- Drop deprecated functions and duplicated symbols
- Change library version to libsepol.so.2
- temporary ship -compat with libsepol.so.1
- Re-enable LTO flags
- drop deprecated functions and duplicated symbols
- change library version to libsepol.so.2
- temporary ship -compat with libsepol.so.1
- based on upstream db0f2f382e31
- re-enable lto flags
After c58a1c7ba8 ("libsepol-3.1-1"), these patch files are no longer
referenced from the spec file and are included in the tarball version.
Remove them.
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
There is a new feature in the Standard Test Roles which allows to
use an FMF filter instead of listing all tests manually. All tier
one selinux tests are selected as well, thus extending requires.
- cil: Create new keep field for type attribute sets
- build: follow standard semantics for DESTDIR and PREFIX
- cil: show an error when cil_expr_to_string() fails
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
- reset pointer after free in cil_strpool_destroy()
- cil: Add ability to redeclare types[attributes]
- cil: Keep attributes used by generated attributes in neverallow
ules
- use IN6ADDR_ANY_INIT to initialize IPv6 addresses
- fix memory leak in sepol_bool_query()
- cil: drop wrong unused attribute
- cil: fix -Wwrite-strings warning
- cil: __cil_post_db_neverallow_attr_helper() does not use extra_args
The following steps are used to execute the tests using the standard test interface:
Docker
sudo ANSIBLE_INVENTORY=$(test -e inventory && echo inventory || echo /usr/share/ansible/inventory) TEST_SUBJECTS=docker:docker.io/library/fedora:26 TEST_ARTIFACTS=$PWD/artifacts ansible-playbook --tags container tests.yml
Classic
sudo ANSIBLE_INVENTORY=$(test -e inventory && echo inventory || echo /usr/share/ansible/inventory) TEST_SUBJECTS="" TEST_ARTIFACTS=$PWD/artifacts ansible-playbook --tags classic tests.yml
https://src.fedoraproject.org/rpms/libsepol/pull-request/1
- Fix neverallow bug when checking conditional policy
- Destroy the expanded level when mls_semantic_level_expand() fails
- Do not seg fault on sepol_*_key_free(NULL)
- Check for too many permissions in classes and commons in CIL
- Fix xperm mapping between avrule and avtab
- tests: Fix mispelling of optimization option
- Fix unused/uninitialized variables on mac build
- Produce more meaningful error messages for conflicting type rules in CIL
- make "make test" fail when a CUnit test fails
- tests: fix g_b_role_2 test
- Change which attributes CIL keeps in the binary policy
- Port str_read() from kernel and remove multiple occurances of similar code
- Use calloc instead of malloc for all the *_to_val_structs
- Fix bugs found by AFL
- Fix memory leak in expand.c
- Fix invalid read when policy file is corrupt
- Fix possible use of uninitialized variables
- Correctly detect unknown classes in sepol_string_to_security_class
- Sort object files for deterministic linking order
- Fix neverallowxperm checking on attributes
- Remove libsepol.map when cleaning
- Add high-level language line marking support to CIL
