policycoreutils/policycoreutils.spec
2005-12-24 17:02:36 +00:00

979 lines
34 KiB
RPMSpec

%define libsepolver 1.11.1-1
%define libsemanagever 1.5.3-1
%define libselinuxver 1.29.2-1
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 1.29.2
Release: 8
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
Patch: policycoreutils-rhat.patch
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver}
PreReq: /bin/mount /bin/egrep /bin/awk /usr/bin/diff
Requires: libsepol >= %{libsepolver} libsemanage >= %{libsemanagever} libselinux-python coreutils
BuildRoot: %{_tmppath}/%{name}-buildroot
%description
Security-enhanced Linux is a feature of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
policycoreutils contains the policy core utilities that are required
for basic operation of a SELinux system. These utilities include
load_policy to load policies, setfiles to label filesystems, newrole
to switch roles, and run_init to run /etc/init.d scripts in the proper
context.
%prep
%setup -q
%patch -p1 -b .rhat
%build
make LIBDIR="%{_libdir}" CFLAGS="%{optflags}" all
%install
rm -rf ${RPM_BUILD_ROOT}
mkdir -p ${RPM_BUILD_ROOT}%{_bindir}
mkdir -p ${RPM_BUILD_ROOT}%{_sbindir}
mkdir -p ${RPM_BUILD_ROOT}/sbin
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8
mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d
make DESTDIR="${RPM_BUILD_ROOT}" install
%find_lang %{name}
%clean
rm -rf ${RPM_BUILD_ROOT}
%files -f %{name}.lang
%defattr(-,root,root)
/sbin/fixfiles
/sbin/restorecon
%{_sbindir}/setfiles
%{_sbindir}/setsebool
%{_sbindir}/semodule
%{_sbindir}/semanage
%{_sbindir}/load_policy
%{_sbindir}/audit2why
%{_sbindir}/genhomedircon
%{_sbindir}/sestatus
%{_sbindir}/run_init
%{_sbindir}/open_init_pty
%{_bindir}/newrole
%{_bindir}/audit2allow
%{_bindir}/chcat
%{_bindir}/semodule_expand
%{_bindir}/semodule_link
%{_bindir}/semodule_package
%{_mandir}/man8/chcat.8.gz
%{_mandir}/man8/restorecon.8.gz
%{_mandir}/man8/sestatus.8.gz
%{_mandir}/man8/semanage.8.gz
%{_mandir}/man8/semodule.8.gz
%{_mandir}/man8/semodule_link.8.gz
%{_mandir}/man8/semodule_package.8.gz
%{_mandir}/man8/semodule_expand.8.gz
%{_mandir}/man8/setfiles.8.gz
%{_mandir}/man8/fixfiles.8.gz
%{_mandir}/man8/load_policy.8.gz
%{_mandir}/man8/audit2why.8.gz
%{_mandir}/man8/genhomedircon.8.gz
%{_mandir}/man8/open_init_pty.8.gz
%{_mandir}/man8/run_init.8.gz
%{_mandir}/man1/audit2allow.1.gz
%{_mandir}/man1/newrole.1.gz
%config %{_sysconfdir}/pam.d/newrole
%config %{_sysconfdir}/pam.d/run_init
%config(noreplace) %{_sysconfdir}/sestatus.conf
%changelog
* Sat Dec 24 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-8
- Fix getpwnam call
* Fri Dec 23 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-7
- Anaconda fixes
* Thu Dec 22 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-6
- Turn off try catch block to debug anaconda failure
* Tue Dec 20 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-5
- More fixes for chcat
* Tue Dec 20 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-4
- Add try catch for files that may not exists
* Mon Dec 19 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-3
- Remove commands from genhomedircon for installer
* Wed Dec 14 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-1
- Fix genhomedircon to work in installer
- Update to match NSA
* Merged patch for chcat script from Dan Walsh.
* Fri Dec 9 2005 Dan Walsh <dwalsh@redhat.com> 1.29.1-2
- More fixes to chcat
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Thu Dec 8 2005 Dan Walsh <dwalsh@redhat.com> 1.29.1-1
- Update to match NSA
* Merged fix for audit2allow long option list from Dan Walsh.
* Merged -r option for restorecon (alias for -R) from Dan Walsh.
* Merged chcat script and man page from Dan Walsh.
* Wed Dec 7 2005 Dan Walsh <dwalsh@redhat.com> 1.28-1
- Update to match NSA
- Add gfs support
* Wed Dec 7 2005 Dan Walsh <dwalsh@redhat.com> 1.27.37-1
- Update to match NSA
- Add chcat to policycoreutils, adding +/- syntax
`
* Tue Dec 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.36-2
- Require new version of libsemanage
* Mon Dec 5 2005 Dan Walsh <dwalsh@redhat.com> 1.27.36-1
- Update to match NSA
* Changed genhomedircon to warn on use of ROLE in homedir_template
if using managed policy, as libsemanage does not yet support it.
