rpms/libselinux
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Commit Graph

  • 82deec5e5b Add systemd_contexts support Dan Walsh 2013-10-04 10:16:56 -0400
  • 0695b75fac Eliminate requirement on pthread library, by applying patch for Jakub Jelinek Dan Walsh 2013-10-03 12:36:44 -0400
  • 763f66c192 Fix handling of libselinux getconlist with only one entry Dan Walsh 2013-09-23 09:58:31 -0400
  • 2bfbe603e1 Fix handling of libselinux getconlist with only one entry Dan Walsh 2013-09-16 17:29:19 -0400
  • a21a1b7e23 Add Python constants for SELinux enforcing modes Dan Walsh 2013-09-03 11:01:19 -0400
  • aa9384564f - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild Dennis Gilmore 2013-08-03 01:57:40 -0500
  • 876a4a8ad9 Add sefcontext_compile.8 man page Dan Walsh 2013-06-28 06:10:55 -0400
  • 4720ddb09f Fix patch that Handles substitutions for / Dan Walsh 2013-05-06 09:43:03 -0400
  • def2153558 Handle substitutions for / Dan Walsh 2013-04-17 18:07:46 -0400
  • 1961617545 Add Eric Paris patch to fix procattr calls after a fork. Dan Walsh 2013-04-09 16:53:50 -0400
  • 4ab41c347b Move secolor.conf.5 into mcstrans package and out of libselinux Dan Walsh 2013-03-26 13:04:11 -0400
  • 70712b9211 Fix python bindings for selinux_check_access Dan Walsh 2013-03-20 13:34:37 -0400
  • 58f9722469 Fix reseting the policy root in matchpathcon Dan Walsh 2013-03-19 21:38:02 -0400
  • cc9c7ddcf7 Cleanup setfcontext_compile atomic patch Dan Walsh 2013-03-08 12:23:30 -0500
  • 8047eef070 Make setfcontext_compile atomic Dan Walsh 2013-03-06 13:51:35 -0500
  • 9df78f0c3b Fix memory leak in set*con calls. Dan Walsh 2013-03-06 12:18:42 -0500
  • afe87e85a1 Move matchpathcon to -utils package Dan Walsh 2013-02-28 10:27:35 -0500
  • e27f80642e Fix selinux man page to reflect what current selinux policy is. Dan Walsh 2013-02-21 18:28:18 +0100
  • 0781a5c3ae Add new constant SETRANS_DIR which points to the directory where mstransd can find the socket and libvirt can write its translations files. Dan Walsh 2013-02-15 15:13:59 -0500
  • ade34f3e98 Bring back selinux_current_policy_path Dan Walsh 2013-02-15 11:02:20 -0500
  • 72cdfcb7ad Revert some changes which are causing the wrong policy version file to be created Dan Walsh 2013-02-14 08:18:40 -0500
  • 5e85dc35bb Revert some changes which are causing the wrong policy version file to be created Dan Walsh 2013-02-14 07:59:56 -0500
  • c1553db668 Update to upstream Dan Walsh 2013-02-07 12:33:50 -0500
  • 01e3787363 Update to latest patches from eparis/Upstream Dan Walsh 2013-01-27 20:07:56 -0500
  • 976da17c28 Update to latest patches from eparis/Upstream Dan Walsh 2013-01-25 09:35:30 -0500
  • 0a9b6f58d0 Try procatt speedup patch again Dan Walsh 2013-01-23 14:26:18 -0500
  • f297425de0 Roll back procattr speedups since it seems to be screwing up systemd labeling. Dan Walsh 2013-01-23 06:39:46 -0500
  • 775a744b5d Fix tid handling for setfscreatecon, old patch still broken in libvirt Dan Walsh 2013-01-22 17:23:19 -0500
  • f0a059565a Fix tid handling for setfscreatecon, old patch still broken in libvirt Dan Walsh 2013-01-18 10:01:45 -0600
  • 7a71cdb44d setfscreatecon after fork was broken by the Set*con patch. Dan Walsh 2013-01-14 16:19:46 -0500
  • a9a8a9f55f Fix setfscreatecon call to handle failure mode, which was breaking udev Dan Walsh 2013-01-10 16:06:03 -0500
