.fmf/version

@@ -0,0 +1 @@
+1

.gitignore

@@ -1 +1,4 @@
-SOURCES/netlabel_tools-0.30.0.tar.gz
+netlabel_tools-0.19.tar.gz
+/netlabel_tools-0.20.tar.gz
+/netlabel_tools-0.21.tar.gz
+/netlabel_tools-0.30.0.tar.gz

.netlabel_tools.metadata

@@ -1 +0,0 @@
-a33d33658f3c40448b9e7a52884ab28e90832b2f SOURCES/netlabel_tools-0.30.0.tar.gz

0001-netlabel_config-better-error-reporting-on-load.patch

@@ -0,0 +1,41 @@
+From dee9c1125bd6abf7cf8763a926307283100137c6 Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Sun, 17 Mar 2019 17:13:55 -0400
+Subject: [PATCH] netlabel_config: better error reporting on load
+
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ netlabelctl/netlabel-config | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/netlabelctl/netlabel-config b/netlabelctl/netlabel-config
+index 717d795..15c74f7 100755
+--- a/netlabelctl/netlabel-config
++++ b/netlabelctl/netlabel-config
+@@ -114,15 +114,21 @@ function nlbl_reset() {
+ # load the NetLabel configuration from the configuration file
+ function nlbl_load() {
+ 	local ret_rc=0
++	local line_num=0
+ 	local line
+ 	while read line; do
++		line_num=$(($line_num + 1))
+ 		# skip comments and blank lines
+ 		echo "$line" | egrep '^#|^$' >& /dev/null && continue
+ 
+ 		# perform the configuration
+-		netlabelctl $line >& /dev/null
++		output=$(netlabelctl $line 2>&1)
+ 		rc=$?
+-		[[ $rc -ne 0 ]] && ret_rc=1
++		if [[ $rc -ne 0 ]]; then
++			ret_rc=1
++			echo "error: line $line_num \"$line\""
++			echo "$output"
++		fi
+ 	done < "$CFG_FILE"
+ 
+ 	return $ret_rc
+-- 
+2.49.0
+

0002-doc-fix-a-typo-in-the-netlabel-config-man-page.patch

@@ -0,0 +1,27 @@
+From ecc0b5c87d71dfb0a47a2cdec18f35634ecc2cb6 Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Wed, 4 Mar 2020 16:20:02 -0500
+Subject: [PATCH] doc: fix a typo in the netlabel-config man page
+
+Reported-by: choman@gmail.com
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ doc/man/man8/netlabel-config.8 | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/man/man8/netlabel-config.8 b/doc/man/man8/netlabel-config.8
+index 02f922e..8b2a4c0 100644
+--- a/doc/man/man8/netlabel-config.8
++++ b/doc/man/man8/netlabel-config.8
+@@ -6,7 +6,7 @@ netlabel-config \- NetLabel configuration utility
+ .\" //////////////////////////////////////////////////////////////////////////
+ .SH SYNOPSIS
+ .\" //////////////////////////////////////////////////////////////////////////
+-.B netlabelctl
++.B netlabel-config
+ reset| load
+ .\" //////////////////////////////////////////////////////////////////////////
+ .SH DESCRIPTION
+-- 
+2.49.0
+

