Commit Graph

340 Commits

Author SHA1 Message Date
Daniel J Walsh
dcd9773ab2 - Fix segfault on missing file_context file 2007-09-27 17:55:13 +00:00
Daniel J Walsh
7cbfb0e27a - Upgrade to upstream
Make netlink socket close-on-exec to avoid descriptor leakage from Dan
    Walsh.
Pass CFLAGS when using gcc for linking from Dennis Gilmore.
2007-09-27 14:54:10 +00:00
Daniel J Walsh
ae054c560b *** empty log message *** 2007-09-24 15:56:01 +00:00
Daniel J Walsh
0102138c4a *** empty log message *** 2007-09-24 15:42:11 +00:00
Daniel J Walsh
0fa749d083 *** empty log message *** 2007-09-18 20:44:47 +00:00
Daniel J Walsh
71cd1381ef *** empty log message *** 2007-09-18 15:37:42 +00:00
Daniel J Walsh
31de56ffa4 *** empty log message *** 2007-09-13 12:29:38 +00:00
Daniel J Walsh
6a9919e596 *** empty log message *** 2007-09-06 12:37:00 +00:00
Daniel J Walsh
4e3172796e *** empty log message *** 2007-08-28 15:27:49 +00:00
Daniel J Walsh
13a4ef3ffe *** empty log message *** 2007-08-23 20:56:16 +00:00
Daniel J Walsh
fd5d99a5df *** empty log message *** 2007-08-21 19:45:34 +00:00
Daniel J Walsh
0e28882119 *** empty log message *** 2007-08-10 16:09:35 +00:00
Daniel J Walsh
569b015f4c *** empty log message *** 2007-08-10 16:01:16 +00:00
Daniel J Walsh
f3308819df *** empty log message *** 2007-08-10 15:46:47 +00:00
Daniel J Walsh
6e60f16b98 *** empty log message *** 2007-08-03 20:06:53 +00:00
Daniel J Walsh
44ef5d5d9f - Apply Steven Smalley patch to fix segfault in string_to_security_class 2007-07-23 14:23:50 +00:00
Daniel J Walsh
aebde7523f - Fix matchpathcon to set default myprintf 2007-07-18 17:54:00 +00:00
Daniel J Walsh
571ac2998d - Upgrade to upstream
Fix for getfilecon() for zero-length contexts from Stephen Smalley.
2007-07-16 18:22:25 +00:00
Daniel J Walsh
8ffc2801ed - Update to match flask/access_vectors in policy 2007-07-11 14:52:47 +00:00
Daniel J Walsh
8e8fca8665 - Fix man page markup lanquage for translations 2007-07-10 16:27:52 +00:00
Daniel J Walsh
3e1ba6da3a - Fix semanage segfault on x86 platform 2007-06-26 09:16:06 +00:00
Daniel J Walsh
029d48694c - Upgrade to upstream
Labeling and callback interface patches from Eamon Walsh.
2007-06-21 15:34:10 +00:00
Daniel J Walsh
d43108c05f - Upgrade to upstream
Labeling and callback interface patches from Eamon Walsh.
2007-06-21 14:40:52 +00:00
Daniel J Walsh
2324fecc2d - Upgrade to upstream
Class and permission mapping support patches from Eamon Walsh.
Object class discovery support patches from Chris PeBenito.
Refactoring and errno support in string representation code.
2007-06-11 18:39:53 +00:00
Daniel J Walsh
d60d4d2e31 - Upgrade to upstream
Merged patch to reduce size of libselinux and remove need for libsepol for
    embedded systems from Yuichi Nakamura. This patch also turns the
    link-time dependency on libsepol into a runtime (dlopen) dependency
    even in the non-embedded case.
2007-06-01 14:48:48 +00:00
Daniel J Walsh
35bc5a8a68 - Upgrade to upstream
Merged additional swig python bindings from Dan Walsh.
Merged helpful message when selinuxfs mount fails patch from Dax Kelson.
2007-05-18 14:52:28 +00:00
Daniel J Walsh
20f7b1cb99 - Upgrade to upstream
Merged build fix for avc_internal.c from Joshua Brindle.
