rpms/checkpolicy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Commit Graph

  • 7c6d84d139 - Latest update from NSA Add support for building Xen policies from Paul Nuzzi. Add long options to checkpolicy and checkmodule by Guido Trentalancia <guido@trentalancia.com> Daniel J Walsh 2009-12-01 22:50:19 +0000
  • 33508b5322 Fix typo that causes a failure to update the common directory. (releng #2781) Bill Nottingham 2009-11-25 22:47:31 +0000
  • 377ab91c67 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild Jesse Keating 2009-07-24 18:52:16 +0000
  • 6cd52708e4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild Jesse Keating 2009-02-24 07:15:25 +0000
  • 69181ce9f3 - Latest update from NSA Fix alias field in module format, caused by boundary format change from Caleb Case. Daniel J Walsh 2009-02-18 21:54:40 +0000
  • 31c67841df - Rebuild with new libsepol Daniel J Walsh 2008-07-08 12:08:04 +0000
  • f0fa1b8c8a - Rebuild with new libsepol Daniel J Walsh 2008-07-08 12:05:35 +0000
  • 4325162102 fix license tag Tom Callaway 2008-05-28 21:41:21 +0000
  • d9e3ea1a9d - Latest update from NSA Update checkpolicy for user and role mapping support from Joshua Brindle. Daniel J Walsh 2008-05-28 15:15:49 +0000
  • a17aa67c97 - Allow modules with 4 sections or more Daniel J Walsh 2008-05-06 18:22:18 +0000
  • ce4fbaf6a7 - Latest update from NSA Add permissive domain support from Eric Paris. Daniel J Walsh 2008-04-14 19:34:07 +0000
  • 1ca4c44086 - Latest update from NSA Add permissive domain support from Eric Paris. Daniel J Walsh 2008-03-27 17:39:08 +0000
  • 3181c033e3 - Latest update from NSA Split out non-grammar parts of policy_parse.yacc into policy_define.c and policy_define.h from Todd C. Miller. Initialize struct policy_file before using it, from Todd C. Miller. Remove unused define, move variable out of .y file, simplify COND_ERR, from Todd C. Miller. Daniel J Walsh 2008-03-14 00:24:03 +0000
  • 164c17c9c1 - Latest update from NSA Split out non-grammar parts of policy_parse.yacc into policy_define.c and policy_define.h from Todd C. Miller. Initialize struct policy_file before using it, from Todd C. Miller. Remove unused define, move variable out of .y file, simplify COND_ERR, from Todd C. Miller. Daniel J Walsh 2008-03-13 23:47:55 +0000
  • e22ff16832 - Latest update from NSA Use yyerror2() where appropriate from Todd C. Miller. - Build against latest libsepol Daniel J Walsh 2008-02-28 21:57:00 +0000
  • 35299999e4 - Start shipping sedismod and sedispol Daniel J Walsh 2008-02-22 19:33:37 +0000
  • 88d15070c2 - Latest update from NSA Update dispol for libsepol avtab changes from Stephen Smalley. Daniel J Walsh 2008-02-04 19:06:00 +0000
  • d793dcb07e - Latest update from NSA Update dispol for libsepol avtab changes from Stephen Smalley. Daniel J Walsh 2008-02-04 17:24:34 +0000
  • 1257a8cea9 - Latest update from NSA Deprecate role dominance in parser. Daniel J Walsh 2008-01-25 16:19:00 +0000
  • 2cb30aa859 - Update to use libsepol-static library Daniel J Walsh 2008-01-23 20:19:17 +0000
  • 4dd1371296 - Update to use libsepol-static library Daniel J Walsh 2008-01-21 21:42:58 +0000
  • 5c3895bc13 - Latest update from NSA Initialize the source file name from the command line argument so that checkpolicy/checkmodule report something more useful than "unknown source". Merged remove use of REJECT and trailing context in lex rules; make ipv4 address parsing like ipv6 from James Carter. Daniel J Walsh 2007-11-15 18:41:43 +0000
  • b3826e5a21 makefile update to properly grab makefile.common Bill Nottingham 2007-10-15 18:39:30 +0000
  • 5d693896f6 Merged handle unknown policydb flag support from Eric Paris. Adds new command line options -U {allow, reject, deny} for selecting the flag when a base module or kernel policy is built. Daniel J Walsh 2007-09-19 00:20:03 +0000
  • 3667d6eef5 - Rebuild for selinux ppc32 issue. Jesse Keating 2007-08-29 04:03:17 +0000