0003-tests-add-a-basic-CALIPSO-pass-through-test.patch

@@ -0,0 +1,72 @@
+From 3b77fb8f3ee77244edb256cf51029aa445d7aac4 Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Wed, 3 Mar 2021 17:45:02 -0500
+Subject: [PATCH] tests: add a basic CALIPSO pass through test
+
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ tests/09-calipso_pass.tests | 52 +++++++++++++++++++++++++++++++++++++
+ 1 file changed, 52 insertions(+)
+ create mode 100755 tests/09-calipso_pass.tests
+
+diff --git a/tests/09-calipso_pass.tests b/tests/09-calipso_pass.tests
+new file mode 100755
+index 0000000..0de1d15
+--- /dev/null
++++ b/tests/09-calipso_pass.tests
+@@ -0,0 +1,52 @@
++#!/bin/bash
++
++#
++# NetLabel Tools test script
++#
++
++#
++# This program is free software: you can redistribute it and/or modify
++# it under the terms of version 2 of the GNU General Public License as
++# published by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program.  If not, see <http://www.gnu.org/licenses/>.
++#
++
++function doi_remove() {
++	local rc=1
++	while [[ $rc -ne 0 && $rc -lt 3 ]]; do
++		$GLBL_NETLABELCTL calipso del doi:$1
++		[[ $? -ne 0 ]] && rc=$(($rc+1)) || rc=0
++		sleep 1
++	done
++	[[ $rc -ne 0 ]] && exit 1
++}
++
++# add the DOIs
++$GLBL_NETLABELCTL calipso add pass doi:100
++[[ $? -ne 0 ]] && exit 1
++$GLBL_NETLABELCTL calipso add pass doi:101
++[[ $? -ne 0 ]] && exit 1
++$GLBL_NETLABELCTL calipso add pass doi:102
++[[ $? -ne 0 ]] && exit 1
++
++# verify the DOIs
++[[ "$($GLBL_NETLABELCTL calipso list doi:100)" != "type:PASS_THROUGH" ]] \
++	&& exit 1
++[[ "$($GLBL_NETLABELCTL calipso list doi:101)" != "type:PASS_THROUGH" ]] \
++	&& exit 1
++[[ "$($GLBL_NETLABELCTL calipso list doi:102)" != "type:PASS_THROUGH" ]] \
++	&& exit 1
++
++# remove the DOIs
++doi_remove 100
++doi_remove 101
++doi_remove 102
++
++exit 0
+-- 
+2.49.0
+

0004-netlabel-Update-man-page-to-clarify-SELinux-labeling.patch

@@ -0,0 +1,64 @@
+From 633035271a106830f412f2888b491b157ae6036e Mon Sep 17 00:00:00 2001
+From: Richard Haines <richard_c_haines@btinternet.com>
+Date: Tue, 16 Nov 2021 16:38:38 +0000
+Subject: [PATCH] netlabel: Update man page to clarify SELinux labeling
+
+Clarify how SELinux setsockcreatecon(3) and policy socket* class
+type_transition rules can impact domain:<domain> entries.
+
+Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ doc/man/man8/netlabelctl.8 | 29 ++++++++++++++++++++++++++++-
+ 1 file changed, 28 insertions(+), 1 deletion(-)
+
+diff --git a/doc/man/man8/netlabelctl.8 b/doc/man/man8/netlabelctl.8
+index bb00096..2a7852b 100644
+--- a/doc/man/man8/netlabelctl.8
++++ b/doc/man/man8/netlabelctl.8
+@@ -57,7 +57,9 @@ Display the kernel's list of supported labeling protocols.
+ The domain mapping module is used to map different NetLabel labeling protocols
+ to either individual LSM domains or the default domain mapping.  It is up to
+ each LSM to determine what defines a domain.  With SELinux, the normal SELinux
+-domain should be used, i.e. "ping_t".  In addition to protocol selection based
++domain should be used, i.e. "ping_t" (however see the
++.B NOTES
++section below regarding SElinux).  In addition to protocol selection based
+ only on the LSM domain, it is also possible to select the labeling protocol
+ based on both the LSM domain and destination address.  The network address
+ selectors can specify either single hosts or entire networks and work for both
+@@ -259,6 +261,31 @@ The static, or fallback, labels are only supported on Linux Kernels version
+ Linux Kernels 2.6.28 and later and CALIPSO/RFC5570 is only supported on Linux
+ Kernels 4.8.0 and later.
+ .P
++When using the SELinux LSM, it is generally assumed that the
++.I type
++component of the process security label should be used as the
++.I domain:<domain>
++entry. However, NetLabel services actually use the socket security label to
++determine labeling.  Normally this would be the same
++.I type
++component as the process (as by default the socket inherits the process
++label).  There are cases where this matters, as it is possible with SELinux
++to set a different label on the socket using the libselinux function
++.BR setsockcreatecon (3),
++or a policy socket* class
++.I type_transition
++rule.  Should these be used to change a socket label, then the new socket
++.I type
++must be used in the
++.I domain:<domain>
++entry instead.
++If fallback labeling is configured and a new socket label is set on the
++client, the server will show that label when
++.BR getsockopt (2)
++with
++.I optname=SO_PEERSEC
++is called.
++.P
+ The NetLabel project site, with more information including the source code
+ repository, can be found at https://github.com/netlabel.  Please report any
+ bugs at the project site or directly to the author.
+-- 
+2.49.0
+

