rpms/libselinux
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
356 Commits 40 Branches 400 Tags 3.6 MiB
63093bd540
Commit Graph

166 Commits

Author SHA1 Message Date
Daniel J Walsh
6265db0381 2007-04-12 16:50:49 +00:00
Daniel J Walsh
47b511b094 - Upgrade to upstream 
Merged userspace AVC patch to follow kernel's behavior for permissive mode
    in caching previous denials from Eamon Walsh.
Merged sidput(NULL) patch from Eamon Walsh.
 2007-04-09 19:50:05 +00:00
Daniel J Walsh
ff4b4da61f - Make rpm_exec swig work 2007-04-05 15:57:35 +00:00
Daniel J Walsh
ace2ebf6d7 - Upgrade to upstream 
Merged class/av string conversion and avc_compute_create patch from Eamon
    Walsh.
 2007-04-02 19:14:28 +00:00
Daniel J Walsh
71021c8327 - Upgrade to upstream 
Merged fix for avc.h #include's from Eamon Walsh.
 2007-03-27 19:49:37 +00:00
Daniel J Walsh
98a61bfb92 - Add stdint.h to avc.h 2007-03-22 20:50:31 +00:00
Daniel J Walsh
22298b4b74 Merged patch to drop support for CACHETRANS=0 config option from Steve 
Grubb.
Merged patch to drop support for old /etc/sysconfig/selinux and
    /etc/security policy file layout from Steve Grubb.
 2007-03-13 00:20:29 +00:00
Daniel J Walsh
c7862e54aa - Do not fail on permission denied in getsebool 2007-03-08 16:15:36 +00:00
Daniel J Walsh
8efd1ef10e - Upgrade to upstream 
Removed sending of setrans init message.
Merged matchpathcon memory leak fix from Steve Grubb.
 2007-02-23 21:49:32 +00:00
Daniel J Walsh
14de1c34ad - Upgrade to upstream 
Merged patch from Todd Miller to convert int types over to C99 style.
 2007-02-20 14:31:07 +00:00
Daniel J Walsh
29ad08b8d0 Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of 
the use of the non-standard format %as. (original patch changed for
    style).
Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
Fri Jan 19 2007 Dan Walsh <dwalsh@redhat.com> - 1.34.0-2
- Add context function to python to split context into 4 parts
 2007-02-07 19:39:11 +00:00
Daniel J Walsh
ad1a6889cc - Add context function to python to split context into 4 parts 2007-01-24 17:20:19 +00:00
Daniel J Walsh
53158b7152 - Upgrade to upstream 
Merged getdefaultcon utility from Dan Walsh.
 2007-01-16 22:10:55 +00:00
Daniel J Walsh
a339bc228d - Upgrade to upstream 
Merged getdefaultcon utility from Dan Walsh.
 2007-01-16 21:46:11 +00:00
Daniel J Walsh
5f8636d1e9 - Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli 2007-01-15 21:30:17 +00:00
Daniel J Walsh
a9c082be34 - Add reference to selinux man page in all man pages to make apropos work 
Resolves: # 217881
 2007-01-12 16:02:56 +00:00
Daniel J Walsh
05bd40847c - Upstream wanted some minor changes, upgrading to keep api the same 
- Upgrade to upstream
#200110
 2007-01-11 19:20:27 +00:00
Daniel J Walsh
e3bd599d8e - Cleanup patch 2007-01-09 15:02:46 +00:00
Daniel J Walsh
e6bab37d57 - Add securetty handling Resolves: #200110 2007-01-05 17:54:21 +00:00
Daniel J Walsh
dbfbfbe639 - Fix matchpathcon to lstat files 2006-12-06 19:13:54 +00:00
Daniel J Walsh
846f2ad19d - Update man page 2006-11-30 18:11:20 +00:00
Daniel J Walsh
2bcf9654c5 - Add James Antill patch for login verification of MLS Levels 
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
    infrastructure.
 2006-11-03 22:14:51 +00:00
Daniel J Walsh
a7aef657f6 - Add James Antill patch for login verification of MLS Levels 
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
    infrastructure.
