rpms/checkpolicy
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
236 Commits 40 Branches 153 Tags 738 KiB
04fa4fd788
Commit Graph

109 Commits

Author SHA1 Message Date
Petr Lautrbach
04fa4fd788 checkpolicy-2.8-1 
- SELinux userspace 2.8 release
 2018-05-25 12:18:07 +02:00
Petr Lautrbach
5d411cd10a SELinux userspace 2.8-rc3 release candidate 2018-05-15 10:36:24 +02:00
Petr Lautrbach
ccff9f365f SELinux userspace 2.8-rc1 release candidate 2018-04-23 16:05:04 +02:00
Petr Lautrbach
980d2c8c0c checkpolicy-2.7-1 
- Update to upstream release 2017-08-04
 2017-08-07 17:17:57 +02:00
Petr Lautrbach
269e7db87e checkpolicy-2.6-1 
- Update to upstream release 2016-10-14
 2017-02-20 12:36:39 +01:00
Petr Lautrbach
ce5393bbac checkpolicy-2.5-1 
- Update to upstream release 2016-02-23
 2016-02-23 22:47:35 +01:00
Petr Lautrbach
cfa584572b checkpolicy-2.5-0.1.rc1 
Update to upstream rc1 release 2016-01-07
 2016-02-21 13:42:03 +01:00
Petr Lautrbach
76fb2b6d10 Update to 2.4 release 2015-07-20 18:53:21 +02:00
Dan Walsh
946ad38fd1 Update to upstream 
* Add Android support for building dispol.
	* Report source file and line information for neverallow failures.
	* Prevent incompatible option combinations for checkmodule.
	* Drop -lselinux from LDLIBS for test programs; not used.
	* Add debug feature to display constraints/validatetrans from Richard Haines.
 2014-05-06 14:20:14 -04:00
Dan Walsh
eddfbe52c6 UPdate to upstream 2013-10-31 09:21:49 -04:00
Dan Walsh
02cf4abf2d Update to upstream 
* Fix errors found by coverity
        * implement default type policy syntax
        * Free allocated memory when clean up / exit.
 2013-02-07 13:40:56 -05:00
rhatdan
1057df92ca Update to upstream 
* fd leak reading policy
	* check return code on ebitmap_set_bit
 2012-09-13 13:29:17 -04:00
Dan Walsh
f5401fa228 Update to upstream 
* sepolgen: We need to support files that have a + in them
	* Android/MacOS X build support
 2012-07-04 07:24:23 -04:00
Dan Walsh
9f8377e4c3 Update to upstream 
* implement new default labeling behaviors for usr, role, range
	* Fix dead links to www.nsa.gov/selinux
 2012-03-29 15:28:08 -04:00
Dan Walsh
1e9a9d79a0 Update to upstream 
* add new helper to translate class sets into bitmaps
 2011-12-21 17:59:52 +00:00
Dan Walsh
5ea3e823bf Upgrade to upstream 
* dis* fixed signed vs unsigned errors
	* dismod: fix unused parameter errors
	* test: Makefile: include -W and -Werror
	* allow ~ in filename transition rules
Allow policy to specify the source of target for generating the default user,role
or mls label for a new target.
 2011-12-15 14:30:26 -05:00
Dan Walsh
1e7f3c93f0 Upgrade to upstream 
* Revert "checkpolicy: Redo filename/filesystem syntax to support filename trans rules"
	* drop libsepol dynamic link in checkpolicy
 2011-11-04 09:27:03 -04:00
Dan Walsh
911694cf55 Update to upstream 
* Separate tunable from boolean during compile.
 2011-09-19 06:50:16 -04:00
Dan Walsh
68f262fbdb Update to upstream 
* checkpolicy: fix spacing in output message
 2011-08-30 16:15:26 -04:00
Dan Walsh
e87652be15 * add missing ; to attribute_role_def 
*Redo filename/filesystem syntax to support filename trans
 2011-08-18 07:00:03 -04:00
Dan Walsh
5bae77199e * add missing ; to attribute_role_def 
*Redo filename/filesystem syntax to support filename trans
 2011-08-18 06:51:40 -04:00
Dan Walsh
72448b2ce3 Update to upstream 2011-07-28 11:42:26 -04:00
Dan Walsh
5eaf35502b Update to upstream 
* Wrap file names in filename transitions with quotes by Steve Lawrence.
	* Allow filesystem names to start with a digit by James Carter.
	* Add support for using the last path compnent in type transitions by Eric
 2011-05-23 18:25:07 -04:00
Dan Walsh
66140a0889 Latest patches 2011-04-12 13:12:30 -04:00
Dan Walsh
5ea14e8ebf - Latest update from NSA 
* Remove unused variables to fix compliation under GCC 4.6 by Justin Mattock
 2010-12-21 16:41:10 -05:00
Daniel J Walsh
ff8894ce82 - Latest update from NSA 
Update checkmodule man page and usage by Daniel Walsh and Steve Lawrence
- Allow policy version to be one number
 2010-06-16 12:11:21 +00:00
Daniel J Walsh
7c6d84d139 - Latest update from NSA 
Add support for building Xen policies from Paul Nuzzi.
