Daniel J Walsh
263ee4f1ec
- Fix matchpathcon -V call
2008-09-26 14:22:14 +00:00
Daniel J Walsh
63093bd540
- Fix matchpathcon -V call
2008-09-26 13:59:44 +00:00
Daniel J Walsh
3578778806
- Add flask definitions for open, X and nlmsg_tty_audit
2008-09-22 17:52:30 +00:00
Daniel J Walsh
15c5a627bc
- Add missing get/setkeycreatecon man pages
2008-09-09 20:24:22 +00:00
Daniel J Walsh
ac4e772e3d
- Add missing man page links for [lf]getfilecon
2008-09-09 18:45:26 +00:00
Daniel J Walsh
7a7d4171f1
Fix patch
2008-08-05 14:30:33 +00:00
Daniel J Walsh
7918b2858e
- Update to Upstream
...
Add group support to seusers using %groupname syntax from Dan Walsh.
Mark setrans socket close-on-exec from Stephen Smalley.
Only apply nodups checking to base file contexts from Stephen Smalley.
2008-08-05 14:05:15 +00:00
Daniel J Walsh
86ce8d44b1
- Update to Upstream
...
Merge ruby bindings from Dan Walsh.
- Add support for Linux groups to getseuserbyname
2008-08-01 10:56:37 +00:00
Daniel J Walsh
0397b472b7
- Update to Upstream
...
Handle duplicate file context regexes as a fatal error from Stephen
Smalley. This prevents adding them via semanage.
Fix audit2why shadowed variables from Stephen Smalley.
Note that freecon NULL is legal in man page from Karel Zak.
2008-07-29 18:37:01 +00:00
Daniel J Walsh
d0a06b2c34
- Update to Upstream
...
Handle duplicate file context regexes as a fatal error from Stephen
Smalley. This prevents adding them via semanage.
Fix audit2why shadowed variables from Stephen Smalley.
Note that freecon NULL is legal in man page from Karel Zak.
2008-07-29 13:22:45 +00:00
Daniel J Walsh
ee778682f8
- Add ruby support for puppet
2008-07-09 20:57:21 +00:00
Daniel J Walsh
ea56feab06
- Add Karel Zak patch for freecon man page
2008-06-29 12:31:00 +00:00
Daniel J Walsh
6359e2ad79
- Update to Upstream
...
New and revised AVC, label, and mapping man pages from Eamon Walsh.
Add swig python bindings for avc interfaces from Dan Walsh.
2008-06-22 13:48:37 +00:00
Daniel J Walsh
792921f4eb
- Add sedefaultcon and setconlist commands to dump login context
2008-05-07 17:34:12 +00:00
Daniel J Walsh
1209c857ab
- Update to Upstream
...
Fixed selinux_set_callback man page.
Try loading the max of the kernel-supported version and the
libsepol-supported version when no manipulation of the binary policy is
needed from Stephen Smalley.
Fix memory leaks in matchpathcon from Eamon Walsh.
2008-04-22 20:59:01 +00:00
Daniel J Walsh
d87adcfe95
- Add avc.h to swig code
2008-04-14 18:54:09 +00:00
Daniel J Walsh
eb8e2a0d36
- Fix matchpathcon memory leak
2008-03-13 23:45:19 +00:00
Daniel J Walsh
0984abe5d8
- Update to Upstream
...
Merged reset_selinux_config() for load policy from Dan Walsh.
2008-02-28 21:06:47 +00:00
Daniel J Walsh
baab9d46ea
- Reload library on loading of policy to handle chroot
2008-02-28 16:58:02 +00:00
Daniel J Walsh
3cb08a5330
- Update to Upstream
...
Regenerated Flask headers from refpolicy flask definitions.
2008-02-22 17:41:12 +00:00
Daniel J Walsh
8f9ecf5890
- Update to Upstream
...
Merged fix for audit2why from Dan Walsh.
2008-01-29 13:29:32 +00:00
Daniel J Walsh
213643620c
- Fix audit2why to grab latest policy versus the one selected by the kernel
2008-01-25 16:11:42 +00:00
Daniel J Walsh
e4623197a5
Merged audit2why python binding from Dan Walsh.
