Dan Walsh
2c3aaeae1e
Move /selinux to /sys/fs/selinux
...
Add selinuxexeccon
Add realpath to matchpathcon to handle matchpathcon * type queries.
2011-05-25 14:25:56 -04:00
Dan Walsh
71e7978d45
Update for latest libsepol
2011-04-21 12:02:22 -04:00
Dan Walsh
f0ee56705a
Update for latest libsepol
2011-04-18 09:33:23 -04:00
Dan Walsh
73bed069d2
Fix restorecon python binding to accept relative paths
2011-04-13 16:51:22 -04:00
Dan Walsh
982b2e517d
Update to upstream
...
* Give correct names to mount points in load_policy by Dan Walsh.
* Make sure selinux state is reported correctly if selinux is disabled or
fails to load by Dan Walsh.
* Fix crash if selinux_key_create was never called by Dan Walsh.
* Add new file_context.subs_dist for distro specific filecon substitutions
by Dan Walsh.
* Update man pages for selinux_color_* functions by Richard Haines.
2011-04-12 10:08:26 -04:00
Dan Walsh
d455eb5e43
Clean up patch to make handling of constructor cleanup more portable
...
* db_language object class support for selabel_lookup from KaiGai Kohei.
* Library destructors for thread local storage keys from Eamon Walsh.
2011-04-06 16:46:47 -04:00
Dan Walsh
3d499ceb03
Clean up patch to make handling of constructor cleanup more portable
2011-04-06 11:19:19 -04:00
Dan Walsh
8723500e16
Add file_context.subs_dist to subs paths
2011-04-05 14:03:07 -04:00
Dan Walsh
4b2caaad18
Add patch from dbhole@redhat.com to initialize thread keys to -1
...
Errors were being seen in libpthread/libdl that were related
to corrupt thread specific keys. Global destructors that are called on dl
unload. During destruction delete a thread specific key without checking
if it has been initialized. Since the constructor is not called each time
(i.e. key is not initialized with pthread_key_create each time), and the
default is 0, there is a possibility that key 0 for an active thread gets
deleted. This is exactly what is happening in case of OpenJDK.
2011-04-05 12:10:57 -04:00
Dan Walsh
0cd375f839
Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
2011-04-05 11:25:39 -04:00
Dan Walsh
1fefea1eb1
Update to upstream
...
* Turn off default user handling when computing user contexts by Dan Walsh
2011-03-30 14:42:17 -04:00
Dennis Gilmore
148fda2b16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
2011-02-08 05:19:56 -06:00
Dan Walsh
c49c04df3b
- Fixup selinux man page
2011-02-01 17:40:11 -05:00
Dan Walsh
3c1b814b3d
- Fix Makefile to use pkg-config --cflags python3 to discover include paths
2011-01-18 10:08:15 -05:00
Dan Walsh
ca9cea7698
- Update to upstream
...
- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
2010-12-21 16:29:19 -05:00
Dan Walsh
2542902e06
- Update to upstream
...
* Thread local storage fixes from Eamon Walsh.
2010-12-06 15:10:20 -05:00
Dan Walsh
8b8064a26e
- Add /etc/tmpfiles.d support for /var/run/setrans
2010-12-02 15:19:26 -05:00
Dan Walsh
3dcd5c3eb3
- Ghost /var/run/setrans
2010-11-24 08:47:07 -05:00
Jesse Keating
2f8093690a
- Rebuilt for gcc bug 634757
2010-09-29 14:41:56 -07:00
Adam Tkac
ae5808aa95
Rebuild via updated swig ( #624674 ).
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2010-09-16 16:01:09 +02:00
Dan Walsh
7c0da10653
- Update for python 3.2a1
2010-08-22 06:41:49 -04:00
Daniel J Walsh
159f7d2174
- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
2010-07-27 17:50:51 +00:00
dmalcolm
9eca71ac71
- Rebuilt for
...
https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
2010-07-22 02:19:39 +00:00
Daniel J Walsh
4235807de2
- Turn off messages in audit2why
2010-06-25 21:05:56 +00:00
Daniel J Walsh
5abec270e9
- Update to upstream
...
Add const qualifiers to public API where appropriate by KaiGai Kohei.
2010-06-16 13:23:15 +00:00
Daniel J Walsh
982ffdc3f5
- Update to upstream
...
Fix from Eric Paris to fix leak on non-selinux systems.
regenerate swig wrappers
pkgconfig fix to respect LIBDIR from Dan Walsh.