Add long options to checkpolicy and checkmodule by Guido Trentalancia
    <guido@trentalancia.com>
 2009-12-01 22:50:19 +00:00
Daniel J Walsh
69181ce9f3 - Latest update from NSA 
Fix alias field in module format, caused by boundary format change from
    Caleb Case.
 2009-02-18 21:54:40 +00:00
Daniel J Walsh
d9e3ea1a9d - Latest update from NSA 
Update checkpolicy for user and role mapping support from Joshua Brindle.
 2008-05-28 15:15:49 +00:00
Daniel J Walsh
ce4fbaf6a7 - Latest update from NSA 
Add permissive domain support from Eric Paris.
 2008-04-14 19:34:07 +00:00
Daniel J Walsh
3181c033e3 - Latest update from NSA 
Split out non-grammar parts of policy_parse.yacc into policy_define.c and
    policy_define.h from Todd C. Miller.
Initialize struct policy_file before using it, from Todd C. Miller.
Remove unused define, move variable out of .y file, simplify COND_ERR, from
    Todd C. Miller.
 2008-03-14 00:24:03 +00:00
Daniel J Walsh
e22ff16832 - Latest update from NSA 
Use yyerror2() where appropriate from Todd C. Miller.
- Build against latest libsepol
 2008-02-28 21:57:00 +00:00
Daniel J Walsh
d793dcb07e - Latest update from NSA 
Update dispol for libsepol avtab changes from Stephen Smalley.
 2008-02-04 17:24:34 +00:00
Daniel J Walsh
1257a8cea9 - Latest update from NSA 
Deprecate role dominance in parser.
 2008-01-25 16:19:00 +00:00
Daniel J Walsh
4dd1371296 - Update to use libsepol-static library 2008-01-21 21:42:58 +00:00
Daniel J Walsh
5c3895bc13 - Latest update from NSA 
Initialize the source file name from the command line argument so that
    checkpolicy/checkmodule report something more useful than "unknown
    source".
Merged remove use of REJECT and trailing context in lex rules; make ipv4
    address parsing like ipv6 from James Carter.
 2007-11-15 18:41:43 +00:00
Daniel J Walsh
5d693896f6 Merged handle unknown policydb flag support from Eric Paris. Adds new 
command line options -U {allow, reject, deny} for selecting the flag
    when a base module or kernel policy is built.
 2007-09-19 00:20:03 +00:00
Daniel J Walsh
4bd6947fff - Latest update from NSA 
Merged fix for segfault on duplicate require of sensitivity from Caleb
    Case.
Merged fix for dead URLs in checkpolicy man pages from Dan Walsh.
 2007-06-04 19:21:50 +00:00
Daniel J Walsh
7b7e59092d - Latest update from NSA 
Merged checkmodule man page fix from Dan Walsh.
 2007-04-12 20:05:28 +00:00
Daniel J Walsh
c1870cdf3a - Latest update from NSA 
Merged patch to allow dots in class identifiers from Caleb Case.
 2007-02-20 14:59:15 +00:00
Daniel J Walsh
1ec43fbb6a - Latest update from NSA 
Merged patch to use new libsepol error codes by Karl MacMillan.
Updated version for stable branch.
 2007-02-07 21:42:36 +00:00
Daniel J Walsh
c2957dde68 - Latest update from NSA 
Collapse user identifiers and identifiers together.
 2006-11-14 14:50:36 +00:00
Daniel J Walsh
9e6b63128e - Latest update from NSA 
Updated version for release.
 2006-11-03 21:45:02 +00:00
Daniel J Walsh
2fc5612c93 - Latest update from NSA 
Merged user and range_transition support for modules from Darrel Goeddel
 2006-09-29 14:22:59 +00:00
Daniel J Walsh
39e4bfb0e8 - Latest update from NSA 
merged range_transition enhancements and user module format changes from
    Darrel Goeddel
Merged symtab datum patch from Karl MacMillan.
 2006-09-06 18:16:16 +00:00
Daniel J Walsh
0962a544c8 - Latest upgrade from NSA 
Lindent.
Merged patch to remove TE rule conflict checking from the parser from
    Joshua Brindle. This can only be done properly by the expander.
Merged patch to make checkpolicy/checkmodule handling of
    duplicate/conflicting TE rules the same as the expander from Joshua
    Brindle.
Merged optionals in base take 2 patch set from Joshua Brindle.
 2006-07-05 10:43:21 +00:00
Daniel J Walsh
0b33b45a9e - Latest upgrade from NSA 
Merged compiler cleanup patch from Karl MacMillan.
Merged fix warnings patch from Karl MacMillan.
 2006-05-24 03:11:52 +00:00
Daniel J Walsh
a7c8fb25b4 - Latest upgrade from NSA 
Changed require_class to reject permissions that have not been declared if
    building a base module.
 2006-04-05 17:46:41 +00:00
Daniel J Walsh
cb354e0254 - Latest upgrade from NSA 
Fixed checkmodule to call link_modules prior to expand_module to handle
    optionals.
Fixed require_class to avoid shadowing permissions already defined in an
    inherited common definition.
 2006-03-28 20:07:42 +00:00
Daniel J Walsh
01a9ba841e - Latest upgrade from NSA 
Moved processing of role and user require statements to 2nd pass.
 2006-03-23 16:14:03 +00:00