 Dan Walsh - 1.6.11-1
- Upgrade to latest from NSA

* Lindent.

* Merged setfiles location check patch from Dan Walsh.

Fri Jun 16 14:00:00 2006 Dan Walsh - 1.6.9-1
- Upgrade to latest from NSA

* Merged several fixes from Serge Hallyn:
dbase_file_cache: deref of uninit data on error path.
dbase_policydb_cache: clear fp to avoid double fclose
semanage_fc_sort: destroy temp on error paths

Fri Jun 16 14:00:00 2006 Dan Walsh - 1.6.8-2
- Handle setfiles being in /sbin or /usr/sbin

Mon May 15 14:00:00 2006 Dan Walsh - 1.6.8-1
- Upgrade to latest from NSA

* Updated default location for setfiles to /sbin to
match policycoreutils. This can also be adjusted via
semanage.conf using the syntax:
[setfiles]
path = /path/to/setfiles
args = -q -c $AATT $<
[end]

Mon May 15 14:00:00 2006 Dan Walsh - 1.6.7-3
- Spec file cleanup from n0dalus+redhatAATTgmail.com

Mon May 15 14:00:00 2006 Dan Walsh - 1.6.7-2
- Add /usr/include/semanage to spec file

Mon May 8 14:00:00 2006 Dan Walsh - 1.6.7-1
- Upgrade to latest from NSA

* Merged fix warnings patch from Karl MacMillan.

Fri Apr 14 14:00:00 2006 Dan Walsh - 1.6.6-1
- Upgrade to latest from NSA

* Merged updated file context sorting patch from Christopher
Ashworth, with bug fix for escaped character flag.

* Merged file context sorting code from Christopher Ashworth
(Tresys Technology), based on fc_sort.c code in refpolicy.

* Merged python binding t_output_helper removal patch from Dan Walsh.

* Regenerated swig files.

Wed Mar 29 14:00:00 2006 Dan Walsh - 1.6.3-1
- Fix to work with new version of swig
- Upgrade to latest from NSA

* Merged corrected fix for descriptor leak from Dan Walsh.

Wed Mar 29 14:00:00 2006 Dan Walsh - 1.6.2-2
- Fix leaky descriptor

Tue Mar 21 13:00:00 2006 Dan Walsh - 1.6.2-1
- Upgrade to latest from NSA

* Merged Makefile PYLIBVER definition patch from Dan Walsh.

* Merged man page reorganization from Ivan Gyurdiev.

Fri Mar 17 13:00:00 2006 Dan Walsh - 1.6-1
- Make work on RHEL4
- Upgrade to latest from NSA

* Merged abort early on merge errors patch from Ivan Gyurdiev.

* Cleaned up error handling in semanage_split_fc based on a patch
by Serge Hallyn (IBM) and suggestions by Ivan Gyurdiev.

* Merged MLS handling fixes from Ivan Gyurdiev.

Fri Feb 17 13:00:00 2006 Dan Walsh - 1.5.28-1
- Upgrade to latest from NSA

* Merged bug fix for fcontext validate handler from Ivan Gyurdiev.

* Merged base_merge_components changes from Ivan Gyurdiev.

Thu Feb 16 13:00:00 2006 Dan Walsh - 1.5.26-1
- Upgrade to latest from NSA

* Merged paths array patch from Ivan Gyurdiev.

* Merged bug fix patch from Ivan Gyurdiev.

* Merged improve bindings patch from Ivan Gyurdiev.

* Merged use PyList patch from Ivan Gyurdiev.

* Merged memory leak fix patch from Ivan Gyurdiev.

* Merged nodecon support patch from Ivan Gyurdiev.

* Merged cleanups patch from Ivan Gyurdiev.

* Merged split swig patch from Ivan Gyurdiev.

Mon Feb 13 13:00:00 2006 Dan Walsh - 1.5.23-1
- Upgrade to latest from NSA

* Merged optionals in base patch from Joshua Brindle.

* Merged treat seusers/users_extra as optional sections patch from
Ivan Gyurdiev.

* Merged parse_optional fixes from Ivan Gyurdiev.

