Commit Graph

351 Commits

Author SHA1 Message Date
Daniel J Walsh
4676dbee55 - Add audit2why python bindings 2008-01-10 18:44:50 +00:00
Daniel J Walsh
082b5c93a4 - Add audit2why python bindings 2008-01-10 18:44:01 +00:00
Daniel J Walsh
9ec7726e1d - Add audit2why python bindings 2008-01-10 18:32:52 +00:00
Daniel J Walsh
625a8fb5a8 - Add pid_t typemap for swig bindings 2008-01-08 11:07:27 +00:00
Daniel J Walsh
5866f48366 - smp_mflag 2008-01-03 20:39:20 +00:00
Daniel J Walsh
e1e36a0421 - Fix spec file caused by spec review 2008-01-03 20:29:21 +00:00
Daniel J Walsh
41bd3b2ae1 - Upgrade to upstream
matchpathcon(8) man page update from Dan Walsh.
2007-12-11 02:52:13 +00:00
Daniel J Walsh
c4aa29e945 - Upgrade to upstream
dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley.
Based on a suggestion from Ulrich Drepper, defer regex compilation until we
    have a stem match, by Stephen Smalley.
A further optimization would be to defer regex compilation until we have a
    complete match of the constant prefix of the regex - TBD.
2007-11-30 20:13:08 +00:00
Daniel J Walsh
2a8f17ac0d - Upgrade to upstream
AVC enforcing mode override patch from Eamon Walsh.
Aligned attributes in AVC netlink code from Eamon Walsh.
- Move libselinux.so back into devel package, procps has been fixed
2007-11-15 15:29:15 +00:00
Daniel J Walsh
79584e53ac - Upgrade to upstream
Merged refactored AVC netlink code from Eamon Walsh.
Merged new X label namespaces from Eamon Walsh.
Bux fix and minor refactoring in string representation code.
2007-11-06 18:03:37 +00:00
Daniel J Walsh
39606ee687 - Upgrade to upstream
Merged selinux_get_callback, avc_open, empty string mapping from Eamon
    Walsh.
2007-10-05 17:20:30 +00:00
Daniel J Walsh
dcd9773ab2 - Fix segfault on missing file_context file 2007-09-27 17:55:13 +00:00
Daniel J Walsh
7cbfb0e27a - Upgrade to upstream
Make netlink socket close-on-exec to avoid descriptor leakage from Dan
    Walsh.
Pass CFLAGS when using gcc for linking from Dennis Gilmore.
2007-09-27 14:54:10 +00:00
Daniel J Walsh
ae054c560b *** empty log message *** 2007-09-24 15:56:01 +00:00
Daniel J Walsh
0102138c4a *** empty log message *** 2007-09-24 15:42:11 +00:00
Daniel J Walsh
0fa749d083 *** empty log message *** 2007-09-18 20:44:47 +00:00
Daniel J Walsh
71cd1381ef *** empty log message *** 2007-09-18 15:37:42 +00:00
Daniel J Walsh
31de56ffa4 *** empty log message *** 2007-09-13 12:29:38 +00:00
Daniel J Walsh
6a9919e596 *** empty log message *** 2007-09-06 12:37:00 +00:00
Daniel J Walsh
4e3172796e *** empty log message *** 2007-08-28 15:27:49 +00:00
Daniel J Walsh
13a4ef3ffe *** empty log message *** 2007-08-23 20:56:16 +00:00
Daniel J Walsh
fd5d99a5df *** empty log message *** 2007-08-21 19:45:34 +00:00
Daniel J Walsh
0e28882119 *** empty log message *** 2007-08-10 16:09:35 +00:00
Daniel J Walsh
569b015f4c *** empty log message *** 2007-08-10 16:01:16 +00:00
Daniel J Walsh
f3308819df *** empty log message *** 2007-08-10 15:46:47 +00:00
Daniel J Walsh
6e60f16b98 *** empty log message *** 2007-08-03 20:06:53 +00:00
Daniel J Walsh
44ef5d5d9f - Apply Steven Smalley patch to fix segfault in string_to_security_class 2007-07-23 14:23:50 +00:00
Daniel J Walsh
aebde7523f - Fix matchpathcon to set default myprintf 2007-07-18 17:54:00 +00:00
Daniel J Walsh
571ac2998d - Upgrade to upstream
Fix for getfilecon() for zero-length contexts from Stephen Smalley.