2010-03-08 13:14:35 +00:00
Daniel J Walsh
68c8d967fd
- Update to upstream
...
Change the AVC to only audit the permissions specified by the policy,
excluding any permissions specified via dontaudit or not specified via
auditallow.
Fix compilation of label_file.c with latest glibc headers.
2010-02-24 19:12:12 +00:00
Daniel J Walsh
de078cb3d5
- Fix man page for selinuxdefcon
2010-01-18 21:59:45 +00:00
Daniel J Walsh
1f46a5f18f
Mon Jam 4 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.90-2
...
- Free memory on disabled selinux boxes
2010-01-04 22:17:33 +00:00
Daniel J Walsh
76ecedb2d0
- Update to upstream
...
add/reformat man pages by Guido Trentalancia <guido@trentalancia.com>.
Change exception.sh to be called with bash by Manoj Srivastava
<srivasta@debian.org>
2009-12-01 21:18:45 +00:00
Daniel J Walsh
4ed79e3521
- Fix selinuxdefcon man page
2009-11-23 18:32:48 +00:00
Daniel J Walsh
ac492a22d6
- Update to upstream
...
Add pkgconfig file from Eamon Walsh.
2009-11-02 18:11:50 +00:00
Daniel J Walsh
a69064eb95
- Update to upstream
...
Add pkgconfig file from Eamon Walsh.
2009-11-02 18:01:05 +00:00
Daniel J Walsh
8a570f443e
- Update to upstream
...
Rename and export selinux_reset_config()
2009-10-29 19:36:32 +00:00
Daniel J Walsh
510eba6977
- Update to upstream
...
Add exception handling in libselinux from Dan Walsh. This uses a shell
script called exception.sh to generate a swig interface file.
make swigify
Make matchpathcon print <<none>> if path not found in fcontext file.
2009-09-28 20:33:26 +00:00
Daniel J Walsh
d3cc14428b
- Eliminate -pthread switch in Makefile
2009-09-15 19:24:22 +00:00
Daniel J Walsh
9afde8153b
- Update to upstream
...
Removal of reference counting on userspace AVC SID's.
2009-09-08 13:09:19 +00:00
Jesse Keating
0762b6438c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
2009-07-25 08:35:31 +00:00
Daniel J Walsh
fa621852dc
- Update to upstream
...
Reverted Tomas Mraz's fix for freeing thread local storage to avoid pthread
dependency.
Removed fini_context_translations() altogether.
Merged lazy init patch from Stephen Smalley based on original patch by
Steve Grubb.
2009-07-14 15:29:55 +00:00
Daniel J Walsh
23660c5dba
- Update to upstream
...
Add per-service seuser support from Dan Walsh.
Let load_policy gracefully handle selinuxfs being mounted from Stephen
Smalley.
Check /proc/filesystems before /proc/mounts for selinuxfs from Eric Paris.
2009-07-07 16:26:11 +00:00
Daniel J Walsh
94187eeda7
- Add provices ruby(selinux)
2009-06-24 21:37:23 +00:00
Daniel J Walsh
a66522107b
- Update to upstream
...
Fix improper use of thread local storage from Tomas Mraz
<tmraz@redhat.com>.
Label substitution support from Dan Walsh.
Support for labeling virtual machine images from Dan Walsh.
2009-06-23 19:54:03 +00:00
Daniel J Walsh
403bfa5085
- Update to upstream
...
Trim / from the end of input paths to matchpathcon from Dan Walsh.
Fix leak in process_line in label_file.c from Hiroshi Shinji.
Move matchpathcon to /sbin, add matchpathcon to clean target from Dan
Walsh.
getdefaultcon to print just the correct match and add verbose option from
Dan Walsh.
2009-05-18 18:22:22 +00:00
Daniel J Walsh
c1ed6edd9a
- Update to upstream
...
deny_unknown wrapper function from KaiGai Kohei.
security_compute_av_flags API from KaiGai Kohei.
Netlink socket management and callbacks from KaiGai Kohei.
2009-04-08 13:08:53 +00:00
Daniel J Walsh
d6eb0cea47
- Fix Memory Leak
2009-04-03 12:58:07 +00:00
Daniel J Walsh
261c72abdb
- Fix crash in python
2009-04-02 13:36:47 +00:00
Daniel J Walsh
f6ba4d34de
- Add back in additional interfaces
2009-03-29 15:18:28 +00:00
Daniel J Walsh
55f4c91ff1
- Add back in av_decision to python swig
2009-03-27 20:39:31 +00:00
Daniel J Walsh
974a6e4ad2
- Add back in av_decision to python swig
2009-03-27 18:25:16 +00:00
Daniel J Walsh
c86e2e8d59
- Update to upstream
...
