Commit Graph

327 Commits

Author SHA1 Message Date
Daniel J Walsh
fb1f51806c - Build with new libsepol 2006-01-04 18:34:57 +00:00
Daniel J Walsh
dab5a2cb5a - Upgrade to latest from NSA
- corrected use of getline
- further calls to __fsetlocking for local files
- use of strdupa and asprintf
- proper handling of dirent in booleans code
- use of -z relro
- several other optimizations
Merged getpidcon python wrapper from Dan Walsh (Red Hat).
2006-01-04 15:40:59 +00:00
Daniel J Walsh
cac4888385 - Add build requires line for libsepol-devel 2005-12-24 13:03:59 +00:00
Daniel J Walsh
407234b39f - Fix swig call for getpidcon 2005-12-20 14:44:43 +00:00
Daniel J Walsh
41b7ee2ce3 - Move libselinux.so to base package 2005-12-19 14:35:26 +00:00
Daniel J Walsh
0b65dc6081 - Upgrade to latest from NSA
Merged call to finish_context_translations from Dan Walsh. This eliminates
    a memory leak from failing to release memory allocated by libsetrans.
2005-12-14 19:22:10 +00:00
Daniel J Walsh
6c4b73afbd - Upgrade to latest from NSA
Merged call to finish_context_translations from Dan Walsh. This eliminates
    a memory leak from failing to release memory allocated by libsetrans.
2005-12-14 19:19:29 +00:00
Daniel J Walsh
3371166078 - update to latest libsetrans
- Fix potential memory leak
2005-12-13 20:44:36 +00:00
Daniel J Walsh
d21de0e9f0 - update to latest libsetrans 2005-12-11 17:26:58 +00:00
Jesse Keating
16eca654b0 gcc update bump 2005-12-09 22:41:41 +00:00
Daniel J Walsh
2774b7d0d8 - Update to never version
Merged patch for swig interfaces from Dan Walsh.
2005-12-08 18:04:22 +00:00
Daniel J Walsh
a73f673890 - Update to never version 2005-12-08 04:36:24 +00:00
Daniel J Walsh
710322bbd4 - Update to never version 2005-12-08 04:35:07 +00:00
Daniel J Walsh
0e39b77de1 - Fix some of the python swig objects 2005-12-07 15:53:55 +00:00
Daniel J Walsh
38b50da3f8 - Update to latest from NSA
Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified
    matchpathcon implementation to make context validation/
    canonicalization optional at matchpathcon_init time, deferring it to a
    successful matchpathcon by default unless the new flag is set by the
    caller.
Added matchpathcon_init_prefix() interface, and reworked matchpathcon
    implementation to support selective loading of file contexts entries
    based on prefix matching between the pathname regex stems and the
    specified path prefix (stem must be a prefix of the specified path
    prefix).
2005-12-01 19:20:49 +00:00
Daniel J Walsh
827fc8369b - Update to latest from NSA
Change getsebool to return on/off instead of active/inactive
2005-11-30 20:10:18 +00:00
Daniel J Walsh
56d326bb01 - Change getsebool to return on/off instead of active/inactive 2005-11-29 19:21:03 +00:00
Daniel J Walsh
116a5b0c09 - Update to latest from NSA
Added -f file_contexts option to matchpathcon util. Fixed warning message
    in matchpathcon_init().
Merged Makefile python definitions patch from Dan Walsh.
2005-11-29 18:47:52 +00:00
Daniel J Walsh
998386142a Merged swigify patch from Dan Walsh. 2005-11-29 03:04:19 +00:00
Daniel J Walsh
86e0b5f76e - Separate out libselinux-python bindings into separate rpm 2005-11-29 03:02:30 +00:00
Daniel J Walsh
4bb08c52c4 - Separate out libselinux-python bindings into separate rpm 2005-11-28 22:02:25 +00:00
Daniel J Walsh
555b9174f8 - Readd libsetrans requirement 2005-11-22 17:53:13 +00:00
Daniel J Walsh
ae85aab0af - Add python bindings 2005-11-17 17:13:50 +00:00
Daniel J Walsh
ac2f72cc37 - Update to latest from NSA
Merged make failure in rpm_execcon non-fatal in permissive mode patch from
    Ivan Gyurdiev.
2005-11-17 02:41:51 +00:00
Daniel J Walsh
f0d8402adc - Remove requirement for libsetrans 2005-11-16 02:10:36 +00:00
Daniel J Walsh
67ec76fa36 - Update to latest from NSA
Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified
    matchpathcon_init() to skip context translation if it is set by the
    caller.
