SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for policycoreutils-devel-3.7-150600.215.15.x86_64.rpm :

* Mon Jul 01 2024 cathy.huAATTsuse.com- Update to version 3.7 https://github.com/SELinuxProject/selinux/releases/tag/3.7 User-visible changes:
* audit2allow -C for CIL output mode
* sepolgen: adjust parse for refpolicy
* Bugfixes:
* fixfiles: drop unnecessary \\ line endings
* setfiles: avoid unsigned integer underflow
* python/semanage: Do not sort local fcontext definitions
* python/semanage: Allow modifying records on \"add\"- Refresh get_os_version.patch
* Tue May 28 2024 cathy.huAATTsuse.com- Rework packaging to modern python packaging as we need policycoreutils-python-tools as build dependency for python311-setools - General: - python version for scripts is now set to python311, deprecating python3.6 on 15.4 + 15.5 - replaced python3 dependencies with corresponding dependencies - moved %{_localstatedir}/lib/selinux out of the python-policycoreutils rpm and into policycoreutils-python-utils as it does not belong into a module and causes conflicts when module is built for multiple python versions - Factory-specific changes: - python-policycoreutils module is now built for python310, python311, python312 instead of python3 - added %python3_fix_shebang to set the shebang to the current python - 15.4 and 15.5 specific changes - python-policycoreutils module is now built for python311 instead of python3 - added %python311_fix_shebang to set the shebang to python311, this is currently a dirty hack since the python3_fix_shebang_path macro does not exist in <=15.5 so far - 15.4 specific changes - policycoreutils-devel requires python3-distro still, as there is no python311-distro package
* Fri Mar 15 2024 cathy.huAATTsuse.com- exclude %python3_fix_shebang for distros <=15.4 to avoid build failure
* Wed Mar 13 2024 pgajdosAATTsuse.com- remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476]
* Tue Dec 19 2023 cathy.huAATTsuse.com- Update to version 3.6 https://github.com/SELinuxProject/selinux/releases/tag/3.6
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from https://translate.fedoraproject.org/projects/selinux/
* Bug fixes- Remove keys from keyring since they expired: - E853C1848B0185CF42864DF363A8AD4B982C4373 Petr Lautrbach - 63191CE94183098689CAB8DB7EF137EC935B0EAF Jason Zaman - Add key to keyring: - B8682847764DF60DF52D992CBC3905F235179CF1 Petr Lautrbach - Remove reproducible-build.patch since it is upstream now- Fix issues in get_os_version.patch
* Mon Dec 04 2023 cathy.huAATTsuse.com- Re-add \"Obsoletes: policycoreutils-python <= 2.6\" to avoid file conflicts with /usr/share/bash-completion/completions/setsebool of older policycoreutils-python-2.6
* Mon Nov 27 2023 cathy.huAATTsuse.com- Change deprecated `%patch1 -p1` syntax to supported `%patch -P1 -p1` (bsc#1216669)
* Wed Oct 25 2023 cathy.huAATTsuse.com- Add reproducible-build.patch to make the output of \"sepolicy manpage\" deterministic (bsc#1216452)
* Fri Oct 06 2023 filippo.bonazziAATTsuse.com- Move dbus configuration file to /usr/share instead of /etc
* Fri Jul 21 2023 filippo.bonazziAATTsuse.com- Add policycoreutils-rpmlintrc to suppress spurious rpmlint warnings
* Tue Jul 18 2023 filippo.bonazziAATTsuse.com- Fix newrole debuginfo broken by mistaken \'noarch\'
* Mon Jul 10 2023 filippo.bonazziAATTsuse.com- Add GUI and DBUS subpackages
* Remove files now provided in upstream tarballs: - Drop system-config-selinux.png - Drop system-config-selinux.desktop - Drop system-config-selinux.pam - Drop system-config-selinux.console - Drop selinux-polgengui.desktop - Drop selinux-polgengui.console- Refactor spec file
* Remove empty sandbox package definition
* Thu Jun 29 2023 jsegitzAATTsuse.com- Only recommend policycoreutils-devel. The requires causes build issues and this can be used with a policy from a different source- Required fixed python3-selinux, not version dependend sub-packages
* Mon Jun 26 2023 william.brownAATTsuse.com- Recommend setools-console as these cli tools compliment policycoreutils for analysis and debugging of policy issues
* Mon Jun 26 2023 william.brownAATTsuse.com- Add requires for policycoreutils-devel for selinux-policy-devel as policycoreutils-devel requires this
* Wed Jun 21 2023 jsegitzAATTsuse.com- Adjust python requirement for newer SLES versions
* Mon Jun 19 2023 filippo.bonazziAATTsuse.com- Add Leap compatibility symlinks between /usr/sbin and /sbin (bsc#1210482)- Refresh GPG keyring
* Tue May 09 2023 daniel.garciaAATTsuse.com- Add python-wheel build dependency to build correctly with latest python-pip version.
