782a1515c6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-07 04:50:03 +00:00
817c204014
checkpolicy-2.7-3.fc28
...
- Rebuild with libsepol-2.7-3 and libselinux-2.7-6
2017-11-22 15:52:14 +01:00
39e0ef552a
checkpolicy-2.7-2.fc28
...
- Rebuilt with libsepol-2.7-2
2017-10-20 14:04:28 +02:00
980d2c8c0c
checkpolicy-2.7-1
...
- Update to upstream release 2017-08-04
2017-08-07 17:17:57 +02:00
0d6e0220ec
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
2017-08-02 18:44:54 +00:00
3484761cd7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
2017-07-26 04:44:26 +00:00
269e7db87e
checkpolicy-2.6-1
...
- Update to upstream release 2016-10-14
2017-02-20 12:36:39 +01:00
7671da68a5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
2017-02-10 07:26:44 +00:00
d70b2042c6
checkpolicy-2.5-8
...
- Add types associated to a role in the current scope when parsing
2016-10-04 09:17:25 +02:00
eca1d03c02
checkpolicy-2.5-7
...
- Extend checkpolicy pathname matching
- Rebuilt with libsepol-2.5-9
2016-08-01 13:07:40 +02:00
39233d7a38
checkpolicy-2.5-6
...
- Fix typos in sedispol
2016-06-27 13:52:45 +02:00
a1e6032110
checkpolicy-2.5-5
...
- Set flex as default lexer
- Fix checkmodule output message
2016-06-23 13:55:16 +02:00
eedb877c67
checkpolicy-2.5-4
...
- Rebuilt with libsepol-2.5-6
2016-05-11 10:58:05 +02:00
43d653f220
checkpolicy-2.5-3
...
- Build policy on systems not supporting DCCP protocol
- Fail if module name different than output base filename
2016-04-29 19:08:43 +02:00
65b44362fe
checkpolicy-2.5-2
...
- Add support for portcon dccp protocol
2016-04-08 21:02:57 +02:00
ce5393bbac
checkpolicy-2.5-1
...
- Update to upstream release 2016-02-23
2016-02-23 22:47:35 +01:00
cfa584572b
checkpolicy-2.5-0.1.rc1
...
Update to upstream rc1 release 2016-01-07
2016-02-21 13:42:03 +01:00
3ba2a7069f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2016-02-03 17:36:25 +00:00
13e82f6134
We need to conflict with selinux-policy-base
...
Conflict with selinux-policy causes deadlocks in buildroots when
there's no selinux-policy available. selinux-policy-base is provided by
targeted, mls and minimum subpackages which are not installed to
buildroots.
2015-07-21 10:56:22 +02:00
695b18effb
Drop unused checkpolicy-rhat.patch
2015-07-20 18:57:45 +02:00
76fb2b6d10
Update to 2.4 release
2015-07-20 18:53:21 +02:00
58f0113c23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
2015-06-17 02:34:29 +00:00
437291d3d3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
2014-08-16 00:01:56 +00:00
ca57820539
fix license handling
2014-07-11 16:30:32 -04:00
dd6f1ef617
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
2014-06-06 23:34:12 -05:00
946ad38fd1
Update to upstream
...
* Add Android support for building dispol.
* Report source file and line information for neverallow failures.
* Prevent incompatible option combinations for checkmodule.
* Drop -lselinux from LDLIBS for test programs; not used.
* Add debug feature to display constraints/validatetrans from Richard Haines.
2014-05-06 14:20:14 -04:00
60787b1d18
Update to upstream
...
* Fix hyphen usage in man pages from Laurent Bigonville.
* handle-unknown / -U required argument fix from Laurent Bigonville.
* Support overriding Makefile PATH and LIBDIR from Laurent Bigonville.
* Support space and : in filenames from Dan Walsh.
2013-10-31 09:23:42 -04:00
eddfbe52c6
UPdate to upstream
2013-10-31 09:21:49 -04:00
d2e9a9d648
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
2013-08-02 23:45:36 -05:00
4ca411361a
Fix a segmentation fault if the --handle-unknown option was set without
...
arguments.
- Thanks to Alexandre Rebert and his team at Carnegie Mellon University
for detecting this crash.
2013-07-16 12:36:38 -04:00
b640f10250
":" should be allowed for file trans names
2013-07-16 12:35:19 -04:00
9e5a835ab1
":" should be allowed for file trans names
2013-03-19 19:41:27 -04:00
6bfe32f6aa
":" should be allowed for file trans names
2013-03-19 10:48:10 -04:00
7a5e44fa80
Space should be allowed for file trans names
2013-03-12 08:43:39 -04:00
02cf4abf2d
Update to upstream
...
* Fix errors found by coverity
* implement default type policy syntax
* Free allocated memory when clean up / exit.
2013-02-07 13:40:56 -05:00
889f900222
Update to latest patches from eparis/Upstream
...