Netlink socket handoff patch from Adam Jackson.
AVC caching of compute_create results by Eric Paris.
2009-03-12 12:57:57 +00:00
Daniel J Walsh
ada6d88f6b
- Add eparis patch to accellerate Xwindows performance
2009-03-09 15:52:25 +00:00
Daniel J Walsh
79bb8b19a2
- Fix URL
2009-03-09 14:03:12 +00:00
Daniel J Walsh
3da9d84fdc
- Add substitute pattern
...
- matchpathcon output <<none>> on ENOENT
2009-03-06 21:31:10 +00:00
Daniel J Walsh
07ae258133
- Update to upstream
...
Fix incorrect conversion in discover_class code.
2009-03-02 18:21:46 +00:00
Jesse Keating
5b3b3ee4ad
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
2009-02-25 18:01:00 +00:00
Daniel J Walsh
19dec57f82
- Add
...
- selinux_virtual_domain_context_path
- selinux_virtual_image_context_path
2009-02-18 19:45:23 +00:00
Daniel J Walsh
6396f115b4
- Add
...
- selinux_virtual_domain_context_path
- selinux_virtual_image_context_path
2009-02-18 18:29:42 +00:00
Daniel J Walsh
b5b41bc929
- Throw exeptions in python swig bindings on failures
2009-01-27 20:00:47 +00:00
Daniel J Walsh
c1e059f764
- Fix restorecon python code
2009-01-06 15:44:49 +00:00
Daniel J Walsh
49eae3b63b
- Update to upstream
2009-01-06 14:31:47 +00:00
Daniel J Walsh
e672e99f9d
- Strip trailing / for matchpathcon
2008-12-19 20:17:53 +00:00
Daniel J Walsh
0c692a5a64
- Fix segfault if seusers file does not work
2008-12-16 14:38:49 +00:00
Daniel J Walsh
d9847be233
- Add new function getseuser which will take username and service and
...
return
- seuser and level. ipa will populate file in future.
- Change selinuxdefcon to return just the context by default
2008-12-12 16:15:27 +00:00
Daniel J Walsh
cd000f17c0
- Add new function getseuser which will take username and service and
...
return
- seuser and level. ipa will populate file in future.
- Change selinuxdefcon to return just the context by default
2008-12-12 15:21:10 +00:00
Ignacio Vazquez-Abrams
fdb97bc4bb
Rebuild for Python 2.6
2008-11-29 16:48:05 +00:00
Daniel J Walsh
f53982306d
- Update to Upstream
...
Allow shell-style wildcards in x_contexts file.
2008-11-21 21:06:11 +00:00
Daniel J Walsh
41931f8d57
- Eamon Walsh Patch - libselinux: allow shell-style wildcarding in X names
...
- Add Restorecon/Install python functions from Luke Macken
2008-11-17 15:27:48 +00:00
Daniel J Walsh
d3b013d124
- Update to Upstream
...
Correct message types in AVC log messages.
Make matchpathcon -V pass mode from Dan Walsh.
Add man page for selinux_file_context_cmp from Dan Walsh.
2008-11-07 14:08:36 +00:00
Daniel J Walsh
3898d8da39
- Update to Upstream
...
New man pages from Dan Walsh.
Update flask headers from refpolicy trunk from Dan Walsh.
2008-09-30 13:30:18 +00:00
Daniel J Walsh
263ee4f1ec
- Fix matchpathcon -V call
2008-09-26 14:22:14 +00:00
Daniel J Walsh
3578778806
- Add flask definitions for open, X and nlmsg_tty_audit
2008-09-22 17:52:30 +00:00
Daniel J Walsh
15c5a627bc
- Add missing get/setkeycreatecon man pages
2008-09-09 20:24:22 +00:00
Daniel J Walsh
fa0215ab2a
- Split out utilities
2008-09-09 19:07:33 +00:00
Daniel J Walsh
ac4e772e3d
- Add missing man page links for [lf]getfilecon
2008-09-09 18:45:26 +00:00
Daniel J Walsh
7918b2858e
- Update to Upstream
...
Add group support to seusers using %groupname syntax from Dan Walsh.