2008-01-23 21:52:01 +00:00
Daniel J Walsh
c633d69a56
Merged updated swig bindings from Dan Walsh, including typemap for pid_t.
2008-01-23 19:40:26 +00:00
Daniel J Walsh
45460445ad
- Put back libselinux.a
2008-01-15 13:49:29 +00:00
Daniel J Walsh
2f233dfd7a
- Fix memory references in audit2why and change to use tuples
...
- Update to Upstream
granted null message bug from Stephen Smalley.
2008-01-11 15:55:35 +00:00
Daniel J Walsh
88cc8f8805
- Fix __init__.py specification
2008-01-11 13:48:43 +00:00
Daniel J Walsh
831e63b413
- Add audit2why python bindings
2008-01-10 19:01:20 +00:00
Daniel J Walsh
625a8fb5a8
- Add pid_t typemap for swig bindings
2008-01-08 11:07:27 +00:00
Daniel J Walsh
805402396f
- Add pid_t typemap for swig bindings
2008-01-08 10:25:03 +00:00
Daniel J Walsh
e1e36a0421
- Fix spec file caused by spec review
2008-01-03 20:29:21 +00:00
Daniel J Walsh
41bd3b2ae1
- Upgrade to upstream
...
matchpathcon(8) man page update from Dan Walsh.
2007-12-11 02:52:13 +00:00
Daniel J Walsh
b0195e100d
- Upgrade to upstream
...
matchpathcon(8) man page update from Dan Walsh.
2007-12-11 02:50:12 +00:00
Daniel J Walsh
c4aa29e945
- Upgrade to upstream
...
dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley.
Based on a suggestion from Ulrich Drepper, defer regex compilation until we
have a stem match, by Stephen Smalley.
A further optimization would be to defer regex compilation until we have a
complete match of the constant prefix of the regex - TBD.
2007-11-30 20:13:08 +00:00
Daniel J Walsh
39606ee687
- Upgrade to upstream
...
Merged selinux_get_callback, avc_open, empty string mapping from Eamon
Walsh.
2007-10-05 17:20:30 +00:00
Daniel J Walsh
dcd9773ab2
- Fix segfault on missing file_context file
2007-09-27 17:55:13 +00:00
Daniel J Walsh
7cbfb0e27a
- Upgrade to upstream
...
Make netlink socket close-on-exec to avoid descriptor leakage from Dan
Walsh.
Pass CFLAGS when using gcc for linking from Dennis Gilmore.
2007-09-27 14:54:10 +00:00
Daniel J Walsh
ae054c560b
*** empty log message ***
2007-09-24 15:56:01 +00:00
Daniel J Walsh
0102138c4a
*** empty log message ***
2007-09-24 15:42:11 +00:00
Daniel J Walsh
0fa749d083
*** empty log message ***
2007-09-18 20:44:47 +00:00
Daniel J Walsh
71cd1381ef
*** empty log message ***
2007-09-18 15:37:42 +00:00
Daniel J Walsh
6a9919e596
*** empty log message ***
2007-09-06 12:37:00 +00:00
Daniel J Walsh
6e60f16b98
*** empty log message ***
2007-08-03 20:06:53 +00:00
Daniel J Walsh
44ef5d5d9f
- Apply Steven Smalley patch to fix segfault in string_to_security_class
2007-07-23 14:23:50 +00:00
Daniel J Walsh
aebde7523f
- Fix matchpathcon to set default myprintf
2007-07-18 17:54:00 +00:00
Daniel J Walsh
8ffc2801ed
- Update to match flask/access_vectors in policy
2007-07-11 14:52:47 +00:00
Daniel J Walsh
8e8fca8665
- Fix man page markup lanquage for translations
2007-07-10 16:27:52 +00:00
Daniel J Walsh
3e1ba6da3a
- Fix semanage segfault on x86 platform
2007-06-26 09:16:06 +00:00
Daniel J Walsh
35bc5a8a68
- Upgrade to upstream
...
Merged additional swig python bindings from Dan Walsh.