Fri Feb 10 13:00:00 2006 Jesse Keating - 1.5.21-2.1
- bump again for double-long bug on ppc(64)

Fri Feb 10 13:00:00 2006 Dan Walsh - 1.5.21-2
- Fix handling of seusers and users_map file

Tue Feb 7 13:00:00 2006 Dan Walsh - 1.5.21-1
- Upgrade to latest from NSA

* Merged seuser/user_extra support patch from Joshua Brindle.

* Merged remote system dbase patch from Ivan Gyurdiev.

Tue Feb 7 13:00:00 2006 Jesse Keating - 1.5.20-1.1
- rebuilt for new gcc4.1 snapshot and glibc changes

Thu Feb 2 13:00:00 2006 Dan Walsh 1.5.20-1
- Upgrade to latest from NSA

* Merged clone record on set_con patch from Ivan Gyurdiev.

Mon Jan 30 13:00:00 2006 Dan Walsh 1.5.19-1
- Upgrade to latest from NSA

* Merged fname parameter patch from Ivan Gyurdiev.

* Merged more size_t -> unsigned int fixes from Ivan Gyurdiev.

* Merged seusers.system patch from Ivan Gyurdiev.

* Merged improve port/fcontext API patch from Ivan Gyurdiev.

Fri Jan 27 13:00:00 2006 Dan Walsh 1.5.18-1
- Upgrade to latest from NSA

* Merged seuser -> seuser_local rename patch from Ivan Gyurdiev.

* Merged set_create_store, access_check, and is_connected interfaces
from Joshua Brindle.

Fri Jan 13 13:00:00 2006 Dan Walsh 1.5.16-1
- Upgrade to latest from NSA

* Regenerate python wrappers.

Fri Jan 13 13:00:00 2006 Dan Walsh 1.5.15-1
- Upgrade to latest from NSA

* Merged pywrap Makefile diff from Dan Walsh.

* Merged cache management patch from Ivan Gyurdiev.

* Merged bugfix for dbase_llist_clear from Ivan Gyurdiev.

* Merged remove apply_local function patch from Ivan Gyurdiev.

* Merged only do read locking in direct case patch from Ivan Gyurdiev.

* Merged cache error path memory leak fix from Ivan Gyurdiev.

* Merged auto-generated file header patch from Ivan Gyurdiev.

* Merged pywrap test update from Ivan Gyurdiev.

* Merged hidden defs update from Ivan Gyurdiev.

Fri Jan 13 13:00:00 2006 Dan Walsh 1.5.14-2
- Break out python out of regular Makefile

Fri Jan 13 13:00:00 2006 Dan Walsh 1.5.14-1
- Upgrade to latest from NSA

* Merged disallow port overlap patch from Ivan Gyurdiev.

* Merged join prereq and implementation patches from Ivan Gyurdiev.

* Merged join user extra data part 2 patch from Ivan Gyurdiev.

* Merged bugfix patch from Ivan Gyurdiev.

* Merged remove add_local/set_local patch from Ivan Gyurdiev.

* Merged user extra data part 1 patch from Ivan Gyurdiev.

* Merged size_t -> unsigned int patch from Ivan Gyurdiev.

* Merged calloc check in semanage_store patch from Ivan Gyurdiev,
bug noticed by Steve Grubb.

* Merged cleanups after add/set removal patch from Ivan Gyurdiev.

Sat Jan 7 13:00:00 2006 Dan Walsh 1.5.9-1
- Upgrade to latest from NSA

* Merged const in APIs patch from Ivan Gyurdiev.

* Merged validation of local file contexts patch from Ivan Gyurdiev.

* Merged compare2 function patch from Ivan Gyurdiev.

* Merged hidden def/proto update patch from Ivan Gyurdiev.

Fri Jan 6 13:00:00 2006 Dan Walsh 1.5.8-1
- Upgrade to latest from NSA

* Re-applied string and file optimization patch from Russell Coker,
with bug fix.

* Reverted string and file optimization patch from Russell Coker.

* Clarified error messages from parse_module_headers and
parse_base_headers for base/module mismatches.

