Petr Lautrbach
5d411cd10a
SELinux userspace 2.8-rc3 release candidate
2018-05-15 10:36:24 +02:00
Petr Lautrbach
ccff9f365f
SELinux userspace 2.8-rc1 release candidate
2018-04-23 16:05:04 +02:00
Petr Lautrbach
980d2c8c0c
checkpolicy-2.7-1
...
- Update to upstream release 2017-08-04
2017-08-07 17:17:57 +02:00
Petr Lautrbach
269e7db87e
checkpolicy-2.6-1
...
- Update to upstream release 2016-10-14
2017-02-20 12:36:39 +01:00
Petr Lautrbach
ce5393bbac
checkpolicy-2.5-1
...
- Update to upstream release 2016-02-23
2016-02-23 22:47:35 +01:00
Petr Lautrbach
cfa584572b
checkpolicy-2.5-0.1.rc1
...
Update to upstream rc1 release 2016-01-07
2016-02-21 13:42:03 +01:00
Petr Lautrbach
76fb2b6d10
Update to 2.4 release
2015-07-20 18:53:21 +02:00
Dan Walsh
946ad38fd1
Update to upstream
...
* Add Android support for building dispol.
* Report source file and line information for neverallow failures.
* Prevent incompatible option combinations for checkmodule.
* Drop -lselinux from LDLIBS for test programs; not used.
* Add debug feature to display constraints/validatetrans from Richard Haines.
2014-05-06 14:20:14 -04:00
Dan Walsh
eddfbe52c6
UPdate to upstream
2013-10-31 09:21:49 -04:00
Dan Walsh
02cf4abf2d
Update to upstream
...
* Fix errors found by coverity
* implement default type policy syntax
* Free allocated memory when clean up / exit.
2013-02-07 13:40:56 -05:00
rhatdan
1057df92ca
Update to upstream
...
* fd leak reading policy
* check return code on ebitmap_set_bit
2012-09-13 13:29:17 -04:00
Dan Walsh
f5401fa228
Update to upstream
...
* sepolgen: We need to support files that have a + in them
* Android/MacOS X build support
2012-07-04 07:24:23 -04:00
Dan Walsh
9f8377e4c3
Update to upstream
...
* implement new default labeling behaviors for usr, role, range
* Fix dead links to www.nsa.gov/selinux
2012-03-29 15:28:08 -04:00
Dan Walsh
1e9a9d79a0
Update to upstream
...
* add new helper to translate class sets into bitmaps
2011-12-21 17:59:52 +00:00
Dan Walsh
5ea3e823bf
Upgrade to upstream
...
* dis* fixed signed vs unsigned errors
* dismod: fix unused parameter errors
* test: Makefile: include -W and -Werror
* allow ~ in filename transition rules
Allow policy to specify the source of target for generating the default user,role
or mls label for a new target.
2011-12-15 14:30:26 -05:00
Dan Walsh
1e7f3c93f0
Upgrade to upstream
...
* Revert "checkpolicy: Redo filename/filesystem syntax to support filename trans rules"
* drop libsepol dynamic link in checkpolicy
2011-11-04 09:27:03 -04:00
Dan Walsh
911694cf55
Update to upstream
...
* Separate tunable from boolean during compile.
2011-09-19 06:50:16 -04:00
Dan Walsh
68f262fbdb
Update to upstream
...
* checkpolicy: fix spacing in output message
2011-08-30 16:15:26 -04:00
Dan Walsh
e87652be15
* add missing ; to attribute_role_def
...
*Redo filename/filesystem syntax to support filename trans
2011-08-18 07:00:03 -04:00
Dan Walsh
5bae77199e
* add missing ; to attribute_role_def
...
*Redo filename/filesystem syntax to support filename trans
2011-08-18 06:51:40 -04:00
Dan Walsh
72448b2ce3
Update to upstream
2011-07-28 11:42:26 -04:00
Dan Walsh
5eaf35502b
Update to upstream
...
* Wrap file names in filename transitions with quotes by Steve Lawrence.
* Allow filesystem names to start with a digit by James Carter.
* Add support for using the last path compnent in type transitions by Eric
2011-05-23 18:25:07 -04:00
Dan Walsh
66140a0889
Latest patches
2011-04-12 13:12:30 -04:00
Dan Walsh
5ea14e8ebf
- Latest update from NSA
...
* Remove unused variables to fix compliation under GCC 4.6 by Justin Mattock
2010-12-21 16:41:10 -05:00
Daniel J Walsh
ff8894ce82
- Latest update from NSA
...
Update checkmodule man page and usage by Daniel Walsh and Steve Lawrence
- Allow policy version to be one number
2010-06-16 12:11:21 +00:00
Daniel J Walsh
7c6d84d139
- Latest update from NSA
...
Add support for building Xen policies from Paul Nuzzi.
Add long options to checkpolicy and checkmodule by Guido Trentalancia
<guido@trentalancia.com>
2009-12-01 22:50:19 +00:00
Daniel J Walsh
69181ce9f3
- Latest update from NSA
...
Fix alias field in module format, caused by boundary format change from
Caleb Case.