  • 0974ef2348 Ondrej Oprala patch to optimize set*con functions Dan Walsh 2013-01-09 10:18:51 -0500
  • 3fdab66ec0 Update to latest patches from eparis/Upstream Dan Walsh 2013-01-04 17:27:39 -0500
  • e7604b157b Rebuild with latest libsepol Dan Walsh 2012-11-19 15:17:16 -0500
  • edd5aaafc0 Return EPERM if login program can not reach default label for user Dan Walsh 2012-11-16 16:49:57 -0500
  • 8c2b32a881 Apply patch from eparis to fix leaked file descriptor in new labeling code Dan Walsh 2012-11-05 11:54:39 -0500
  • 5a7e010f07 Apply patch from eparis to fix leaked file descriptor in new labeling code rhatdan 2012-11-01 15:53:47 -0400
  • e1c914df47 Add new function mode_to_security_class which takes mode instead of a string. rhatdan 2012-10-25 16:27:52 -0400
  • 166aec5994 Update to upstream rhatdan 2012-09-14 06:21:17 -0400
  • 2b3728456a Update to upstream rhatdan 2012-09-14 06:03:06 -0400
  • 9fac486ba3 Update to upstream rhatdan 2012-09-14 06:02:36 -0400
  • 01a1f705b5 Update to upstream rhatdan 2012-09-14 05:59:45 -0400
  • ebb7fce3b2 rebuild for https://fedoraproject.org/wiki/Features/Python_3.3 David Malcolm 2012-08-03 21:17:14 -0400
  • 7ca2991d38 2.1.11-5: make with_python3 be conditional on fedora David Malcolm 2012-08-01 16:34:26 -0400
  • 4eed7a5379 Ensure that we only close the selinux netlink socket once. Dan Walsh 2012-07-31 10:14:59 -0400
  • dc57424bd3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild Dennis Gilmore 2012-07-19 16:09:21 -0500
  • 6b51ca9aaf Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d Dan Walsh 2012-07-16 17:13:48 -0400
  • 852ea731d6 Revert Eric Paris Patch for selinux_binary_policy_path Dan Walsh 2012-07-13 15:38:11 -0400
  • cd092e1338 Update to upstream Dan Walsh 2012-07-04 07:31:12 -0400
  • d9f6251b10 Fix booleans.subs name, change function name to selinux_boolean_sub, Dan Walsh 2012-06-11 13:31:23 -0400
  • f9135bb77c Fix to compile with Fortify source Dan Walsh 2012-05-25 07:20:38 -0400
  • 40eaa6c970 Add support for lxc contexts file Dan Walsh 2012-04-19 16:34:27 -0400
  • 884d86db59 Update to upstream Dan Walsh 2012-03-29 14:43:23 -0400
  • ce3cc634eb Update to upstream Dan Walsh 2012-03-29 14:39:18 -0400
  • a6c6ce4ff0 avc_netlink_recieve should continue to poll if it receinves an EINTR rather Dan Walsh 2012-02-03 10:33:11 -0500
  • 76fb5c8e65 avc_netlink_recieve should continue to poll if it receinves an EINTR rather Dan Walsh 2012-02-03 10:31:53 -0500
  • 82dfd09743 Update release Kay Sievers 2012-01-29 19:47:44 +0100
  • de370ba771 Use /sbin/ldconfig, glibc does not provide /usr/sbin/ldconfig for now Kay Sievers 2012-01-29 19:41:31 +0100
  • 86fcde8ff1 Rebuild with cleaned up upstream to work in /usr Dan Walsh 2012-01-27 14:50:47 -0500
  • cca484b26b install everything in /usr Harald Hoyer 2012-01-25 19:01:37 +0100
  • f5849c1fad Add Dan Berrange code cleanup patches. Dan Walsh 2012-01-23 13:39:03 -0500
  • 3b242a5830 Add Dan Berrange code cleanup patches. Dan Walsh 2012-01-23 11:30:40 -0500
  • 80c334bf8d Fix selabal_open man page to refer to proper selinux_opt structure Dan Walsh 2012-01-23 11:28:11 -0500
  • ad8477f7a1 Fix selabal_open man page to refer to proper selinux_opt structure Dan Walsh 2012-01-04 11:03:19 -0500
  • 7959ef108b Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page Dan Walsh 2011-12-21 18:09:52 +0000
  • 2390d5be83 Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page Dan Walsh 2011-12-21 18:02:29 +0000