2007-04-24 14:48:35 +00:00
Daniel J Walsh
4dca0c42c9 - Add get_context_list funcitions to swig file 2007-04-23 14:38:02 +00:00
Daniel J Walsh
a11359c0ea - Upgrade to upstream
Merged rpm_execcon python binding fix, matchpathcon man page fix, and
    getsebool -a handling for EACCES from Dan Walsh.
2007-04-12 20:07:39 +00:00
Daniel J Walsh
6265db0381 2007-04-12 16:50:49 +00:00
Daniel J Walsh
1b14f693da - Upgrade to upstream
Merged support for getting initial contexts from James Carter.
2007-04-11 13:12:34 +00:00
Daniel J Walsh
47b511b094 - Upgrade to upstream
Merged userspace AVC patch to follow kernel's behavior for permissive mode
    in caching previous denials from Eamon Walsh.
Merged sidput(NULL) patch from Eamon Walsh.
2007-04-09 19:50:05 +00:00
Daniel J Walsh
ff4b4da61f - Make rpm_exec swig work 2007-04-05 15:57:35 +00:00
Daniel J Walsh
ace2ebf6d7 - Upgrade to upstream
Merged class/av string conversion and avc_compute_create patch from Eamon
    Walsh.
2007-04-02 19:14:28 +00:00
Daniel J Walsh
9a53490979 - Upgrade to upstream
Merged fix for avc.h #include's from Eamon Walsh.
2007-03-27 20:07:00 +00:00
Daniel J Walsh
71021c8327 - Upgrade to upstream
Merged fix for avc.h #include's from Eamon Walsh.
2007-03-27 19:49:37 +00:00
Daniel J Walsh
98a61bfb92 - Add stdint.h to avc.h 2007-03-22 20:50:31 +00:00
Daniel J Walsh
22298b4b74 Merged patch to drop support for CACHETRANS=0 config option from Steve
Grubb.
Merged patch to drop support for old /etc/sysconfig/selinux and
    /etc/security policy file layout from Steve Grubb.
2007-03-13 00:20:29 +00:00
Daniel J Walsh
c7862e54aa - Do not fail on permission denied in getsebool 2007-03-08 16:15:36 +00:00
Daniel J Walsh
21eddb1fd0 - Upgrade to upstream
Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve
    Grubb.
2007-02-27 16:27:02 +00:00
Daniel J Walsh
8efd1ef10e - Upgrade to upstream
Removed sending of setrans init message.
Merged matchpathcon memory leak fix from Steve Grubb.
2007-02-23 21:49:32 +00:00
Daniel J Walsh
14de1c34ad - Upgrade to upstream
Merged patch from Todd Miller to convert int types over to C99 style.
2007-02-20 14:31:07 +00:00
Daniel J Walsh
29ad08b8d0 Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of
the use of the non-standard format %as. (original patch changed for
    style).
Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
Fri Jan 19 2007 Dan Walsh <dwalsh@redhat.com> - 1.34.0-2
- Add context function to python to split context into 4 parts
2007-02-07 19:39:11 +00:00
Daniel J Walsh
ad1a6889cc - Add context function to python to split context into 4 parts 2007-01-24 17:20:19 +00:00
Daniel J Walsh
751b5d4cbd - Upgrade to upstream
Updated version for stable branch.
2007-01-19 14:22:46 +00:00
Daniel J Walsh
e1e027390c - Upgrade to upstream
Merged man page updates to make "apropos selinux" work from Dan Walsh.
Mon Jan 15 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.5-1
- Upgrade to upstream
Merged getdefaultcon utility from Dan Walsh.
2007-01-17 16:12:56 +00:00
Daniel J Walsh
53158b7152 - Upgrade to upstream
Merged getdefaultcon utility from Dan Walsh.
2007-01-16 22:10:55 +00:00
Daniel J Walsh
5f8636d1e9 - Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli 2007-01-15 21:30:17 +00:00
Daniel J Walsh
a9c082be34 - Add reference to selinux man page in all man pages to make apropos work
Resolves: # 217881
2007-01-12 16:02:56 +00:00
Daniel J Walsh
05bd40847c - Upstream wanted some minor changes, upgrading to keep api the same
- Upgrade to upstream
#200110
2007-01-11 19:20:27 +00:00
Daniel J Walsh
1a8c15a969 - Upstream wanted some minor changes, upgrading to keep api the same
- Upgrade to upstream
#200110
2007-01-11 19:05:59 +00:00
Daniel J Walsh
e3bd599d8e - Cleanup patch 2007-01-09 15:02:46 +00:00
Daniel J Walsh
e6bab37d57 - Add securetty handling Resolves: #200110 2007-01-05 17:54:21 +00:00
Daniel J Walsh
273c47d43c - Upgrade to upstream
Merged patch for matchpathcon utility to use file mode information when
    available from Dan Walsh.