* Sun Dec 4 2005 Dan Walsh <dwalsh@redhat.com> 1.27.35-1
- Update to match NSA
* Merged genhomedircon bug fix from Dan Walsh.
* Revised semodule* man pages to refer to checkmodule and
to include example sections.
* Thu Dec 1 2005 Dan Walsh <dwalsh@redhat.com> 1.27.33-1
- Update to match NSA
* Merged audit2allow --tefile and --fcfile support from Dan Walsh.
* Merged genhomedircon fix from Dan Walsh.
* Merged semodule* man pages from Dan Walsh, and edited them.
* Changed setfiles to set the MATCHPATHCON_VALIDATE flag to
retain validation/canonicalization of contexts during init.
* Wed Nov 30 2005 Dan Walsh <dwalsh@redhat.com> 1.27.31-1
- Update to match NSA
* Changed genhomedircon to always use user_r for the role in the
managed case since user_get_defrole is broken.
- Add te file capabilities to audit2allow
- Add man pages for semodule
* Tue Nov 29 2005 Dan Walsh <dwalsh@redhat.com> 1.27.30-1
- Update to match NSA
* Merged sestatus, audit2allow, and semanage patch from Dan Walsh.
* Fixed semodule -v option.
* Mon Nov 28 2005 Dan Walsh <dwalsh@redhat.com> 1.27.29-1
- Update to match NSA
* Merged audit2allow python script from Dan Walsh.
(old script moved to audit2allow.perl, will be removed later).
* Merged genhomedircon fixes from Dan Walsh.
* Merged semodule quieting patch from Dan Walsh
(inverts default, use -v to restore original behavior).
* Thu Nov 17 2005 Dan Walsh <dwalsh@redhat.com> 1.27.28-3
- Audit2allow
* Add more error checking
* Add gen policy package
* Add gen requires
* Wed Nov 16 2005 Dan Walsh <dwalsh@redhat.com> 1.27.28-2
- Update to match NSA
* Merged genhomedircon rewrite from Dan Walsh.
- Rewrite audit2allow to python
* Mon Nov 14 2005 Dan Walsh <dwalsh@redhat.com> 1.27.27-5
- Fix genhomedircon to work with non libsemanage systems
* Fri Nov 11 2005 Dan Walsh <dwalsh@redhat.com> 1.27.27-3
- Patch genhomedircon to use libsemanage.py stuff
* Wed Nov 9 2005 Dan Walsh <dwalsh@redhat.com> 1.27.27-1
- Update to match NSA
* Merged setsebool cleanup patch from Ivan Gyurdiev.
* Wed Nov 9 2005 Dan Walsh <dwalsh@redhat.com> 1.27.26-4
- Fix genhomedircon to use seusers file, temporary fix until swigified semanage
* Tue Nov 8 2005 Dan Walsh <dwalsh@redhat.com> 1.27.26-1
* Added -B (--build) option to semodule to force a rebuild.
* Reverted setsebool patch to call semanage_set_reload_bools().
* Changed setsebool to disable policy reload and to call
security_set_boolean_list to update the runtime booleans.
* Changed setfiles -c to use new flag to set_matchpathcon_flags()
to disable context translation by matchpathcon_init().
* Tue Nov 8 2005 Dan Walsh <dwalsh@redhat.com> 1.27.23-1
- Update to match NSA
* Changed setfiles for the context canonicalization support.
* Changed setsebool to call semanage_is_managed() interface
and fall back to security_set_boolean_list() if policy is
not managed.
* Merged setsebool memory leak fix from Ivan Gyurdiev.
* Merged setsebool patch to call semanage_set_reload_bools()
interface from Ivan Gyurdiev.
* Mon Nov 7 2005 Dan Walsh <dwalsh@redhat.com> 1.27.20-1
- Update to match NSA
* Merged setsebool patch from Ivan Gyurdiev.
This moves setsebool from libselinux/utils to policycoreutils,
and rewrites it to use libsemanage for permanent boolean changes.
* Tue Oct 25 2005 Dan Walsh <dwalsh@redhat.com> 1.27.19-2
- Rebuild to use latest libselinux, libsemanage, and libsepol
* Tue Oct 25 2005 Dan Walsh <dwalsh@redhat.com> 1.27.19-1
- Update to match NSA
* Merged semodule support for reload, noreload, and store options
from Joshua Brindle.
* Merged semodule_package rewrite from Joshua Brindle.
* Thu Oct 20 2005 Dan Walsh <dwalsh@redhat.com> 1.27.18-1
- Update to match NSA
* Cleaned up usage and error messages and releasing of memory by
semodule_* utilities.
* Corrected error reporting by semodule.
* Updated semodule_expand for change to sepol interface.
* Merged fixes for make DESTDIR= builds from Joshua Brindle.
* Tue Oct 18 2005 Dan Walsh <dwalsh@redhat.com> 1.27.14-1
- Update to match NSA
* Updated semodule_package for sepol interface changes.
* Tue Oct 18 2005 Dan Walsh <dwalsh@redhat.com> 1.27.13-1
- Update to match NSA
* Updated semodule_expand/link for sepol interface changes.
