import mcstrans-2.8-2.el8
This commit is contained in:
commit
e76e77f16e
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
SOURCES/mcstrans-2.8.tar.gz
|
1
.mcstrans.metadata
Normal file
1
.mcstrans.metadata
Normal file
@ -0,0 +1 @@
|
|||||||
|
a52d02609e81fbfcc6de54457cc5f9c6da727c48 SOURCES/mcstrans-2.8.tar.gz
|
238
SOURCES/mcstrans-fedora.patch
Normal file
238
SOURCES/mcstrans-fedora.patch
Normal file
@ -0,0 +1,238 @@
|
|||||||
|
diff --git mcstrans-2.8/src/mcstrans.c mcstrans-2.8/src/mcstrans.c
|
||||||
|
index 00fb808..0d9d0f3 100644
|
||||||
|
--- mcstrans-2.8/src/mcstrans.c
|
||||||
|
+++ mcstrans-2.8/src/mcstrans.c
|
||||||
|
@@ -633,16 +633,23 @@ add_cache(domain_t *domain, char *raw, char *trans) {
|
||||||
|
|
||||||
|
map->raw = strdup(raw);
|
||||||
|
if (!map->raw) {
|
||||||
|
+ free(map);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
map->trans = strdup(trans);
|
||||||
|
if (!map->trans) {
|
||||||
|
+ free(map->raw);
|
||||||
|
+ free(map);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
log_debug(" add_cache (%s,%s)\n", raw, trans);
|
||||||
|
- if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0)
|
||||||
|
+ if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0) {
|
||||||
|
+ free(map->trans);
|
||||||
|
+ free(map->raw);
|
||||||
|
+ free(map);
|
||||||
|
goto err;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (add_to_hashtable(domain->trans_to_raw, map->trans, map) < 0)
|
||||||
|
goto err;
|
||||||
|
@@ -708,6 +715,7 @@ append(affix_t **affixes, const char *val) {
|
||||||
|
|
||||||
|
err:
|
||||||
|
log_error("allocation error %s", strerror(errno));
|
||||||
|
+ free(affix);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1517,8 +1525,11 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
|
||||||
|
} else {
|
||||||
|
trans = compute_trans_from_raw(range, domain);
|
||||||
|
if (trans)
|
||||||
|
- if (add_cache(domain, range, trans) < 0)
|
||||||
|
+ if (add_cache(domain, range, trans) < 0) {
|
||||||
|
+ free(trans);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
if (lrange && urange) {
|
||||||
|
@@ -1526,12 +1537,16 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
|
||||||
|
if (! ltrans) {
|
||||||
|
ltrans = compute_trans_from_raw(lrange, domain);
|
||||||
|
if (ltrans) {
|
||||||
|
- if (add_cache(domain, lrange, ltrans) < 0)
|
||||||
|
+ if (add_cache(domain, lrange, ltrans) < 0) {
|
||||||
|
+ free(ltrans);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
} else {
|
||||||
|
ltrans = strdup(lrange);
|
||||||
|
if (! ltrans) {
|
||||||
|
log_error("strdup failed %s", strerror(errno));
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -1541,25 +1556,37 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
|
||||||
|
if (! utrans) {
|
||||||
|
utrans = compute_trans_from_raw(urange, domain);
|
||||||
|
if (utrans) {
|
||||||
|
- if (add_cache(domain, urange, utrans) < 0)
|
||||||
|
+ if (add_cache(domain, urange, utrans) < 0) {
|
||||||
|
+ free(utrans);
|
||||||
|
+ free(ltrans);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
} else {
|
||||||
|
utrans = strdup(urange);
|
||||||
|
if (! utrans) {
|
||||||
|
log_error("strdup failed %s", strerror(errno));
|
||||||
|
- return -1;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