  • 3ae845067c Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page Dan Walsh 2011-12-21 18:01:55 +0000
  • 0c717c5b8c Add patch from Richard Haines When selabel_lookup found an invalid context with validation enabled, it always stated it was 'file_contexts' whether media, x, db or file. The fix is to store the spec file name in the selabel_lookup_rec on selabel_open and use this as output for logs. Also a minor fix if key is NULL to stop seg faults. Fix setenforce manage page. Dan Walsh 2011-12-19 14:48:33 -0500
  • 3e52a1517d Rebuild with new libsepol Dan Walsh 2011-12-16 06:22:49 -0500
  • 7a677c0c11 Rebuild with new libsepol Dan Walsh 2011-12-15 16:50:07 -0500
  • e9493af009 Fix setenforce man page, from Miroslav Grepl Dan Walsh 2011-12-06 10:43:58 -0500
  • de1ce20f11 Upgrade to upstream * selinuxswig_python.i: don't make syscall if it won't change anything * Remove assert in security_get_boolean_names(3) * Mapped compute functions now obey deny_unknown flag * get_default_type now sets EINVAL if no entry. * return EINVAL if invalid role selected * Updated selabel_file(5) man page * Updated selabel_db(5) man page * Updated selabel_media(5) man page * Updated selabel_x(5) man page * Add man/man5 man pages * Add man/man5 man pages * Add man/man5 man pages * use -W and -Werror in utils Dan Walsh 2011-12-06 08:55:52 -0500
  • 0921286973 Change python binding for restorecon to check if the context matches. If it does do not reset Dan Walsh 2011-11-29 09:47:57 -0500
  • 5cb2893d59 * Makefiles: syntax, convert all ${VAR} to $(VAR) * load_policy: handle selinux=0 and /sys/fs/selinux not exist * regenerate .pc on VERSION change * label: cosmetic cleanups * simple interface for access checks * Don't reinitialize avc_init if it has been called previously * seusers: fix to handle large sets of groups * audit2why: close fd on enomem * rename and export symlink_realpath * label_file: style changes to make Eric happy. Dan Walsh 2011-11-04 09:13:56 -0400
  • 8075466849 Apply libselinux patch to handle large groups in seusers. Dan Walsh 2011-10-24 14:30:05 -0400
  • 9328ed5d59 Add selinux_check_access function. Needed for passwd, chfn, chsh Dan Walsh 2011-10-20 16:50:40 -0400
  • a8fa8756a9 Add selinux_check_access function. Needed for passwd, chfn, chsh Dan Walsh 2011-10-20 15:44:39 -0400
  • 3f542ebbed Handle situation where selinux=0 passed to the kernel and both /selinux and Dan Walsh 2011-09-22 09:38:06 -0400
  • 942b6cd466 Update to upstream * utils: matchpathcon: remove duplicate declaration * src: matchpathcon: use myprintf not fprintf * src: matchpathcon: make sure resolved path starts * put libselinux.so.1 in /lib not /usr/lib * tree: default make target to all not Dan Walsh 2011-09-19 06:53:35 -0400
  • aa09b7d954 Update to upstream * utils: matchpathcon: remove duplicate declaration * src: matchpathcon: use myprintf not fprintf * src: matchpathcon: make sure resolved path starts * put libselinux.so.1 in /lib not /usr/lib * tree: default make target to all not Dan Walsh 2011-09-19 06:52:45 -0400
  • 5113c7563a Switch to use ":" as prefix separator rather then ";" Dan Walsh 2011-09-14 22:01:30 -0400
  • 09b67080b4 Avoid unnecessary shell invocation in %post. Dan Walsh 2011-09-08 15:26:30 -0400
  • c03bd38197 Fix handling of subset labeling that is causing segfault in restorecon Dan Walsh 2011-09-06 09:46:57 -0400