 2006-11-03 21:59:03 +00:00
Daniel J Walsh
9d61c9c320 - Add James Antill patch for login verification of MLS Levels 
- MLS ragnes need to be checked, Eg. login/cron. This patch adds
    infrastructure.
 2006-11-03 21:36:28 +00:00
Daniel J Walsh
cfd1d1337d - Add sgrubb patch for polmatch 2006-09-25 14:19:06 +00:00
Daniel J Walsh
b7bdc631f1 - Fix translation return codes to return size of buffer 2006-08-10 15:34:47 +00:00
Daniel J Walsh
d8849af170 - Turn off error printing in library. Need to compile with DEBUG to get it 
back
 2006-06-21 19:58:52 +00:00
Daniel J Walsh
f4b45ddd03 - Turn off error printing in library. Need to compile with DEBUG to get it 
back
 2006-06-21 18:33:13 +00:00
Daniel J Walsh
2d9b36b51e - Fix error reporting of matchpathcon 2006-06-21 13:12:11 +00:00
Daniel J Walsh
645f93a8a5 - Add function to compare file context on disk versus contexts in 
file_contexts file.
 2006-06-20 20:30:59 +00:00
Daniel J Walsh
c92317552d Add MLSENabled check 2006-06-12 18:10:30 +00:00
Daniel J Walsh
8389437eda - Add selinux_getpolicytype() 2006-06-09 19:43:52 +00:00
Daniel J Walsh
f3cb9dc26b - Check for selinux_mnt == NULL 2006-06-01 17:25:22 +00:00
Daniel J Walsh
8f927c4a9f - More fixes for translation cache 
- Upgrade to latest from NSA
Added matchpathcon_fini() function to free memory allocated by
    matchpathcon_init().
 2006-05-18 16:15:35 +00:00
Daniel J Walsh
069461a7d8 - Add Russell's AVC patch to handle large numbers 2006-05-09 19:13:08 +00:00
Daniel J Walsh
98a597a060 Merged fix warnings patch from Karl MacMillan. 
Merged setrans client support from Dan Walsh. This removes use of
    libsetrans.
Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
Merged swig typemap fixes from Glauber de Oliveira Costa.
 2006-05-08 14:08:21 +00:00
Daniel J Walsh
a925159382 - Add selinuxswig fixes 
- Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)
 2006-05-02 18:49:41 +00:00
Daniel J Walsh
e0ab958383 - Add selinuxswig fixes 
- Stop using PAGE_SIZE and start using sysconfig(_SC_PAGE_SIZE)
 2006-05-02 18:23:25 +00:00
Daniel J Walsh
75c50e4988 - Add selinuxswig fixes 2006-05-02 17:09:39 +00:00
Daniel J Walsh
fed1ce5b77 - Fix python bindings for matchpathcon 
- Fix booleans man page
 2006-04-11 19:03:13 +00:00
Daniel J Walsh
c8030dcf96 Merged Makefile PYLIBVER definition patch from Dan Walsh. 2006-04-11 18:25:46 +00:00
Daniel J Walsh
d27dc97404 - Make some fixes so it will build on RHEL4 
- Upgrade to latest from NSA
Updated version for release.
Altered rpm_execcon fallback logic for permissive mode to also handle case
    where /selinux/enforce is not available.
 2006-03-17 17:20:57 +00:00
Daniel J Walsh
f4d57a9014 - Split out pywrap in Makefile 2006-01-14 05:05:19 +00:00
Daniel J Walsh
407234b39f - Fix swig call for getpidcon 2005-12-20 14:44:43 +00:00
Daniel J Walsh
3371166078 - update to latest libsetrans 
- Fix potential memory leak
 2005-12-13 20:44:36 +00:00
Daniel J Walsh
0e39b77de1 - Fix some of the python swig objects 2005-12-07 15:53:55 +00:00
Daniel J Walsh
56d326bb01 - Change getsebool to return on/off instead of active/inactive 2005-11-29 19:21:03 +00:00
Daniel J Walsh
86e0b5f76e - Separate out libselinux-python bindings into separate rpm 2005-11-29 03:02:30 +00:00
Daniel J Walsh
4bb08c52c4 - Separate out libselinux-python bindings into separate rpm 2005-11-28 22:02:25 +00:00
Daniel J Walsh
ae85aab0af - Add python bindings 2005-11-17 17:13:50 +00:00
Daniel J Walsh
e6236defe6 - Update to latest from NSA 
Added security_canonicalize_context() interface and
    set_matchpathcon_canoncon() interface for obtaining canonical contexts.