2007-07-16 18:22:25 +00:00
Daniel J Walsh
8ffc2801ed - Update to match flask/access_vectors in policy 2007-07-11 14:52:47 +00:00
Daniel J Walsh
8e8fca8665 - Fix man page markup lanquage for translations 2007-07-10 16:27:52 +00:00
Daniel J Walsh
3e1ba6da3a - Fix semanage segfault on x86 platform 2007-06-26 09:16:06 +00:00
Daniel J Walsh
029d48694c - Upgrade to upstream
Labeling and callback interface patches from Eamon Walsh.
2007-06-21 15:34:10 +00:00
Daniel J Walsh
d43108c05f - Upgrade to upstream
Labeling and callback interface patches from Eamon Walsh.
2007-06-21 14:40:52 +00:00
Daniel J Walsh
2324fecc2d - Upgrade to upstream
Class and permission mapping support patches from Eamon Walsh.
Object class discovery support patches from Chris PeBenito.
Refactoring and errno support in string representation code.
2007-06-11 18:39:53 +00:00
Daniel J Walsh
d60d4d2e31 - Upgrade to upstream
Merged patch to reduce size of libselinux and remove need for libsepol for
    embedded systems from Yuichi Nakamura. This patch also turns the
    link-time dependency on libsepol into a runtime (dlopen) dependency
    even in the non-embedded case.
2007-06-01 14:48:48 +00:00
Daniel J Walsh
35bc5a8a68 - Upgrade to upstream
Merged additional swig python bindings from Dan Walsh.
Merged helpful message when selinuxfs mount fails patch from Dax Kelson.
2007-05-18 14:52:28 +00:00
Daniel J Walsh
20f7b1cb99 - Upgrade to upstream
Merged build fix for avc_internal.c from Joshua Brindle.
2007-04-24 14:48:35 +00:00
Daniel J Walsh
4dca0c42c9 - Add get_context_list funcitions to swig file 2007-04-23 14:38:02 +00:00
Daniel J Walsh
a11359c0ea - Upgrade to upstream
Merged rpm_execcon python binding fix, matchpathcon man page fix, and
    getsebool -a handling for EACCES from Dan Walsh.
2007-04-12 20:07:39 +00:00
Daniel J Walsh
6265db0381 2007-04-12 16:50:49 +00:00
Daniel J Walsh
1b14f693da - Upgrade to upstream
Merged support for getting initial contexts from James Carter.
2007-04-11 13:12:34 +00:00
Daniel J Walsh
47b511b094 - Upgrade to upstream
Merged userspace AVC patch to follow kernel's behavior for permissive mode
    in caching previous denials from Eamon Walsh.
Merged sidput(NULL) patch from Eamon Walsh.
2007-04-09 19:50:05 +00:00
Daniel J Walsh
ff4b4da61f - Make rpm_exec swig work 2007-04-05 15:57:35 +00:00
Daniel J Walsh
ace2ebf6d7 - Upgrade to upstream
Merged class/av string conversion and avc_compute_create patch from Eamon
    Walsh.
2007-04-02 19:14:28 +00:00
Daniel J Walsh
9a53490979 - Upgrade to upstream
Merged fix for avc.h #include's from Eamon Walsh.
2007-03-27 20:07:00 +00:00
Daniel J Walsh
71021c8327 - Upgrade to upstream
Merged fix for avc.h #include's from Eamon Walsh.
2007-03-27 19:49:37 +00:00
Daniel J Walsh
98a61bfb92 - Add stdint.h to avc.h 2007-03-22 20:50:31 +00:00
Daniel J Walsh
22298b4b74 Merged patch to drop support for CACHETRANS=0 config option from Steve
Grubb.
Merged patch to drop support for old /etc/sysconfig/selinux and
    /etc/security policy file layout from Steve Grubb.
2007-03-13 00:20:29 +00:00
Daniel J Walsh
c7862e54aa - Do not fail on permission denied in getsebool 2007-03-08 16:15:36 +00:00
Daniel J Walsh
21eddb1fd0 - Upgrade to upstream
Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve
    Grubb.
2007-02-27 16:27:02 +00:00
Daniel J Walsh
8efd1ef10e - Upgrade to upstream
Removed sending of setrans init message.
