Merged simple setrans client cache from Dan Walsh. Merged avcstat patch
from Russell Coker.
Modified selinux_mkload_policy() to also set /selinux/compat_net
appropriately for the loaded policy.
Merged getfscreatecon man page fix from Dan Walsh.
Updated booleans(8) man page to drop references to the old booleans file
and to note that setsebool can be used to set the boot-time defaults
via -P.
Merged setrans client support from Dan Walsh. This removes use of
libsetrans.
Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
Merged swig typemap fixes from Glauber de Oliveira Costa.
Added distclean target to Makefile.
Regenerated swig files.
Changed matchpathcon_init to verify that the spec file is a regular file.
Merged python binding t_output_helper removal patch from Dan Walsh.
- Upgrade to latest from NSA
Updated version for release.
Altered rpm_execcon fallback logic for permissive mode to also handle case
where /selinux/enforce is not available.
- Upgrade to latest from NSA
Updated version for release.
Altered rpm_execcon fallback logic for permissive mode to also handle case
where /selinux/enforce is not available.
- corrected use of getline
- further calls to __fsetlocking for local files
- use of strdupa and asprintf
- proper handling of dirent in booleans code
- use of -z relro
- several other optimizations
Merged getpidcon python wrapper from Dan Walsh (Red Hat).
Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified
matchpathcon implementation to make context validation/
canonicalization optional at matchpathcon_init time, deferring it to a
successful matchpathcon by default unless the new flag is set by the
caller.
Added matchpathcon_init_prefix() interface, and reworked matchpathcon
implementation to support selective loading of file contexts entries
based on prefix matching between the pathname regex stems and the
specified path prefix (stem must be a prefix of the specified path
prefix).
Added -f file_contexts option to matchpathcon util. Fixed warning message
in matchpathcon_init().
Merged Makefile python definitions patch from Dan Walsh.
Added security_canonicalize_context() interface and
set_matchpathcon_canoncon() interface for obtaining canonical contexts.
Changed matchpathcon internals to obtain canonical contexts by default.
Provided fallback for kernels that lack extended selinuxfs context
interface.
- Patch to not translate mls when calling setfiles