de746cb12c- Upgrade to latest from NSA Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.
Daniel J Walsh
2006-09-29 15:56:32 +0000
f6df692173- Upgrade to latest from NSA Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.
Daniel J Walsh
2006-09-29 15:56:14 +0000
95053689d2- really make -devel depend on libsepol-devel
Jeremy Katz
2006-09-28 01:51:37 +0000
cfd1d1337d- Add sgrubb patch for polmatch
Daniel J Walsh
2006-09-25 14:19:06 +0000
ab45727649- Upgrade to latest from NSA Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
Daniel J Walsh
2006-09-13 17:39:35 +0000
8a855c559b- have -devel require libsepol-devel
Jeremy Katz
2006-09-05 19:44:37 +0000
7bdc604160- Upgrade to latest from NSA Merged patch to not log avc stats upon a reset from Steve Grubb. Applied patch to revert compat_net setting upon policy load. Merged file context homedir and local path functions from Chris PeBenito.
Daniel J Walsh
2006-08-24 18:37:18 +0000
88e5d3a474rebuilt with latest binutils
Jesse Keating
2006-08-18 20:14:02 +0000
77a0d2cc39- Upgrade to latest from NSA Merged file context homedir and local path functions from Chris PeBenito. Rework functions that access /proc/pid/attr to access the per-thread nodes, and unify the code to simplify maintenance.
Daniel J Walsh
2006-08-12 11:21:11 +0000
243c6756b4- Upgrade to latest from NSA Merged return value fix for *getfilecon() from Dan Walsh. Merged sockcreate interfaces from Eric Paris.
Daniel J Walsh
2006-08-11 10:45:34 +0000
b7bdc631f1- Fix translation return codes to return size of buffer
Daniel J Walsh
2006-08-10 15:34:47 +0000
ef26b847fa- Upgrade to latest from NSA Merged no-tls-direct-seg-refs patch from Jeremy Katz. Merged netfilter_contexts support patch from Chris PeBenito.
Daniel J Walsh
2006-08-04 22:49:48 +0000
61ba667985- Upgrade to latest from NSA Merged context_*_set errno patch from Jim Meyering.
Daniel J Walsh
2006-08-02 21:05:42 +0000
75675c7d50- only build non-fpic objects with -mno-tls-direct-seg-refs
Jeremy Katz
2006-08-01 18:38:57 +0000
be0d45133a- build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults with xen (#200783)
Jeremy Katz
2006-08-01 18:26:09 +0000
6b84a37b8f- Rebuild for new gcc
Daniel J Walsh
2006-07-17 13:12:11 +0000
5a5a289fc8- Rebuild for new gcc
Daniel J Walsh
2006-07-17 13:11:16 +0000
1e7c365c44- Fix libselinux to not telinit during installs
Daniel J Walsh
2006-07-11 19:26:08 +0000
aa27b6bf81- Upgrade to latest from NSA Lindent. Merged {get,set}procattrcon patch set from Eric Paris. Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. Regenerated Flask headers from refpolicy. - Added selinux_file_context_{cmp,verify}. - Added selinux_lsetfilecon_default. - Delay translation of contexts in matchpathcon.
Daniel J Walsh
2006-07-05 10:42:47 +0000
799720edd4- Yet another change to matchpathcon
Daniel J Walsh
2006-06-21 20:16:13 +0000
d8849af170- Turn off error printing in library. Need to compile with DEBUG to get it back
Daniel J Walsh
2006-06-21 19:58:52 +0000
f4b45ddd03- Turn off error printing in library. Need to compile with DEBUG to get it back
Daniel J Walsh
2006-06-21 18:33:13 +0000
2d9b36b51e- Fix error reporting of matchpathcon
Daniel J Walsh
2006-06-21 13:12:11 +0000
645f93a8a5- Add function to compare file context on disk versus contexts in file_contexts file.