2005-11-09 01:39:32 +00:00
Daniel J Walsh
848a7fab72 - Update to latest from NSA
Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified
    matchpathcon_init() to skip context translation if it is set by the
    caller.
2005-11-09 01:36:44 +00:00
Daniel J Walsh
e6236defe6 - Update to latest from NSA
Added security_canonicalize_context() interface and
    set_matchpathcon_canoncon() interface for obtaining canonical contexts.
    Changed matchpathcon internals to obtain canonical contexts by default.
    Provided fallback for kernels that lack extended selinuxfs context
    interface.
- Patch to not translate mls when calling setfiles
2005-11-08 23:41:10 +00:00
Daniel J Walsh
70810f17e4 - Patch to not translate mls when calling setfiles 2005-11-08 19:18:13 +00:00
Daniel J Walsh
69e4fdee5a fix spec 2005-11-08 19:11:58 +00:00
Daniel J Walsh
37bc4557e3 - Don't strip mls context if selinux is not enabled. 2005-11-08 19:09:28 +00:00
Daniel J Walsh
8f768f0ce7 - Update to latest from NSA
Merged seusers parser changes from Ivan Gyurdiev.
Merged setsebool to libsemanage patch from Ivan Gyurdiev.
Changed seusers parser to reject empty fields.
2005-11-07 14:50:45 +00:00
Daniel J Walsh
e559debc39 Merged seusers empty level handling patch from Jonathan Kim (TCS). 2005-11-04 14:49:42 +00:00
Daniel J Walsh
da7a013c49 - Rebuild for latest libsepol 2005-11-03 20:04:43 +00:00
Daniel J Walsh
93060b5d12 - Rebuild for latest libsepol 2005-11-03 15:46:44 +00:00
Daniel J Walsh
597ff86a91 - Rebuild for latest libsepol 2005-10-31 20:31:40 +00:00
Daniel J Walsh
08d2242291 - Change default to __default__ 2005-10-27 17:57:25 +00:00
Daniel J Walsh
9f412a6358 - Change default to __default__ 2005-10-26 20:32:58 +00:00
Daniel J Walsh
54939fac9a - Add selinux_translations_path 2005-10-25 22:03:43 +00:00
Daniel J Walsh
2300981c61 - Update to latest from NSA
Merged selinux_path() and selinux_homedir_context_path() functions from
    Joshua Brindle.
2005-10-25 19:17:22 +00:00
Daniel J Walsh
8ab39e56ae - Need to check for /sbin/telinit 2005-10-21 16:26:20 +00:00
Daniel J Walsh
f6b11f6673 - Need to check for /sbin/telinit 2005-10-21 14:51:35 +00:00
Daniel J Walsh
3ef1de9af9 - Update to latest from NSA
Merged fixes for make DESTDIR= builds from Joshua Brindle.
2005-10-20 20:34:28 +00:00
Daniel J Walsh
78dc042098 - Update to latest from NSA
Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red
    Hat).
Updated call to sepol_policydb_to_image for sepol changes.
Changed getseuserbyname to ignore empty lines and to handle no matching
    entry in the same manner as no seusers file.
2005-10-18 18:27:41 +00:00
Daniel J Walsh
61427961fc - 2005-10-17 18:19:07 +00:00
Daniel J Walsh
d5c6e72c48 - Tell init to reexec itself in post script 2005-10-14 16:11:08 +00:00
Daniel J Walsh
c521275b65 - Update to latest from NSA
Changed selinux_mkload_policy to try downgrading the latest policy version
    available to the kernel-supported version.
Changed selinux_mkload_policy to fall back to the maximum policy version
    supported by libsepol if the kernel policy version falls outside of the
    supported range.
2005-10-14 12:34:19 +00:00
Daniel J Walsh
555e97b002 - Update to latest from NSA
Changed getseuserbyname to fall back to the Linux username and NULL level
    if seusers config file doesn't exist unless REQUIRESEUSERS=1 is set in
    /etc/selinux/config.
Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
2005-10-13 13:12:23 +00:00
Daniel J Walsh
b19e5c854f - Update to latest from NSA
Changed getseuserbyname to fall back to the Linux username and NULL level
    if seusers config file doesn't exist unless REQUIRESEUSERS=1 is set in
    /etc/selinux/config.
Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
2005-10-07 14:09:21 +00:00
Daniel J Walsh
33b55398a2 - Update to latest from NSA
Added selinux_init_load_policy() function as an even higher level interface
    for the initial policy load by /sbin/init. This obsoletes the
    load_policy() function in the sysvinit-selinux.patch.
Added selinux_mkload_policy() function as a higher level interface for
    loading policy than the security_load_policy() interface.
2005-10-06 19:03:52 +00:00