* Fri Feb 24 2023 jsegitzAATTsuse.com- Update to version 3.5
* fixfiles: Unmount temporary bind mounts on SIGINT
* Lots of smaller changes- Refreshed get_os_version.patch- Drop chcat_handle_missing_translations.patch, is upstream- Add additional BuildRequires for python- Added additional developer key (Jason Zaman)- Add requires for python3-distro for the devel package
* Mon Dec 19 2022 gmbr3AATTopensuse.org- Use %_pam_vendordir
* Fri Dec 16 2022 schubiAATTsuse.com- Error in spec file: No \"config\" tag in \"/usr/ should be used.
* Fri Dec 09 2022 schubiAATTsuse.com- Migration PAM settings to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update.
* Mon Jul 25 2022 jsegitzAATTsuse.com- Add recommends for ausearch binary (bsc#1201043)
* Wed Jun 22 2022 jsegitzAATTsuse.com- Handle missing translations properly in chcat. Added chcat_handle_missing_translations.patch (bsc#1200752)
* Tue Jun 21 2022 dimstarAATTopensuse.org- Build and package translations for python-utils (boo#1200752).
* Mon May 09 2022 jsegitzAATTsuse.com- Update to version 3.4
* fixfiles: Use parallel relabeling- Refreshed patches
* get_os_version.patch
* run_init.pamd.patch
* Wed Apr 20 2022 dimstarAATTopensuse.org- Fix file list: package ru/man8/sepolgen.8 only in the devel package (was in devel and main).
* Thu Nov 25 2021 jsegitzAATTsuse.com- finish UsrMerge (bsc#1191089)
* Wed Nov 24 2021 jsegitzAATTsuse.com- Add run_init.pamd.patch to adjust to SUSE pam setup. Removed run_init_use_pam_keyinit.patch and included it in the new patch (bsc#1190098)
* Thu Nov 11 2021 jsegitzAATTsuse.com- Update to version 3.3
* Lots of fuzzing fixes
* `fixfiles -C` doesn\'t exclude /dev and /run anymore Refreshed get_os_version.patch
* Tue Mar 09 2021 jsegitzAATTsuse.com- Update to version 3.2
* Tools using sepolgen, e.g. audit2allow, print extended permissions in hexadecimal
* sepolgen sorts extended rules like normal ones
* `setfiles` doesn\'t abort on labeling errors- Refreshed get_os_version.patch
* Thu Sep 10 2020 jsegitzAATTsuse.com- Add get_os_version.patch get_os_version is implemented in a very RH/Fedora specific way. Ensure that it returns a valid string for SUSE by changing the default. Also remove the RH specific logic when generating HTML versions of the SELinux documentation
* Wed Jul 29 2020 kukukAATTsuse.com- Align more with Fedora spec file to get rid of python dependencies in the core system - create new python-utils sub-package - move some tools to devel sub-package- Cleanup dependencies
* Fri Jul 17 2020 jsegitzAATTsuse.com- Proper default permissions for newrole (4755)
* Tue Jul 14 2020 jsegitzAATTsuse.com- Update to version 3.1
* New `setfiles -E` option - treat conflicting specifications as errors, such as where two hardlinks for the same inode have different contexts.
* `setsebool -V` reports errors from commit phase
* matchpathcon related interfaces are deprecated
* New `restorecon -x` option which prevents it from crossing file system
* boundaries.
* `sepolgen-ifgen` parses a gen_tunable statement as bool
* Removed Requires for python3-ipy as the ipaddress module is used. No requires for python-ipaddress as it\'s assumed this is used only on recent systems
* Drop chcat_join.patch, is upstream
* Thu Jun 04 2020 dimstarAATTopensuse.org- Pass the right value for LIBEXECDIR to make / make install instead of trying to move the file around post install. This caters for the planned change of libexecdir to change from /usr/lib to /usr/libexec by injecting the right value no matter what.