Mark setrans socket close-on-exec from Stephen Smalley.
Only apply nodups checking to base file contexts from Stephen Smalley.
2008-08-05 14:05:15 +00:00
Daniel J Walsh
86ce8d44b1
- Update to Upstream
...
Merge ruby bindings from Dan Walsh.
- Add support for Linux groups to getseuserbyname
2008-08-01 10:56:37 +00:00
Daniel J Walsh
0397b472b7
- Update to Upstream
...
Handle duplicate file context regexes as a fatal error from Stephen
Smalley. This prevents adding them via semanage.
Fix audit2why shadowed variables from Stephen Smalley.
Note that freecon NULL is legal in man page from Karel Zak.
2008-07-29 18:37:01 +00:00
Daniel J Walsh
d0a06b2c34
- Update to Upstream
...
Handle duplicate file context regexes as a fatal error from Stephen
Smalley. This prevents adding them via semanage.
Fix audit2why shadowed variables from Stephen Smalley.
Note that freecon NULL is legal in man page from Karel Zak.
2008-07-29 13:22:45 +00:00
Daniel J Walsh
ee778682f8
- Add ruby support for puppet
2008-07-09 20:57:21 +00:00
Daniel J Walsh
c56d166bb6
- Rebuild for new libsepol
2008-07-08 12:07:38 +00:00
Daniel J Walsh
ea56feab06
- Add Karel Zak patch for freecon man page
2008-06-29 12:31:00 +00:00
Daniel J Walsh
e434a93ac5
- Update to Upstream
...
New and revised AVC, label, and mapping man pages from Eamon Walsh.
Add swig python bindings for avc interfaces from Dan Walsh.
2008-06-26 12:14:16 +00:00
Daniel J Walsh
6359e2ad79
- Update to Upstream
...
New and revised AVC, label, and mapping man pages from Eamon Walsh.
Add swig python bindings for avc interfaces from Dan Walsh.
2008-06-22 13:48:37 +00:00
Daniel J Walsh
fc4f6a4f7d
- Update to Upstream
...
Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call
matchpathcon_init_prefix if not already initialized.
Add -q qualifier for -V option of matchpathcon and change it to indicate
whether verification succeeded or failed via exit status.
2008-06-22 13:42:52 +00:00
Daniel J Walsh
bff583b68b
- Update to Upstream
...
Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call
matchpathcon_init_prefix if not already initialized.
Add -q qualifier for -V option of matchpathcon and change it to indicate
whether verification succeeded or failed via exit status.
2008-05-28 14:15:30 +00:00
Daniel J Walsh
454774e22d
remove telinit -u, no longer needed
2008-05-16 19:04:17 +00:00
Daniel J Walsh
792921f4eb
- Add sedefaultcon and setconlist commands to dump login context
2008-05-07 17:34:12 +00:00
Daniel J Walsh
1209c857ab
- Update to Upstream
...
Fixed selinux_set_callback man page.
Try loading the max of the kernel-supported version and the
libsepol-supported version when no manipulation of the binary policy is
needed from Stephen Smalley.
Fix memory leaks in matchpathcon from Eamon Walsh.
2008-04-22 20:59:01 +00:00
Daniel J Walsh
d87adcfe95
- Add avc.h to swig code
2008-04-14 18:54:09 +00:00
Daniel J Walsh
9d13c9cd97
- Update to Upstream
...
Man page typo fix from Jim Meyering.
2008-04-01 04:16:52 +00:00
Daniel J Walsh
7384c1ecca
Changed selinux_init_load_policy() to not warn about a failed mount of
...
selinuxfs if selinux was disabled in the kernel.
2008-03-23 11:32:37 +00:00
Daniel J Walsh
eb8e2a0d36
- Fix matchpathcon memory leak
2008-03-13 23:45:19 +00:00
Daniel J Walsh
4594aed06b
- Update to Upstream
...
Merged new X label "poly_selection" namespace from Eamon Walsh.
2008-02-29 20:24:11 +00:00
Daniel J Walsh
0984abe5d8
- Update to Upstream
...
Merged reset_selinux_config() for load policy from Dan Walsh.
2008-02-28 21:06:47 +00:00
Daniel J Walsh
baab9d46ea
- Reload library on loading of policy to handle chroot
2008-02-28 16:58:02 +00:00
Daniel J Walsh
73272f9b7d
- Update to Upstream
...
Merged avc_has_perm() errno fix from Eamon Walsh.