0005-netlabel-config-Fix-IPv4-IPv6-addresses-parsing-in-n.patch

@@ -0,0 +1,30 @@
+From baa737bea55071a67879baee07f0be49fb2368e1 Mon Sep 17 00:00:00 2001
+From: Hubert Quarantel-Colombani <hubert.quarantel@ing.com>
+Date: Sun, 12 Dec 2021 08:31:56 +0100
+Subject: [PATCH] netlabel-config: Fix IPv4/IPv6 addresses parsing in
+ nlbl_reset_unlbl()
+
+Make cut retrieve the complete IPv6 address.
+
+Signed-off-by: Hubert Quarantel-Colombani <hubert@quarantel.name>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ netlabelctl/netlabel-config | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/netlabelctl/netlabel-config b/netlabelctl/netlabel-config
+index 15c74f7..dcb77d4 100755
+--- a/netlabelctl/netlabel-config
++++ b/netlabelctl/netlabel-config
+@@ -37,7 +37,7 @@ function nlbl_reset_unlbl() {
+ 		[[ "$(echo $i | cut -d':' -f 1)" == "accept" ]] && continue
+ 
+ 		local iface=$(echo $i | cut -d',' -f 1 | cut -d':' -f 2)
+-		local addr=$(echo $i | cut -d',' -f 2 | cut -d':' -f 2)
++		local addr=$(echo $i | cut -d',' -f 2 | cut -d':' -f 2-)
+ 		if [[ "$iface" == "DEFAULT" ]]; then
+ 			netlabelctl unlbl del default address:$addr
+ 		else
+-- 
+2.49.0
+

0006-libnetlabel-fix-a-header-file-guard-typo.patch

@@ -0,0 +1,26 @@
+From 6bc161a78f82120744c5d0450745474690d71bcc Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Tue, 4 Feb 2025 10:19:34 -0500
+Subject: [PATCH] libnetlabel: fix a header file guard typo
+
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ libnetlabel/netlabel_internal.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libnetlabel/netlabel_internal.h b/libnetlabel/netlabel_internal.h
+index a472274..6f66cd6 100644
+--- a/libnetlabel/netlabel_internal.h
++++ b/libnetlabel/netlabel_internal.h
+@@ -22,7 +22,7 @@
+  *
+  */
+ 
+-#ifndef _NETLINK_COMM_H
++#ifndef _NETLINK_COMM_H_
+ #define _NETLINK_COMM_H_
+ 
+ #include <netlink/netlink.h>
+-- 
+2.49.0
+

0007-Improve-help-usage-message.patch

@@ -0,0 +1,31 @@
+From 944411478ab51d5d8ac7f4e52658ade4eb6a3aa1 Mon Sep 17 00:00:00 2001
+From: Vit Mojzis <vmojzis@redhat.com>
+Date: Fri, 1 Aug 2025 12:50:24 +0200
+Subject: [PATCH] Improve "help/usage" message
+
+- Document the -V option
+- Add more info to the -t option
+
+Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
+---
+ netlabelctl/main.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/netlabelctl/main.c b/netlabelctl/main.c
+index 0aa1d56..fa4a983 100644
+--- a/netlabelctl/main.c
++++ b/netlabelctl/main.c
+@@ -89,8 +89,9 @@ static void nlctl_help_print(FILE *fp)
+ 		" Flags:\n"
+ 		"   -h        : help/usage message\n"
+ 		"   -p        : make the output pretty\n"
+-		"   -t <secs> : timeout\n"
++		"   -t <secs> : set a timeout for NetLabel subsystem response\n"
+ 		"   -v        : verbose mode\n"
++		"   -V        : display version information\n"
+ 		"\n"
+ 		" Modules and Commands:\n"
+ 		"  mgmt : NetLabel management\n"
+-- 
+2.49.0
+