+ free(ltrans);
|
||||||
|
+ free(range);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strcmp(ltrans, utrans) == 0) {
|
||||||
|
if (asprintf(&trans, "%s", ltrans) < 0) {
|
||||||
|
log_error("asprintf failed %s", strerror(errno));
|
||||||
|
+ free(utrans);
|
||||||
|
+ free(ltrans);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (asprintf(&trans, "%s-%s", ltrans, utrans) < 0) {
|
||||||
|
log_error("asprintf failed %s", strerror(errno));
|
||||||
|
+ free(utrans);
|
||||||
|
+ free(ltrans);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -1629,13 +1656,22 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
|
||||||
|
if (!canonical) {
|
||||||
|
canonical = compute_trans_from_raw(raw, domain);
|
||||||
|
if (canonical && strcmp(canonical, range))
|
||||||
|
- if (add_cache(domain, raw, canonical) < 0)
|
||||||
|
+ if (add_cache(domain, raw, canonical) < 0) {
|
||||||
|
+ free(canonical);
|
||||||
|
+ free(range);
|
||||||
|
+ free(raw);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
- if (canonical)
|
||||||
|
+ if (canonical) {
|
||||||
|
free(canonical);
|
||||||
|
- if (add_cache(domain, raw, range) < 0)
|
||||||
|
+ free(raw);
|
||||||
|
+ }
|
||||||
|
+ if (add_cache(domain, raw, range) < 0) {
|
||||||
|
+ free(range);
|
||||||
|
+ free(raw);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
} else {
|
||||||
|
log_debug("untrans_context unable to compute raw context %s\n", range);
|
||||||
|
}
|
||||||
|
@@ -1650,17 +1686,25 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
|
||||||
|
if (!canonical) {
|
||||||
|
canonical = compute_trans_from_raw(lraw, domain);
|
||||||
|
if (canonical)
|
||||||
|
- if (add_cache(domain, lraw, canonical) < 0)
|
||||||
|
+ if (add_cache(domain, lraw, canonical) < 0) {
|
||||||
|
+ free(canonical);
|
||||||
|
+ free(lraw);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
if (canonical)
|
||||||
|
free(canonical);
|
||||||
|
- if (add_cache(domain, lraw, lrange) < 0)
|
||||||
|
+ if (add_cache(domain, lraw, lrange) < 0) {
|
||||||
|
+ free(lraw);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
} else {
|
||||||
|
lraw = strdup(lrange);
|
||||||
|
if (! lraw) {
|
||||||
|
log_error("strdup failed %s", strerror(errno));
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -1674,17 +1718,28 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
|
||||||
|
if (!canonical) {
|
||||||
|
canonical = compute_trans_from_raw(uraw, domain);
|
||||||
|
if (canonical)
|
||||||
|
- if (add_cache(domain, uraw, canonical) < 0)
|
||||||
|
+ if (add_cache(domain, uraw, canonical) < 0) {
|
||||||
|
+ free(canonical);
|
||||||
|
+ free(uraw);
|
||||||
|
+ free(lraw);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
+ }
|
||||||
|
if (canonical)
|
||||||
|
free(canonical);
|
||||||
|
- if (add_cache(domain, uraw, urange) < 0)
|
||||||
|
+ if (add_cache(domain, uraw, urange) < 0) {
|
||||||
|
+ free(uraw);
|
||||||
|
+ free(lraw);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
} else {
|
||||||
|
uraw = strdup(urange);
|
||||||
|
if (! uraw) {
|
||||||
|
log_error("strdup failed %s", strerror(errno));
|
||||||
|
+ free(lraw);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -1694,11 +1749,17 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