* Fri May 29 2020 jsegitzAATTsuse.de- Move pp binary to libexec directory instead of lib
* Mon Mar 09 2020 jsegitzAATTsuse.de- Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines
* Tue Mar 03 2020 jsegitzAATTsuse.de- Update to version 3.0
* fixfiles: Fix \"verify\" option
* fixfiles: Fix [-B] [-F] onboot
* fixfiles: Force full relabel when SELinux is disabled
* semodule: Enable CIL logging
* semanage: Add support for DCCP and SCTP protocols
* semanage: Do not use default s0 range in \"semanage login -a\"
* semanage: Document DCCP and SCTP support
* semanage: Improve handling of \"permissive\" statements
* semanage: fix moduleRecords.customized() Refreshed chcat_join.patch
* Thu Feb 27 2020 jsegitzAATTsuse.de- Ship working pam config for newrole (bsc#1163020)- Recommend policycoreutils-devel to have perm_map file available
* Wed Feb 19 2020 jsegitzAATTsuse.de- Package perm_map as it\'s used by audit2
* tools
* Tue Dec 17 2019 jsegitzAATTsuse.de- Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262)
* Wed Sep 18 2019 jsegitzAATTsuse.de- Added run_init_use_pam_keyinit.patch Added pam_keyinit to the run_init pam config (bsc#1144052)
* Wed Mar 20 2019 jsegitzAATTsuse.com- Update to version 2.9
* secon: free scon_trans before returning
* audit2allow/sepolgen-ifgen: show errors on stderr
* audit2allow: allow using audit2why as non-root user
* chcat: use check_call instead of getstatusoutput
* restorecon: add force option
* semanage module: Fix handling of -a/-e/-d/-r options
* semanage/seobject: Fix listing boolean values
* semanage: Drop python shebang from seobject.py
* semanage: Fix logger class definition
* semanage: Include MCS/MLS range when exporting local customizations
* semanage: Load a store policy and set the store SELinux policy root
* semanage: Start exporting \"ibendport\" and \"ibpkey\" entries
* semanage: Stop logging loginRecords changes
* semanage: Stop rejecting aliases in semanage commands
* semanage: Use standard argparse.error() method in handlePermissive
* semanage: do not show \"None\" levels when using a non-MLS policy
* semanage: import sepolicy only when it\'s needed
* semanage: move valid_types initialisations to class constructors
* sepolgen: close /etc/selinux/sepolgen.conf after parsing it
* sepolgen: fix access vector initialization
* sepolgen: fix refpolicy parsing of \"permissive\"
* sepolgen: print all AV rules correctly
* sepolgen: refpolicy installs its Makefile in include/Makefile
* sepolgen: return NotImplemented instead of raising it
* sepolgen: silence linter warning about has_key
* sepolgen: use self when accessing members in FilesystemUse
* sepolicy: Add sepolicy.load_store_policy(store)
* sepolicy: Make policy files sorting more robust
* sepolicy: Stop rejecting aliases in sepolicy commands
* sepolicy: Update to work with setools-4.2.0
* sepolicy: add missing % in network tab help text
* sepolicy: initialize mislabeled_files in __init__()
* sepolicy: search() also for dontaudit rules
* add xperms support to audit2allow
* replace aliases with corresponding type names- Dropped python3.patch, upstream now
* Wed Feb 13 2019 jsegitzAATTsuse.com- Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437)
* Tue Feb 05 2019 jengelhAATTinai.de- Replace overly complicated %setup calls.
* Mon Feb 04 2019 jsegitzAATTsuse.com- Removed hardcoded python 3.6 path from spec file
* Thu Jan 31 2019 bwiedemannAATTsuse.com- Fix build with python 3.7
* Fri Jan 11 2019 jsegitzAATTsuse.com- Required python3-policycoreutils instead of just recommending it for policycoreutils (bsc#1121455)- Added requires for python3-setuptools to python3-policycoreutils (bsc#1121455)- Removed requires for audit-libs-python from policycoreutils (bsc#1121455)
* Mon Jan 07 2019 mrueckertAATTsuse.de- properly obsolete/provides for policycoreutils-python- remove unneeded obsolete from the devel package
* Fri Dec 07 2018 jsegitzAATTsuse.com- Don\'t require selinux-policy-devel for the devel package
* Fri Dec 07 2018 jsegitzAATTsuse.com- Obsolete policycoreutils-python in policycoreutils and policycoreutils-devel to prevent file conflicts
* Wed Nov 21 2018 jsegitzAATTsuse.com- Included content of selinux-python-2.8 and semodule-utils-2.8. I think it\'s easier to have all the relevant binaries in the policycoreutils package (bsc#1116596). Added make_targets.patch for this- Removed restorecond, is now a separate package- Added python3.patch to use python3 interpreter- New runtime requires:
* libsepol1
* python3-ipy
* python3-networkx
* python3-semanage- Provides and obsolete policycoreutils-python
* Thu Nov 08 2018 jsegitzAATTsuse.com- Adjusted source urls (bsc#1115052)
* Wed Oct 17 2018 jsegitzAATTsuse.com- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt
* Wed May 16 2018 mceplAATTsuse.com- Rebase to 2.7
* Rather large rewrite of the SPEC file
* Significantly, support for python2 removed For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt- Dropped patches:
* policycoreutils-initscript.patch
* policycoreutils-pam-common.patch
* loadpolicy_path.patch
* CVE-2018-1063.patch
* Mon Apr 30 2018 dimstarAATTopensuse.org- Don\'t build policycoreutils-gui for anything suse_version >= 1500: there is no reason te believe that SLE16 will have those old, depreacted dependencies back. Fixes also the issues for Tumbleweed, where -gui was not installable.