  • 7b1ac7a22c - Rebuild with the latest libsepol Daniel J Walsh 2007-06-18 18:20:26 +0000
  • 4bd6947fff - Latest update from NSA Merged fix for segfault on duplicate require of sensitivity from Caleb Case. Merged fix for dead URLs in checkpolicy man pages from Dan Walsh. Daniel J Walsh 2007-06-04 19:21:50 +0000
  • 7b7e59092d - Latest update from NSA Merged checkmodule man page fix from Dan Walsh. Daniel J Walsh 2007-04-12 20:05:28 +0000
  • ebb6b2e693 - Rebuild with new libsepol Daniel J Walsh 2007-03-30 16:14:13 +0000
  • 7f274195c4 - Rebuild with new libsepol Daniel J Walsh 2007-03-29 18:01:38 +0000
  • c1870cdf3a - Latest update from NSA Merged patch to allow dots in class identifiers from Caleb Case. Daniel J Walsh 2007-02-20 14:59:15 +0000
  • 1ec43fbb6a - Latest update from NSA Merged patch to use new libsepol error codes by Karl MacMillan. Updated version for stable branch. Daniel J Walsh 2007-02-07 21:42:36 +0000
  • efbbda85bd - Rebuild for new libraries Daniel J Walsh 2006-11-28 19:04:15 +0000
  • f9c5836922 - Latest update from NSA Collapse user identifiers and identifiers together. Daniel J Walsh 2006-11-28 18:56:56 +0000
  • c2957dde68 - Latest update from NSA Collapse user identifiers and identifiers together. Daniel J Walsh 2006-11-14 14:50:36 +0000
  • 9e6b63128e - Latest update from NSA Updated version for release. Daniel J Walsh 2006-11-03 21:45:02 +0000
  • 2fc5612c93 - Latest update from NSA Merged user and range_transition support for modules from Darrel Goeddel Daniel J Walsh 2006-09-29 14:22:59 +0000
  • 39e4bfb0e8 - Latest update from NSA merged range_transition enhancements and user module format changes from Darrel Goeddel Merged symtab datum patch from Karl MacMillan. Daniel J Walsh 2006-09-06 18:16:16 +0000
  • d6c461cca2 bumped for rebuild Jesse Keating 2006-07-12 04:47:50 +0000
  • 0962a544c8 - Latest upgrade from NSA Lindent. Merged patch to remove TE rule conflict checking from the parser from Joshua Brindle. This can only be done properly by the expander. Merged patch to make checkpolicy/checkmodule handling of duplicate/conflicting TE rules the same as the expander from Joshua Brindle. Merged optionals in base take 2 patch set from Joshua Brindle. Daniel J Walsh 2006-07-05 10:43:21 +0000
  • 0b33b45a9e - Latest upgrade from NSA Merged compiler cleanup patch from Karl MacMillan. Merged fix warnings patch from Karl MacMillan. Daniel J Walsh 2006-05-24 03:11:52 +0000
  • a7c8fb25b4 - Latest upgrade from NSA Changed require_class to reject permissions that have not been declared if building a base module. Daniel J Walsh 2006-04-05 17:46:41 +0000
  • cb354e0254 - Latest upgrade from NSA Fixed checkmodule to call link_modules prior to expand_module to handle optionals. Fixed require_class to avoid shadowing permissions already defined in an inherited common definition. Daniel J Walsh 2006-03-28 20:07:42 +0000
  • d914ad5a8c - Rebuild with new libsepol Daniel J Walsh 2006-03-27 22:13:22 +0000
  • 01a9ba841e - Latest upgrade from NSA Moved processing of role and user require statements to 2nd pass. Daniel J Walsh 2006-03-23 16:14:03 +0000
  • af7b9d6c00 - Latest upgrade from NSA Updated version for release. Fixed bug in role dominance (define_role_dom). Daniel J Walsh 2006-03-17 18:36:26 +0000
  • dcec148fc4 - Latest upgrade from NSA Added a check for failure to declare each sensitivity in a level definition. Changed to clone level data for aliased sensitivities to avoid double free upon sens_destroy. Bug reported by Kevin Carr of Tresys Technology. Daniel J Walsh 2006-02-17 20:00:08 +0000
  • d0cfe1d1ab - Latest upgrade from NSA Added a check for failure to declare each sensitivity in a level definition. Changed to clone level data for aliased sensitivities to avoid double free upon sens_destroy. Bug reported by Kevin Carr of Tresys Technology. Daniel J Walsh 2006-02-16 18:44:15 +0000