* Sat Oct 15 2005 Dan Walsh <dwalsh@redhat.com> 1.27.12-1
- Update to match NSA
* Merged non-PAM Makefile support for newrole and run_init from Timothy Wood.
* Fri Oct 14 2005 Dan Walsh <dwalsh@redhat.com> 1.27.11-1
- Update to match NSA
* Updated semodule_expand to use get interfaces for hidden sepol_module_package type.
* Merged newrole and run_init pam config patches from Dan Walsh (Red Hat).
* Merged fixfiles patch from Dan Walsh (Red Hat).
* Updated semodule for removal of semanage_strerror.
* Thu Oct 13 2005 Dan Walsh <dwalsh@redhat.com> 1.27.7-2
- Fix run_init.pamd and spec file
* Wed Oct 12 2005 Dan Walsh <dwalsh@redhat.com> 1.27.7-1
- Update to match NSA
* Updated semodule_link and semodule_expand to use shared libsepol.
Fixed audit2why to call policydb_init prior to policydb_read (still
uses the static libsepol).
* Mon Oct 10 2005 Dan Walsh <dwalsh@redhat.com> 1.27.6-1
- Update to match NSA
* Updated for changes to libsepol.
Changed semodule and semodule_package to use the shared libsepol.
Disabled build of semodule_link and semodule_expand for now.
Updated audit2why for relocated policydb internal headers,
still needs to be converted to a shared lib interface.
* Fri Oct 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.5-3
- Update newrole pam file to remove pam-stack
- Update run_init pam file to remove pam-stack
* Thu Oct 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.5-1
- Update to match NSA
* Fixed warnings in load_policy.
* Rewrote load_policy to use the new selinux_mkload_policy()
interface provided by libselinux.
* Wed Oct 5 2005 Dan Walsh <dwalsh@redhat.com> 1.27.3-2
- Rebuild with newer libararies
* Wed Sep 28 2005 Dan Walsh <dwalsh@redhat.com> 1.27.3-1
- Update to match NSA
* Merged patch to update semodule to the new libsemanage API
and improve the user interface from Karl MacMillan (Tresys).
* Modified semodule for the create/connect API split.
* Wed Sep 28 2005 Dan Walsh <dwalsh@redhat.com> 1.27.2-2
- More fixes to stop find from following nfs paths
* Wed Sep 21 2005 Dan Walsh <dwalsh@redhat.com> 1.27.2-1
- Update to match NSA
* Merged run_init open_init_pty bug fix from Manoj Srivastava
(unblock SIGCHLD). Bug reported by Erich Schubert.
* Tue Sep 20 2005 Dan Walsh <dwalsh@redhat.com> 1.27.1-1
- Update to match NSA
* Merged error shadowing bug fix for restorecon from Dan Walsh.
* Merged setfiles usage/man page update for -r option from Dan Walsh.
* Merged fixfiles -C patch to ignore :s0 addition on update
to a MCS/MLS policy from Dan Walsh.
* Thu Sep 15 2005 Dan Walsh <dwalsh@redhat.com> 1.26-3
- Add chcat script for use with chcon.
* Tue Sep 13 2005 Dan Walsh <dwalsh@redhat.com> 1.26-2
- Fix restorecon to exit with error code
* Mon Sep 12 2005 Dan Walsh <dwalsh@redhat.com> 1.26-1
* Updated version for release.
* Tue Sep 6 2005 Dan Walsh <dwalsh@redhat.com> 1.25.9-2
- Add prereq for mount command
* Thu Sep 1 2005 Dan Walsh <dwalsh@redhat.com> 1.25.9-1
- Update to match NSA
* Changed setfiles -c to translate the context to raw format
prior to calling libsepol.
* Fri Aug 26 2005 Dan Walsh <dwalsh@redhat.com> 1.25.7-3
- Use new version of libsemange and require it for install
* Fri Aug 26 2005 Dan Walsh <dwalsh@redhat.com> 1.25.7-2
- Ignore s0 in file context
* Thu Aug 25 2005 Dan Walsh <dwalsh@redhat.com> 1.25.7-1
- Update to match NSA
* Merged patch for fixfiles -C from Dan Walsh.
* Tue Aug 23 2005 Dan Walsh <dwalsh@redhat.com> 1.25.6-1
- Update to match NSA
* Merged fixes for semodule_link and sestatus from Serge Hallyn (IBM).
Bugs found by Coverity.
* Mon Aug 22 2005 Dan Walsh <dwalsh@redhat.com> 1.25.5-3
- Fix fixfiles to call sort -u followed by sort -d.
* Wed Aug 17 2005 Dan Walsh <dwalsh@redhat.com> 1.25.5-2
- Change fixfiles to ignore /home directory on updates
* Fri Aug 5 2005 Dan Walsh <dwalsh@redhat.com> 1.25.5-1
- Update to match NSA
* Merged patch to move module read/write code from libsemanage
to libsepol from Jason Tang (Tresys).
* Thu Jul 28 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-1
- Update to match NSA
* Changed semodule* to link with libsemanage.