- checkpolicy: libsepol: implement default type policy syntax
-
- We currently have a mechanism in which the default user, role, and range
- can be picked up from the source or the target object. This implements
- the same thing for types. The kernel will override this with type
- transition rules and similar. This is just the default if nothing
- specific is given.
2013-01-05 11:08:17 -05:00
13d5e7a515
Update to latest patches from eparis/Upstream
...
- checkpolicy: libsepol: implement default type policy syntax
-
- We currently have a mechanism in which the default user, role, and range
- can be picked up from the source or the target object. This implements
- the same thing for types. The kernel will override this with type
- transition rules and similar. This is just the default if nothing
- specific is given.
2013-01-05 11:02:10 -05:00
c662668dab
Rebuild with fixed libsepol
2013-01-05 07:09:43 -05:00
aa082595d2
Rebuild with fixed libsepol
2012-09-25 15:42:44 -04:00
1057df92ca
Update to upstream
...
* fd leak reading policy
* check return code on ebitmap_set_bit
2012-09-13 13:29:17 -04:00
1796244eeb
Rebuild to grab latest libsepol
2012-07-30 11:21:22 -04:00
04deb1acb8
Rebuild to grab latest libsepol
2012-07-24 14:04:15 -04:00
c25bf4dc69
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
2012-07-18 13:53:20 -05:00
f5401fa228
Update to upstream
...
* sepolgen: We need to support files that have a + in them
* Android/MacOS X build support
2012-07-04 07:24:23 -04:00
fbd2801c70
Rebuild to get latest libsepol which fixes the file_name transition problems
2012-04-23 21:10:43 -04:00
c856d94691
Recompile with libsepol that has support for ptrace_child
2012-04-17 17:06:35 -04:00
1ef68435f0
Allow checkpolicy to use + in a file name
2012-04-03 18:51:45 -04:00
9f8377e4c3
Update to upstream
...
* implement new default labeling behaviors for usr, role, range
* Fix dead links to www.nsa.gov/selinux
2012-03-29 15:28:08 -04:00
9a3ff63515
Fix man page to link to www.nsa.giv/research/selinux
2012-01-16 12:13:04 -05:00
102b87e2ac
Fix man page to link to www.nsa.giv/research/selinux
2012-01-16 12:12:18 -05:00
2bf4af1966
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
2012-01-12 17:17:07 -06:00
ab9a33402e
Update to upstream
...
* add ignoredirs config for genhomedircon
* Fallback_user_level can be NULL if you are not using MLS
2011-12-21 18:06:58 +00:00
629e1bb095
Update to upstream
...
* add new helper to translate class sets into bitmaps
2011-12-21 17:59:06 +00:00
228c1db0c3
default_rules should be optional
2011-12-21 13:35:19 +00:00
ca712cbf0b
Rebuild with latest libsepol
2011-12-16 06:23:11 -05:00
62a79399e3
Upgrade to upstream
...
* dis* fixed signed vs unsigned errors
* dismod: fix unused parameter errors
* test: Makefile: include -W and -Werror
* allow ~ in filename transition rules
Allow policy to specify the source of target for generating the default user,role
or mls label for a new target.
2011-12-15 16:32:47 -05:00
5ea3e823bf
Upgrade to upstream
...
* dis* fixed signed vs unsigned errors
* dismod: fix unused parameter errors
* test: Makefile: include -W and -Werror
* allow ~ in filename transition rules
Allow policy to specify the source of target for generating the default user,role
or mls label for a new target.
2011-12-15 14:30:26 -05:00
e9ff6dfd95
Allow ~ in a filename
2011-11-14 11:35:35 -05:00
1e7f3c93f0
Upgrade to upstream
...
* Revert "checkpolicy: Redo filename/filesystem syntax to support filename trans rules"
* drop libsepol dynamic link in checkpolicy
2011-11-04 09:27:03 -04:00
0708d417f5
Fix checkpolicy to ignore '"' in filename trans rules
2011-09-20 10:06:14 -04:00
84d179aabd
Update to upstream
...
* Separate tunable from boolean during compile.
2011-09-19 06:44:54 -04:00
253cdcd5ea
Update to upstream
...
* Separate tunable from boolean during compile.
2011-09-19 06:43:53 -04:00
68f262fbdb
Update to upstream
...
* checkpolicy: fix spacing in output message
2011-08-30 16:15:26 -04:00
e87652be15
* add missing ; to attribute_role_def
...
*Redo filename/filesystem syntax to support filename trans
2011-08-18 07:00:03 -04:00
5bae77199e
* add missing ; to attribute_role_def
...
*Redo filename/filesystem syntax to support filename trans
2011-08-18 06:51:40 -04:00
920355cc3a
Update to upstream
2011-07-28 11:38:45 -04:00
5eaf35502b
Update to upstream
...
* Wrap file names in filename transitions with quotes by Steve Lawrence.
* Allow filesystem names to start with a digit by James Carter.
* Add support for using the last path compnent in type transitions by Eric
2011-05-23 18:25:07 -04:00
49877e7556
Fixes for filename transition code
2011-04-21 11:32:36 -04:00
f530d30afa
Add "-" ass a file type
2011-04-15 14:10:50 -04:00
66140a0889
Latest patches
2011-04-12 13:12:30 -04:00
9d5bc6c8bd
Patches from Eric Paris
...