  • 10e77a8370 Change matchpathcon_init_prefix and selabel_open to allow multiple initial prefixes. Now you can specify a ";" separated list of prefixes and the labeling system will only load regular expressions that match these prefixes. Dan Walsh 2011-09-02 08:58:11 -0400
  • 44cb708314 Change matchpatcon to use proper myprintf Fix symlink_realpath to always include "/" Update to upstream * selinux_file_context_verify function returns wrong value. * move realpath helper to matchpathcon library * python wrapper makefile changes Dan Walsh 2011-08-30 11:14:36 -0400
  • 495b754734 Change matchpatcon to use proper myprintf Fix symlink_realpath to always include "/" Update to upstream * selinux_file_context_verify function returns wrong value. * move realpath helper to matchpathcon library * python wrapper makefile changes Dan Walsh 2011-08-30 11:08:49 -0400
  • 4eca5fc79f Move to new Makefile that can build with or without PYTHON being set Dan Walsh 2011-08-22 11:04:32 -0400
  • 00e063e5f5 Update to upstream 2.1.4 2011-0817 * mapping fix for invalid class/perms after selinux_set_mapping * audit2why: work around python bug not defining * resolv symlinks and dot directories before matching Dan Walsh 2011-08-18 07:09:51 -0400
  • 125b5b107c Update to upstream * Release, minor version bump * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines. Dan Walsh 2011-07-28 11:58:12 -0400
  • 076f35f59b Only call dups check within selabel/matchpathcon if you are validating the context This seems to speed the loading of labels by 4 times. Dan Walsh 2011-06-13 11:29:06 -0400
  • 2c3aaeae1e Move /selinux to /sys/fs/selinux Add selinuxexeccon Add realpath to matchpathcon to handle matchpathcon * type queries. Dan Walsh 2011-05-25 14:25:56 -0400
  • 71e7978d45 Update for latest libsepol Dan Walsh 2011-04-21 12:02:22 -0400
  • f0ee56705a Update for latest libsepol Dan Walsh 2011-04-18 09:33:23 -0400
  • 73bed069d2 Fix restorecon python binding to accept relative paths Dan Walsh 2011-04-13 16:51:22 -0400
  • 6db4df3c24 Update to upstream * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines. Dan Walsh 2011-04-12 10:09:47 -0400
  • 982b2e517d Update to upstream * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines. Dan Walsh 2011-04-12 10:08:26 -0400
  • d455eb5e43 Clean up patch to make handling of constructor cleanup more portable * db_language object class support for selabel_lookup from KaiGai Kohei. * Library destructors for thread local storage keys from Eamon Walsh. Dan Walsh 2011-04-06 16:46:47 -0400
  • 3d499ceb03 Clean up patch to make handling of constructor cleanup more portable Dan Walsh 2011-04-06 11:19:19 -0400
  • 8723500e16 Add file_context.subs_dist to subs paths Dan Walsh 2011-04-05 14:03:07 -0400
  • 4b2caaad18 Add patch from dbhole@redhat.com to initialize thread keys to -1 Errors were being seen in libpthread/libdl that were related to corrupt thread specific keys. Global destructors that are called on dl unload. During destruction delete a thread specific key without checking if it has been initialized. Since the constructor is not called each time (i.e. key is not initialized with pthread_key_create each time), and the default is 0, there is a possibility that key 0 for an active thread gets deleted. This is exactly what is happening in case of OpenJDK. Dan Walsh 2011-04-05 12:10:57 -0400