Merged helpful message when selinuxfs mount fails patch from Dax Kelson.
2007-05-18 14:52:28 +00:00
Daniel J Walsh
4dca0c42c9
- Add get_context_list funcitions to swig file
2007-04-23 14:38:02 +00:00
Daniel J Walsh
a11359c0ea
- Upgrade to upstream
...
Merged rpm_execcon python binding fix, matchpathcon man page fix, and
getsebool -a handling for EACCES from Dan Walsh.
2007-04-12 20:07:39 +00:00
Daniel J Walsh
6265db0381
2007-04-12 16:50:49 +00:00
Daniel J Walsh
47b511b094
- Upgrade to upstream
...
Merged userspace AVC patch to follow kernel's behavior for permissive mode
in caching previous denials from Eamon Walsh.
Merged sidput(NULL) patch from Eamon Walsh.
2007-04-09 19:50:05 +00:00
Daniel J Walsh
ff4b4da61f
- Make rpm_exec swig work
2007-04-05 15:57:35 +00:00
Daniel J Walsh
ace2ebf6d7
- Upgrade to upstream
...
Merged class/av string conversion and avc_compute_create patch from Eamon
Walsh.
2007-04-02 19:14:28 +00:00
Daniel J Walsh
71021c8327
- Upgrade to upstream
...
Merged fix for avc.h #include's from Eamon Walsh.
2007-03-27 19:49:37 +00:00
Daniel J Walsh
98a61bfb92
- Add stdint.h to avc.h
2007-03-22 20:50:31 +00:00
Daniel J Walsh
22298b4b74
Merged patch to drop support for CACHETRANS=0 config option from Steve
...
Grubb.
Merged patch to drop support for old /etc/sysconfig/selinux and
/etc/security policy file layout from Steve Grubb.
2007-03-13 00:20:29 +00:00
Daniel J Walsh
c7862e54aa
- Do not fail on permission denied in getsebool
2007-03-08 16:15:36 +00:00
Daniel J Walsh
8efd1ef10e
- Upgrade to upstream
...
Removed sending of setrans init message.
Merged matchpathcon memory leak fix from Steve Grubb.
2007-02-23 21:49:32 +00:00
Daniel J Walsh
14de1c34ad
- Upgrade to upstream
...
Merged patch from Todd Miller to convert int types over to C99 style.
2007-02-20 14:31:07 +00:00
Daniel J Walsh
29ad08b8d0
Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of
...
the use of the non-standard format %as. (original patch changed for
style).
Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
Fri Jan 19 2007 Dan Walsh <dwalsh@redhat.com> - 1.34.0-2
- Add context function to python to split context into 4 parts
2007-02-07 19:39:11 +00:00
Daniel J Walsh
ad1a6889cc
- Add context function to python to split context into 4 parts
2007-01-24 17:20:19 +00:00
Daniel J Walsh
53158b7152
- Upgrade to upstream
...
Merged getdefaultcon utility from Dan Walsh.
2007-01-16 22:10:55 +00:00
Daniel J Walsh
a339bc228d
- Upgrade to upstream
...
Merged getdefaultcon utility from Dan Walsh.
2007-01-16 21:46:11 +00:00
Daniel J Walsh
5f8636d1e9
- Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli
2007-01-15 21:30:17 +00:00
Daniel J Walsh
a9c082be34
- Add reference to selinux man page in all man pages to make apropos work
...
Resolves: # 217881
2007-01-12 16:02:56 +00:00
Daniel J Walsh
05bd40847c
- Upstream wanted some minor changes, upgrading to keep api the same
...
- Upgrade to upstream
#200110
2007-01-11 19:20:27 +00:00
Daniel J Walsh
e3bd599d8e
- Cleanup patch
2007-01-09 15:02:46 +00:00
Daniel J Walsh
e6bab37d57
- Add securetty handling Resolves : #200110
2007-01-05 17:54:21 +00:00
Daniel J Walsh
dbfbfbe639
- Fix matchpathcon to lstat files
2006-12-06 19:13:54 +00:00
Daniel J Walsh
846f2ad19d
- Update man page
2006-11-30 18:11:20 +00:00
Daniel J Walsh
2bcf9654c5
- Add James Antill patch for login verification of MLS Levels
...