2008-02-25 20:51:42 +00:00
Daniel J Walsh
3cb08a5330
- Update to Upstream
...
Regenerated Flask headers from refpolicy flask definitions.
2008-02-22 17:41:12 +00:00
Daniel J Walsh
198adb1f17
- Update to Upstream
...
Merged compute_member AVC function and manpages from Eamon Walsh.
Provide more error reporting on load policy failures from Stephen Smalley.
2008-02-13 16:18:16 +00:00
Daniel J Walsh
099d39a6e5
- Update to Upstream
...
Merged new X label "poly_prop" namespace from Eamon Walsh.
2008-02-08 15:45:10 +00:00
Daniel J Walsh
fc1475fc7f
- Update to Upstream
...
Disable setlocaldefs if no local boolean or users files are present from
Stephen Smalley.
Skip userspace preservebools processing for Linux >= 2.6.22 from Stephen
Smalley.
2008-02-06 21:46:59 +00:00
Daniel J Walsh
8f9ecf5890
- Update to Upstream
...
Merged fix for audit2why from Dan Walsh.
2008-01-29 13:29:32 +00:00
Daniel J Walsh
213643620c
- Fix audit2why to grab latest policy versus the one selected by the kernel
2008-01-25 16:11:42 +00:00
Daniel J Walsh
e4623197a5
Merged audit2why python binding from Dan Walsh.
2008-01-23 21:52:01 +00:00
Daniel J Walsh
c633d69a56
Merged updated swig bindings from Dan Walsh, including typemap for pid_t.
2008-01-23 19:40:26 +00:00
Daniel J Walsh
c097aeffd4
- Update to use libsepol-static library
2008-01-21 21:42:38 +00:00
Daniel J Walsh
45460445ad
- Put back libselinux.a
2008-01-15 13:49:29 +00:00
Daniel J Walsh
5c1daf361c
- Put back libselinux.a
2008-01-15 13:48:24 +00:00
Daniel J Walsh
2f233dfd7a
- Fix memory references in audit2why and change to use tuples
...
- Update to Upstream
granted null message bug from Stephen Smalley.
2008-01-11 15:55:35 +00:00
Daniel J Walsh
88cc8f8805
- Fix __init__.py specification
2008-01-11 13:48:43 +00:00
Daniel J Walsh
831e63b413
- Add audit2why python bindings
2008-01-10 19:01:20 +00:00
Daniel J Walsh
d189708d7a
- Add audit2why python bindings
2008-01-10 19:00:33 +00:00
Daniel J Walsh
4676dbee55
- Add audit2why python bindings
2008-01-10 18:44:50 +00:00
Daniel J Walsh
082b5c93a4
- Add audit2why python bindings
2008-01-10 18:44:01 +00:00
Daniel J Walsh
9ec7726e1d
- Add audit2why python bindings
2008-01-10 18:32:52 +00:00
Daniel J Walsh
625a8fb5a8
- Add pid_t typemap for swig bindings
2008-01-08 11:07:27 +00:00
Daniel J Walsh
5866f48366
- smp_mflag
2008-01-03 20:39:20 +00:00
Daniel J Walsh
e1e36a0421
- Fix spec file caused by spec review
2008-01-03 20:29:21 +00:00
Daniel J Walsh
41bd3b2ae1
- Upgrade to upstream
...
matchpathcon(8) man page update from Dan Walsh.
2007-12-11 02:52:13 +00:00
Daniel J Walsh
c4aa29e945
- Upgrade to upstream
...
dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley.
Based on a suggestion from Ulrich Drepper, defer regex compilation until we
have a stem match, by Stephen Smalley.
A further optimization would be to defer regex compilation until we have a
complete match of the constant prefix of the regex - TBD.
2007-11-30 20:13:08 +00:00
Daniel J Walsh
2a8f17ac0d
- Upgrade to upstream
...
AVC enforcing mode override patch from Eamon Walsh.
Aligned attributes in AVC netlink code from Eamon Walsh.
- Move libselinux.so back into devel package, procps has been fixed
2007-11-15 15:29:15 +00:00
Daniel J Walsh
79584e53ac
- Upgrade to upstream
...
Merged refactored AVC netlink code from Eamon Walsh.
Merged new X label namespaces from Eamon Walsh.
Bux fix and minor refactoring in string representation code.
2007-11-06 18:03:37 +00:00
Daniel J Walsh
39606ee687
- Upgrade to upstream
...
