rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity
912 Commits 7 Branches 49 Tags 66 MiB
13f0c57022
Commit Graph

579 Commits

Author SHA1 Message Date
Dan Walsh
2392ca1483 A couple of minor coverity fixes for a potential leaked file descriptor 
An an unchecked return code.
Add ~/.local/share/* to restorecond_user watches
 2011-10-28 16:47:40 -04:00
Dan Walsh
6c13d007c9 restorecond -u needs to watch terminal for exit if run outside of dbus. 2011-10-06 16:07:50 -04:00
Dan Walsh
ebadcd67f7 Do not drop capabilities if running newrole as root 2011-10-04 08:36:06 -04:00
Dan Walsh
3507aa6632 Update to upstream 
* semanage: fix indentation error in seobject
 2011-09-30 09:28:53 -04:00
Dan Walsh
e5b91b64fc Remove gnome requirement from polgengui 2011-09-29 10:09:48 -04:00
Dan Walsh
b91e98e2c2 Update to upstream 
policycoreutils-2.1.6
	* sepolgen-ifgen: new attr-helper does something
	* audit2allow: use alternate policy file
	* audit2allow: sepolgen-ifgen use the attr helper
	* setfiles: switch from stat to stat64
	* setfiles: Fix potential crash using dereferenced ftsent
	* setfiles: do not wrap * output at 80 characters
	* sandbox: add -Wall and -Werror to makefile
	* sandbox: add sandbox cgroup support
	* sandbox: rewrite /tmp handling
	* sandbox: do not bind mount so much
	* sandbox: add level based kill option
	* sandbox: cntrl-c should kill entire process control group
	* Create a new preserve_tunables flag in sepol_handle_t.
	* semanage: show running and disk setting for booleans
	* semanage: Dont print heading if no items selected
	* sepolgen: audit2allow is mistakakenly not allowing valid module names
	* semanage: Catch RuntimeErrors, that can be generated when SELinux is disabled
	* More files to ignore
	* tree: default make target to all not install
	* sandbox: do not load unused generic init functions
sepolgen-1.1.2
	* src: sepolgen: add attribute storing infrastructure
	* Change perm-map and add open to try to get better results on
	* look for booleans that might solve problems
	* sepolgen: audit2allow is mistakakenly not allowing valid module names
	* tree: default make target to all not install
 2011-09-19 07:40:39 -04:00
Dan Walsh
64a1a56e71 Change separator on -L from ; to : 2011-09-14 22:08:19 -04:00
Dan Walsh
2d6eafee19 Add back lockdown wizard for booleans using pywebkitgtk 2011-09-08 09:47:43 -04:00
Dan Walsh
78175de296 Maintain the LANG environment Variable into the sandbox 
Change restorecon/setfiles to only change type part of the context unless
f qualifier is given
 2011-09-07 14:23:19 -04:00
Dan Walsh
04b2851781 Allow setfiles and restorecon to use labeledprefix to speed up processing 
and limit memory.
 2011-09-02 09:24:40 -04:00
Dan Walsh
42466e2b7e Update to upstream 
* policycoreutils
	* setfiles: Fix process_glob to handle error situations
	* sandbox: Allow seunshare to run as root
	* sandbox: trap sigterm to make sure sandbox
	* sandbox: pass DPI from the desktop
	* sandbox: seunshare: introduce helper spawn_command
	* sandbox: seunshare: introduce new filesystem helpers
	* sandbox: add -C option to not drop
	* sandbox: split seunshare caps dropping
	* sandbox: use dbus-launch
	* sandbox: numerous simple updates to sandbox
	* sandbox: do not require selinux context
	* sandbox: Makefile: new man pages
	* sandbox: rename dir to srcdir
	* sandbox: allow users specify sandbox window size
	* sandbox: check for paths up front
	* sandbox: use defined values for paths rather
	* sandbox: move seunshare globals to the top