* Wed Jul 27 2005 Dan Walsh <dwalsh@redhat.com> 1.25.3-1
- Update to match NSA
* Merged restorecon patch from Ivan Gyurdiev.
* Mon Jul 18 2005 Dan Walsh <dwalsh@redhat.com> 1.25.2-1
- Update to match NSA
* Merged load_policy, newrole, and genhomedircon patches from Red Hat.
* Thu Jul 7 2005 Dan Walsh <dwalsh@redhat.com> 1.25.1-1
- Update to match NSA
* Merged loadable module support from Tresys Technology.
* Wed Jun 29 2005 Dan Walsh <dwalsh@redhat.com> 1.24-1
- Update to match NSA
* Updated version for release.
* Tue Jun 14 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-4
- Fix Ivan's patch for user role changes
* Sat May 28 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-3
- Add Ivan's patch for user role changes in genhomedircon
* Thu May 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-2
- Fix warning message on reload of booleans
* Fri May 20 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-1
- Update to match NSA
* Merged fixfiles and newrole patch from Dan Walsh.
* Merged audit2why man page from Dan Walsh.
* Thu May 19 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-2
- Add call to pam_acct_mgmt in newrole.
* Tue May 17 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-1
- Update to match NSA
* Extended audit2why to incorporate booleans and local user
settings when analyzing audit messages.
* Mon May 16 2005 Dan Walsh <dwalsh@redhat.com> 1.23.9-1
- Update to match NSA
* Updated audit2why for sepol_ prefixes on Flask types to
avoid namespace collision with libselinux, and to
include <selinux/selinux.h> now.
* Fri May 13 2005 Dan Walsh <dwalsh@redhat.com> 1.23.8-1
- Fix fixfiles to accept -f
- Update to match NSA
* Added audit2why utility.
* Fri Apr 29 2005 Dan Walsh <dwalsh@redhat.com> 1.23.7-1
- Change -f flag in fixfiles to remove stuff from /tmp
- Change -F flag to pass -F flag to restorecon/fixfiles. (IE Force relabel).
* Thu Apr 14 2005 Dan Walsh <dwalsh@redhat.com> 1.23.6-1
- Update to match NSA
* Fixed signed/unsigned pointer bug in load_policy.
* Reverted context validation patch for genhomedircon.
* Wed Apr 13 2005 Dan Walsh <dwalsh@redhat.com> 1.23.5-1
- Update to match NSA
* Reverted load_policy is_selinux_enabled patch from Dan Walsh.
Otherwise, an initial policy load cannot be performed using
load_policy, e.g. for anaconda.
* Mon Apr 11 2005 Dan Walsh <dwalsh@redhat.com> 1.23.4-3
- remove is_selinux_enabled check from load_policy (Bad idea)
* Mon Apr 11 2005 Dan Walsh <dwalsh@redhat.com> 1.23.4-1
- Update to version from NSA
* Merged load_policy is_selinux_enabled patch from Dan Walsh.
* Merged restorecon verbose output patch from Dan Walsh.
* Merged setfiles altroot patch from Chris PeBenito.
* Thu Apr 7 2005 Dan Walsh <dwalsh@redhat.com> 1.23.3-2
- Don't run load_policy on a non SELinux kernel.
* Wed Apr 6 2005 Dan Walsh <dwalsh@redhat.com> 1.23.3-1
- Update to version from NSA
* Merged context validation patch for genhomedircon from Eric Paris.
- Fix verbose output of restorecon
* Thu Mar 17 2005 Dan Walsh <dwalsh@redhat.com> 1.23.2-1
- Update to version from NSA
* Changed setfiles -c to call set_matchpathcon_flags(3) to
turn off processing of .homedirs and .local.
* Tue Mar 15 2005 Dan Walsh <dwalsh@redhat.com> 1.23.1-1
- Update to released version from NSA
* Merged rewrite of genhomedircon by Eric Paris.
* Changed fixfiles to relabel jfs since it now supports security xattrs
(as of 2.6.11). Removed reiserfs until 2.6.12 is released with
fixed support for reiserfs and selinux.
* Thu Mar 10 2005 Dan Walsh <dwalsh@redhat.com> 1.22-2
- Update to released version from NSA
- Patch genhomedircon to handle passwd in different places.
* Wed Mar 9 2005 Dan Walsh <dwalsh@redhat.com> 1.21.22-2
- Fix genhomedircon to not put bad userad error in file_contexts.homedir
* Tue Mar 8 2005 Dan Walsh <dwalsh@redhat.com> 1.21.22-1
- Cleanup error reporting
* Tue Mar 1 2005 Dan Walsh <dwalsh@redhat.com> 1.21.21-1
* Merged load_policy and genhomedircon patch from Dan Walsh.
