Update to upstream
* Turn off default user handling when computing user contexts by Dan Walsh
This commit is contained in:
parent
148fda2b16
commit
1fefea1eb1
1
.gitignore
vendored
1
.gitignore
vendored
@ -181,3 +181,4 @@ libselinux-2.0.94.tgz
|
|||||||
libselinux-2.0.96.tgz
|
libselinux-2.0.96.tgz
|
||||||
/libselinux-2.0.97.tgz
|
/libselinux-2.0.97.tgz
|
||||||
/libselinux-2.0.98.tgz
|
/libselinux-2.0.98.tgz
|
||||||
|
/libselinux-2.0.99.tgz
|
||||||
|
@ -1,85 +1,3 @@
|
|||||||
diff --git a/libselinux/man/man8/selinux.8 b/libselinux/man/man8/selinux.8
|
|
||||||
index 5caa592..1fc5b95 100644
|
|
||||||
--- a/libselinux/man/man8/selinux.8
|
|
||||||
+++ b/libselinux/man/man8/selinux.8
|
|
||||||
@@ -1,7 +1,7 @@
|
|
||||||
.TH "selinux" "8" "29 Apr 2005" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
||||||
|
|
||||||
.SH "NAME"
|
|
||||||
-selinux \- NSA Security-Enhanced Linux (SELinux)
|
|
||||||
+SELinux \- NSA Security-Enhanced Linux (SELinux)
|
|
||||||
|
|
||||||
.SH "DESCRIPTION"
|
|
||||||
|
|
||||||
@@ -62,12 +62,12 @@ compile-time tunable options and a set of runtime policy booleans.
|
|
||||||
.B system-config-securitylevel
|
|
||||||
allows customization of these booleans and tunables.
|
|
||||||
|
|
||||||
-Many domains that are protected by SELinux also include selinux man pages explainging how to customize their policy.
|
|
||||||
+Many domains that are protected by SELinux also include SELinux man pages explaining how to customize their policy.
|
|
||||||
|
|
||||||
.SH FILE LABELING
|
|
||||||
|
|
||||||
All files, directories, devices ... have a security context/label associated with them. These context are stored in the extended attributes of the file system.
|
|
||||||
-Problems with SELinux often arise from the file system being mislabeled. This can be caused by booting the machine with a non selinux kernel. If you see an error message containing file_t, that is usually a good indicator that you have a serious problem with file system labeling.
|
|
||||||
+Problems with SELinux often arise from the file system being mislabeled. This can be caused by booting the machine with a non SELinux kernel. If you see an error message containing file_t, that is usually a good indicator that you have a serious problem with file system labeling.
|
|
||||||
|
|
||||||
The best way to relabel the file system is to create the flag file /.autorelabel and reboot. system-config-securitylevel, also has this capability. The restorcon/fixfiles commands are also available for relabeling files.
|
|
||||||
|
|
||||||
diff --git a/libselinux/man/man8/selinuxconlist.8 b/libselinux/man/man8/selinuxconlist.8
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000..c698daa
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/libselinux/man/man8/selinuxconlist.8
|
|
||||||
@@ -0,0 +1,18 @@
|
|
||||||
+.TH "selinuxconlist" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
||||||
+.SH "NAME"
|
|
||||||
+selinuxconlist \- list all SELinux context reachable for user
|
|
||||||
+.SH "SYNOPSIS"
|
|
||||||
+.B selinuxconlist [-l level] user [context]
|
|
||||||
+
|
|
||||||
+.SH "DESCRIPTION"
|
|
||||||
+.B selinuxconlist
|
|
||||||
+reports the list of context reachable for user from the current context or specified context
|
|
||||||
+
|
|
||||||
+.B \-l level
|
|
||||||
+mcs/mls level
|
|
||||||
+
|
|
||||||
+.SH AUTHOR
|
|
||||||
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
||||||
+
|
|
||||||
+.SH "SEE ALSO"
|
|
||||||
+secon(8), selinuxdefcon(8)
|
|
||||||
diff --git a/libselinux/man/man8/selinuxdefcon.8 b/libselinux/man/man8/selinuxdefcon.8
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000..3cbeff2
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/libselinux/man/man8/selinuxdefcon.8
|
|
||||||
@@ -0,0 +1,24 @@
|
|
||||||
+.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
||||||
+.SH "NAME"
|
|
||||||
+selinuxdefcon \- report default SELinux context for user
|
|
||||||
+
|
|
||||||
+.SH "SYNOPSIS"
|
|
||||||
+.B selinuxdefcon [-l level] user fromcon
|
|
||||||
+
|
|
||||||
+.SH "DESCRIPTION"
|
|
||||||
+.B selinuxdefcon
|
|
||||||
+reports the default context for the specified user from the specified context
|
|
||||||
+
|
|
||||||
+.B \-l level
|
|
||||||
+mcs/mls level
|
|
||||||
+
|
|
||||||
+.SH EXAMPLE
|
|
||||||
+# selinuxdefcon jsmith system_u:system_r:sshd_t:s0
|
|
||||||
+.br
|
|
||||||
+unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
|
|
||||||
+
|
|
||||||
+.SH AUTHOR
|
|
||||||
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
||||||
+
|
|
||||||
+.SH "SEE ALSO"
|
|
||||||
+secon(8), selinuxconlist(8)
|
|
||||||
diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
|
diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
|
||||||
index bf665ab..ccd08ae 100644
|
index bf665ab..ccd08ae 100644
|
||||||
--- a/libselinux/src/Makefile
|
--- a/libselinux/src/Makefile
|
||||||
|
@ -1,13 +1,13 @@
|
|||||||
%global with_python3 1
|
%global with_python3 1
|
||||||
|
|
||||||
%define ruby_sitearch %(ruby -rrbconfig -e "puts Config::CONFIG['sitearchdir']")
|
%define ruby_sitearch %(ruby -rrbconfig -e "puts Config::CONFIG['sitearchdir']")
|
||||||
%define libsepolver 2.0.32-1
|
%define libsepolver 2.0.42-3
|
||||||
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
||||||
|
|
||||||
Summary: SELinux library and simple utilities
|
Summary: SELinux library and simple utilities
|
||||||
Name: libselinux
|
Name: libselinux
|
||||||
Version: 2.0.98
|
Version: 2.0.99
|
||||||
Release: 4%{?dist}
|
Release: 1%{?dist}
|
||||||
License: Public Domain
|
License: Public Domain
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
|
Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
|
||||||
@ -236,13 +236,17 @@ exit 0
|
|||||||
%{ruby_sitearch}/selinux.so
|
%{ruby_sitearch}/selinux.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.98-4
|
* Tue Mar 1 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-1
|
||||||
|
- Update to upstream
|
||||||
|
* Turn off default user handling when computing user contexts by Dan Walsh
|
||||||
|
|
||||||
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org>
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||||
|
|
||||||
* Tue Feb 1 2012 Dan Walsh <dwalsh@redhat.com> - 2.0.98-3
|
* Tue Feb 1 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.98-3
|
||||||
- Fixup selinux man page
|
- Fixup selinux man page
|
||||||
|
|
||||||
* Tue Jan 18 2012 Dan Walsh <dwalsh@redhat.com> - 2.0.98-2
|
* Tue Jan 18 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.98-2
|
||||||
- Fix Makefile to use pkg-config --cflags python3 to discover include paths
|
- Fix Makefile to use pkg-config --cflags python3 to discover include paths
|
||||||
|
|
||||||
* Tue Dec 21 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.98-1
|
* Tue Dec 21 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.98-1
|
||||||
|
Loading…
Reference in New Issue
Block a user