	* sandbox: whitespace fix
	* semodule_package: Add semodule_unpackage executable
	* setfiles: get rid of some stupid globals
	* setfiles: move exclude_non_seclabel_mounts to a generic location
* sepolgen
	* refparser: include open among valid permissions
	* refparser: add support for filename_trans rules
 2011-08-30 16:32:33 -04:00
Dan Walsh
8b0727dc56 Fix bug in glob handling for restorecon 2011-08-23 17:13:19 -04:00
Dan Walsh
831d6fd46c Update to upstream 
2.1.4 2011-08-17
	* run_init: clarification of the usage in the
	* semanage: fix usage header around booleans
	* semanage: remove useless empty lines
	* semanage: update man page with new examples
	* semanage: update usage text
	* semanage: introduce file context equivalencies
	* semanage: enable and disable modules
	* semanage: output all local modifications
	* semanage: introduce extraction of local configuration
	* semanage: cleanup error on invalid operation
	* semanage: handle being called with no arguments
	* semanage: return sooner to save CPU time
	* semanage: surround getopt with try/except
	* semanage: use define/raise instead of lots of
	* semanage: some options are only valid for
	* semanage: introduce better deleteall support
	* semanage: do not allow spaces in file
	* semanage: distinguish between builtin and local permissive
	* semanage: centralized ip node handling
	* setfiles: make the restore function exclude() non-static
	* setfiles: use glob to handle ~ and
	* fixfiles: do not hard code types
	* fixfiles: stop trying to be smart about
	* fixfiles: use new kernel seclabel option
	* fixfiles: pipe everything to cat before sending
	* fixfiles: introduce /etc/selinux/fixfiles_exclude_dirs
	* semodule: support for alternative root paths
 2011-08-18 07:23:59 -04:00
Dan Walsh
a648c6f239 Change seunshare to send kill signals to the childs session. 
Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
 2011-07-07 14:53:37 -04:00
Dan Walsh
af0f4926da Change seunshare to send kill signals to the childs session. 
Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
 2011-07-07 14:37:24 -04:00
Dan Walsh
8dbd4d49f6 dd new restorecond service 2011-07-05 17:18:12 -04:00
Dan Walsh
759501823b Add -C option to sandbox and seunshare to maintain capabilities, otherwise 
the bounding set will be dropped.
Change --cgroups short name -c rather then -C for consistancy
Fix memory and fd leaks in seunshare
 2011-07-05 16:51:18 -04:00
Dan Walsh
173e9f90db Do not drop capability bounding set in seunshare, this allows sandbox to 
run setuid apps.
 2011-06-13 13:37:04 -04:00
Dan Walsh
299d98087e Remove mount -o bind calls from sandbox init script 
pam_namespace now has this built in.
 2011-06-07 13:58:41 -04:00
Dan Walsh
dc86b007cf Pass desktop dpi to sandbox Xephyr window 2011-06-07 08:37:18 -04:00
Dan Walsh
c2ef4a0bea Allow semodule to pick alternate root for selinux files 
Add ~/.config/* to restorcond_user.conf, so restorecond will watch for mislabeled files in this directory.
 2011-06-06 13:01:14 -04:00
Dan Walsh
4a56398540 Apply patches from Christoph A. 
* fix sandbox title
* stop xephyr from li
Also ignore errors on sandbox include of directory missing files
 2011-04-22 07:06:23 -04:00
Dan Walsh
588030fc2c Change fixfiles restore to delete unlabeled sockets in /tmp 2011-04-18 13:18:18 -04:00
Dan Walsh
61f1bc2068 Change fixfiles restore to delete unlabeled sockets in /tmp 2011-04-18 12:47:15 -04:00
Dan Walsh
9f65a26864 Update to upstream 
* Use correct color range in mcstrand by Richard Haines.