* Mon Feb 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.20-3
- Fix genhomedircon to add extr "\n"
* Fri Feb 24 2005 Dan Walsh <dwalsh@redhat.com> 1.21.20-2
- Fix genhomedircon to handle blank users
* Fri Feb 24 2005 Dan Walsh <dwalsh@redhat.com> 1.21.20-1
- Update to latest from NSA
- Add call to libsepol
* Thu Feb 23 2005 Dan Walsh <dwalsh@redhat.com> 1.21.19-4
- Fix genhomedircon to handle root
- Fix fixfiles to better handle file system types
* Wed Feb 23 2005 Dan Walsh <dwalsh@redhat.com> 1.21.19-2
- Fix genhomedircon to handle spaces in SELINUXPOLICYTYPE
* Tue Feb 22 2005 Dan Walsh <dwalsh@redhat.com> 1.21.19-1
- Update to latest from NSA
* Merged several fixes from Ulrich Drepper.
* Mon Feb 21 2005 Dan Walsh <dwalsh@redhat.com> 1.21.18-2
- Apply Uli patch
* The Makefiles should use the -Wall option even if compiled in beehive
* Add -W, too
* use -Werror when used outside of beehive. This could also be used unconditionally
* setfiles/setfiles.c: fix resulting warning
* restorecon/restorecon.c: Likewise
* run_init/open_init_pty.c: argc hasn't been checked, the program would crash if
called without parameters. ignore the return value of nice properly.
* run_init: don't link with -ldl lutil
* load_policy: that's the bad bug. pointer to unsigned int is passed, size_t is
written to. fails on 64-bit archs
* sestatus: signed vs unsigned problem
* newrole: don't link with -ldl
* Sat Feb 19 2005 Dan Walsh <dwalsh@redhat.com> 1.21.18-1
- Update to latest from NSA
* Changed load_policy to fall back to the original policy upon
an error from sepol_genusers().
* Thu Feb 17 2005 Dan Walsh <dwalsh@redhat.com> 1.21.17-2
- Only restorecon on ext[23], reiser and xfs
* Thu Feb 17 2005 Dan Walsh <dwalsh@redhat.com> 1.21.17-1
- Update to latest from NSA
* Merged new genhomedircon script from Dan Walsh.
* Changed load_policy to call sepol_genusers().
* Thu Feb 17 2005 Dan Walsh <dwalsh@redhat.com> 1.21.15-9
- Remove Red Hat rhpl usage
- Add back in original syntax
- Update man page to match new syntax
* Fri Feb 11 2005 Dan Walsh <dwalsh@redhat.com> 1.21.15-8
- Fix genhomedircon regular expression
- Fix exclude in restorecon
* Thu Feb 10 2005 Dan Walsh <dwalsh@redhat.com> 1.21.15-5
- Trap failure on write
- Rewrite genhomedircon to generate file_context.homedirs
- several passes
* Thu Feb 10 2005 Dan Walsh <dwalsh@redhat.com> 1.21.15-1
- Update from NSA
* Changed relabel Makefile target to use restorecon.
* Wed Feb 9 2005 Dan Walsh <dwalsh@redhat.com> 1.21.14-1
- Update from NSA
* Merged restorecon patch from Dan Walsh.
* Tue Feb 8 2005 Dan Walsh <dwalsh@redhat.com> 1.21.13-1
- Update from NSA
* Merged further change to fixfiles -C from Dan Walsh.
* Merged updated fixfiles script from Dan Walsh.
- Fix error handling of restorecon
* Mon Feb 7 2005 Dan Walsh <dwalsh@redhat.com> 1.21.12-2
- Fix sestatus for longer booleans
* Wed Feb 2 2005 Dan Walsh <dwalsh@redhat.com> 1.21.12-1
- More cleanup of fixfiles sed patch
* Merged further patches for restorecon/setfiles -e and fixfiles -C.
* Wed Feb 2 2005 Dan Walsh <dwalsh@redhat.com> 1.21.10-2
- More cleanup of fixfiles sed patch
* Mon Jan 31 2005 Dan Walsh <dwalsh@redhat.com> 1.21.10-1
- More cleanup of fixfiles sed patch
- Upgrade to latest from NSA
* Merged patch for open_init_pty from Manoj Srivastava.
* Fri Jan 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.9-1
- More cleanup of sed patch
- Upgrade to latest from NSA
* Merged updated fixfiles script from Dan Walsh.
* Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
* Reverted fixfiles patch for file_contexts.local;
obsoleted by setfiles rewrite.
* Merged error handling patch for restorecon from Dan Walsh.
* Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
* Rewrote setfiles to use matchpathcon and the new interfaces
exported by libselinux (>= 1.21.5).
* Fri Jan 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.7-3
- Fix fixfiles patch
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
* Thu Jan 27 2005 Dan Walsh <dwalsh@redhat.com> 1.21.5-1
- Upgrade to latest from NSA
* Merged newrole -l support from Darrel Goeddel (TCS).
- Fix genhomedircon STARTING_UID
* Wed Jan 26 2005 Dan Walsh <dwalsh@redhat.com> 1.21.4-1
- Upgrade to latest from NSA
* Merged fixfiles patch for file_contexts.local from Dan Walsh.
* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.3-2
- Temp file needs to be created in /etc/selinux/POLICYTYPE/contexts/files/ directory.
* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.3-1
- Upgrade to latest from NSA
* Fixed restorecon to not treat errors from is_context_customizable()
as a customizable context.
* Merged setfiles/restorecon patch to not reset user field unless
-F option is specified from Dan Walsh.
* Merged open_init_pty helper for run_init from Manoj Srivastava.
* Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-3
- Don't change user componant if it is all that changed unless forced.
- Change fixfiles to concatinate file_context.local for setfiles
* Thu Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-1
- Update to latest from NSA
* Mon Jan 10 2005 Dan Walsh <dwalsh@redhat.com> 1.20.1-2
- Fix restorecon segfault
* Mon Jan 3 2005 Dan Walsh <dwalsh@redhat.com> 1.20.1-1
- Update to latest from NSA
* Merged fixfiles rewrite from Dan Walsh.
* Merged restorecon patch from Dan Walsh.
* Mon Jan 3 2005 Dan Walsh <dwalsh@redhat.com> 1.19.3-1
- Update to latest from NSA
* Merged fixfiles and restorecon patches from Dan Walsh.
* Don't display change if only user part changed.
* Mon Jan 3 2005 Dan Walsh <dwalsh@redhat.com> 1.19.2-4
- Fix fixfiles handling of rpm
- Fix restorecon to not warn on symlinks unless -v -v
- Fix output of verbose to show old context as well as new context
* Mon Dec 29 2004 Dan Walsh <dwalsh@redhat.com> 1.19.2-1
- Update to latest from NSA
* Changed restorecon to ignore ENOENT errors from matchpathcon.
* Merged nonls patch from Chris PeBenito.
* Mon Dec 20 2004 Dan Walsh <dwalsh@redhat.com> 1.19.1-1
- Update to latest from NSA
* Removed fixfiles.cron.
* Merged run_init.8 patch from Dan Walsh.
* Thu Nov 18 2004 Dan Walsh <dwalsh@redhat.com> 1.18.1-3
- Fix run_init.8 to refer to correct location of initrc_context
* Wed Nov 3 2004 Dan Walsh <dwalsh@redhat.com> 1.18.1-1
- Upgrade to latest from NSA
* Wed Oct 27 2004 Steve Grubb <sgrubb@redhat.com> 1.17.7-3
- Add code to sestatus to output the current policy from config file
* Fri Oct 22 2004 Dan Walsh <dwalsh@redhat.com> 1.17.7-2
- Patch audit2allow to return self and no brackets if only one rule
* Fri Oct 22 2004 Dan Walsh <dwalsh@redhat.com> 1.17.7-1
- Update to latest from NSA
- Eliminate fixfiles.cron
* Tue Oct 12 2004 Dan Walsh <dwalsh@redhat.com> 1.17.6-2
- Only run fixfiles.cron once a week, and eliminate null message
* Fri Oct 1 2004 Dan Walsh <dwalsh@redhat.com> 1.17.6-1
- Update with NSA
* Added -l option to setfiles to log changes via syslog.
* Merged -e option to setfiles to exclude directories.
* Merged -R option to restorecon for recursive descent.
* Fri Oct 1 2004 Dan Walsh <dwalsh@redhat.com> 1.17.5-6
- Add -e (exclude directory) switch to setfiles
- Add syslog to setfiles
* Fri Sep 24 2004 Dan Walsh <dwalsh@redhat.com> 1.17.5-5
- Add -R (recursive) switch to restorecon.
* Thu Sep 23 2004 Dan Walsh <dwalsh@redhat.com> 1.17.5-4
- Change to only display to terminal if tty is specified
* Tue Sep 21 2004 Dan Walsh <dwalsh@redhat.com> 1.17.5-3
- Only display to stdout if logfile not specified
* Mon Sep 9 2004 Dan Walsh <dwalsh@redhat.com> 1.17.5-2
- Add Steve Grubb patch to cleanup log files.
* Mon Aug 30 2004 Dan Walsh <dwalsh@redhat.com> 1.17.5-1
- Add optargs
- Update to match NSA
* Wed Aug 24 2004 Dan Walsh <dwalsh@redhat.com> 1.17.4-1
- Add fix to get cdrom info from /proc/media in fixfiles.