|
||||||
|
if (strcmp(lraw, uraw) == 0) {
|
||||||
|
if (asprintf(&raw, "%s", lraw) < 0) {
|
||||||
|
log_error("asprintf failed %s", strerror(errno));
|
||||||
|
+ free(uraw);
|
||||||
|
+ free(lraw);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (asprintf(&raw, "%s-%s", lraw, uraw) < 0) {
|
||||||
|
log_error("asprintf failed %s", strerror(errno));
|
||||||
|
+ free(uraw);
|
||||||
|
+ free(lraw);
|
||||||
|
+ free(range);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
diff --git mcstrans-2.8/src/mcstransd.c mcstrans-2.8/src/mcstransd.c
|
||||||
|
index d7fc5de..a5a63d7 100644
|
||||||
|
--- mcstrans-2.8/src/mcstransd.c
|
||||||
|
+++ mcstrans-2.8/src/mcstransd.c
|
||||||
|
@@ -345,6 +345,7 @@ process_events(struct pollfd **ufds, int *nfds)
|
||||||
|
/* Setup pollfd for deletion later. */
|
||||||
|
(*ufds)[ii].fd = -1;
|
||||||
|
close(connfd);
|
||||||
|
+ connfd = -1;
|
||||||
|
/* So we don't get bothered later */
|
||||||
|
revents = revents & ~(POLLHUP);
|
||||||
|
}
|
||||||
|
@@ -358,10 +359,11 @@ process_events(struct pollfd **ufds, int *nfds)
|
||||||
|
/* Set the pollfd up for deletion later. */
|
||||||
|
(*ufds)[ii].fd = -1;
|
||||||
|
close(connfd);
|
||||||
|
+ connfd = -1;
|
||||||
|
|
||||||
|
revents = revents & ~(POLLHUP);
|
||||||
|
}
|
||||||
|
- if (revents) {
|
||||||
|
+ if (revents && connfd != -1) {
|
||||||
|
syslog(LOG_ERR, "Unknown/error events (%x) encountered"
|
||||||
|
" for fd (%d)\n", revents, connfd);
|
||||||
|
|
180
SOURCES/secolor.conf.8
Normal file
180
SOURCES/secolor.conf.8
Normal file
@ -0,0 +1,180 @@
|
|||||||
|
.TH "secolor.conf" "8" "08 April 2011" "SELinux API documentation"
|
||||||
|
.SH "NAME"
|
||||||
|
secolor.conf \- The SELinux color configuration file
|
||||||
|
.
|
||||||
|
.SH "DESCRIPTION"
|
||||||
|
The
|
||||||
|
.I /etc/selinux/{SELINUXTYPE}/secolor.conf
|
||||||
|
configuation file controls the color to be associated to the context components associated to the
|
||||||
|
.I raw
|
||||||
|
context passed by
|
||||||
|
.BR selinux_raw_context_to_color "(3),"
|
||||||
|
when context related information is to be displayed in color by an SELinux-aware application.
|
||||||
|
.sp
|
||||||
|
.BR selinux_raw_context_to_color "(3)"
|
||||||
|
obtains this color information from the active policy
|
||||||
|
.B secolor.conf
|
||||||
|
file as returned by
|
||||||
|
.BR selinux_colors_path "(3)."
|
||||||
|
.
|
||||||
|
.SH "FILE FORMAT"
|
||||||
|
The file format is as follows:
|
||||||
|
.RS
|
||||||
|
.B color
|
||||||
|
.I color_name
|
||||||
|
.BI "= #"color_mask
|
||||||
|
.br
|
||||||
|
[...]
|
||||||
|
.sp
|
||||||
|
.I context_component string
|
||||||
|
.B =
|
||||||
|
.I fg_color_name bg_color_name
|
||||||
|
.br
|
||||||
|
[...]
|
||||||
|
.sp
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Where:
|
||||||
|
.br
|
||||||
|
.B color
|
||||||
|
.RS
|
||||||
|
The color keyword. Each color entry is on a new line.
|
||||||
|
.RE
|
||||||
|
.I color_name
|
||||||
|
.RS
|
||||||
|
A single word name for the color (e.g. red).
|
||||||
|
.RE
|
||||||
|
.I color_mask
|
||||||
|
.RS
|
||||||
|
A color mask starting with a hash (#) that describes the hexadecimal RGB colors with black being #000000 and white being #ffffff.