 2011-04-13 16:52:53 -04:00
Dan Walsh
1da0399e25 rsynccmd should run outside of execcon 2011-03-30 14:42:36 -04:00
Dan Walsh
be38aa471e Rewrite seunshare to make sure /tmp is mounted stickybit owned by root 2011-03-03 13:35:37 -05:00
Dan Walsh
433953b033 - Cleaup selinux-polgengui to be a little more modern, fix comments and use selected name 
- Cleanup chcat man page
 2011-02-03 16:15:43 -05:00
Dan Walsh
331e9ad06d - Report full errors on OSError on Sandbox 2011-02-02 13:34:22 -05:00
Dan Walsh
e764b2d2b6 - Fix newrole hanlding of pcap 2011-01-21 15:11:31 -05:00
Dan Walsh
971f278f98 - Have restorecond watch more directories in homedir 2011-01-19 16:45:53 -05:00
Dan Walsh
12eb5b45f4 - Fix proper handling of getopt errors 
- Do not allow modules names to contain spaces
 2011-01-10 14:39:21 -05:00
Dan Walsh
c76dc0c642 - Polgengui raises the wrong type of exception. #471078 
- Change semanage to not allow it to semanage module -D
- Change setsebool to suggest run as root on failure
 2011-01-06 14:38:19 -05:00
Dan Walsh
448a84b06a - Polgengui raises the wrong type of exception. #471078 
- Change semanage to not allow it to semanage module -D
 2011-01-04 17:23:27 -05:00
Dan Walsh
18119ffd24 - Fix restorecond watching utmp file for people logging in our out 2010-12-22 14:38:46 -05:00
Dan Walsh
a548207cc4 - Change to allow sandbox to run on nfs homedirs, add start python script 2010-12-21 16:20:01 -05:00
Dan Walsh
8937a040d8 - Change to allow sandbox to run on nfs homedirs, add start python script 2010-12-15 16:47:38 -05:00
Dan Walsh
6c80e8dc19 - Fix sandbox to show correct types in usage statement 2010-11-30 12:09:48 -05:00
Dan Walsh
8c1d9b0f48 - Stop fixfiles from complaining about missing dirs 2010-11-29 10:14:39 -05:00
Dan Walsh
63fda8aa74 - Update to upstream 
- List types available for sandbox in usage statement
 2010-11-24 13:44:58 -05:00
Dan Walsh
f0e85a70d6 - Update to upstream 
- List types available for sandbox in usage statement
 2010-11-24 13:41:52 -05:00
Dan Walsh
b9b7f4161c - Fix up problems pointed out by solar designer on dropping capabilities 2010-11-08 15:12:25 -05:00
Dan Walsh
d7e1c238f4 - Check if you have full privs and reset otherwise dont drop caps 2010-11-01 16:21:00 -04:00
Dan Walsh
cdcc4526b7 - Fix setools require line 2010-11-01 09:50:12 -04:00
Dan Walsh
622bb69d77 - Move /etc/pam.d/newrole in to polcicycoreutils-newrole 
- Additiona capability  checking in sepolgen
 2010-10-29 09:39:03 -04:00
Dan Walsh
9852e61813 - Remove setuid flag and replace with file capabilities 
- Fix sandbox handling of files with spaces in them
 2010-10-25 17:25:34 -04:00
Dan Walsh
cccd96b8cf - Move restorecond into its own subpackage 2010-09-23 16:23:05 -04:00
Dan Walsh
e500ad80f0 * Wed Jul 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-9 
- Update selinux-polgengui to sepolgen policy generation
 2010-07-30 11:19:53 -04:00
Daniel J Walsh
1eab65cee2 * Tue Jul 20 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-6 
- Fix sandbox man page
 2010-07-26 15:33:31 +00:00
Daniel J Walsh
d6510fbca2 * Tue Jul 20 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-4 
- Add translations for menus
- Fixup man page from Russell Coker
 2010-07-20 13:18:18 +00:00
Daniel J Walsh
614ca03ae7 * Tue Jun 15 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-3 
- Change python scripts to use -s flag
- Update po
 2010-07-13 17:32:51 +00:00
Daniel J Walsh
73342918cd * Tue Jun 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-30 
- Add cgroup support for sandbox
 2010-06-08 19:13:40 +00:00
Daniel J Walsh
70b2ff10d0 * Thu Jun 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-28 
- Fix sandbox init script
- Add dbus-launch to sandbox -X
Resolve: #599599
 2010-06-03 21:14:18 +00:00
Daniel J Walsh
85a18e3dcc * Thu Jun 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-27 
- Move genhomedircon.8 to same package as genhomedircon
- Fix sandbox to pass unit test
Resolves: #595796
 2010-06-03 15:04:49 +00:00
Daniel J Walsh
829762e693 * Thu May 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-24 
- Man page fixes
- sandbox fixes
Resolves: #595796
- Move seunshare to base package
 2010-05-27 21:23:08 +00:00
Daniel J Walsh
be45950990 * Thu Feb 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.79-1 
- Update to upstream
	* Fix double-free in newrole
- Fix python language handling
 2010-02-16 21:35:16 +00:00