  • 6d151699a3 - Latest upgrade from NSA Merged optionals in base patch from Joshua Brindle. Daniel J Walsh 2006-02-13 19:31:17 +0000
  • bc40ef4345 - Need to build again Daniel J Walsh 2006-02-13 15:28:42 +0000
  • f6e3697d00 bump for bug in double-long on ppc(64) Jesse Keating 2006-02-11 02:15:00 +0000
  • 7cb707226a - Latest upgrade from NSA Merged sepol_av_to_string patch from Joshua Brindle. Daniel J Walsh 2006-02-07 15:33:17 +0000
  • 6c329b1c58 bump for new gcc/glibc Jesse Keating 2006-02-07 11:14:04 +0000
  • 41344977f8 - Rebuild to get latest libsepol Daniel J Walsh 2006-01-13 22:33:16 +0000
  • d8a7f7e3b2 - Rebuild to get latest libsepol Daniel J Walsh 2006-01-05 22:02:52 +0000
  • 7f0d3160ab - Rebuild to get latest libsepol Daniel J Walsh 2006-01-05 21:58:33 +0000
  • 55423c321d - Rebuild to get latest libsepol Daniel J Walsh 2006-01-04 18:55:25 +0000
  • b1640a4ffb - Rebuild to get latest libsepol Daniel J Walsh 2005-12-16 14:18:43 +0000
  • aba9acb9b5 gcc update bump Jesse Keating 2005-12-09 22:39:58 +0000
  • 6300e4418d - Latest upgrade from NSA Daniel J Walsh 2005-12-09 18:24:24 +0000
  • 428c7aa7cd - Latest upgrade from NSA Merged checkmodule man page from Dan Walsh, and edited it. Daniel J Walsh 2005-12-04 13:13:34 +0000
  • e8c9487983 - Latest upgrade from NSA Added error checking of all ebitmap_set_bit calls for out of memory conditions. Merged removal of compatibility handling of netlink classes (requirement that policies with newer versions include the netlink class definitions, remapping of fine-grained netlink classes in newer source policies to single netlink class when generating older policies) from George Coker. Daniel J Walsh 2005-12-01 20:02:47 +0000
  • 671fd361f0 - Rebuild to get latest libsepol Daniel J Walsh 2005-11-10 02:44:34 +0000
  • 647b078eee - Rebuild to get latest libsepol Daniel J Walsh 2005-11-08 23:42:05 +0000
  • 72ae42ae01 - Rebuild to get latest libsepol Daniel J Walsh 2005-11-07 14:50:52 +0000
  • 6b2bcc3c72 - Rebuild to get latest libsepol Daniel J Walsh 2005-11-03 15:48:45 +0000
  • a7259909df - Rebuild to get latest libsepol Daniel J Walsh 2005-10-31 21:03:46 +0000
  • e003d30798 - Rebuild to get latest libsepol Daniel J Walsh 2005-10-28 19:25:01 +0000
  • f4574040bd - Latest upgrade from NSA Merged dismod fix from Joshua Brindle. Daniel J Walsh 2005-10-25 19:18:26 +0000
  • 33c5c28812 - Latest upgrade from NSA Removed obsolete cond_check_type_rules() function and call and cond_optimize_lists() call from checkpolicy.c; these are handled during parsing and expansion now. Updated calls to expand_module for interface change. Changed checkmodule to verify that expand_module succeeds when building base modules. Merged module compiler fixes from Joshua Brindle. Removed direct calls to hierarchy_check_constraints() and check_assertions() from checkpolicy since they are now called internally by expand_module(). Daniel J Walsh 2005-10-21 18:48:50 +0000
  • af4dd8d071 - Latest upgrade from NSA Removed obsolete cond_check_type_rules() function and call and cond_optimize_lists() call from checkpolicy.c; these are handled during parsing and expansion now. Updated calls to expand_module for interface change. Changed checkmodule to verify that expand_module succeeds when building base modules. Merged module compiler fixes from Joshua Brindle. Removed direct calls to hierarchy_check_constraints() and check_assertions() from checkpolicy since they are now called internally by expand_module(). Daniel J Walsh 2005-10-20 20:34:02 +0000
  • acfce4cb75 - Latest upgrade from NSA Updated for changes to sepol policydb_index_others interface. Daniel J Walsh 2005-10-18 18:27:54 +0000
  • b1c24f328b - Latest upgrade from NSA Updated for changes to sepol expand_module and link_modules interfaces. Sat Oct 15 2005 Dan Walsh <dwalsh@redhat.com> 1.27.9-2 - Rebuild to get latest libsepol Daniel J Walsh 2005-10-18 14:17:02 +0000
  • f0af6ae6b8 - Rebuild to get latest libsepol Daniel J Walsh 2005-10-15 12:27:09 +0000