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
infrastructure.
2006-11-03 22:14:51 +00:00
Daniel J Walsh
a7aef657f6
- Add James Antill patch for login verification of MLS Levels
...
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
infrastructure.
2006-11-03 21:59:03 +00:00
Daniel J Walsh
9d61c9c320
- Add James Antill patch for login verification of MLS Levels
...
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
infrastructure.
2006-11-03 21:36:28 +00:00
Daniel J Walsh
cfd1d1337d
- Add sgrubb patch for polmatch
2006-09-25 14:19:06 +00:00
Daniel J Walsh
b7bdc631f1
- Fix translation return codes to return size of buffer
2006-08-10 15:34:47 +00:00
Daniel J Walsh
d8849af170
- Turn off error printing in library. Need to compile with DEBUG to get it
...
back
2006-06-21 19:58:52 +00:00
Daniel J Walsh
f4b45ddd03
- Turn off error printing in library. Need to compile with DEBUG to get it
...
back
2006-06-21 18:33:13 +00:00
Daniel J Walsh
2d9b36b51e
- Fix error reporting of matchpathcon
2006-06-21 13:12:11 +00:00
Daniel J Walsh
645f93a8a5
- Add function to compare file context on disk versus contexts in
...
file_contexts file.
2006-06-20 20:30:59 +00:00
Daniel J Walsh
c92317552d
Add MLSENabled check
2006-06-12 18:10:30 +00:00
Daniel J Walsh
8389437eda
- Add selinux_getpolicytype()
2006-06-09 19:43:52 +00:00
Daniel J Walsh
f3cb9dc26b
- Check for selinux_mnt == NULL
2006-06-01 17:25:22 +00:00
Daniel J Walsh
8f927c4a9f
- More fixes for translation cache
...
- Upgrade to latest from NSA
Added matchpathcon_fini() function to free memory allocated by
matchpathcon_init().
2006-05-18 16:15:35 +00:00
Daniel J Walsh
069461a7d8
- Add Russell's AVC patch to handle large numbers
2006-05-09 19:13:08 +00:00
Daniel J Walsh
98a597a060
Merged fix warnings patch from Karl MacMillan.
...
Merged setrans client support from Dan Walsh. This removes use of
libsetrans.
Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
Merged swig typemap fixes from Glauber de Oliveira Costa.
2006-05-08 14:08:21 +00:00
Daniel J Walsh
a925159382
- Add selinuxswig fixes
...
- Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)
2006-05-02 18:49:41 +00:00
Daniel J Walsh
e0ab958383
- Add selinuxswig fixes
...
- Stop using PAGE_SIZE and start using sysconfig(_SC_PAGE_SIZE)
2006-05-02 18:23:25 +00:00
Daniel J Walsh
75c50e4988
- Add selinuxswig fixes
2006-05-02 17:09:39 +00:00
Daniel J Walsh
fed1ce5b77
- Fix python bindings for matchpathcon
...
- Fix booleans man page
2006-04-11 19:03:13 +00:00
Daniel J Walsh
c8030dcf96
Merged Makefile PYLIBVER definition patch from Dan Walsh.
2006-04-11 18:25:46 +00:00
Daniel J Walsh
d27dc97404
- Make some fixes so it will build on RHEL4
...
- Upgrade to latest from NSA
Updated version for release.
Altered rpm_execcon fallback logic for permissive mode to also handle case
where /selinux/enforce is not available.
2006-03-17 17:20:57 +00:00
Daniel J Walsh
f4d57a9014
- Split out pywrap in Makefile
2006-01-14 05:05:19 +00:00
Daniel J Walsh
407234b39f
- Fix swig call for getpidcon
2005-12-20 14:44:43 +00:00
Daniel J Walsh
3371166078
- update to latest libsetrans
...