2007-01-04 22:09:55 +00:00
Jeremy Katz
0ee7a8fcb4 - rebuild against python 2.5 2006-12-07 15:46:04 +00:00
Daniel J Walsh
dbfbfbe639 - Fix matchpathcon to lstat files 2006-12-06 19:13:54 +00:00
Daniel J Walsh
846f2ad19d - Update man page 2006-11-30 18:11:20 +00:00
Daniel J Walsh
25aea25d22 - Upgrade to upstream 2006-11-28 14:25:28 +00:00
Daniel J Walsh
2bcf9654c5 - Add James Antill patch for login verification of MLS Levels
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
    infrastructure.
2006-11-03 22:14:51 +00:00
Daniel J Walsh
c27fc16cad - Upgrade to latest from NSA
Merged updated flask definitions from Darrel Goeddel. This adds the context
    security class, and also adds the string definitions for setsockcreate
    and polmatch.
2006-10-25 02:52:18 +00:00
Daniel J Walsh
e24dd65a42 - Upgrade to latest from NSA
Updated version for release.
2006-10-17 17:05:47 +00:00
Jesse Keating
9fcaa3e1fa bump for gcc bug 2006-10-01 20:19:56 +00:00
Daniel J Walsh
2a0f9c5cfa - Upgrade to latest from NSA
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
    polmatch definitions.
2006-09-29 18:12:11 +00:00
Daniel J Walsh
de746cb12c - Upgrade to latest from NSA
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
    polmatch definitions.
2006-09-29 15:56:32 +00:00
Daniel J Walsh
f6df692173 - Upgrade to latest from NSA
Merged av_permissions.h update from Steve Grubb, adding setsockcreate and
    polmatch definitions.
2006-09-29 15:56:14 +00:00
Jeremy Katz
95053689d2 - really make -devel depend on libsepol-devel 2006-09-28 01:51:37 +00:00
Daniel J Walsh
cfd1d1337d - Add sgrubb patch for polmatch 2006-09-25 14:19:06 +00:00
Daniel J Walsh
ab45727649 - Upgrade to latest from NSA
Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
2006-09-13 17:39:35 +00:00
Jeremy Katz
8a855c559b - have -devel require libsepol-devel 2006-09-05 19:44:37 +00:00
Daniel J Walsh
7bdc604160 - Upgrade to latest from NSA
Merged patch to not log avc stats upon a reset from Steve Grubb.
Applied patch to revert compat_net setting upon policy load.
Merged file context homedir and local path functions from Chris PeBenito.
2006-08-24 18:37:18 +00:00
Jesse Keating
88e5d3a474 rebuilt with latest binutils 2006-08-18 20:14:02 +00:00
Daniel J Walsh
77a0d2cc39 - Upgrade to latest from NSA
Merged file context homedir and local path functions from Chris PeBenito.
Rework functions that access /proc/pid/attr to access the per-thread nodes,
    and unify the code to simplify maintenance.
2006-08-12 11:21:11 +00:00
Daniel J Walsh
243c6756b4 - Upgrade to latest from NSA
Merged return value fix for *getfilecon() from Dan Walsh.
Merged sockcreate interfaces from Eric Paris.
2006-08-11 10:45:34 +00:00
Daniel J Walsh
b7bdc631f1 - Fix translation return codes to return size of buffer 2006-08-10 15:34:47 +00:00
Daniel J Walsh
ef26b847fa - Upgrade to latest from NSA
Merged no-tls-direct-seg-refs patch from Jeremy Katz.
Merged netfilter_contexts support patch from Chris PeBenito.
2006-08-04 22:49:48 +00:00
Daniel J Walsh
61ba667985 - Upgrade to latest from NSA
Merged context_*_set errno patch from Jim Meyering.