* Thu Apr 26 2018 jsegitzAATTsuse.com- SLE 15 doesn\'t have the necessary files for policycoreutils-gui, don\'t build it there
* Wed Apr 25 2018 jsegitzAATTsuse.com- Drop the requirement for selinux-policy for the gui tools.
* Tue Mar 27 2018 tchvatalAATTsuse.com- Drop SLE11 support, needs the audit that is not present on SLE11- Fix service link to actually work on current releases- Drop SUSE_ASNEEDED=0 as it seems to build fine without it- Do not depend on systemd, just systemd-rpm-macros
* Wed Mar 21 2018 jsegitzAATTsuse.com- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)
* Tue Mar 20 2018 jsegitzAATTsuse.com- Remove BuildRequires for libcgroup-devel (bsc#1085837)
* Thu Dec 21 2017 jsegitzAATTsuse.com- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx
* Mon Nov 27 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Fri Nov 24 2017 jsegitzAATTsuse.com- Update to policycoreutils version 2.6. Notable changes:
* setfiles: reverse the sense of -D option
* sandbox: Use dbus-run-session instead of dbus-launch when available
* setfiles: Utility to find security.restorecon_last entries
* setfiles: Add option to stop setting the digest
* hll/pp: Change warning for module name not matching filename to match new behavior
* sepolicy: convert to setools4
* sandbox: create a new session for sandboxed processes
* sandbox: do not try to setup directories without -X or -M
* sandbox: do not run xmodmap in a new X session
* sandbox: fix file labels on copied files
* semanage: Fix semanage fcontext -D
* semanage: Default serange to \"s0\" for port modify
* semanage: Use socket.getprotobyname for protocol
* semanage: Add auditing of changes in records
* Improve compatibility with Python 3
* Update sandbox types in sandbox manual
* hll/pp: Warn if module name different than output filename- Update to sepolgen version 2.6. Notable changes:
* Add support for TYPEBOUNDS statement in INTERFACE policy files- Dropped CVE-2016-7545_sandbox_escape.patch
* Mon Dec 19 2016 jsegitzAATTnovell.com- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session
* Sat Jul 23 2016 jengelhAATTinai.de- Trim description in line with other selinux packages
* Thu Jul 14 2016 jsegitzAATTnovell.com- Changes submitted by MargueriteSu: Update to version 2.5
* sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss.
* sepolicy: Rename policy global variable conflict, from Nicolas Iooss.
* newrole: Add missing defined in #if, from Nicolas Iooss.
* newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec.
* secon: Add missing descriptions for --
*-key params in secon man page, from Lukas Vrabec
* semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach.
* chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville.
* semanage: fix \'semanage permissions -l\' subcommand, from Petr Lautrbach.
* semanage: replace string.join() with str.join(), from Petr Lautrbach.
* Man page warning fixes, from Ville Skyttä.
* sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl.
* semanage: Require at least one argument for \'semanage permissive -d\', from Petr Lautrbach.
* sepolicy: Improve sepolicy command line interface, from Petr Lautrbach.
* audit2allow/why: ignore setlocale errors, from Petr Lautrbach.
* semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy.
* audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach.
* Fix PEP8 issues, from Jason Zaman.
* semanage: fix moduleRecords deleteall method, from Stephen Smalley.
* Improve compatibility with Python 3, from Michal Srb.
* semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville.
* semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach.
* sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen.
* mcstransd: don\'t reinvent getpeercon, from Stephen Smalley.
* setfiles/restorecon: fix -r/-R option, from Petr Lautrbach.
* org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley.
* hll: Move core functions of pp to libsepol, from James Carter
* run_init: Use a ring buffer in open_init_pty, from Jason Zaman.
* run_init: fix open_init_pty availability check, from Nicolas Iooss.
* Widen Xen IOMEM context entries, from Daniel De Graaf.
* Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach.
* Fixed typo/grammatical error, from Christopher Peterson.
* Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4
* Fix bugs found by hardened gcc flags, from Nicolas Iooss.
* Improve support for building with different versions of python from Nicolas Iooss.
* Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh
* Remove cgroups from sandbox, from Dan Walsh
* Try to use setcurrent before setexec in seunshare, from Andy Lutomirski
* Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley
* Add a store root path in semodule, from Yuli Khodorkovskiy
* Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy
* Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence
* Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy
* Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy
* Add ability to install modules with a specified priority, from Caleb Case
* Use /tmp for permissive module creation, by Caleb Case
* Update semanage to use new source policy infrastructure, from Jason Dana
* Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville
* Wed Nov 05 2014 jsegitzAATTnovell.com- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)
  
ICM