  • 571771b17d - Latest upgrade from NSA Merged support for require blocks inside conditionals from Joshua Brindle (Tresys). Daniel J Walsh 2005-10-14 12:31:36 +0000
  • c7eb5fa60e - add buildrequirement for libselinux-devel for dispol Karsten Hopp 2005-10-12 12:02:45 +0000
  • 1b6c428fd8 - Latest upgrade from NSA Updated for changes to libsepol. Daniel J Walsh 2005-10-10 13:00:20 +0000
  • e191585b52 - Rebuild to get latest libsepol Daniel J Walsh 2005-10-07 14:19:15 +0000
  • b8c325caf1 - Latest upgrade from NSA Merged several bug fixes from Joshua Brindle (Tresys). Daniel J Walsh 2005-10-06 16:08:53 +0000
  • 43314203eb - Latest upgrade from NSA Merged MLS in modules patch from Joshua Brindle (Tresys). Daniel J Walsh 2005-10-04 18:02:36 +0000
  • 1bc86e3fa3 - Rebuild to get latest libsepol Daniel J Walsh 2005-10-03 13:23:30 +0000
  • e21e3bfb9d - Latest upgrade from NSA Merged error handling improvement in checkmodule from Karl MacMillan (Tresys). Daniel J Walsh 2005-09-29 01:18:06 +0000
  • d3c90af390 - Latest upgrade from NSA Merged bugfix for dup role transition error messages from Karl MacMillan (Tresys). Daniel J Walsh 2005-09-27 19:00:56 +0000
  • c95e46a95f - Rebuild to get latest libsepol Daniel J Walsh 2005-09-21 18:23:46 +0000
  • e34019964c - Latest upgrade from NSA Fixed parse_categories handling of undefined category. Daniel J Walsh 2005-09-21 14:18:23 +0000
  • ba974b169b - Latest upgrade from NSA Merged bug fix for role dominance handling from Darrel Goeddel (TCS). Wed Sep 14 2005 Dan Walsh <dwalsh@redhat.com> 1.26-2 - Rebuild to get latest libsepol Daniel J Walsh 2005-09-17 11:40:23 +0000
  • a9313a61a4 - Rebuild to get latest libsepol Daniel J Walsh 2005-09-15 14:55:49 +0000
  • af1d472265 - Rebuild to get latest libsepol Daniel J Walsh 2005-09-14 19:36:33 +0000
  • 7ba2db9576 - Latest upgrade from NSA Updated version for release. - Rebuild to get latest libsepol Daniel J Walsh 2005-09-12 20:30:47 +0000
  • edf32bd45a - Rebuild to get latest libsepol Daniel J Walsh 2005-09-01 16:17:07 +0000
  • 0f4afaf913 - Rebuild to get latest libsepol Daniel J Walsh 2005-08-29 14:22:45 +0000
  • f28bede7d6 - Update to NSA Release Fixed handling of validatetrans constraint expressions. Bug reported by Dan Walsh for checkpolicy -M. Daniel J Walsh 2005-08-24 15:28:06 +0000
  • 23957130df - Fix mls crash Daniel J Walsh 2005-08-22 18:13:47 +0000
  • b846509581 - Update to NSA Release Merged use-after-free fix from Serge Hallyn (IBM). Bug found by Coverity. Daniel J Walsh 2005-08-19 19:56:18 +0000
  • cac0f0ba38 - Update to NSA Release Fixed further memory leaks found by valgrind. Changed checkpolicy to destroy the policydbs prior to exit to allow leak detection. Fixed several memory leaks found by valgrind. Daniel J Walsh 2005-08-15 20:17:00 +0000
  • 14ec964ccf - Rebuild to get latest libsepol changes Daniel J Walsh 2005-08-14 20:04:47 +0000
  • a660f4e82b - Rebuild to get latest libsepol changes Daniel J Walsh 2005-08-13 10:03:25 +0000
  • 6798389672 - Update to NSA Release The binary policy format version has been incremented to version 20 as a result of these changes. To build a policy for a kernel that does not yet include these changes, use the -c 19 option to checkpolicy. Merged patch to prohibit use of "self" as a type name from Jason Tang (Tresys). Merged patch to fix dismod compilation from Joshua Brindle (Tresys). Daniel J Walsh 2005-08-12 02:57:19 +0000
  • 2d61bf5dd0 - Update to NSA Release Fixed call to hierarchy checking code to pass the right policydb. Merged patch to update dismod for the relocation of the module read/write code from libsemanage to libsepol, and to enable build of test subdirectory from Jason Tang (Tresys). Daniel J Walsh 2005-08-10 21:05:55 +0000
  • eb71cf87d9 - Update to NSA Release Merged hierarchy check fix from Joshua Brindle (Tresys). Daniel J Walsh 2005-08-02 16:58:50 +0000