Fri Jan 6 13:00:00 2006 Dan Walsh 1.5.6-1
- Upgrade to latest from NSA

* Clarified error messages from parse_module_headers and
parse_base_headers for base/module mismatches.

* Merged string and file optimization patch from Russell Coker.

* Merged swig header reordering patch from Ivan Gyurdiev.

* Merged toggle modify on add patch from Ivan Gyurdiev.

* Merged ports parser bugfix patch from Ivan Gyurdiev.

* Merged fcontext swig patch from Ivan Gyurdiev.

* Merged remove add/modify/delete for active booleans patch from Ivan Gyurdiev.

* Merged man pages for dbase functions patch from Ivan Gyurdiev.

* Merged pywrap tests patch from Ivan Gyurdiev.

Thu Jan 5 13:00:00 2006 Dan Walsh 1.5.4-2
- Patch to fix add

Thu Jan 5 13:00:00 2006 Dan Walsh 1.5.4-1
- Upgrade to latest from NSA

* Merged patch series from Ivan Gyurdiev.
This includes patches to:
- separate file rw code from linked list
- annotate objects
- fold together internal headers
- support ordering of records in compare function
- add active dbase backend, active booleans
- return commit numbers for ro database calls
- use modified flags to skip rebuild whenever possible
- enable port interfaces
- update swig interfaces and typemaps
- add an API for file_contexts.local and file_contexts
- flip the traversal order in iterate/list
- reorganize sandbox_expand
- add seusers MLS validation
- improve dbase spec/documentation
- clone record on set/add/modify

Tue Dec 27 13:00:00 2005 Dan Walsh 1.5.3-3
- Add Ivans patch to turn on ports

Wed Dec 14 13:00:00 2005 Dan Walsh 1.5.3-2
- Remove patch since upstream does the right thing

Wed Dec 14 13:00:00 2005 Dan Walsh 1.5.3-1
- Upgrade to latest from NSA

* Merged further header cleanups from Ivan Gyurdiev.

* Merged toggle modified flag in policydb_modify, fix memory leak
in clear_obsolete, polymorphism vs headers fix, and include guards
for internal headers patches from Ivan Gyurdiev.

Tue Dec 13 13:00:00 2005 Dan Walsh 1.5.1-2
- Upgrade to latest from NSA

* Merged toggle modified flag in policydb_modify, fix memory leak
in clear_obsolete, polymorphism vs headers fix, and include guards
for internal headers patches from Ivan Gyurdiev.

Mon Dec 12 13:00:00 2005 Dan Walsh 1.5.1-1
- Upgrade to latest from NSA

* Added file-mode= setting to semanage.conf, default to 0644.
Changed semanage_copy_file and callers to use this mode when
installing policy files to runtime locations.

Fri Dec 9 13:00:00 2005 Jesse Keating
- rebuilt

Wed Dec 7 13:00:00 2005 Dan Walsh 1.4-1
- Fix mode of output seusers file

Tue Dec 6 13:00:00 2005 Dan Walsh 1.3.64-1
- Upgrade to latest from NSA

* Changed semanage_handle_create() to set do_reload based on
is_selinux_enabled(). This prevents improper attempts to
load policy on a non-SELinux system.

Mon Dec 5 13:00:00 2005 Dan Walsh 1.3.63-1
- Upgrade to latest from NSA

* Dropped handle from user_del_role interface.

* Removed defrole interfaces.

Tue Nov 29 13:00:00 2005 Dan Walsh 1.3.61-1
- Upgrade to latest from NSA

* Merged Makefile python definitions patch from Dan Walsh.

* Removed is_selinux_mls_enabled() conditionals in seusers and users
file parsers.

Wed Nov 23 13:00:00 2005 Dan Walsh 1.3.59-1
- Add additional swig objects

* Merged wrap char
*
*
* for user_get_roles patch from Joshua Brindle.

* Merged remove defrole from sepol patch from Ivan Gyurdiev.

* Merged swig wrappers for modifying users and seusers from Joshua Brindle.