|
||||||
|
.RE
|
||||||
|
.I context_component
|
||||||
|
.RS
|
||||||
|
The context component name that must be one of the following:
|
||||||
|
.br
|
||||||
|
.RS
|
||||||
|
user, role, type or range
|
||||||
|
.RE
|
||||||
|
Each
|
||||||
|
.IR context_component " " string " ..."
|
||||||
|
entry is on a new line.
|
||||||
|
.RE
|
||||||
|
.I string
|
||||||
|
.RS
|
||||||
|
This is the
|
||||||
|
.I context_component
|
||||||
|
string that will be matched with the
|
||||||
|
.I raw
|
||||||
|
context component passed by
|
||||||
|
.BR selinux_raw_context_to_color "(3)."
|
||||||
|
.br
|
||||||
|
A wildcard '*' may be used to match any undefined string for the user, role and type
|
||||||
|
.I context_component
|
||||||
|
entries only.
|
||||||
|
.RE
|
||||||
|
|
||||||
|
.I fg_color_name
|
||||||
|
.RS
|
||||||
|
The color_name string that will be used as the foreground color.
|
||||||
|
A
|
||||||
|
.I color_mask
|
||||||
|
may also be used.
|
||||||
|
.RE
|
||||||
|
.I bg_color_name
|
||||||
|
.RS
|
||||||
|
The color_name string that will be used as the background color.
|
||||||
|
A
|
||||||
|
.I color_mask
|
||||||
|
may also be used.
|
||||||
|
.RE
|
||||||
|
.
|
||||||
|
.SH "EXAMPLES"
|
||||||
|
Example 1 entries are:
|
||||||
|
.RS
|
||||||
|
color black = #000000
|
||||||
|
.br
|
||||||
|
color green = #008000
|
||||||
|
.br
|
||||||
|
color yellow = #ffff00
|
||||||
|
.br
|
||||||
|
color blue = #0000ff
|
||||||
|
.br
|
||||||
|
color white = #ffffff
|
||||||
|
.br
|
||||||
|
color red = #ff0000
|
||||||
|
.br
|
||||||
|
color orange = #ffa500
|
||||||
|
.br
|
||||||
|
color tan = #D2B48C
|
||||||
|
.sp
|
||||||
|
user * = black white
|
||||||
|
.br
|
||||||
|
role * = white black
|
||||||
|
.br
|
||||||
|
type * = tan orange
|
||||||
|
.br
|
||||||
|
range s0\-s0:c0.c1023 = black green
|
||||||
|
.br
|
||||||
|
range s1\-s1:c0.c1023 = white green
|
||||||
|
.br
|
||||||
|
range s3\-s3:c0.c1023 = black tan
|
||||||
|
.br
|
||||||
|
range s5\-s5:c0.c1023 = white blue
|
||||||
|
.br
|
||||||
|
range s7\-s7:c0.c1023 = black red
|
||||||
|
.br
|
||||||
|
range s9\-s9:c0.c1023 = black orange
|
||||||
|
.br
|
||||||
|
range s15:c0.c1023 = black yellow
|
||||||
|
.RE
|
||||||
|
|
||||||
|
.sp
|
||||||
|
Example 2 entries are:
|
||||||
|
.RS
|
||||||
|
color black = #000000
|
||||||
|
.br
|
||||||
|
color green = #008000
|
||||||
|
.br
|
||||||
|
color yellow = #ffff00
|
||||||
|
.br
|
||||||
|
color blue = #0000ff
|
||||||
|
.br
|
||||||
|
color white = #ffffff
|
||||||
|
.br
|
||||||
|
color red = #ff0000
|
||||||
|
.br
|
||||||
|
color orange = #ffa500
|
||||||
|
.br
|
||||||
|
color tan = #d2b48c
|
||||||
|
.sp
|
||||||
|
user unconfined_u = #ff0000 green
|
||||||
|
.br
|
||||||
|
role unconfined_r = red #ffffff
|
||||||
|
.br
|
||||||
|
type unconfined_t = red orange
|
||||||
|
.br
|
||||||
|
user user_u = black green
|
||||||
|
.br
|
||||||
|
role user_r = white black
|
||||||
|
.br
|
||||||
|
type user_t = tan red
|
||||||
|
.br
|
||||||
|
user xguest_u = black yellow
|
||||||
|
.br
|
||||||
|
role xguest_r = black red
|
||||||
|
.br
|
||||||
|
type xguest_t = black green
|
||||||
|
.br
|
||||||
|
user sysadm_u = white black
|
||||||
|
.br
|
||||||
|
range s0:c0.c1023 = black white
|
||||||
|
.br
|
||||||
|
user * = black white
|
||||||
|
.br
|
||||||
|
role * = black white
|
||||||
|
.br
|
||||||
|
type * = black white
|
||||||
|
.RE
|
||||||
|
.
