Daniel J Walsh
714ee21973
- Update to upstream
...
Replace usage of fmemopen() with sepol_policy_file_set_mem() since glibc <
2.9 does not support binary mode ('b') for fmemopen'd streams.
2010-02-17 20:21:34 +00:00
Daniel J Walsh
ec76bdf88d
- Update to upstream
...
Move libsemanage.so to /usr/lib
Add NAME lines to man pages from Manoj Srivastava<srivasta@debian.org>
2009-12-01 22:47:17 +00:00
Daniel J Walsh
71c0c5e065
- Update to upstream
...
Move load_policy from /usr/sbin to /sbin from Dan Walsh.
2009-11-18 22:19:06 +00:00
Daniel J Walsh
372c07f302
- Update to upstream
...
Add pkgconfig file from Eamon Walsh.
Add semanage_set_check_contexts() function to disable calling setfiles
2009-11-02 18:11:54 +00:00
Daniel J Walsh
f8b7dc8e1c
- Update to upstream
...
make swigify
2009-09-28 20:36:12 +00:00
Daniel J Walsh
b05566938b
- Update to upstream
...
Change semodule upgrade behavior to install even if the module is not
present from Dan Walsh.
Make genhomedircon trim excess '/' from homedirs from Dan Walsh.
2009-09-17 13:02:59 +00:00
Daniel J Walsh
5aeb590264
- Update to upstream
...
Fix persistent dontaudit support to rebuild policy if the dontaudit state
is changed from Chad Sellers.
- Move load_policy to /sbin
2009-09-09 17:57:13 +00:00
Daniel J Walsh
f6a1eaa2e3
- Add enable/disable modules
2009-08-28 18:03:05 +00:00
Daniel J Walsh
168ea7cab1
Revert hard linking of files between tmp/active/previous.
...
Enable configuration of bzip behavior from Stephen Smalley.
bzip-blocksize=0 to disable compression and decompression support.
bzip-blocksize=1..9 to set the blocksize for compression.
bzip-small=true to reduce memory usage for decompression.
2009-08-05 19:21:58 +00:00
Daniel J Walsh
1639efd7cd
- Put check for /root back into genhomedircon
2009-07-10 18:46:52 +00:00
Daniel J Walsh
f4a5c19066
- Update to upstream
2009-07-07 21:09:15 +00:00
Daniel J Walsh
3652b31671
- Update to upstream
...
Ruby bindings from David Quigley.
2009-06-08 19:05:19 +00:00
Daniel J Walsh
cee66038e2
- Update to upstream
...
Policy module compression (bzip) support from Dan Walsh.
Hard link files between tmp/active/previous from Dan Walsh.
2009-01-13 13:14:25 +00:00
Daniel J Walsh
1990483943
Add semanage_mls_enabled() interface from Stephen Smalley.
2008-12-04 19:39:35 +00:00
Daniel J Walsh
ab25b0bd42
- Update to upstream
...
Add USER to lines to homedir_template context file from Chris PeBenito.
2008-11-11 21:16:07 +00:00
Daniel J Walsh
be978502a0
- Update to upstream
...
allow fcontext and seuser changes without rebuilding the policy from Dan
Walsh
2008-09-15 16:24:31 +00:00
Daniel J Walsh
8bffda7314
- Update to upstream
...
Modify genhomedircon to skip %groupname entries. Ultimately we need to
expand them to the list of users to support per-role homedir labeling
when using the %groupname syntax.
2008-08-05 14:29:44 +00:00
Daniel J Walsh
feb8552515
- Update to upstream
...
Fix bug in genhomedircon fcontext matches logic from Dan Walsh. Strip any
trailing slash before appending /*$.
2008-07-29 13:25:12 +00:00
Daniel J Walsh
272f92ab1c
- Update to upstream
...
Do not call genhomedircon if the policy was not rebuilt from Stephen
Smalley. Fixes semanage boolean -D seg fault (bug 441379).
2008-05-06 21:38:01 +00:00
Daniel J Walsh
084654f4e3
- Update to upstream
...
make swigify
2008-02-26 13:16:43 +00:00
Daniel J Walsh
ac914e44de
- Update to upstream
...
Use vfork rather than fork for libsemanage helpers to reduce memory
overhead as suggested by Todd Miller.
2008-02-05 20:26:58 +00:00
Daniel J Walsh
811753b1b0
- Update to upstream
...
Free policydb before fork from Joshua Brindle.
Drop the base module immediately after expanding to permit memory re-use
from Stephen Smalley.
2008-02-04 17:25:53 +00:00
Daniel J Walsh
448d3446cf
- Update to upstream
...
Use sepol_set_expand_consume_base to reduce peak memory usage when using
semodule
2008-02-02 21:47:57 +00:00
Daniel J Walsh
283295614d
- Update to upstream
...
Fix genhomedircon to not override a file context with a homedir context
from Todd Miller.
2008-02-01 10:49:29 +00:00
Daniel J Walsh
e2b1d219e7
- Update to upstream
...
Fix spurious out of memory error reports.
Merged second version of fix for genhomedircon handling from Caleb Case.
2008-01-29 13:36:49 +00:00
Daniel J Walsh
36d79c42d3
- Update to upstream
...
Merged fix for genhomedircon handling of missing HOME_DIR or HOME_ROOT
templates from Caleb Case.
2008-01-25 16:20:02 +00:00
Daniel J Walsh
1427637c48
- Update to upstream
...