Daniel J Walsh
fc6c93ebeb * Thu Feb 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.79-1 
- Update to upstream
	* Fix double-free in newrole
 2010-02-16 19:49:37 +00:00
Daniel J Walsh
8fd9d71264 * Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21 
- Fix display of command in sandbox
 2010-02-11 22:13:39 +00:00
Daniel J Walsh
fce031b620 * Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21 
- Fix display of command in sandbox
 2010-02-11 21:56:38 +00:00
Daniel J Walsh
ee3649bda5 * Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21 
- Fix display of command in sandbox
 2010-02-11 18:24:55 +00:00
Daniel J Walsh
e7737e34ea * Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-19 
- Fix seobject and fixfiles
 2010-02-03 20:24:35 +00:00
Daniel J Walsh
c8f4893a95 * Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-18 
- Fix seobject and fixfiles
 2010-02-03 16:42:37 +00:00
Daniel J Walsh
35da894f0e * Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-18 
- Fix seobject and fixfiles
 2010-02-03 16:42:35 +00:00
Daniel J Walsh
db71b70994 * Fri Jan 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-17 
- Change seobject to use translations properly
 2010-02-01 14:40:42 +00:00
Daniel J Walsh
dd674534b4 * Wed Jan 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-14 
- Add session capability to sandbox
- sandbox -SX -H ~/.homedir -t unconfined_t -l s0:c15 /etc/gdm/Xsession
 2010-01-27 21:52:27 +00:00
Daniel J Walsh
a02089d628 * Thu Jan 14 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-11 
- Run with the same xdmodmap in sandbox as outside
- Patch from Josh Cogliati
 2010-01-19 17:25:36 +00:00
Daniel J Walsh
54e6651778 * Thu Jan 14 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-11 
- Run with the same xdmodmap in sandbox as outside
- Patch from Josh Cogliati
 2010-01-14 21:34:51 +00:00
Daniel J Walsh
6c22c6b1f6 * Fri Jan 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-9 
- Add -e to semanage man page
- Add -D qualifier to audit2allow to generate dontaudit rules
 2010-01-08 14:37:32 +00:00
Daniel J Walsh
29b74ccd7d * Fri Dec 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-7 
- Fixes to sandbox man page
 2009-12-21 21:56:27 +00:00
Daniel J Walsh
a1bf0daa6c * Wed Dec 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-5 
- If restorecond running as a user has no files to watch then it should exit.  (NFS Homedirs)
 2009-12-16 13:21:49 +00:00
Daniel J Walsh
79944fd474 * Tue Dec 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-3 
- Fix audit2allow to report constraints, dontaudits, types, booleans
 2009-12-09 21:33:50 +00:00
Daniel J Walsh
3fbc112632 * Tue Dec 1 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-1 
- Update to upstream
	* Remove non-working OUTFILE from fixfiles from Dan Walsh.
	* Additional exception handling in chcat from Dan Walsh.
 2009-12-01 21:17:45 +00:00
Daniel J Walsh
f3a1cbae2a * Tue Nov 24 2009 Dan Walsh <dwalsh@redhat.com> 2.0.77-1 
- Update to upstream
	* Fixed bug preventing semanage node -a from working
	  from Chad Sellers
	* Fixed bug preventing semanage fcontext -l from working
	  from Chad Sellers
- Change semanage to use unicode
 2009-11-24 15:30:53 +00:00
Daniel J Walsh
e973847bf6 * Wed Nov 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.76-1 
- Update to upstream
	* Remove setrans management from semanage, as it does not work
	  from Dan Walsh.
	* Move load_policy from /usr/sbin to /sbin from Dan Walsh.
 2009-11-18 22:20:42 +00:00
Daniel J Walsh
4e4a82e887 * Mon Nov 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-3 
- Raise exception if user tries to add file context with an embedded space
 2009-11-16 21:54:45 +00:00
Daniel J Walsh
a1e42cb153 * Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-2 
- Fix sandbox to setsid so it can run under mozilla without crashing the session
 2009-11-11 21:56:23 +00:00
Daniel J Walsh
942b683f29 * Tue Nov 2 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-1 
- Update to upstream
	* Factor out restoring logic from setfiles.c into restore.c
 2009-11-09 21:12:58 +00:00
Daniel J Walsh
44bb682976 * Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-15 
- Fix typo in seobject.py
 2009-11-02 16:40:00 +00:00
Daniel J Walsh
8cf3bcfdee * Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-14 
- Allow semanage -i and semanage -o to generate customization files.