    Changed matchpathcon internals to obtain canonical contexts by default.
    Provided fallback for kernels that lack extended selinuxfs context
    interface.
- Patch to not translate mls when calling setfiles
 2005-11-08 23:41:10 +00:00
Daniel J Walsh
70810f17e4 - Patch to not translate mls when calling setfiles 2005-11-08 19:18:13 +00:00
Daniel J Walsh
37bc4557e3 - Don't strip mls context if selinux is not enabled. 2005-11-08 19:09:28 +00:00
Daniel J Walsh
9f412a6358 - Change default to __default__ 2005-10-26 20:32:58 +00:00
Daniel J Walsh
54939fac9a - Add selinux_translations_path 2005-10-25 22:03:43 +00:00
Daniel J Walsh
78dc042098 - Update to latest from NSA 
Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red
    Hat).
Updated call to sepol_policydb_to_image for sepol changes.
Changed getseuserbyname to ignore empty lines and to handle no matching
    entry in the same manner as no seusers file.
 2005-10-18 18:27:41 +00:00
Daniel J Walsh
61427961fc - 2005-10-17 18:19:07 +00:00
Daniel J Walsh
4dc4d104e7 - Fix patch to satisfy upstream 2005-09-29 21:35:43 +00:00
Daniel J Walsh
bebb529bd5 - Update to latest from NSA 
- Add getseuserbyname
 2005-09-29 02:12:47 +00:00
Daniel J Walsh
e8346fc44d - Fix patch call 2005-09-19 17:36:11 +00:00
Daniel J Walsh
fedf8202cb - Fix patch call 2005-09-16 19:53:29 +00:00
Daniel J Walsh
b86cfc3a43 - Fix strip_con call 2005-09-16 18:42:27 +00:00
Daniel J Walsh
96ff98944c - Go back to original libsetrans code 2005-09-16 17:43:14 +00:00
Daniel J Walsh
c2b28e3158 - Go back to original libsetrans code 2005-09-13 21:21:50 +00:00
Daniel J Walsh
bc0a935c8c - Eliminate forth param from mls context when mls is not enabled. 2005-09-13 16:48:16 +00:00
Daniel J Walsh
017ea0e76c - Update from NSA 
Merged modified form of patch to avoid dlopen/dlclose by the static
    libselinux from Dan Walsh. Users of the static libselinux will not have
    any context translation by default.
 2005-09-12 15:52:30 +00:00
Daniel J Walsh
59d6552e7d - Update from NSA 
Added public functions to export context translation to users of libselinux
    (selinux_trans_to_raw_context, selinux_raw_to_trans_context).
 2005-09-01 15:23:17 +00:00
Daniel J Walsh
d3d9f9e7f8 - Update from NSA 
Hid translation-related symbols entirely and ensured that raw functions
    have hidden definitions for internal use.
Allowed setting NULL via context_set* functions.
Allowed whitespace in MLS component of context.
Changed rpm_execcon to use translated functions to workaround lack of MLS
    level on upgraded systems.
 2005-08-25 20:21:14 +00:00
Daniel J Walsh
e7e35da33b Merged context translation patch, originally by TCS, with modifications by 
Dan Walsh (Red Hat).
 2005-08-24 13:15:02 +00:00
Daniel J Walsh
1f935e2ec7 - Update from NSA 
Merged several fixes for error handling paths in the AVC sidtab,
    matchpathcon, booleans, context, and get_context_list code from Serge
    Hallyn (IBM). Bugs found by Coverity.
Removed setupns; migrated to pam.
Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original
    symbol is temporarily retained for compatibility until all callers are
    updated.
 2005-08-12 02:46:49 +00:00
Daniel J Walsh
44200d6b78 - Update makefiles 2005-07-18 19:15:29 +00:00
Daniel J Walsh
67d0acbf49 - Update from NSA 
Merged security_setupns() from Chad Sellers.
- fix selinuxenabled man page
 2005-06-29 20:04:50 +00:00
Daniel J Walsh
8456bc124a - Fix avcstat to clear totals 2005-05-11 15:00:11 +00:00
Daniel J Walsh
8371f522b4 - Fix avcstat to clear totals 2005-05-11 14:48:34 +00:00
Daniel J Walsh
d3be4d7a20 - Update from NSA 
Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
Rewrote get_ordered_context_list and helpers, including changing logic to
    allow variable MLS fields.
 2005-04-29 19:01:28 +00:00
Daniel J Walsh
4ff3f08454 - Add backin matchpathcon 2005-04-21 14:20:57 +00:00
Daniel J Walsh
ce82f572f7 - Fix selinux_policy_root man page 2005-04-13 19:12:02 +00:00
Daniel J Walsh
b83512ff2c - Change assert(selinux_mnt) to if (!selinux_mnt) return -1; 2005-04-13 15:42:02 +00:00
Daniel J Walsh
07da577db2 - Better handling of booleans 2005-03-29 15:33:55 +00:00
Daniel J Walsh
d4111cf41f - Update from NSA 
Changed matchpathcon_common to ignore any non-format bits in the mode.
 2005-03-02 04:04:04 +00:00
Daniel J Walsh
e7c97c5559 - Fix matchpathcon on eof. 2005-02-21 14:25:51 +00:00
Daniel J Walsh
31e19c1580 - Fix matchpathcon on eof. 2005-02-21 14:10:27 +00:00
Daniel J Walsh
8e994c6484 - Update from NSA 
Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
Added selinux_users_path() for path to directory containing system.users
    and local.users.
 2005-02-17 19:27:56 +00:00
Daniel J Walsh
03d51ea8f7 - Process file_context.homedir 2005-02-11 01:38:47 +00:00
Daniel J Walsh
e0a30a3da4 - rpmexeccon should not fail in permissive mode. 2005-01-24 20:46:24 +00:00
Daniel J Walsh
ca41c6e4bb - fix printf in avcstat 2005-01-21 20:57:55 +00:00
Daniel J Walsh
958b6d4982 - Modify matchpathcon to also process file_contexts.local if it exists 2005-01-18 22:27:57 +00:00
Daniel J Walsh
ae6f77c9ad - Add is_customizable_types function call 2005-01-12 14:37:21 +00:00
Daniel J Walsh
4f73d76fa3 - Fix unitialized variable in avcstat.c 2004-12-27 11:53:31 +00:00
Daniel J Walsh
e836ab9afb fix spec file 2004-12-20 14:25:06 +00:00
Daniel J Walsh
cc63ca70ad - Upgrade to upstream 2004-12-01 01:31:34 +00:00
Daniel J Walsh
6864134300 - Add avcstat program 2004-11-18 21:29:18 +00:00
Daniel J Walsh
4962db3e56 - Add lots of missing man pages 2004-11-15 20:05:55 +00:00
Daniel J Walsh
437c89fe9f - Fix output of getsebool. 2004-11-12 13:03:50 +00:00
Daniel J Walsh
38be80f2c3 - Update from upstream, fix setsebool -P segfault 2004-11-09 14:24:39 +00:00
Daniel J Walsh
828726ceed change setenforce to accept Enforcing. permissive 2004-10-01 18:56:25 +00:00
Daniel J Walsh
72ef06e71f add alpha patch 2004-09-22 12:06:18 +00:00
Daniel J Walsh
dfa5fafe1b add removable_context path 2004-09-16 14:47:36 +00:00
Daniel J Walsh
791a651339 add nscd perms 2004-09-14 13:39:22 +00:00
Daniel J Walsh
9a368c5f7b add matchmediacon 2004-09-10 17:27:19 +00:00