|
||||||
|
.SH "SEE ALSO"
|
||||||
|
.BR mcstransd "(8), " selinux_raw_context_to_color "(3), " selinux_colors_path "(3)"
|
274
SPECS/mcstrans.spec
Normal file
274
SPECS/mcstrans.spec
Normal file
@ -0,0 +1,274 @@
|
|||||||
|
Summary: SELinux Translation Daemon
|
||||||
|
Name: mcstrans
|
||||||
|
Version: 2.8
|
||||||
|
Release: 2%{?dist}
|
||||||
|
License: GPL+
|
||||||
|
Url: https://github.com/SELinuxProject/selinux/wiki
|
||||||
|
Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/mcstrans-2.8.tar.gz
|
||||||
|
Source2: secolor.conf.8
|
||||||
|
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
|
||||||
|
# run:
|
||||||
|
# $ VERSION=2.8 ./make-fedora-selinux-patch.sh mcstrans
|
||||||
|
# HEAD 2b4b29f00e5f0746ff10e09686a23c6e96a11d5f
|
||||||
|
Patch1: mcstrans-fedora.patch
|
||||||
|
BuildRequires: gcc
|
||||||
|
BuildRequires: libselinux-devel >= %{version}
|
||||||
|
BuildRequires: libcap-devel pcre-devel libsepol-devel libsepol-static
|
||||||
|
BuildRequires: systemd
|
||||||
|
Requires: pcre
|
||||||
|
%{?systemd_requires}
|
||||||
|
Provides: setransd
|
||||||
|
Provides: libsetrans
|
||||||
|
Obsoletes: libsetrans
|
||||||
|
|
||||||
|
%description
|
||||||
|
Security-enhanced Linux is a feature of the Linux® kernel and a number
|
||||||
|
of utilities with enhanced security functionality designed to add
|
||||||
|
mandatory access controls to Linux. The Security-enhanced Linux
|
||||||
|
kernel contains new architectural components originally developed to
|
||||||
|
improve the security of the Flask operating system. These
|
||||||
|
architectural components provide general support for the enforcement
|
||||||
|
of many kinds of mandatory access control policies, including those
|
||||||
|
based on the concepts of Type Enforcement®, Role-based Access
|
||||||
|
Control, and Multi-level Security.