We just use random numbers to make menu selections. Use #defines and
names that make some sense instead.
2011-03-29 15:42:16 -04:00
ab345be6df
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
2011-02-08 02:16:59 -06:00
2cb151d87e
- Add James Carters Patch
...
*This patch is needed because some filesystem names (such as 9p) start
with a digit.
2011-01-12 16:49:06 -05:00
5ea14e8ebf
- Latest update from NSA
...
* Remove unused variables to fix compliation under GCC 4.6 by Justin Mattock
2010-12-21 16:41:10 -05:00
acd4c1a5bb
- Rebuild to make sure it will build in Fedora
2010-12-08 11:56:11 -05:00
8bd7fb29dd
- Rebuild to make sure it will build in Fedora
2010-12-08 11:37:45 -05:00
ff8894ce82
- Latest update from NSA
...
Update checkmodule man page and usage by Daniel Walsh and Steve Lawrence
- Allow policy version to be one number
2010-06-16 12:11:21 +00:00
7c6d84d139
- Latest update from NSA
...
Add support for building Xen policies from Paul Nuzzi.
Add long options to checkpolicy and checkmodule by Guido Trentalancia
<guido@trentalancia.com>
2009-12-01 22:50:19 +00:00
377ab91c67
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
2009-07-24 18:52:16 +00:00
6cd52708e4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
2009-02-24 07:15:25 +00:00
69181ce9f3
- Latest update from NSA
...
Fix alias field in module format, caused by boundary format change from
Caleb Case.
2009-02-18 21:54:40 +00:00
31c67841df
- Rebuild with new libsepol
2008-07-08 12:08:04 +00:00
f0fa1b8c8a
- Rebuild with new libsepol
2008-07-08 12:05:35 +00:00
4325162102
fix license tag
2008-05-28 21:41:21 +00:00
d9e3ea1a9d
- Latest update from NSA
...
Update checkpolicy for user and role mapping support from Joshua Brindle.
2008-05-28 15:15:49 +00:00
a17aa67c97
- Allow modules with 4 sections or more
2008-05-06 18:22:18 +00:00
1ca4c44086
- Latest update from NSA
...
Add permissive domain support from Eric Paris.
2008-03-27 17:39:08 +00:00
3181c033e3
- Latest update from NSA
...
Split out non-grammar parts of policy_parse.yacc into policy_define.c and
policy_define.h from Todd C. Miller.
Initialize struct policy_file before using it, from Todd C. Miller.
Remove unused define, move variable out of .y file, simplify COND_ERR, from
Todd C. Miller.
2008-03-14 00:24:03 +00:00
164c17c9c1
- Latest update from NSA
...
Split out non-grammar parts of policy_parse.yacc into policy_define.c and
policy_define.h from Todd C. Miller.
Initialize struct policy_file before using it, from Todd C. Miller.
Remove unused define, move variable out of .y file, simplify COND_ERR, from
Todd C. Miller.
2008-03-13 23:47:55 +00:00
e22ff16832
- Latest update from NSA
...
Use yyerror2() where appropriate from Todd C. Miller.
- Build against latest libsepol
2008-02-28 21:57:00 +00:00
35299999e4
- Start shipping sedismod and sedispol
2008-02-22 19:33:37 +00:00
88d15070c2
- Latest update from NSA
...
Update dispol for libsepol avtab changes from Stephen Smalley.
2008-02-04 19:06:00 +00:00
d793dcb07e
- Latest update from NSA
...
Update dispol for libsepol avtab changes from Stephen Smalley.
2008-02-04 17:24:34 +00:00
1257a8cea9
- Latest update from NSA
...
Deprecate role dominance in parser.
2008-01-25 16:19:00 +00:00
2cb30aa859
- Update to use libsepol-static library
2008-01-23 20:19:17 +00:00
4dd1371296
- Update to use libsepol-static library
2008-01-21 21:42:58 +00:00
5c3895bc13
- Latest update from NSA
...
Initialize the source file name from the command line argument so that
checkpolicy/checkmodule report something more useful than "unknown
source".
Merged remove use of REJECT and trailing context in lex rules; make ipv4
address parsing like ipv6 from James Carter.
2007-11-15 18:41:43 +00:00
5d693896f6
Merged handle unknown policydb flag support from Eric Paris. Adds new
...
command line options -U {allow, reject, deny} for selecting the flag
when a base module or kernel policy is built.
2007-09-19 00:20:03 +00:00
3667d6eef5
- Rebuild for selinux ppc32 issue.
2007-08-29 04:03:17 +00:00
7b1ac7a22c
- Rebuild with the latest libsepol
2007-06-18 18:20:26 +00:00
Fedora Release Engineering
Petr Lautrbach
Dennis Gilmore
Peter Robinson
Tom Callaway
Dan Walsh
Daniel J Walsh
Jesse Keating