Daniel J Walsh
2006-06-20 20:30:59 +0000
e60c844fba- Upgrade to latest from NSA Added selinux_getpolicytype() function. Modified setrans code to skip processing if !mls_enabled. Set errno in the !selinux_mnt case. Allocate large buffers from the heap, not on stack. Affects is_context_customizable, selinux_init_load_policy, and selinux_getenforcemode.
Daniel J Walsh
2006-06-16 19:16:03 +0000
c92317552dAdd MLSENabled check
Daniel J Walsh
2006-06-12 18:10:30 +0000
8389437eda- Add selinux_getpolicytype()
Daniel J Walsh
2006-06-09 19:43:52 +0000
af1839bde5- Upgrade to latest from NSA Merged !selinux_mnt checks from Ian Kent.
Daniel J Walsh
2006-06-05 18:52:19 +0000
f3cb9dc26b- Check for selinux_mnt == NULL
Daniel J Walsh
2006-06-01 17:25:22 +0000
9cf72ebb65Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn.
Daniel J Walsh
2006-05-31 10:36:45 +0000
cd024ca945- Remove getseuser
Daniel J Walsh
2006-05-30 12:44:31 +0000
d1291eceea- Bump requires to grab latest libsepol
Daniel J Walsh
2006-05-25 19:30:29 +0000
389a79998b- Add BuildRequires for swig
Daniel J Walsh
2006-05-24 03:50:03 +0000
c2de2ffa71- Upgrade to latest from NSA Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.
Daniel J Walsh
2006-05-23 10:39:18 +0000
96ed369e9d- Upgrade to latest from NSA Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.
Daniel J Walsh
2006-05-23 10:26:55 +0000
8f927c4a9f- More fixes for translation cache - Upgrade to latest from NSA Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().
Daniel J Walsh
2006-05-18 16:15:35 +0000
b71bf0b207- Upgrade to latest from NSA Merged setrans client cleanup patch from Steve Grubb.
Daniel J Walsh
2006-05-17 00:49:24 +0000
069461a7d8- Add Russell's AVC patch to handle large numbers
Daniel J Walsh
2006-05-09 19:13:08 +0000
20222fb072- Upgrade to latest from NSA Merged getfscreatecon man page fix from Dan Walsh. Updated booleans(8) man page to drop references to the old booleans file and to note that setsebool can be used to set the boot-time defaults via -P.
Daniel J Walsh
2006-05-08 15:04:16 +0000
98a597a060Merged fix warnings patch from Karl MacMillan. Merged setrans client support from Dan Walsh. This removes use of libsetrans. Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. Merged swig typemap fixes from Glauber de Oliveira Costa.
Daniel J Walsh
2006-05-08 14:08:21 +0000
a925159382- Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)
Daniel J Walsh
2006-05-02 18:49:41 +0000
e0ab958383- Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconfig(_SC_PAGE_SIZE)
Daniel J Walsh
2006-05-02 18:23:25 +0000
75c50e4988- Add selinuxswig fixes
Daniel J Walsh
2006-05-02 17:09:39 +0000
ea8c625b8c- Upgrade to latest from NSA Added distclean target to Makefile. Regenerated swig files. Changed matchpathcon_init to verify that the spec file is a regular file. Merged python binding t_output_helper removal patch from Dan Walsh.
Daniel J Walsh
2006-04-14 11:31:14 +0000
fed1ce5b77- Fix python bindings for matchpathcon - Fix booleans man page
Daniel J Walsh
2006-04-11 19:03:13 +0000
c8030dcf96Merged Makefile PYLIBVER definition patch from Dan Walsh.
Daniel J Walsh
2006-04-11 18:25:46 +0000
55f0304445- Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA Updated version for release. Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.
Daniel J Walsh
2006-03-17 18:33:18 +0000
d27dc97404- Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA Updated version for release. Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.
Daniel J Walsh
2006-03-17 17:20:57 +0000
b531c7552abump for bug in double-long on ppc(64)
Jesse Keating
2006-02-11 04:12:30 +0000
79e8955796bump for new gcc/glibc
Jesse Keating
2006-02-07 12:43:42 +0000
6a494f5394- Upgrade to latest from NSA Merged install-pywrap Makefile patch from Joshua Brindle.