Merged selinux_get_callback, avc_open, empty string mapping from Eamon
Walsh.
2007-10-05 17:20:30 +00:00
Daniel J Walsh
dcd9773ab2
- Fix segfault on missing file_context file
2007-09-27 17:55:13 +00:00
Daniel J Walsh
7cbfb0e27a
- Upgrade to upstream
...
Make netlink socket close-on-exec to avoid descriptor leakage from Dan
Walsh.
Pass CFLAGS when using gcc for linking from Dennis Gilmore.
2007-09-27 14:54:10 +00:00
Daniel J Walsh
ae054c560b
*** empty log message ***
2007-09-24 15:56:01 +00:00
Daniel J Walsh
0102138c4a
*** empty log message ***
2007-09-24 15:42:11 +00:00
Daniel J Walsh
0fa749d083
*** empty log message ***
2007-09-18 20:44:47 +00:00
Daniel J Walsh
71cd1381ef
*** empty log message ***
2007-09-18 15:37:42 +00:00
Daniel J Walsh
31de56ffa4
*** empty log message ***
2007-09-13 12:29:38 +00:00
Daniel J Walsh
6a9919e596
*** empty log message ***
2007-09-06 12:37:00 +00:00
Daniel J Walsh
4e3172796e
*** empty log message ***
2007-08-28 15:27:49 +00:00
Daniel J Walsh
13a4ef3ffe
*** empty log message ***
2007-08-23 20:56:16 +00:00
Daniel J Walsh
fd5d99a5df
*** empty log message ***
2007-08-21 19:45:34 +00:00
Daniel J Walsh
0e28882119
*** empty log message ***
2007-08-10 16:09:35 +00:00
Daniel J Walsh
569b015f4c
*** empty log message ***
2007-08-10 16:01:16 +00:00
Daniel J Walsh
f3308819df
*** empty log message ***
2007-08-10 15:46:47 +00:00
Daniel J Walsh
6e60f16b98
*** empty log message ***
2007-08-03 20:06:53 +00:00
Daniel J Walsh
44ef5d5d9f
- Apply Steven Smalley patch to fix segfault in string_to_security_class
2007-07-23 14:23:50 +00:00
Daniel J Walsh
aebde7523f
- Fix matchpathcon to set default myprintf
2007-07-18 17:54:00 +00:00
Daniel J Walsh
571ac2998d
- Upgrade to upstream
...
Fix for getfilecon() for zero-length contexts from Stephen Smalley.
2007-07-16 18:22:25 +00:00
Daniel J Walsh
8ffc2801ed
- Update to match flask/access_vectors in policy
2007-07-11 14:52:47 +00:00
Daniel J Walsh
8e8fca8665
- Fix man page markup lanquage for translations
2007-07-10 16:27:52 +00:00
Daniel J Walsh
3e1ba6da3a
- Fix semanage segfault on x86 platform
2007-06-26 09:16:06 +00:00
Daniel J Walsh
029d48694c
- Upgrade to upstream
...
Labeling and callback interface patches from Eamon Walsh.
2007-06-21 15:34:10 +00:00
Daniel J Walsh
d43108c05f
- Upgrade to upstream
...
Labeling and callback interface patches from Eamon Walsh.
2007-06-21 14:40:52 +00:00
Daniel J Walsh
2324fecc2d
- Upgrade to upstream
...
Class and permission mapping support patches from Eamon Walsh.
Object class discovery support patches from Chris PeBenito.
Refactoring and errno support in string representation code.
2007-06-11 18:39:53 +00:00
Daniel J Walsh
d60d4d2e31
- Upgrade to upstream
...
Merged patch to reduce size of libselinux and remove need for libsepol for
embedded systems from Yuichi Nakamura. This patch also turns the
link-time dependency on libsepol into a runtime (dlopen) dependency
even in the non-embedded case.
2007-06-01 14:48:48 +00:00
Daniel J Walsh
35bc5a8a68
- Upgrade to upstream
...
Merged additional swig python bindings from Dan Walsh.
Merged helpful message when selinuxfs mount fails patch from Dax Kelson.
2007-05-18 14:52:28 +00:00
Daniel J Walsh
20f7b1cb99
- Upgrade to upstream
...
Merged build fix for avc_internal.c from Joshua Brindle.
2007-04-24 14:48:35 +00:00
Daniel J Walsh
4dca0c42c9
- Add get_context_list funcitions to swig file
2007-04-23 14:38:02 +00:00
Daniel J Walsh
a11359c0ea
- Upgrade to upstream
...