- Fix potential memory leak
2005-12-13 20:44:36 +00:00
Daniel J Walsh
0e39b77de1
- Fix some of the python swig objects
2005-12-07 15:53:55 +00:00
Daniel J Walsh
56d326bb01
- Change getsebool to return on/off instead of active/inactive
2005-11-29 19:21:03 +00:00
Daniel J Walsh
86e0b5f76e
- Separate out libselinux-python bindings into separate rpm
2005-11-29 03:02:30 +00:00
Daniel J Walsh
4bb08c52c4
- Separate out libselinux-python bindings into separate rpm
2005-11-28 22:02:25 +00:00
Daniel J Walsh
ae85aab0af
- Add python bindings
2005-11-17 17:13:50 +00:00
Daniel J Walsh
e6236defe6
- Update to latest from NSA
...
Added security_canonicalize_context() interface and
set_matchpathcon_canoncon() interface for obtaining canonical contexts.
Changed matchpathcon internals to obtain canonical contexts by default.
Provided fallback for kernels that lack extended selinuxfs context
interface.
- Patch to not translate mls when calling setfiles
2005-11-08 23:41:10 +00:00
Daniel J Walsh
70810f17e4
- Patch to not translate mls when calling setfiles
2005-11-08 19:18:13 +00:00
Daniel J Walsh
37bc4557e3
- Don't strip mls context if selinux is not enabled.
2005-11-08 19:09:28 +00:00
Daniel J Walsh
9f412a6358
- Change default to __default__
2005-10-26 20:32:58 +00:00
Daniel J Walsh
54939fac9a
- Add selinux_translations_path
2005-10-25 22:03:43 +00:00
Daniel J Walsh
78dc042098
- Update to latest from NSA
...
Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red
Hat).
Updated call to sepol_policydb_to_image for sepol changes.
Changed getseuserbyname to ignore empty lines and to handle no matching
entry in the same manner as no seusers file.
2005-10-18 18:27:41 +00:00
Daniel J Walsh
61427961fc
-
2005-10-17 18:19:07 +00:00
Daniel J Walsh
4dc4d104e7
- Fix patch to satisfy upstream
2005-09-29 21:35:43 +00:00
Daniel J Walsh
bebb529bd5
- Update to latest from NSA
...
- Add getseuserbyname
2005-09-29 02:12:47 +00:00
Daniel J Walsh
e8346fc44d
- Fix patch call
2005-09-19 17:36:11 +00:00
Daniel J Walsh
fedf8202cb
- Fix patch call
2005-09-16 19:53:29 +00:00
Daniel J Walsh
b86cfc3a43
- Fix strip_con call
2005-09-16 18:42:27 +00:00
Daniel J Walsh
96ff98944c
- Go back to original libsetrans code
2005-09-16 17:43:14 +00:00
Daniel J Walsh
c2b28e3158
- Go back to original libsetrans code
2005-09-13 21:21:50 +00:00
Daniel J Walsh
bc0a935c8c
- Eliminate forth param from mls context when mls is not enabled.
2005-09-13 16:48:16 +00:00
Daniel J Walsh
017ea0e76c
- Update from NSA
...
Merged modified form of patch to avoid dlopen/dlclose by the static
libselinux from Dan Walsh. Users of the static libselinux will not have
any context translation by default.
2005-09-12 15:52:30 +00:00
Daniel J Walsh
59d6552e7d
- Update from NSA
...
Added public functions to export context translation to users of libselinux
(selinux_trans_to_raw_context, selinux_raw_to_trans_context).
2005-09-01 15:23:17 +00:00
Daniel J Walsh
d3d9f9e7f8
- Update from NSA
...
Hid translation-related symbols entirely and ensured that raw functions
have hidden definitions for internal use.
Allowed setting NULL via context_set* functions.
Allowed whitespace in MLS component of context.
Changed rpm_execcon to use translated functions to workaround lack of MLS
level on upgraded systems.
2005-08-25 20:21:14 +00:00
Daniel J Walsh
e7e35da33b
Merged context translation patch, originally by TCS, with modifications by
...
Dan Walsh (Red Hat).
2005-08-24 13:15:02 +00:00
Daniel J Walsh
1f935e2ec7
- Update from NSA
...