- semanage -o will generate a customization file that semanage -i can read and set a machines to the same selinux configuration
 2009-10-30 21:01:42 +00:00
Daniel J Walsh
fd3c8c94ea * Wed Oct 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-9 
- Move fixfiles man pages into the correct package
- Add genhomedircon to fixfiles restore
 2009-10-14 14:47:50 +00:00
Daniel J Walsh
ac48b0b34b * Thu Oct 6 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-8 
- Add check to sandbox to verify save changes - Chris Pardy
- Fix memory leak in restorecond - Steve Grubb
 2009-10-06 16:09:52 +00:00
Daniel J Walsh
678a86d335 * Thu Oct 1 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-7 
- Fixes Templates
 2009-10-01 16:04:13 +00:00
Daniel J Walsh
f466aa0b3b * Wed Sep 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-5 
- Fixes for semanage -equiv, readded modules, --enable, --disable
 2009-09-30 15:37:12 +00:00
Daniel J Walsh
6c27d724c5 * Sun Sep 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-4 
- Close sandbox when eclipse exits
 2009-09-21 13:54:02 +00:00
Daniel J Walsh
425e7d2796 * Fri Sep 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-3 
- Security fixes for seunshare
- Fix Sandbox to handle non file input to command.
 2009-09-19 01:40:53 +00:00
Daniel J Walsh
b98d816316 * Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-2 
- Security fixes for seunshare
 2009-09-17 19:19:53 +00:00
Daniel J Walsh
26d020dedb * Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1 
- Update to upstream
	* Change semodule upgrade behavior to install even if the module
	  is not present from Dan Walsh.
	* Make setfiles label if selinux is disabled and a seclabel aware
	  kernel is running from Caleb Case.
	* Clarify forkpty() error message in run_init from Manoj Srivastava.
 2009-09-17 13:07:45 +00:00
Daniel J Walsh
1696e8f7d1 * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5 
- Fix sandbox to handle relative paths
 2009-09-16 19:48:49 +00:00
Daniel J Walsh
f109f0076e * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-3 
- Fix restorecond script to use force-reload
 2009-09-14 19:39:09 +00:00
Daniel J Walsh
b87b8212fa * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-2 
- Fix init script to show status in usage message
 2009-09-09 21:07:24 +00:00
Daniel J Walsh
fc20c42a12 * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-2 
- Fix init script to show status in usage message
 2009-09-09 17:04:51 +00:00
Daniel J Walsh
7ae4fd64fa * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-1 
- Update to upstream
        * Add semanage dontaudit to turn off dontaudits from Dan Walsh.
        * Fix semanage to set correct mode for setrans file from Dan Walsh.
        * Fix malformed dictionary in portRecord from Dan Walsh.
	* Restore symlink handling support to restorecon based on a patch by
	Martin Orr.  This fixes the restorecon /dev/stdin performed by Debian
	udev scripts that was broken by policycoreutils 2.0.70.
 2009-09-08 14:15:50 +00:00
Daniel J Walsh
7b3ab100a9 * Fri Aug 28 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-14 
- Add enable/disable patch
 2009-08-28 18:18:46 +00:00
Daniel J Walsh
a39af4db38 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-12 
- Tighten up controls on seunshare.c
 2009-08-26 21:52:30 +00:00
Daniel J Walsh
349a457593 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11 
- Add sandboxX
 2009-08-26 18:05:32 +00:00
Daniel J Walsh
4b8a9749e9 * Sat Aug 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-10 
- Fix realpath usage to only happen on argv input from user
 2009-08-22 12:08:34 +00:00
Daniel J Walsh
4bf248f359 * Thu Aug 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-7 
- Fix glob handling of /..
 2009-08-20 19:51:45 +00:00
Daniel J Walsh
3f2af1bab0 * Thu Aug 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-7 
- Fix glob handling of /..
 2009-08-20 19:05:30 +00:00
Daniel J Walsh
c14fb87560 * Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-6 
- Redesign restorecond to use setfiles/restore functionality
 2009-08-19 20:38:19 +00:00
Daniel J Walsh
8c640c000d * Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-6 
- Redesign restorecond to use setfiles/restore functionality
 2009-08-19 20:25:21 +00:00