2009-02-18 21:54:40 +00:00
Daniel J Walsh
d9e3ea1a9d
- Latest update from NSA
...
Update checkpolicy for user and role mapping support from Joshua Brindle.
2008-05-28 15:15:49 +00:00
Daniel J Walsh
ce4fbaf6a7
- Latest update from NSA
...
Add permissive domain support from Eric Paris.
2008-04-14 19:34:07 +00:00
Daniel J Walsh
3181c033e3
- Latest update from NSA
...
Split out non-grammar parts of policy_parse.yacc into policy_define.c and
policy_define.h from Todd C. Miller.
Initialize struct policy_file before using it, from Todd C. Miller.
Remove unused define, move variable out of .y file, simplify COND_ERR, from
Todd C. Miller.
2008-03-14 00:24:03 +00:00
Daniel J Walsh
e22ff16832
- Latest update from NSA
...
Use yyerror2() where appropriate from Todd C. Miller.
- Build against latest libsepol
2008-02-28 21:57:00 +00:00
Daniel J Walsh
d793dcb07e
- Latest update from NSA
...
Update dispol for libsepol avtab changes from Stephen Smalley.
2008-02-04 17:24:34 +00:00
Daniel J Walsh
1257a8cea9
- Latest update from NSA
...
Deprecate role dominance in parser.
2008-01-25 16:19:00 +00:00
Daniel J Walsh
4dd1371296
- Update to use libsepol-static library
2008-01-21 21:42:58 +00:00
Daniel J Walsh
5c3895bc13
- Latest update from NSA
...
Initialize the source file name from the command line argument so that
checkpolicy/checkmodule report something more useful than "unknown
source".
Merged remove use of REJECT and trailing context in lex rules; make ipv4
address parsing like ipv6 from James Carter.
2007-11-15 18:41:43 +00:00
Daniel J Walsh
5d693896f6
Merged handle unknown policydb flag support from Eric Paris. Adds new
...
command line options -U {allow, reject, deny} for selecting the flag
when a base module or kernel policy is built.
2007-09-19 00:20:03 +00:00
Daniel J Walsh
4bd6947fff
- Latest update from NSA
...
Merged fix for segfault on duplicate require of sensitivity from Caleb
Case.
Merged fix for dead URLs in checkpolicy man pages from Dan Walsh.
2007-06-04 19:21:50 +00:00
Daniel J Walsh
7b7e59092d
- Latest update from NSA
...
Merged checkmodule man page fix from Dan Walsh.
2007-04-12 20:05:28 +00:00
Daniel J Walsh
c1870cdf3a
- Latest update from NSA
...
Merged patch to allow dots in class identifiers from Caleb Case.
2007-02-20 14:59:15 +00:00
Daniel J Walsh
1ec43fbb6a
- Latest update from NSA
...
Merged patch to use new libsepol error codes by Karl MacMillan.
Updated version for stable branch.
2007-02-07 21:42:36 +00:00
Daniel J Walsh
c2957dde68
- Latest update from NSA
...
Collapse user identifiers and identifiers together.
2006-11-14 14:50:36 +00:00
Daniel J Walsh
9e6b63128e
- Latest update from NSA
...
Updated version for release.
2006-11-03 21:45:02 +00:00
Daniel J Walsh
2fc5612c93
- Latest update from NSA
...
Merged user and range_transition support for modules from Darrel Goeddel
2006-09-29 14:22:59 +00:00
Daniel J Walsh
39e4bfb0e8
- Latest update from NSA
...
merged range_transition enhancements and user module format changes from
Darrel Goeddel
Merged symtab datum patch from Karl MacMillan.
2006-09-06 18:16:16 +00:00
Daniel J Walsh
0962a544c8
- Latest upgrade from NSA
...
Lindent.
Merged patch to remove TE rule conflict checking from the parser from
Joshua Brindle. This can only be done properly by the expander.
Merged patch to make checkpolicy/checkmodule handling of
duplicate/conflicting TE rules the same as the expander from Joshua
Brindle.
Merged optionals in base take 2 patch set from Joshua Brindle.
2006-07-05 10:43:21 +00:00
Daniel J Walsh
0b33b45a9e
- Latest upgrade from NSA
...
Merged compiler cleanup patch from Karl MacMillan.
Merged fix warnings patch from Karl MacMillan.
2006-05-24 03:11:52 +00:00
Daniel J Walsh
a7c8fb25b4
- Latest upgrade from NSA
...
Changed require_class to reject permissions that have not been declared if
building a base module.
2006-04-05 17:46:41 +00:00
Daniel J Walsh
cb354e0254
- Latest upgrade from NSA
...
Fixed checkmodule to call link_modules prior to expand_module to handle
optionals.
Fixed require_class to avoid shadowing permissions already defined in an
inherited common definition.
2006-03-28 20:07:42 +00:00
Daniel J Walsh
01a9ba841e
- Latest upgrade from NSA
...
Moved processing of role and user require statements to 2nd pass.
2006-03-23 16:14:03 +00:00
Daniel J Walsh
af7b9d6c00
- Latest upgrade from NSA
...
Updated version for release.
Fixed bug in role dominance (define_role_dom).
2006-03-17 18:36:26 +00:00