Merged matchpathcon memory leak fix from Steve Grubb.
2007-02-23 21:49:32 +00:00
Daniel J Walsh
14de1c34ad - Upgrade to upstream
Merged patch from Todd Miller to convert int types over to C99 style.
2007-02-20 14:31:07 +00:00
Daniel J Walsh
29ad08b8d0 Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of
the use of the non-standard format %as. (original patch changed for
    style).
Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
Fri Jan 19 2007 Dan Walsh <dwalsh@redhat.com> - 1.34.0-2
- Add context function to python to split context into 4 parts
2007-02-07 19:39:11 +00:00
Daniel J Walsh
ad1a6889cc - Add context function to python to split context into 4 parts 2007-01-24 17:20:19 +00:00
Daniel J Walsh
751b5d4cbd - Upgrade to upstream
Updated version for stable branch.
2007-01-19 14:22:46 +00:00
Daniel J Walsh
e1e027390c - Upgrade to upstream
Merged man page updates to make "apropos selinux" work from Dan Walsh.
Mon Jan 15 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.5-1
- Upgrade to upstream
Merged getdefaultcon utility from Dan Walsh.
2007-01-17 16:12:56 +00:00
Daniel J Walsh
53158b7152 - Upgrade to upstream
Merged getdefaultcon utility from Dan Walsh.
2007-01-16 22:10:55 +00:00
Daniel J Walsh
5f8636d1e9 - Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli 2007-01-15 21:30:17 +00:00
Daniel J Walsh
a9c082be34 - Add reference to selinux man page in all man pages to make apropos work
Resolves: # 217881
2007-01-12 16:02:56 +00:00
Daniel J Walsh
05bd40847c - Upstream wanted some minor changes, upgrading to keep api the same
- Upgrade to upstream
#200110
2007-01-11 19:20:27 +00:00
Daniel J Walsh
1a8c15a969 - Upstream wanted some minor changes, upgrading to keep api the same
- Upgrade to upstream
#200110
2007-01-11 19:05:59 +00:00
Daniel J Walsh
e3bd599d8e - Cleanup patch 2007-01-09 15:02:46 +00:00
Daniel J Walsh
e6bab37d57 - Add securetty handling Resolves: #200110 2007-01-05 17:54:21 +00:00
Daniel J Walsh
273c47d43c - Upgrade to upstream
Merged patch for matchpathcon utility to use file mode information when
    available from Dan Walsh.
2007-01-04 22:09:55 +00:00
Jeremy Katz
0ee7a8fcb4 - rebuild against python 2.5 2006-12-07 15:46:04 +00:00
Daniel J Walsh
dbfbfbe639 - Fix matchpathcon to lstat files 2006-12-06 19:13:54 +00:00
Daniel J Walsh
846f2ad19d - Update man page 2006-11-30 18:11:20 +00:00
Daniel J Walsh
25aea25d22 - Upgrade to upstream 2006-11-28 14:25:28 +00:00
Daniel J Walsh
2bcf9654c5 - Add James Antill patch for login verification of MLS Levels
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
    infrastructure.
2006-11-03 22:14:51 +00:00
Daniel J Walsh
c27fc16cad - Upgrade to latest from NSA
Merged updated flask definitions from Darrel Goeddel. This adds the context
    security class, and also adds the string definitions for setsockcreate
    and polmatch.
2006-10-25 02:52:18 +00:00
Daniel J Walsh
e24dd65a42 - Upgrade to latest from NSA
Updated version for release.
2006-10-17 17:05:47 +00:00
Jesse Keating
9fcaa3e1fa bump for gcc bug 2006-10-01 20:19:56 +00:00
Daniel J Walsh
2a0f9c5cfa - Upgrade to latest from NSA
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
    polmatch definitions.
2006-09-29 18:12:11 +00:00
Daniel J Walsh
de746cb12c - Upgrade to latest from NSA
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
    polmatch definitions.
2006-09-29 15:56:32 +00:00
Daniel J Walsh
f6df692173 - Upgrade to latest from NSA
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
    polmatch definitions.