Wed Nov 23 13:00:00 2005 Dan Walsh 1.3.56-2
- Add additional swig objects

Wed Nov 16 13:00:00 2005 Dan Walsh 1.3.56-1
- Upgrade to latest from NSA

* Fixed free->key_free bug.

* Merged clear obsolete patch from Ivan Gyurdiev.

* Merged modified swigify patch from Dan Walsh
(original patch from Joshua Brindle).

* Merged move genhomedircon call patch from Chad Sellers.

Mon Nov 14 13:00:00 2005 Dan Walsh 1.3.53-3
- Add genhomedircon patch from Joshua Brindle

Fri Nov 11 13:00:00 2005 Dan Walsh 1.3.53-2
- Add swigify patch from Joshua Brindle

Fri Nov 11 13:00:00 2005 Dan Walsh 1.3.53-1
- Upgrade to latest from NSA

* Merged move seuser validation patch from Ivan Gyurdiev.

* Merged hidden declaration fixes from Ivan Gyurdiev,
with minor corrections.

Wed Nov 9 13:00:00 2005 Dan Walsh 1.3.52-1
- Upgrade to latest from NSA

* Merged cleanup patch from Ivan Gyurdiev.
This renames semanage_module_conn to semanage_direct_handle,
and moves sepol handle create/destroy into semanage handle
create/destroy to allow use even when disconnected (for the
record interfaces).

Tue Nov 8 13:00:00 2005 Dan Walsh 1.3.51-1
- Upgrade to latest from NSA

* Clear modules modified flag upon disconnect and commit.

* Added tracking of module modifications and use it to
determine whether expand-time checks should be applied
on commit.

* Reverted semanage_set_reload_bools() interface.

Tue Nov 8 13:00:00 2005 Dan Walsh 1.3.48-1
- Upgrade to latest from NSA

* Disabled calls to port dbase for merge and commit and stubbed
out calls to sepol_port interfaces since they are not exported.

* Merged rename instead of copy patch from Joshua Brindle (Tresys).

* Added hidden_def/hidden_proto for exported symbols used within
libsemanage to eliminate relocations. Wrapped type definitions
in exported headers as needed to avoid conflicts. Added
src/context_internal.h and src/iface_internal.h.

* Added semanage_is_managed() interface to allow detection of whether
the policy is managed via libsemanage. This enables proper handling
in setsebool for non-managed systems.

* Merged semanage_set_reload_bools() interface from Ivan Gyurdiev,
to enable runtime control over preserving active boolean values
versus reloading their saved settings upon commit.

Mon Nov 7 13:00:00 2005 Dan Walsh 1.3.43-1
- Upgrade to latest from NSA

* Merged seuser parser resync, dbase tracking and cleanup, strtol
bug, copyright, and assert space patches from Ivan Gyurdiev.

* Added src/
*_internal.h in preparation for other changes.

* Added hidden/hidden_proto/hidden_def to src/debug.[hc] and
src/seusers.[hc].

Thu Nov 3 13:00:00 2005 Dan Walsh 1.3.41-1
- Upgrade to latest from NSA

* Merged interface parse/print, context_to_string interface change,
move assert_noeof, and order preserving patches from Ivan Gyurdiev.

* Added src/dso.h in preparation for other changes.

* Merged install seusers, handle/error messages, MLS parsing,
and seusers validation patches from Ivan Gyurdiev.

Mon Oct 31 13:00:00 2005 Dan Walsh 1.3.39-1
- Upgrade to latest from NSA

* Merged record interface, dbase flush, common database code,
and record bugfix patches from Ivan Gyurdiev.

Fri Oct 28 14:00:00 2005 Dan Walsh 1.3.38-1
- Upgrade to latest from NSA

* Merged dbase policydb list and count change from Ivan Gyurdiev.

* Merged enable dbase and set relay patches from Ivan Gyurdiev.

Thu Oct 27 14:00:00 2005 Dan Walsh 1.3.36-1
- Update from NSA

* Merged query APIs and dbase_file_set patches from Ivan Gyurdiev.