Merged rpm_execcon python binding fix, matchpathcon man page fix, and
getsebool -a handling for EACCES from Dan Walsh.
2007-04-12 20:07:39 +00:00
Daniel J Walsh
6265db0381
2007-04-12 16:50:49 +00:00
Daniel J Walsh
1b14f693da
- Upgrade to upstream
...
Merged support for getting initial contexts from James Carter.
2007-04-11 13:12:34 +00:00
Daniel J Walsh
47b511b094
- Upgrade to upstream
...
Merged userspace AVC patch to follow kernel's behavior for permissive mode
in caching previous denials from Eamon Walsh.
Merged sidput(NULL) patch from Eamon Walsh.
2007-04-09 19:50:05 +00:00
Daniel J Walsh
ff4b4da61f
- Make rpm_exec swig work
2007-04-05 15:57:35 +00:00
Daniel J Walsh
ace2ebf6d7
- Upgrade to upstream
...
Merged class/av string conversion and avc_compute_create patch from Eamon
Walsh.
2007-04-02 19:14:28 +00:00
Daniel J Walsh
9a53490979
- Upgrade to upstream
...
Merged fix for avc.h #include's from Eamon Walsh.
2007-03-27 20:07:00 +00:00
Daniel J Walsh
71021c8327
- Upgrade to upstream
...
Merged fix for avc.h #include's from Eamon Walsh.
2007-03-27 19:49:37 +00:00
Daniel J Walsh
98a61bfb92
- Add stdint.h to avc.h
2007-03-22 20:50:31 +00:00
Daniel J Walsh
22298b4b74
Merged patch to drop support for CACHETRANS=0 config option from Steve
...
Grubb.
Merged patch to drop support for old /etc/sysconfig/selinux and
/etc/security policy file layout from Steve Grubb.
2007-03-13 00:20:29 +00:00
Daniel J Walsh
c7862e54aa
- Do not fail on permission denied in getsebool
2007-03-08 16:15:36 +00:00
Daniel J Walsh
21eddb1fd0
- Upgrade to upstream
...
Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve
Grubb.
2007-02-27 16:27:02 +00:00
Daniel J Walsh
8efd1ef10e
- Upgrade to upstream
...
Removed sending of setrans init message.
Merged matchpathcon memory leak fix from Steve Grubb.
2007-02-23 21:49:32 +00:00
Daniel J Walsh
14de1c34ad
- Upgrade to upstream
...
Merged patch from Todd Miller to convert int types over to C99 style.
2007-02-20 14:31:07 +00:00
Daniel J Walsh
29ad08b8d0
Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of
...
the use of the non-standard format %as. (original patch changed for
style).
Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
Fri Jan 19 2007 Dan Walsh <dwalsh@redhat.com> - 1.34.0-2
- Add context function to python to split context into 4 parts
2007-02-07 19:39:11 +00:00
Daniel J Walsh
ad1a6889cc
- Add context function to python to split context into 4 parts
2007-01-24 17:20:19 +00:00
Daniel J Walsh
751b5d4cbd
- Upgrade to upstream
...
Updated version for stable branch.
2007-01-19 14:22:46 +00:00
Daniel J Walsh
e1e027390c
- Upgrade to upstream
...
Merged man page updates to make "apropos selinux" work from Dan Walsh.
Mon Jan 15 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.5-1
- Upgrade to upstream
Merged getdefaultcon utility from Dan Walsh.
2007-01-17 16:12:56 +00:00
Daniel J Walsh
53158b7152
- Upgrade to upstream
...
Merged getdefaultcon utility from Dan Walsh.
2007-01-16 22:10:55 +00:00
Daniel J Walsh
5f8636d1e9
- Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli
2007-01-15 21:30:17 +00:00
Daniel J Walsh
a9c082be34
- Add reference to selinux man page in all man pages to make apropos work
...
Resolves: # 217881
2007-01-12 16:02:56 +00:00
Daniel J Walsh
05bd40847c
- Upstream wanted some minor changes, upgrading to keep api the same
...
- Upgrade to upstream
#200110
2007-01-11 19:20:27 +00:00
Daniel J Walsh
1a8c15a969
- Upstream wanted some minor changes, upgrading to keep api the same
...