|
||||||
|
|
||||||
|
mcstrans provides an translation daemon to translate SELinux categories
|
||||||
|
from internal representations to user defined representation.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%autosetup -p 1 -n mcstrans-%{version}
|
||||||
|
|
||||||
|
%build
|
||||||
|
make clean
|
||||||
|
make LIBDIR="%{_libdir}" LDFLAGS="%{?__global_ldflags}" CFLAGS="%{__global_cflags}" %{?_smp_mflags}
|
||||||
|
|
||||||
|
%install
|
||||||
|
rm -rf %{buildroot}
|
||||||
|
mkdir -p %{buildroot}/%{_lib}
|
||||||
|
mkdir -p %{buildroot}/%{_libdir}
|
||||||
|
mkdir -p %{buildroot}%{_usr}/share/mcstrans
|
||||||
|
mkdir -p %{buildroot}%{_sysconfdir}/selinux/mls/setrans.d
|
||||||
|
|
||||||
|
make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_lib}" SBINDIR="%{_sbindir}" install
|
||||||
|
rm -f %{buildroot}%{_libdir}/*.a
|
||||||
|
cp -r share/* %{buildroot}%{_usr}/share/mcstrans/
|
||||||
|
# Systemd
|
||||||
|
mkdir -p %{buildroot}%{_unitdir}
|
||||||
|
ln -s %{_unitdir}/mcstrans.service %{buildroot}/%{_unitdir}/mcstransd.service
|
||||||
|
rm -rf %{buildroot}/%{_sysconfdir}/rc.d/init.d/mcstrans
|
||||||
|
install -m644 %{SOURCE2} %{buildroot}%{_mandir}/man8/
|
||||||
|
|
||||||
|
%clean
|
||||||
|
rm -rf %{buildroot}
|
||||||
|
|
||||||
|
%post
|
||||||
|
%systemd_post mcstransd.service
|
||||||
|
|
||||||
|
%preun
|
||||||
|
%systemd_preun mcstransd.service
|
||||||
|
|
||||||
|
%postun
|
||||||
|
%systemd_postun mcstransd.service
|
||||||
|
|
||||||
|
%files
|
||||||
|
%defattr(-,root,root,0755)
|
||||||
|
%{_mandir}/man8/mcs.8.gz
|
||||||
|
%{_mandir}/man8/mcstransd.8.gz
|
||||||
|
%{_mandir}/man8/setrans.conf.8.gz
|
||||||
|
%{_mandir}/man8/secolor.conf.8.gz
|
||||||
|
/usr/sbin/mcstransd
|
||||||
|
%{_unitdir}/mcstrans.service
|
||||||
|
%{_unitdir}/mcstransd.service
|
||||||
|
%dir %{_sysconfdir}/selinux/mls/setrans.d
|
||||||
|
|
||||||
|
%dir %{_usr}/share/mcstrans
|
||||||
|
|
||||||
|
%defattr(0644,root,root,0755)
|
||||||
|
%dir %{_usr}/share/mcstrans/util
|
||||||
|
%dir %{_usr}/share/mcstrans/examples
|
||||||
|
%{_usr}/share/mcstrans/examples/*
|
||||||
|
|
||||||
|
%defattr(0755,root,root,0755)
|
||||||
|
%{_usr}/share/mcstrans/util/*
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Sun Dec 16 2018 Petr Lautrbach <plautrba@redhat.com> - 2.8-2
|
||||||
|
- Fix RESOURCE_LEAK and USE_AFTER_FREE coverity scan defects
|
||||||
|
|
||||||
|
* Tue Oct 2 2018 Petr Lautrbach <plautrba@redhat.com> - 2.8-1
|
||||||
|
- Update to mcstrans-2.8
|
||||||
|
|
||||||
|
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-11
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-10
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Mar 19 2014 Karsten Hopp |karsten@redhat.com> - 0.3.4-4
|
||||||
|
- fix changelog order so that it builds with a recent rpm
|
||||||
|
|
||||||
|
* Wed Oct 16 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.4-3
|
||||||
|
- Make mcstrans PIE and fully relro
|
||||||
|
- Resolves: #983268
|
||||||
|
|
||||||
|
* Tue Oct 15 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.4-2
|
||||||
|
- Add RELRO support for long running services
|
||||||
|
|
||||||
|
* Thu Sep 12 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.4-1
|
||||||
|
- Update to latest version/applying patches
|
||||||
|
- Move binary to /usr/sbin rather then /sbin
|
||||||
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.3-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Mar 26 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.3-7
|
||||||
|
- Add secolor.conf.5 man page
|
||||||
|
- Make mcstransd watch for content being written to /run/setrans for files names containing translations.