Daniel J Walsh
2006-01-20 16:17:43 +0000
9ecb57d018- Upgrade to latest from NSA Merged pywrap Makefile patch from Dan Walsh.
Daniel J Walsh
2006-01-18 16:16:30 +0000
fd8295b044- Upgrade to latest from NSA Merged pywrap Makefile patch from Dan Walsh.
Daniel J Walsh
2006-01-18 16:14:55 +0000
f4d57a9014- Split out pywrap in Makefile
Daniel J Walsh
2006-01-14 05:05:19 +0000
ee0a60b0f5- Upgrade to latest from NSA Added getseuser test program.
Daniel J Walsh
2006-01-13 22:14:28 +0000
9ad8aa5f09- Upgrade to latest from NSA Added format attribute to myprintf in matchpathcon.c and removed obsoleted rootlen variable in init_selinux_config().
Daniel J Walsh
2006-01-06 15:47:03 +0000
fb1f51806c- Build with new libsepol
Daniel J Walsh
2006-01-04 18:34:57 +0000
dab5a2cb5a- Upgrade to latest from NSA - corrected use of getline - further calls to __fsetlocking for local files - use of strdupa and asprintf - proper handling of dirent in booleans code - use of -z relro - several other optimizations Merged getpidcon python wrapper from Dan Walsh (Red Hat).
Daniel J Walsh
2006-01-04 15:40:59 +0000
cac4888385- Add build requires line for libsepol-devel
Daniel J Walsh
2005-12-24 13:03:59 +0000
407234b39f- Fix swig call for getpidcon
Daniel J Walsh
2005-12-20 14:44:43 +0000
41b7ee2ce3- Move libselinux.so to base package
Daniel J Walsh
2005-12-19 14:35:26 +0000
0b65dc6081- Upgrade to latest from NSA Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.
Daniel J Walsh
2005-12-14 19:22:10 +0000
6c4b73afbd- Upgrade to latest from NSA Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.
Daniel J Walsh
2005-12-14 19:19:29 +0000
3371166078- update to latest libsetrans - Fix potential memory leak
Daniel J Walsh
2005-12-13 20:44:36 +0000
d21de0e9f0- update to latest libsetrans
Daniel J Walsh
2005-12-11 17:26:58 +0000
2774b7d0d8- Update to never version Merged patch for swig interfaces from Dan Walsh.
Daniel J Walsh
2005-12-08 18:04:22 +0000
a73f673890- Update to never version
Daniel J Walsh
2005-12-08 04:36:24 +0000
710322bbd4- Update to never version
Daniel J Walsh
2005-12-08 04:35:07 +0000
0e39b77de1- Fix some of the python swig objects
Daniel J Walsh
2005-12-07 15:53:55 +0000
38b50da3f8- Update to latest from NSA Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified matchpathcon implementation to make context validation/ canonicalization optional at matchpathcon_init time, deferring it to a successful matchpathcon by default unless the new flag is set by the caller. Added matchpathcon_init_prefix() interface, and reworked matchpathcon implementation to support selective loading of file contexts entries based on prefix matching between the pathname regex stems and the specified path prefix (stem must be a prefix of the specified path prefix).
Daniel J Walsh
2005-12-01 19:20:49 +0000
827fc8369b- Update to latest from NSA Change getsebool to return on/off instead of active/inactive
Daniel J Walsh
2005-11-30 20:10:18 +0000
56d326bb01- Change getsebool to return on/off instead of active/inactive
Daniel J Walsh
2005-11-29 19:21:03 +0000
116a5b0c09- Update to latest from NSA Added -f file_contexts option to matchpathcon util. Fixed warning message in matchpathcon_init(). Merged Makefile python definitions patch from Dan Walsh.
Daniel J Walsh
2005-11-29 18:47:52 +0000
998386142aMerged swigify patch from Dan Walsh.