- Upgrade to upstream
#200110
2007-01-11 19:05:59 +00:00
Daniel J Walsh
e3bd599d8e
- Cleanup patch
2007-01-09 15:02:46 +00:00
Daniel J Walsh
e6bab37d57
- Add securetty handling Resolves : #200110
2007-01-05 17:54:21 +00:00
Daniel J Walsh
273c47d43c
- Upgrade to upstream
...
Merged patch for matchpathcon utility to use file mode information when
available from Dan Walsh.
2007-01-04 22:09:55 +00:00
Jeremy Katz
0ee7a8fcb4
- rebuild against python 2.5
2006-12-07 15:46:04 +00:00
Daniel J Walsh
dbfbfbe639
- Fix matchpathcon to lstat files
2006-12-06 19:13:54 +00:00
Daniel J Walsh
846f2ad19d
- Update man page
2006-11-30 18:11:20 +00:00
Daniel J Walsh
25aea25d22
- Upgrade to upstream
2006-11-28 14:25:28 +00:00
Daniel J Walsh
2bcf9654c5
- Add James Antill patch for login verification of MLS Levels
...
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
infrastructure.
2006-11-03 22:14:51 +00:00
Daniel J Walsh
c27fc16cad
- Upgrade to latest from NSA
...
Merged updated flask definitions from Darrel Goeddel. This adds the context
security class, and also adds the string definitions for setsockcreate
and polmatch.
2006-10-25 02:52:18 +00:00
Daniel J Walsh
e24dd65a42
- Upgrade to latest from NSA
...
Updated version for release.
2006-10-17 17:05:47 +00:00
Jesse Keating
9fcaa3e1fa
bump for gcc bug
2006-10-01 20:19:56 +00:00
Daniel J Walsh
2a0f9c5cfa
- Upgrade to latest from NSA
...
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
polmatch definitions.
2006-09-29 18:12:11 +00:00
Daniel J Walsh
de746cb12c
- Upgrade to latest from NSA
...
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
polmatch definitions.
2006-09-29 15:56:32 +00:00
Daniel J Walsh
f6df692173
- Upgrade to latest from NSA
...
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
polmatch definitions.
2006-09-29 15:56:14 +00:00
Jeremy Katz
95053689d2
- really make -devel depend on libsepol-devel
2006-09-28 01:51:37 +00:00
Daniel J Walsh
cfd1d1337d
- Add sgrubb patch for polmatch
2006-09-25 14:19:06 +00:00
Daniel J Walsh
ab45727649
- Upgrade to latest from NSA
...
Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
2006-09-13 17:39:35 +00:00
Jeremy Katz
8a855c559b
- have -devel require libsepol-devel
2006-09-05 19:44:37 +00:00
Daniel J Walsh
7bdc604160
- Upgrade to latest from NSA
...
Merged patch to not log avc stats upon a reset from Steve Grubb.
Applied patch to revert compat_net setting upon policy load.
Merged file context homedir and local path functions from Chris PeBenito.
2006-08-24 18:37:18 +00:00
Jesse Keating
88e5d3a474
rebuilt with latest binutils
2006-08-18 20:14:02 +00:00
Daniel J Walsh
77a0d2cc39
- Upgrade to latest from NSA
...
Merged file context homedir and local path functions from Chris PeBenito.
Rework functions that access /proc/pid/attr to access the per-thread nodes,
and unify the code to simplify maintenance.
2006-08-12 11:21:11 +00:00
Daniel J Walsh
243c6756b4
- Upgrade to latest from NSA
...
Merged return value fix for *getfilecon() from Dan Walsh.
Merged sockcreate interfaces from Eric Paris.
2006-08-11 10:45:34 +00:00
Daniel J Walsh
b7bdc631f1
- Fix translation return codes to return size of buffer
2006-08-10 15:34:47 +00:00
Daniel J Walsh
ef26b847fa
- Upgrade to latest from NSA
...
Merged no-tls-direct-seg-refs patch from Jeremy Katz.
Merged netfilter_contexts support patch from Chris PeBenito.
2006-08-04 22:49:48 +00:00
Daniel J Walsh
61ba667985
- Upgrade to latest from NSA
...
Merged context_*_set errno patch from Jim Meyering.
2006-08-02 21:05:42 +00:00
Jeremy Katz
75675c7d50
- only build non-fpic objects with -mno-tls-direct-seg-refs
2006-08-01 18:38:57 +00:00
Jeremy Katz
be0d45133a
- build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults
...
with xen (#200783 )
2006-08-01 18:26:09 +00:00