diff --git a/.gitignore b/.gitignore index f4c80ed..26db9fc 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ setools-3.3.8-f1e5b20.tar.bz2 /4.4.0.tar.gz /4.4.1.tar.gz /4.4.2.tar.gz +/4.4.3.tar.gz diff --git a/0001-Disable-remove-neverallow-options-in-sediff.patch b/0001-Disable-remove-neverallow-options-in-sediff.patch deleted file mode 100644 index a6f6cc7..0000000 --- a/0001-Disable-remove-neverallow-options-in-sediff.patch +++ /dev/null @@ -1,92 +0,0 @@ -From b6b7a20618595ab88480f05348e91491345b70ef Mon Sep 17 00:00:00 2001 -From: Petr Lautrbach -Date: Tue, 9 May 2023 19:22:01 +0200 -Subject: [PATCH] Disable/remove neverallow options in sediff. -Content-type: text/plain - -Apply change from commit 06335957b701 ("Disable/remove neverallow -options in frontends.") to sediff - -Signed-off-by: Petr Lautrbach ---- - man/ru/sediff.1 | 4 ---- - man/sediff.1 | 4 ---- - sediff | 10 +++++++--- - 3 files changed, 7 insertions(+), 11 deletions(-) - -diff --git a/man/ru/sediff.1 b/man/ru/sediff.1 -index c6bf2939443f..af5d8efcf82c 100644 ---- a/man/ru/sediff.1 -+++ b/man/ru/sediff.1 -@@ -57,16 +57,12 @@ sediff \- утилита выявления различий политик SELi - Найти различия правил включения журналирования событий. - .IP "--dontaudit" - Найти различия правил запрета журналирования событий. --.IP "--neverallow" --Найти различия запрещающих правил. - .IP "--allowxperm" - Найти различия расширенных разрешительных правил. - .IP "--auditallowxperm" - Найти различия расширенных правил включения журналирования событий. - .IP "--dontauditxperm" - Найти различия расширенных правил запрета журналирования событий. --.IP "--neverallowxperm" --Найти различия расширенных запрещающих правил. - .IP "-T, --type_trans" - Найти различия правил перехода типов. - .IP "--type_member" -diff --git a/man/sediff.1 b/man/sediff.1 -index ed3b497db2c4..18466d8aeb68 100644 ---- a/man/sediff.1 -+++ b/man/sediff.1 -@@ -50,16 +50,12 @@ Find differences in allow rules. - Find differences in auditallow rules. - .IP "--dontaudit" - Find differences in dontaudit rules. --.IP "--neverallow" --Find differences in neverallow rules. - .IP "--allowxperm" - Find differences in allowxperm rules. - .IP "--auditallowxperm" - Find differences in auditallowxperm rules. - .IP "--dontauditxperm" - Find differences in dontauditxperm rules. --.IP "--neverallowxperm" --Find differences in neverallowxperm rules. - .IP "-T, --type_trans" - Find differences in type_transition rules. - .IP "--type_member" -diff --git a/sediff b/sediff -index dfaa319d1d59..97899c13caf4 100755 ---- a/sediff -+++ b/sediff -@@ -46,12 +46,12 @@ comp.add_argument("--level", action="store_true", help="Print MLS level definiti - terule = parser.add_argument_group("type enforcement rule differences") - terule.add_argument("-A", action="store_true", help="Print allow and allowxperm rule differences") - terule.add_argument("--allow", action="store_true", help="Print allow rule differences") --terule.add_argument("--neverallow", action="store_true", help="Print neverallow rule differences") -+# terule.add_argument("--neverallow", action="store_true", help="Print neverallow rule differences") - terule.add_argument("--auditallow", action="store_true", help="Print auditallow rule differences") - terule.add_argument("--dontaudit", action="store_true", help="Print dontaudit rule differences") - terule.add_argument("--allowxperm", action="store_true", help="Print allowxperm rule differences") --terule.add_argument("--neverallowxperm", action="store_true", -- help="Print neverallowxperm rule differences") -+# terule.add_argument("--neverallowxperm", action="store_true", -+# help="Print neverallowxperm rule differences") - terule.add_argument("--auditallowxperm", action="store_true", - help="Print auditallowxperm rule differences") - terule.add_argument("--dontauditxperm", action="store_true", -@@ -98,6 +98,10 @@ other.add_argument("--typebounds", action="store_true", help="Print typebounds d - - args = parser.parse_args() - -+# neverallow and neverallowxperm options are disabled -+args.neverallow = False -+args.neverallowxperm = False -+ - if args.A: - args.allow = True - args.allowxperm = True --- -2.40.1 - diff --git a/setools.spec b/setools.spec index 17588f5..335ff1a 100644 --- a/setools.spec +++ b/setools.spec @@ -2,8 +2,8 @@ %global selinux_ver 3.5-1 Name: setools -Version: 4.4.2 -Release: 2.1%{?dist} +Version: 4.4.3 +Release: 1%{?dist} Summary: Policy analysis tools for SELinux License: GPL-2.0-only and LGPL-2.1-only @@ -11,7 +11,7 @@ URL: https://github.com/SELinuxProject/setools/wiki Source0: https://github.com/SELinuxProject/setools/archive/%{version}.tar.gz Source1: setools.pam Source2: apol.desktop -Patch1: 0001-Disable-remove-neverallow-options-in-sediff.patch + Obsoletes: setools < 4.0.0, setools-devel < 4.0.0 BuildRequires: flex, bison BuildRequires: glibc-devel, gcc, git-core @@ -144,6 +144,14 @@ Python modules designed to facilitate SELinux policy analysis. %{_mandir}/ru/man1/apol* %changelog +* Mon Aug 14 2023 Petr Lautrbach - 4.4.3-1 +- SETools 4.4.3 release +- Improve man pages +- seinfoflow: Add -r option to get flows into the source type. +- seinfoflow.1: Remove references to sepolgen permission map. +- AVRule/AVRuleXperm: Treat rules with no permissions as invalid policy. +- SELinuxPolicy: Add explicit cast for libspol message + * Wed May 10 2023 Petr Lautrbach - 4.4.2-2.1 - Disable sediff --neverallow and --neverallowxperm options diff --git a/sources b/sources index 361fad1..edf09a7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (4.4.2.tar.gz) = b5117c5de1503e25183c2a1af92cd015320dd37e0cf26b8e09bd5d0ff879734d2f9c301def2a40b476c1ed1960f9ee04ae13b284df73f39f743004104ac85fb1 +SHA512 (4.4.3.tar.gz) = dcea6f10af0f46cb7f06aa1b29a757de7dbc30b52fe705c51a4f395d6cc25bfc7b78c15b6fc5c09ec05a2bbe8316bc79b87156304de5fe098040007d33a70143