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-10
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

netlabel

@@ -0,0 +1,119 @@
+#!/bin/sh
+#
+# netlabel	Start CIPSO labeled networking
+#
+# chkconfig: - 09 91
+# description:	Starts and stops CIPSO labeled networking
+#
+# config: /etc/netlabel.rules
+#
+# Return values according to LSB for all commands but status:
+# 0 - success
+# 1 - generic or unspecified error
+# 2 - invalid or excess argument(s)
+# 3 - unimplemented feature (e.g. "reload")
+# 4 - insufficient privilege
+# 5 - program is not installed
+# 6 - program is not configured
+# 7 - program is not running
+
+PATH=/sbin:/bin:/usr/bin:/usr/sbin
+VAR_SUBSYS_NETLABEL=/var/lock/subsys/netlabel
+RULES=/etc/netlabel.rules
+
+# Source function library.
+. /etc/init.d/functions
+
+# Check that we are root ... so non-root users stop here
+test `id -u` = 0  || exit 4
+test -x /sbin/netlabelctl || exit 5
+test -f $RULES || exit 6
+
+start() {
+    ret_val="0"
+
+    # Loop through rules
+    while read LINE
+    do
+	# Skip comments and blank lines
+	if echo $LINE | egrep '^#|^$' >/dev/null ; then
+		continue
+	fi
+	/sbin/netlabelctl $LINE >/dev/null 2>&1
+	ret="$?"
+	if [ "$ret" != "0" ] ; then
+		ret_val="$ret"
+	fi
+    done < $RULES
+    touch $VAR_SUBSYS_NETLABEL
+    return $ret_val
+}
+
+stop() {
+    rm -f $VAR_SUBSYS_NETLABEL
+
+    # Delete rules
+    list=`/sbin/netlabelctl cipsov4 list 2>/dev/null`
+    ret="$?"
+    if [ x"$list" != "x" ] ; then
+	for line in "$list"
+	do
+		/sbin/netlabelctl cipsov4 del "doi:$line" 2>/dev/null
+    		ret="$?"
+	done
+    fi
+    return $ret
+}
+
+status() {
+    # Do not print status if lockfile is missing 
+    if [ ! -f "$VAR_SUBSYS_NETLABEL" ]; then
+	echo $"Netlabel is stopped."
+	return 3
+    fi
+
+    # List rules
+    /sbin/netlabelctl -p cipsov4 list 2>/dev/null
+    ret1="$?"
+    /sbin/netlabelctl -p mgmt protocols 2>/dev/null
+    ret2="$?"
+
+    if [ "$ret1" != "0" -o "$ret2" != "0" ] ; then
+	return 2
+    fi
+    return 0
+}
+
+restart() {
+    stop
+    start
+}
+
+case "$1" in
+    start)
+	stop
+	start
+	RETVAL="$?"
+	;;
+    stop)
+	stop
+	RETVAL="$?"
+	;;
+    restart)
+	restart
+	RETVAL="$?"
+	;;
+    condrestart)
+	[ -e "$VAR_SUBSYS_NETLABEL" ] && restart
+	;;
+    status)
+	status
+	RETVAL="$?"
+	;;
+    *)
+	echo $"Usage: $0 {start|stop|restart|condrestart|status}"
+	exit 3
+	;;
+esac
+
+exit $RETVAL

netlabel.rules

@@ -0,0 +1,59 @@
+# This file contains the rules for the Netlabel subsystem, for more information
+# please see the netlabelctl(1) man page.
+#
+# Each line contains just the arguments to the netlabel command
+
+####
+# NOTE: By default the kernel sends unlabeled traffic and allows unlabled
+#       traffic into the system, to disable that add the following two lines to
+#       the beginning of your configuration.  However, be warned that you
+#       should only change these settings if you know what you are doing as you
+#       could accidently disable networking with a bad configuration.
+#
+
+# Remove the default domain mapping
+#map del default
+
+# Do not accept incoming unlabeled packets
+#unlbl accept off
+
+####
+# Unlabeled examples:
+#
+
+# Enable unlabeled packets
+#unlbl accept on
+
+# Disable unlabeled packets
+#unlbl accept off
+
+
+####
+# CIPSOv4 examples:
+#
+
+# Create a CIPSOv4 DOI definition using a pass-through mapping with a DOI
+# value of 6 and the restricted bitmap tag (CIPSOv4 tag type #1)
+#cipsov4 add pass doi:6 tags:1
+
+# Create a CIPSOv4 DOI definition using a standard mapping with a DOI value
+# of 8 and the restricted bitmap tag (CIPSOv4 tag type #1).  The example
+# below maps MLS sensitivity levels and categories 0 through 2 to the same
+# values for both CIPSO and the Linux LSM
+#cipsov4 add std doi:8 tags:1 levels:0=0,1=1,2=2 categories:0=0,1=1,2=2
+
+
+####
+# LSM mapping examples:
+#
+
+# Create a default mapping for all LSM domains using the unlabeled protocol
+#map add default protocol:unlbl
+
+# Create a default mapping for all LSM domains using the CIPSOv4 protocol
+# with DOI number 6
+#map add default protocol:cipsov4,6
+
+# Create a mapping for the "secret_t" LSM domain and the CIPSOv4 protocol
+# with DOI number 8
+#map add domain:secret_t protocol:cipsov4,8