2006-08-02 21:05:42 +00:00
Jeremy Katz
75675c7d50 - only build non-fpic objects with -mno-tls-direct-seg-refs 2006-08-01 18:38:57 +00:00
Jeremy Katz
be0d45133a - build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults
with xen (#200783)
2006-08-01 18:26:09 +00:00
Daniel J Walsh
6b84a37b8f - Rebuild for new gcc 2006-07-17 13:12:11 +00:00
Daniel J Walsh
5a5a289fc8 - Rebuild for new gcc 2006-07-17 13:11:16 +00:00
Daniel J Walsh
1e7c365c44 - Fix libselinux to not telinit during installs 2006-07-11 19:26:08 +00:00
Daniel J Walsh
aa27b6bf81 - Upgrade to latest from NSA
Lindent.
Merged {get,set}procattrcon patch set from Eric Paris.
Merged re-base of keycreate patch originally by Michael LeMay from Eric
    Paris.
Regenerated Flask headers from refpolicy.
- Added selinux_file_context_{cmp,verify}.
- Added selinux_lsetfilecon_default.
- Delay translation of contexts in matchpathcon.
2006-07-05 10:42:47 +00:00
Daniel J Walsh
799720edd4 - Yet another change to matchpathcon 2006-06-21 20:16:13 +00:00
Daniel J Walsh
f4b45ddd03 - Turn off error printing in library. Need to compile with DEBUG to get it
back
2006-06-21 18:33:13 +00:00
Daniel J Walsh
2d9b36b51e - Fix error reporting of matchpathcon 2006-06-21 13:12:11 +00:00
Daniel J Walsh
645f93a8a5 - Add function to compare file context on disk versus contexts in
file_contexts file.
2006-06-20 20:30:59 +00:00
Daniel J Walsh
e60c844fba - Upgrade to latest from NSA
Added selinux_getpolicytype() function.
Modified setrans code to skip processing if !mls_enabled.
Set errno in the !selinux_mnt case.
Allocate large buffers from the heap, not on stack. Affects
    is_context_customizable, selinux_init_load_policy, and
    selinux_getenforcemode.
2006-06-16 19:16:03 +00:00
Daniel J Walsh
8389437eda - Add selinux_getpolicytype() 2006-06-09 19:43:52 +00:00
Daniel J Walsh
af1839bde5 - Upgrade to latest from NSA
Merged !selinux_mnt checks from Ian Kent.
2006-06-05 18:52:19 +00:00
Daniel J Walsh
f3cb9dc26b - Check for selinux_mnt == NULL 2006-06-01 17:25:22 +00:00
Daniel J Walsh
9cf72ebb65 Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn. 2006-05-31 10:36:45 +00:00
Daniel J Walsh
cd024ca945 - Remove getseuser 2006-05-30 12:44:31 +00:00
Daniel J Walsh
d1291eceea - Bump requires to grab latest libsepol 2006-05-25 19:30:29 +00:00
Daniel J Walsh
389a79998b - Add BuildRequires for swig 2006-05-24 03:50:03 +00:00
Daniel J Walsh
c2de2ffa71 - Upgrade to latest from NSA
Merged simple setrans client cache from Dan Walsh. Merged avcstat patch
    from Russell Coker.
Modified selinux_mkload_policy() to also set /selinux/compat_net
    appropriately for the loaded policy.
2006-05-23 10:39:18 +00:00
Daniel J Walsh
96ed369e9d - Upgrade to latest from NSA
Merged simple setrans client cache from Dan Walsh. Merged avcstat patch
    from Russell Coker.
Modified selinux_mkload_policy() to also set /selinux/compat_net
    appropriately for the loaded policy.
2006-05-23 10:26:55 +00:00
Daniel J Walsh
8f927c4a9f - More fixes for translation cache
- Upgrade to latest from NSA
Added matchpathcon_fini() function to free memory allocated by
    matchpathcon_init().
2006-05-18 16:15:35 +00:00
Daniel J Walsh
b71bf0b207 - Upgrade to latest from NSA
Merged setrans client cleanup patch from Steve Grubb.
2006-05-17 00:49:24 +00:00
Daniel J Walsh
069461a7d8 - Add Russell's AVC patch to handle large numbers 2006-05-09 19:13:08 +00:00
Daniel J Walsh
20222fb072 - Upgrade to latest from NSA
Merged getfscreatecon man page fix from Dan Walsh.
Updated booleans(8) man page to drop references to the old booleans file
    and to note that setsebool can be used to set the boot-time defaults
    via -P.
2006-05-08 15:04:16 +00:00