Wed Oct 26 14:00:00 2005 Dan Walsh 1.3.35-1
- Update from NSA

* Merged sepol handle passing, seusers support, and policydb cache
patches from Ivan Gyurdiev.

Tue Oct 25 14:00:00 2005 Dan Walsh 1.3.34-1
- Update from NSA

* Merged resync to sepol changes and booleans fixes/improvements
patches from Ivan Gyurdiev.

* Merged support for genhomedircon/homedir template, store selection,
explicit policy reload, and semanage.conf relocation from Joshua
Brindle.

Mon Oct 24 14:00:00 2005 Dan Walsh 1.3.32-1
- Update from NSA

* Merged resync to sepol changes and transaction fix patches from
Ivan Gyurdiev.

* Merged reorganize users patch from Ivan Gyurdiev.

* Merged remove unused relay functions patch from Ivan Gyurdiev.

Fri Oct 21 14:00:00 2005 Dan Walsh 1.3.30-1
- Update from NSA

* Fixed policy file leaks in semanage_load_module and
semanage_write_module.

* Merged further database work from Ivan Gyurdiev.

* Fixed bug in semanage_direct_disconnect.

Thu Oct 20 14:00:00 2005 Dan Walsh 1.3.28-1
- Update from NSA

* Merged interface renaming patch from Ivan Gyurdiev.

* Merged policy component patch from Ivan Gyurdiev.

* Renamed \'check=\' configuration value to \'expand-check=\' for
clarity.

* Changed semanage_commit_sandbox to check for and report errors
on rename(2) calls performed during rollback.

* Added optional check= configuration value to semanage.conf
and updated call to sepol_expand_module to pass its value
to control assertion and hierarchy checking on module expansion.

* Merged fixes for make DESTDIR= builds from Joshua Brindle.

Tue Oct 18 14:00:00 2005 Dan Walsh 1.3.24-1
- Update from NSA

* Merged default database from Ivan Gyurdiev.

* Merged removal of connect requirement in policydb backend from
Ivan Gyurdiev.

* Merged commit locking fix and lock rename from Joshua Brindle.

* Merged transaction rollback in lock patch from Joshua Brindle.

* Changed default args for load_policy to be null, as it no longer
takes a pathname argument and we want to preserve booleans.

* Merged move local dbase initialization patch from Ivan Gyurdiev.

* Merged acquire/release read lock in databases patch from Ivan Gyurdiev.

* Merged rename direct -> policydb as appropriate patch from Ivan Gyurdiev.

* Added calls to sepol_policy_file_set_handle interface prior
to invoking sepol operations on policy files.

* Updated call to sepol_policydb_from_image to pass the handle.

Tue Oct 18 14:00:00 2005 Dan Walsh 1.3.20-1
- Update from NSA

* Changed default args for load_policy to be null, as it no longer
takes a pathname argument and we want to preserve booleans.

* Merged move local dbase initialization patch from Ivan Gyurdiev.

* Merged acquire/release read lock in databases patch from Ivan Gyurdiev.

* Merged rename direct -> policydb as appropriate patch from Ivan Gyurdiev.

* Added calls to sepol_policy_file_set_handle interface prior
to invoking sepol operations on policy files.

* Updated call to sepol_policydb_from_image to pass the handle.

Tue Oct 18 14:00:00 2005 Dan Walsh 1.3.20-1
- Update from NSA

* Merged user and port APIs - policy database patch from Ivan
Gyurdiev.

* Converted calls to sepol link_packages and expand_module interfaces
from using buffers to using sepol handles for error reporting, and
changed direct_connect/disconnect to create/destroy sepol handles.

Sat Oct 15 14:00:00 2005 Dan Walsh 1.3.18-1
- Update from NSA

* Merged bugfix patch from Ivan Gyurdiev.

* Merged seuser database patch from Ivan Gyurdiev.
Merged direct user/port databases to the handle from Ivan Gyurdiev.

* Removed obsolete include/semanage/commit_api.h (leftover).
Merged seuser record patch from Ivan Gyurdiev.

* Merged boolean and interface databases from Ivan Gyurdiev.