|
||||||
|
-- This will allow apps like libvirt to write content nameing randomly selected MCS labels
|
||||||
|
- Fix memory leak in mcstransd
|
||||||
|
|
||||||
|
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.3-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.3-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 0.3.3-4
|
||||||
|
- Rebuild against PCRE 8.30
|
||||||
|
|
||||||
|
* Thu Feb 2 2012 Dan Walsh <dwalsh@redhat.com> - 0.3.3-3
|
||||||
|
- Fix the systemd service file
|
||||||
|
|
||||||
|
* Wed Feb 1 2012 Dan Walsh <dwalsh@redhat.com> - 0.3.3-2
|
||||||
|
- Update to upstream
|
||||||
|
- Write pid file
|
||||||
|
|
||||||
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.2-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.2-1
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jan 5 2011 Ted X Toth <txtoth@gmail.com> - 0.3.2-0
|
||||||
|
- Add constraints
|
||||||
|
- Add setrans.conf man page
|
||||||
|
- Fix mixed raw and translated range bug
|
||||||
|
- Moved todo comments to TODO file
|
||||||
|
|
||||||
|
* Fri Oct 16 2009 Dan Walsh <dwalsh@redhat.com> 0.3.1-4
|
||||||
|
- Add mcstransd man page
|
||||||
|
|
||||||
|
* Thu Sep 17 2009 Miroslav Grepl <mgrepl@redhat.com> 0.3.1-3
|
||||||
|
- Fix init script
|
||||||
|
|
||||||
|
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Feb 5 2009 Joe Nall <joe@nall.com> 0.3.1-1
|
||||||
|
- Rewrite translations to allow individual word/category mapping
|
||||||
|
- Eamon Walsh's color mapping changes
|
||||||
|
|
||||||
|
* Wed May 28 2008 Tom "spot" Callaway <tcallawa@redhat.com> 0.2.11-2
|
||||||
|
- fix license tag
|
||||||
|
|
||||||
|
* Wed May 7 2008 Dan Walsh <dwalsh@redhat.com> 0.2.11-1
|
||||||
|
- More fixes from Jim Meyering
|
||||||
|
|
||||||
|
* Tue May 6 2008 Dan Walsh <dwalsh@redhat.com> 0.2.10-1
|
||||||
|
- More error checking on failed strdup
|
||||||
|
|
||||||
|
* Tue May 6 2008 Dan Walsh <dwalsh@redhat.com> 0.2.9-1
|
||||||
|
- Start mcstrans before netlabel
|
||||||
|
|
||||||
|
* Mon Apr 14 2008 Dan Walsh <dwalsh@redhat.com> 0.2.8-1
|
||||||
|
- Fix error handling
|
||||||
|
|
||||||
|
* Tue Feb 12 2008 Dan Walsh <dwalsh@redhat.com> 0.2.7-2
|
||||||
|
- Rebuild for gcc 4.3
|
||||||
|
|
||||||
|
* Tue Oct 30 2007 Steve Conklin <sconklin@redhat.com> - 0.2.7-1
|
||||||
|
- Folded current patches into tarball
|
||||||
|
|
||||||
|
* Thu Oct 25 2007 Steve Conklin <sconklin@redhat.com> - 0.2.6-3
|
||||||
|
- Fixed a compile problem with max_categories
|
||||||
|
|
||||||
|
* Thu Oct 25 2007 Steve Conklin <sconklin@redhat.com> - 0.2.6-2
|
||||||
|
- Fixed some init script errors