Fix genhomedircon handling of shells and missing user context template from
Dan Walsh.
Copy the store path in semanage_select_store from Dan Walsh.
2007-12-07 01:18:18 +00:00
Daniel J Walsh
90bffa9795
- Upgrade to latest from NSA
...
Call rmdir() rather than remove() on directory removal so that errno isn't
polluted from Stephen Smalley.
Allow handle_unknown in base to be overridden by semanage.conf from Stephen
Smalley.
2007-11-06 18:33:05 +00:00
Daniel J Walsh
2511741eac
- Upgrade to latest from NSA
...
ustr cleanups from James Antill.
Ensure that /root gets labeled even if using the default context from Dan
Walsh.
2007-10-05 17:20:57 +00:00
Daniel J Walsh
3ba23c823c
- Upgrade to latest from NSA
...
Fix ordering of file_contexts.homedirs from Todd Miller and Dan Walsh.
2007-10-01 16:29:27 +00:00
Daniel J Walsh
add9ada6d8
- Upgrade to latest from NSA
...
Fix error checking on getpw*_r functions from Todd Miller.
Make genhomedircon skip invalid homedir contexts from Todd Miller.
Set default user and prefix from seusers from Dan Walsh.
Add swigify Makefile target from Dan Walsh.
2007-09-28 13:53:30 +00:00
Daniel J Walsh
8bb5a230f2
- Upgrade to latest from NSA
...
Pass CFLAGS to CC even on link command, per Dennis Gilmore.
Clear errno on non-fatal errors to avoid reporting them upon a later error
that does not set errno.
Improve reporting of system errors, e.g. full filesystem or read-only
filesystem from Stephen Smalley.
2007-09-27 00:20:09 +00:00
Daniel J Walsh
422f3b68fd
- Upgrade to latest from NSA
...
Change to use getpw* function calls to the _r versions from Todd Miller.
2007-09-13 12:29:42 +00:00
Daniel J Walsh
8f8294e39e
- Upgrade to latest from NSA
2007-09-05 19:01:41 +00:00
Daniel J Walsh
cf2b1c22f9
- Upgrade to latest from NSA
...
Allow dontaudits to be turned off via semanage interface when updating
policy
2007-08-20 23:30:14 +00:00
Daniel J Walsh
3e627b0d72
- Upgrade to latest from NSA
...
Fix to libsemanage man patches so whatis will work better from Dan Walsh
2007-04-26 00:05:03 +00:00
Daniel J Walsh
b8748b2834
- Upgrade to latest from NSA
...
Merged optimizations from Stephen Smalley.
- do not set all booleans upon commit, only those whose values have changed
- only install the sandbox upon commit if something was rebuilt
2007-04-25 15:11:21 +00:00
Daniel J Walsh
c52428e9f1
Merged dbase_file_flush patch from Dan Walsh. This removes any mention of
...
specific tools (e.g. semanage) from the comment header of the
auto-generated files, since there are multiple front-end tools.
2007-03-13 00:21:38 +00:00
Daniel J Walsh
7fe322b328
- Upgrade to latest from NSA
...
Merged Makefile test target patch from Caleb Case.
Merged get_commit_number function rename patch from Caleb Case.
Merged strnlen -> strlen patch from Todd Miller.
2007-02-20 14:32:39 +00:00
Daniel J Walsh
4b215a5b9f
- Upgrade to latest from NSA
...
Merged python binding fix from Dan Walsh.
Updated version for stable branch.
2007-02-07 21:31:41 +00:00
Daniel J Walsh
4f442a2b56
- Upgrade to latest from NSA
...
Merged patch to optionally reduce disk usage by removing the backup module
store and linked policy from Karl MacMillan
Merged patch to correctly propagate return values in libsemanage
2007-01-25 22:48:00 +00:00
Daniel J Walsh
b91d944b4b
- Upgrade to latest from NSA
...
Merged patch to optionally reduce disk usage by removing the backup module
store and linked policy from Karl MacMillan
Merged patch to correctly propagate return values in libsemanage
2007-01-09 15:22:05 +00:00
Daniel J Walsh
6429e69e0b
- Upgrade to latest from NSA
...
Merged patch to compile wit -fPIC instead of -fpic from Manoj Srivastava to
prevent hitting the global offest table limit. Patch changed to include
libselinux and libsemanage in addition to libsepol.
2006-11-28 19:02:17 +00:00
Daniel J Walsh
003cc65998
- Upgrade to latest from NSA
...
Updated version for release.
2006-10-25 02:52:37 +00:00
Daniel J Walsh
37c60b3ffc
*** empty log message ***
2006-09-29 15:54:07 +00:00
Daniel J Walsh
b1567cf808
*** empty log message ***
2006-08-23 17:59:58 +00:00
Daniel J Walsh
f1afa1b22a
*** empty log message ***
2006-08-12 11:56:13 +00:00
Daniel J Walsh
c102f8109e
- Upgrade to latest from NSA
...
Merged netfilter contexts support from Chris PeBenito.
2006-08-04 22:56:25 +00:00
Daniel J Walsh
b4bff1fcc6
- Upgrade to latest from NSA
...
Merged support for read operations on read-only fs from Caleb Case (Tresys
Technology).
2006-07-12 02:53:48 +00:00
Daniel J Walsh
43f2cfdf4d
- Upgrade to latest from NSA
...
Lindent.
Merged setfiles location check patch from Dan Walsh.
2006-07-07 11:08:01 +00:00