Fri Oct 14 14:00:00 2005 Dan Walsh 1.3.14-1
- Update from NSA

* Updated to use get interfaces for hidden sepol_module_package type.

* Changed semanage_expand_sandbox and semanage_install_active
to generate/install the latest policy version supported by libsepol
by default (unless overridden by semanage.conf), since libselinux
will now downgrade automatically for load_policy.

* Merged new callback-based error reporting system and ongoing
database work from Ivan Gyurdiev.

Wed Oct 12 14:00:00 2005 Dan Walsh 1.3.11-1
- Update from NSA

* Fixed semanage_install_active() to use the same logic for
selecting a policy version as semanage_expand_sandbox(). Dropped
dead code from semanage_install_sandbox().

Mon Oct 10 14:00:00 2005 Dan Walsh 1.3.10-1
- Update from NSA

* Updated for changes to libsepol, and to only use types and interfaces
provided by the shared libsepol.

Fri Oct 7 14:00:00 2005 Dan Walsh 1.3.9-1
- Update from NSA

* Merged further database work from Ivan Gyurdiev.

Tue Oct 4 14:00:00 2005 Dan Walsh 1.3.8-1
- Update from NSA

* Merged iterate, redistribute, and dbase split patches from
Ivan Gyurdiev.

Mon Oct 3 14:00:00 2005 Dan Walsh 1.3.7-1
- Update from NSA

* Merged patch series from Ivan Gyurdiev.
(pointer typedef elimination, file renames, dbase work, backend
separation)

* Split interfaces from semanage.[hc] into handle.[hc], modules.[hc].

* Separated handle create from connect interface.

* Added a constructor for initialization.

* Moved up src/include/
*.h to src.

* Created a symbol map file; dropped dso.h and hidden markings.

Wed Sep 28 14:00:00 2005 Dan Walsh 1.3.5-1
- Update from NSA

* Split interfaces from semanage.[hc] into handle.[hc], modules.[hc].

* Separated handle create from connect interface.

* Added a constructor for initialization.

* Moved up src/include/
*.h to src.

* Created a symbol map file; dropped dso.h and hidden markings.

Fri Sep 23 14:00:00 2005 Dan Walsh 1.3.4-1
- Update from NSA

* Merged dbase redesign patch from Ivan Gyurdiev.

Wed Sep 21 14:00:00 2005 Dan Walsh 1.3.3-1
- Update from NSA

* Merged boolean record, stub record handler, and status codes
patches from Ivan Gyurdiev.

Tue Sep 20 14:00:00 2005 Dan Walsh 1.3.2-1
- Update from NSA

* Merged stub iterator functionality from Ivan Gyurdiev.

* Merged interface record patch from Ivan Gyurdiev.

Wed Sep 14 14:00:00 2005 Dan Walsh 1.3.1-1
- Update from NSA

* Merged stub functionality for managing user and port records,
and record table code from Ivan Gyurdiev.

* Updated version for release.

Thu Sep 1 14:00:00 2005 Dan Walsh 1.1.6-1
- Update from NSA

* Merged semod.conf template patch from Dan Walsh (Red Hat),
but restored location to /usr/share/semod/semod.conf.

* Fixed several bugs found by valgrind.

* Fixed bug in prior patch for the semod_build_module_list leak.

* Merged errno fix from Joshua Brindle (Tresys).

* Merged fix for semod_build_modules_list leak on error path
from Serge Hallyn (IBM). Bug found by Coverity.

Thu Aug 25 14:00:00 2005 Dan Walsh 1.1.3-1
- Update from NSA

* Merged errno fix from Joshua Brindle (Tresys).

* Merged fix for semod_build_modules_list leak on error path
from Serge Hallyn (IBM). Bug found by Coverity.

* Merged several fixes from Serge Hallyn (IBM). Bugs found by
Coverity.

* Fixed several other bugs and warnings.

* Merged patch to move module read/write code from libsemanage
to libsepol from Jason Tang (Tresys).

* Merged relay records patch from Ivan Gyurdiev.

* Merged key extract patch from Ivan Gyurdiev.

- Initial version
- Created by Stephen Smalley


 
ICM