* Wed Aug 24 2004 Dan Walsh <dwalsh@redhat.com> 1.17.3-4
- Add Steve Grub patches for
* Fix fixfiles.cron MAILTO
* Several problems in sestatus
* Wed Aug 24 2004 Dan Walsh <dwalsh@redhat.com> 1.17.3-3
- Add -q (quiet) qualifier to load_policy to not report warnings
* Tue Aug 24 2004 Dan Walsh <dwalsh@redhat.com> 1.17.3-2
- Add requires for libsepol >= 1.1.1
* Tue Aug 24 2004 Dan Walsh <dwalsh@redhat.com> 1.17.3-1
- Update to latest from upstream
* Mon Aug 23 2004 Dan Walsh <dwalsh@redhat.com> 1.17.2-1
- Update to latest from upstream
- Includes Colin patch for verifying file_contexts
* Sun Aug 22 2004 Dan Walsh <dwalsh@redhat.com> 1.17.1-1
- Update to latest from upstream
* Mon Aug 16 2004 Dan Walsh <dwalsh@redhat.com> 1.15.7-1
- Update to latest from upstream
* Thu Aug 12 2004 Dan Walsh <dwalsh@redhat.com> 1.15.6-1
- Add Man page for load_policy
* Tue Aug 10 2004 Dan Walsh <dwalsh@redhat.com> 1.15.5-1
- new version from NSA uses libsepol
* Mon Aug 2 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-2
- Fix genhomedircon join command
* Thu Jul 29 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-1
- Latest from NSA
* Mon Jul 26 2004 Dan Walsh <dwalsh@redhat.com> 1.15.2-4
- Change fixfiles to not change when running a check
* Tue Jul 20 2004 Dan Walsh <dwalsh@redhat.com> 1.15.2-3
- Fix restorecon getopt call to stop hang on IBM Arches
* Mon Jul 19 2004 Dan Walsh <dwalsh@redhat.com> 1.15.2-2
- Only mail files less than 100 lines from fixfiles.cron
- Add Russell's fix for genhomedircon
* Fri Jul 16 2004 Dan Walsh <dwalsh@redhat.com> 1.15.2-1
- Latest from NSA
* Thu Jul 8 2004 Dan Walsh <dwalsh@redhat.com> 1.15.1-2
- Add ro warnings
* Thu Jul 8 2004 Dan Walsh <dwalsh@redhat.com> 1.15.1-1
- Latest from NSA
- Fix fixfiles.cron to delete outfile
* Tue Jul 6 2004 Dan Walsh <dwalsh@redhat.com> 1.14.1-2
- Fix fixfiles.cron to not run on non SELinux boxes
- Fix several problems in fixfiles and fixfiles.cron
* Wed Jun 30 2004 Dan Walsh <dwalsh@redhat.com> 1.14.1-1
- Update from NSA
- Add cron capability to fixfiles
* Fri Jun 25 2004 Dan Walsh <dwalsh@redhat.com> 1.13.4-1
- Update from NSA
* Thu Jun 24 2004 Dan Walsh <dwalsh@redhat.com> 1.13.3-2
- Fix fixfiles to handle no rpm file on relabel
* Wed Jun 23 2004 Dan Walsh <dwalsh@redhat.com> 1.13.3-1
- Update latest from NSA
- Add -o option to setfiles to save output of any files with incorrect context.
* Tue Jun 22 2004 Dan Walsh <dwalsh@redhat.com> 1.13.2-2
- Add rpm support to fixfiles
- Update restorecon to add file input support
* Fri Jun 18 2004 Dan Walsh <dwalsh@redhat.com> 1.13.2-1
- Update with NSA Latest
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Sat Jun 12 2004 Dan Walsh <dwalsh@redhat.com> 1.13.1-2
- Fix run_init to use policy formats
* Wed Jun 2 2004 Dan Walsh <dwalsh@redhat.com> 1.13.1-1
- Update from NSA
* Tue May 25 2004 Dan Walsh <dwalsh@redhat.com> 1.13-3
- Change location of file_context file
* Tue May 25 2004 Dan Walsh <dwalsh@redhat.com> 1.13-2
- Change to use /etc/sysconfig/selinux to determine location of policy files
* Fri May 21 2004 Dan Walsh <dwalsh@redhat.com> 1.13-1
- Update to latest from NSA
- Change fixfiles to prompt before deleteing /tmp files
* Tue May 18 2004 Dan Walsh <dwalsh@redhat.com> 1.12-2
- have restorecon ingnore <<none>>
- Hand matchpathcon the file status
* Thu May 14 2004 Dan Walsh <dwalsh@redhat.com> 1.12-1
- Update to match NSA
* Mon May 10 2004 Dan Walsh <dwalsh@redhat.com> 1.11-4
- Move location of log file to /var/tmp
* Mon May 10 2004 Dan Walsh <dwalsh@redhat.com> 1.11-3
- Better grep command for bind
* Fri May 7 2004 Dan Walsh <dwalsh@redhat.com> 1.11-2
- Eliminate bind and context mounts
* Wed May 5 2004 Dan Walsh <dwalsh@redhat.com> 1.11-1
- update to match NSA
* Wed Apr 28 2004 Dan Walsh <dwalsh@redhat.com> 1.10-4
- Log fixfiles to the /tmp directory
* Wed Apr 21 2004 Colin Walters <walters@redhat.com> 1.10-3
- Add patch to fall back to authenticating via uid if
the current user's SELinux user identity is the default
identity
- Add BuildRequires pam-devel
* Mon Apr 12 2004 Dan Walsh <dwalsh@redhat.com> 1.10-2
- Add man page, thanks to Richard Halley
* Thu Apr 8 2004 Dan Walsh <dwalsh@redhat.com> 1.10-1
- Upgrade to latest from NSA
* Fri Apr 2 2004 Dan Walsh <dwalsh@redhat.com> 1.9.2-1
- Update with latest from gentoo and NSA
* Thu Apr 1 2004 Dan Walsh <dwalsh@redhat.com> 1.9.1-1
- Check return codes in sestatus.c
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-19
- Fix sestatus to not double free
- Fix sestatus.conf to be unix format
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-18
- Warn on setfiles failure to relabel.