2006-09-29 15:56:14 +00:00
Jeremy Katz
95053689d2 - really make -devel depend on libsepol-devel 2006-09-28 01:51:37 +00:00
Daniel J Walsh
cfd1d1337d - Add sgrubb patch for polmatch 2006-09-25 14:19:06 +00:00
Daniel J Walsh
ab45727649 - Upgrade to latest from NSA
Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
2006-09-13 17:39:35 +00:00
Jeremy Katz
8a855c559b - have -devel require libsepol-devel 2006-09-05 19:44:37 +00:00
Daniel J Walsh
7bdc604160 - Upgrade to latest from NSA
Merged patch to not log avc stats upon a reset from Steve Grubb.
Applied patch to revert compat_net setting upon policy load.
Merged file context homedir and local path functions from Chris PeBenito.
2006-08-24 18:37:18 +00:00
Jesse Keating
88e5d3a474 rebuilt with latest binutils 2006-08-18 20:14:02 +00:00
Daniel J Walsh
77a0d2cc39 - Upgrade to latest from NSA
Merged file context homedir and local path functions from Chris PeBenito.
Rework functions that access /proc/pid/attr to access the per-thread nodes,
    and unify the code to simplify maintenance.
2006-08-12 11:21:11 +00:00
Daniel J Walsh
243c6756b4 - Upgrade to latest from NSA
Merged return value fix for *getfilecon() from Dan Walsh.
Merged sockcreate interfaces from Eric Paris.
2006-08-11 10:45:34 +00:00
Daniel J Walsh
b7bdc631f1 - Fix translation return codes to return size of buffer 2006-08-10 15:34:47 +00:00
Daniel J Walsh
ef26b847fa - Upgrade to latest from NSA
Merged no-tls-direct-seg-refs patch from Jeremy Katz.
Merged netfilter_contexts support patch from Chris PeBenito.
2006-08-04 22:49:48 +00:00
Daniel J Walsh
61ba667985 - Upgrade to latest from NSA
Merged context_*_set errno patch from Jim Meyering.
2006-08-02 21:05:42 +00:00
Jeremy Katz
75675c7d50 - only build non-fpic objects with -mno-tls-direct-seg-refs 2006-08-01 18:38:57 +00:00
Jeremy Katz
be0d45133a - build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults
with xen (#200783)
2006-08-01 18:26:09 +00:00
Daniel J Walsh
6b84a37b8f - Rebuild for new gcc 2006-07-17 13:12:11 +00:00
Daniel J Walsh
5a5a289fc8 - Rebuild for new gcc 2006-07-17 13:11:16 +00:00
Daniel J Walsh
1e7c365c44 - Fix libselinux to not telinit during installs 2006-07-11 19:26:08 +00:00
Daniel J Walsh
aa27b6bf81 - Upgrade to latest from NSA
Lindent.
Merged {get,set}procattrcon patch set from Eric Paris.
Merged re-base of keycreate patch originally by Michael LeMay from Eric
    Paris.
Regenerated Flask headers from refpolicy.
- Added selinux_file_context_{cmp,verify}.
- Added selinux_lsetfilecon_default.
- Delay translation of contexts in matchpathcon.
2006-07-05 10:42:47 +00:00
Daniel J Walsh
799720edd4 - Yet another change to matchpathcon 2006-06-21 20:16:13 +00:00
Daniel J Walsh
f4b45ddd03 - Turn off error printing in library. Need to compile with DEBUG to get it
back
2006-06-21 18:33:13 +00:00
Daniel J Walsh
2d9b36b51e - Fix error reporting of matchpathcon 2006-06-21 13:12:11 +00:00
Daniel J Walsh
645f93a8a5 - Add function to compare file context on disk versus contexts in
file_contexts file.
2006-06-20 20:30:59 +00:00
Daniel J Walsh
e60c844fba - Upgrade to latest from NSA
Added selinux_getpolicytype() function.
Modified setrans code to skip processing if !mls_enabled.
Set errno in the !selinux_mnt case.
Allocate large buffers from the heap, not on stack. Affects
    is_context_customizable, selinux_init_load_policy, and
    selinux_getenforcemode.
2006-06-16 19:16:03 +00:00
Daniel J Walsh
8389437eda - Add selinux_getpolicytype() 2006-06-09 19:43:52 +00:00
Daniel J Walsh
af1839bde5 - Upgrade to latest from NSA
Merged !selinux_mnt checks from Ian Kent.
2006-06-05 18:52:19 +00:00