Daniel J Walsh
2005-11-29 03:04:19 +0000
86e0b5f76e- Separate out libselinux-python bindings into separate rpm
Daniel J Walsh
2005-11-29 03:02:30 +0000
4bb08c52c4- Separate out libselinux-python bindings into separate rpm
Daniel J Walsh
2005-11-28 22:02:25 +0000
555b9174f8- Readd libsetrans requirement
Daniel J Walsh
2005-11-22 17:53:13 +0000
ae85aab0af- Add python bindings
Daniel J Walsh
2005-11-17 17:13:50 +0000
ac2f72cc37- Update to latest from NSA Merged make failure in rpm_execcon non-fatal in permissive mode patch from Ivan Gyurdiev.
Daniel J Walsh
2005-11-17 02:41:51 +0000
f0d8402adc- Remove requirement for libsetrans
Daniel J Walsh
2005-11-16 02:10:36 +0000
67ec76fa36- Update to latest from NSA Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.
Daniel J Walsh
2005-11-09 01:39:32 +0000
848a7fab72- Update to latest from NSA Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.
Daniel J Walsh
2005-11-09 01:36:44 +0000
e6236defe6- Update to latest from NSA Added security_canonicalize_context() interface and set_matchpathcon_canoncon() interface for obtaining canonical contexts. Changed matchpathcon internals to obtain canonical contexts by default. Provided fallback for kernels that lack extended selinuxfs context interface. - Patch to not translate mls when calling setfiles
Daniel J Walsh
2005-11-08 23:41:10 +0000
70810f17e4- Patch to not translate mls when calling setfiles
Daniel J Walsh
2005-11-08 19:18:13 +0000
69e4fdee5afix spec
Daniel J Walsh
2005-11-08 19:11:58 +0000
37bc4557e3- Don't strip mls context if selinux is not enabled.
Daniel J Walsh
2005-11-08 19:09:28 +0000
8f768f0ce7- Update to latest from NSA Merged seusers parser changes from Ivan Gyurdiev. Merged setsebool to libsemanage patch from Ivan Gyurdiev. Changed seusers parser to reject empty fields.
Daniel J Walsh
2005-11-07 14:50:45 +0000
e559debc39Merged seusers empty level handling patch from Jonathan Kim (TCS).
Daniel J Walsh
2005-11-04 14:49:42 +0000
da7a013c49- Rebuild for latest libsepol
Daniel J Walsh
2005-11-03 20:04:43 +0000
93060b5d12- Rebuild for latest libsepol
Daniel J Walsh
2005-11-03 15:46:44 +0000
597ff86a91- Rebuild for latest libsepol
Daniel J Walsh
2005-10-31 20:31:40 +0000
08d2242291- Change default to __default__
Daniel J Walsh
2005-10-27 17:57:25 +0000
9f412a6358- Change default to __default__
Daniel J Walsh
2005-10-26 20:32:58 +0000
54939fac9a- Add selinux_translations_path
Daniel J Walsh
2005-10-25 22:03:43 +0000
2300981c61- Update to latest from NSA Merged selinux_path() and selinux_homedir_context_path() functions from Joshua Brindle.
Daniel J Walsh
2005-10-25 19:17:22 +0000
8ab39e56ae- Need to check for /sbin/telinit
Daniel J Walsh
2005-10-21 16:26:20 +0000
f6b11f6673- Need to check for /sbin/telinit
Daniel J Walsh
2005-10-21 14:51:35 +0000
3ef1de9af9- Update to latest from NSA Merged fixes for make DESTDIR= builds from Joshua Brindle.
Daniel J Walsh
2005-10-20 20:34:28 +0000
78dc042098- Update to latest from NSA Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red Hat). Updated call to sepol_policydb_to_image for sepol changes. Changed getseuserbyname to ignore empty lines and to handle no matching entry in the same manner as no seusers file.
Daniel J Walsh
2005-10-18 18:27:41 +0000
Daniel J Walsh
Jeremy Katz
Jesse Keating