netlabel_tools.spec

@@ -1,16 +1,25 @@
 Summary: Tools to manage the Linux NetLabel subsystem
 Name: netlabel_tools
 Version: 0.30.0
-Release: 3%{?dist}
-License: GPLv2
-Group: System Environment/Daemons
-Source: https://github.com/netlabel/netlabel_tools/releases/download/v%{version}/%{name}-%{version}.tar.gz
+Release: 21%{?dist}
+License: GPL-2.0-only
 URL: https://github.com/netlabel/netlabel_tools
+Source: https://github.com/netlabel/netlabel_tools/releases/download/v%{version}/%{name}-%{version}.tar.gz
+# git format-patch -N v0.30.0 --
+Patch0001: 0001-netlabel_config-better-error-reporting-on-load.patch
+Patch0002: 0002-doc-fix-a-typo-in-the-netlabel-config-man-page.patch
+Patch0003: 0003-tests-add-a-basic-CALIPSO-pass-through-test.patch
+Patch0004: 0004-netlabel-Update-man-page-to-clarify-SELinux-labeling.patch
+Patch0005: 0005-netlabel-config-Fix-IPv4-IPv6-addresses-parsing-in-n.patch
+Patch0006: 0006-libnetlabel-fix-a-header-file-guard-typo.patch
+Patch0007: 0007-Improve-help-usage-message.patch
 
-Requires: kernel libnl3
+Requires: libnl3
 Requires(post): systemd
 Requires(preun): systemd
 Requires(postun): systemd
+BuildRequires: make
+BuildRequires:  gcc
 BuildRequires: kernel-headers
 BuildRequires: libnl3-devel
 BuildRequires: doxygen
@@ -24,7 +33,7 @@ package provides the necessary user space tools to query and configure the
 kernel subsystem.
 
 %prep
-%setup -q
+%autosetup -p 1
 
 %build
 %configure
@@ -64,6 +73,67 @@ make V=1 DESTDIR="%{buildroot}" install
 %attr(0644,root,root) %config(noreplace) /etc/netlabel.rules
 
 %changelog
+* Fri Aug 01 2025 Vit Mojzis <vmojzis@redhat.com> - 0.30.0-21
+- Improve "help/usage" message (RHEL-38477)
+- libnetlabel: fix a header file guard typo
+- netlabel-config: Fix IPv4/IPv6 addresses parsing in nlbl_reset_unlbl()
+- netlabel: Update man page to clarify SELinux labeling
+- tests: add a basic CALIPSO pass through test
+- doc: fix a typo in the netlabel-config man page
+
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 0.30.0-20
+- Bump release for October 2024 mass rebuild:
+  Resolves: RHEL-64018
+
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 0.30.0-19
+- Bump release for June 2024 mass rebuild
+
+* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-18
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Fri Aug 02 2019 Paul Moore <paul@paul-moore.com> - 0.30.0-8
+- Applied upstream patch to improve netlabel-config error reporting (rhbz #1683434)
+- Removed the kernel dependency (rhbz #1733605)
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
 * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.30.0-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
 

plans/tests.fmf

@@ -0,0 +1,9 @@
+summary: plan with selected netlabel_tools tests
+discover:
+    how: fmf
+    url: https://src.fedoraproject.org/tests/selinux
+    test:
+      - /kernel/netlabel_many_ifaces
+execute:
+    how: tmt
+

sources

@@ -0,0 +1 @@
+fc6b07bf01bc3f68f5f05071072e521e  netlabel_tools-0.30.0.tar.gz