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-17
- Updated version of sestatus
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-16
- Fix fixfiles to checklabel properly
* Fri Mar 26 2004 Dan Walsh <dwalsh@redhat.com> 1.9-15
- add sestatus
* Thu Mar 25 2004 Dan Walsh <dwalsh@redhat.com> 1.9-14
- Change free call to freecon
- Cleanup
* Tue Mar 23 2004 Dan Walsh <dwalsh@redhat.com> 1.9-12
- Remove setfiles-assoc patch
- Fix restorecon to not crash on missing dir
* Thu Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-11
- Eliminate trailing / in restorecon
* Thu Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-10
- Add Verbosity check
* Thu Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-9
- Change restorecon to not follow symlinks. It is too difficult and confusing
- to figure out the file context for the file pointed to by a symlink.
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-8
- Fix restorecon
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-7
- Read restorecon patch
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-6
- Change genhomedircon to take POLICYSOURCEDIR from command line
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-5
- Add checkselinux
- move fixfiles and restorecon to /sbin
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-4
- Restore patch of genhomedircon
* Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.9-3
- Add setfiles-assoc patch to try to freeup memory use
* Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.9-2
- Add fixlabels
* Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.9-1
- Update to latest from NSA
* Wed Mar 10 2004 Dan Walsh <dwalsh@redhat.com> 1.6-8
- Increase the size of buffer accepted by setfiles to BUFSIZ.
* Tue Mar 9 2004 Dan Walsh <dwalsh@redhat.com> 1.6-7
- genhomedircon should complete even if it can't read /etc/default/useradd
* Tue Mar 9 2004 Dan Walsh <dwalsh@redhat.com> 1.6-6
- fix restorecon to relabel unlabled files.
* Fri Mar 5 2004 Dan Walsh <dwalsh@redhat.com> 1.6-5
- Add genhomedircon from tresys
- Fixed patch for restorecon
* Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6-4
- exit out when selinux is not enabled
* Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6-3
- Fix minor bugs in restorecon
* Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6-2
- Add restorecon c program
* Tue Feb 24 2004 Dan Walsh <dwalsh@redhat.com> 1.6-1
- Update to latest tarball from NSA
* Thu Feb 19 2004 Dan Walsh <dwalsh@redhat.com> 1.4-9
- Add sort patch
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Thu Jan 29 2004 Dan Walsh <dwalsh@redhat.com> 1.4-7
- remove mods to run_init since init scripts don't require it anymore
* Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 1.4-6
- fix genhomedircon not to return and error
* Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 1.4-5
- add setfiles quiet patch
* Tue Jan 27 2004 Dan Walsh <dwalsh@redhat.com> 1.4-4
- add checkcon to verify context match file_context
* Wed Jan 7 2004 Dan Walsh <dwalsh@redhat.com> 1.4-3
- fix command parsing restorecon
* Tue Jan 6 2004 Dan Walsh <dwalsh@redhat.com> 1.4-2
- Add restorecon
* Sat Dec 6 2003 Dan Walsh <dwalsh@redhat.com> 1.4-1
- Update to latest NSA 1.4
* Tue Nov 25 2003 Dan Walsh <dwalsh@redhat.com> 1.2-9
- Change run_init.console to run as run_init_t
* Tue Oct 14 2003 Dan Walsh <dwalsh@redhat.com> 1.2-8
- Remove dietcc since load_policy is not in mkinitrd
- Change to use CONSOLEHELPER flag
* Tue Oct 14 2003 Dan Walsh <dwalsh@redhat.com> 1.2-7
- Don't authenticate run_init when used with consolehelper
* Wed Oct 01 2003 Dan Walsh <dwalsh@redhat.com> 1.2-6
- Add run_init consolehelper link
* Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 1.2-5
- Add russell spead up patch to deal with file path stems
* Fri Sep 12 2003 Dan Walsh <dwalsh@redhat.com> 1.2-4
- Build load_policy with diet gcc in order to save space on initrd
* Fri Sep 12 2003 Dan Walsh <dwalsh@redhat.com> 1.2-3
- Update with NSA latest
* Thu Aug 7 2003 Dan Walsh <dwalsh@redhat.com> 1.2-1
- remove i18n
- Temp remove gtk support
* Thu Aug 7 2003 Dan Walsh <dwalsh@redhat.com> 1.1-4
- Remove wnck requirement
* Thu Aug 7 2003 Dan Walsh <dwalsh@redhat.com> 1.1-3
- Add gtk support to run_init
* Tue Aug 5 2003 Dan Walsh <dwalsh@redhat.com> 1.1-2
- Add internationalization
* Mon Jun 2 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
- Initial version