Merged several fixes for error handling paths in the AVC sidtab,
matchpathcon, booleans, context, and get_context_list code from Serge
Hallyn (IBM). Bugs found by Coverity.
Removed setupns; migrated to pam.
Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original
symbol is temporarily retained for compatibility until all callers are
updated.
2005-08-12 02:46:49 +00:00
Daniel J Walsh
44200d6b78
- Update makefiles
2005-07-18 19:15:29 +00:00
Daniel J Walsh
67d0acbf49
- Update from NSA
...
Merged security_setupns() from Chad Sellers.
- fix selinuxenabled man page
2005-06-29 20:04:50 +00:00
Daniel J Walsh
8456bc124a
- Fix avcstat to clear totals
2005-05-11 15:00:11 +00:00
Daniel J Walsh
8371f522b4
- Fix avcstat to clear totals
2005-05-11 14:48:34 +00:00
Daniel J Walsh
d3be4d7a20
- Update from NSA
...
Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
Rewrote get_ordered_context_list and helpers, including changing logic to
allow variable MLS fields.
2005-04-29 19:01:28 +00:00
Daniel J Walsh
4ff3f08454
- Add backin matchpathcon
2005-04-21 14:20:57 +00:00
Daniel J Walsh
ce82f572f7
- Fix selinux_policy_root man page
2005-04-13 19:12:02 +00:00
Daniel J Walsh
b83512ff2c
- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;
2005-04-13 15:42:02 +00:00
Daniel J Walsh
07da577db2
- Better handling of booleans
2005-03-29 15:33:55 +00:00
Daniel J Walsh
d4111cf41f
- Update from NSA
...
Changed matchpathcon_common to ignore any non-format bits in the mode.
2005-03-02 04:04:04 +00:00
Daniel J Walsh
e7c97c5559
- Fix matchpathcon on eof.
2005-02-21 14:25:51 +00:00
Daniel J Walsh
31e19c1580
- Fix matchpathcon on eof.
2005-02-21 14:10:27 +00:00
Daniel J Walsh
8e994c6484
- Update from NSA
...
Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
Added selinux_users_path() for path to directory containing system.users
and local.users.
2005-02-17 19:27:56 +00:00
Daniel J Walsh
03d51ea8f7
- Process file_context.homedir
2005-02-11 01:38:47 +00:00
Daniel J Walsh
e0a30a3da4
- rpmexeccon should not fail in permissive mode.
2005-01-24 20:46:24 +00:00
Daniel J Walsh
ca41c6e4bb
- fix printf in avcstat
2005-01-21 20:57:55 +00:00
Daniel J Walsh
958b6d4982
- Modify matchpathcon to also process file_contexts.local if it exists
2005-01-18 22:27:57 +00:00
Daniel J Walsh
ae6f77c9ad
- Add is_customizable_types function call
2005-01-12 14:37:21 +00:00
Daniel J Walsh
4f73d76fa3
- Fix unitialized variable in avcstat.c
2004-12-27 11:53:31 +00:00
Daniel J Walsh
e836ab9afb
fix spec file
2004-12-20 14:25:06 +00:00
Daniel J Walsh
cc63ca70ad
- Upgrade to upstream
2004-12-01 01:31:34 +00:00
Daniel J Walsh
6864134300
- Add avcstat program
2004-11-18 21:29:18 +00:00
Daniel J Walsh
4962db3e56
- Add lots of missing man pages
2004-11-15 20:05:55 +00:00
Daniel J Walsh
437c89fe9f
- Fix output of getsebool.
2004-11-12 13:03:50 +00:00
Daniel J Walsh
38be80f2c3
- Update from upstream, fix setsebool -P segfault
2004-11-09 14:24:39 +00:00
Daniel J Walsh
828726ceed
change setenforce to accept Enforcing. permissive
2004-10-01 18:56:25 +00:00
Daniel J Walsh
72ef06e71f
add alpha patch
2004-09-22 12:06:18 +00:00
Daniel J Walsh
dfa5fafe1b
add removable_context path
2004-09-16 14:47:36 +00:00
Daniel J Walsh
791a651339
add nscd perms
2004-09-14 13:39:22 +00:00