|
||||||
|
|
||||||
|
* Thu Sep 13 2007 Dan Walsh <dwalsh@redhat.com> 0.2.6-1
|
||||||
|
- Check for max_categories and error out
|
||||||
|
|
||||||
|
* Thu Mar 1 2007 Dan Walsh <dwalsh@redhat.com> 0.2.5-1
|
||||||
|
- Fix case where s0=""
|
||||||
|
|
||||||
|
* Mon Feb 26 2007 Dan Walsh <dwalsh@redhat.com> 0.2.4-1
|
||||||
|
- Translate range if fully specified correctly
|
||||||
|
|
||||||
|
* Mon Feb 12 2007 Dan Walsh <dwalsh@redhat.com> 0.2.3-1
|
||||||
|
- Additional fix to handle ssh root/sysadm_r/s0:c1,c2
|
||||||
|
Resolves: #224637
|
||||||
|
|
||||||
|
* Mon Feb 5 2007 Dan Walsh <dwalsh@redhat.com> 0.2.1-1
|
||||||
|
- Rewrite to handle MLS properly
|
||||||
|
Resolves: #225355
|
||||||
|
|
||||||
|
* Mon Jan 29 2007 Dan Walsh <dwalsh@redhat.com> 0.1.10-2
|
||||||
|
- Cleanup memory when complete
|
||||||
|
|
||||||
|
* Mon Dec 4 2006 Dan Walsh <dwalsh@redhat.com> 0.1.10-1
|
||||||
|
- Fix Memory Leak
|
||||||
|
Resolves: #218173
|
||||||
|
|
||||||
|
* Thu Sep 21 2006 Dan Walsh <dwalsh@redhat.com> 0.1.9-1
|
||||||
|
- Add -pie
|
||||||
|
- Fix compiler warnings
|
||||||
|
- Fix Memory Leak
|
||||||
|
Resolves: #218173
|
||||||
|
|
||||||
|
* Wed Sep 13 2006 Peter Jones <pjones@redhat.com> - 0.1.8-3
|
||||||
|
- Fix subsys locking in init script
|
||||||
|
|
||||||
|
* Wed Aug 23 2006 Dan Walsh <dwalsh@redhat.com> 0.1.8-1
|
||||||
|
- Only allow one version to run
|
||||||
|
|
||||||
|
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - sh: line 0: fg: no job control
|
||||||
|
- rebuild
|
||||||
|
|
||||||
|
* Mon Jun 19 2006 Dan Walsh <dwalsh@redhat.com> 0.1.7-1
|
||||||
|
- Apply sgrubb patch to only call getpeercon on translations
|
||||||
|
|
||||||
|
* Tue Jun 6 2006 Dan Walsh <dwalsh@redhat.com> 0.1.6-1
|
||||||
|
- Exit gracefully when selinux is not enabled
|
||||||
|
|
||||||
|
* Mon May 15 2006 Dan Walsh <dwalsh@redhat.com> 0.1.5-1
|
||||||
|
- Fix sighup handling
|
||||||
|
|
||||||
|
* Mon May 15 2006 Dan Walsh <dwalsh@redhat.com> 0.1.4-1
|
||||||
|
- Add patch from sgrubb
|
||||||
|
- Fix 64 bit size problems
|
||||||
|
- Increase the open file limit
|
||||||
|
- Make sure maximum size is not exceeded
|
||||||
|
|
||||||
|
* Fri May 12 2006 Dan Walsh <dwalsh@redhat.com> 0.1.3-1
|
||||||
|
- Move initscripts to /etc/rc.d/init.d
|
||||||
|
|
||||||
|
* Thu May 11 2006 Dan Walsh <dwalsh@redhat.com> 0.1.2-1
|
||||||
|
- Drop Privs
|
||||||
|
|
||||||
|
* Mon May 8 2006 Dan Walsh <dwalsh@redhat.com> 0.1.1-1
|
||||||
|
- Initial Version
|
||||||
|
- This daemon reuses the code from libsetrans
|
Loading…
Reference in New Issue
Block a user