rpms/libsemanage
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
282 Commits 40 Branches 195 Tags 1.6 MiB
7c6e3d711b
Commit Graph

271 Commits

Author SHA1 Message Date
Dan Walsh
32db106626 Add support for ignoredirs param in /etc/selinux/semanage.conf 2011-12-15 10:32:47 -05:00
Dan Walsh
a29afa3a34 Upgrade to upstream 
* regenerate .pc on VERSION change
	* maintain mode even if umask is tighter
	* semanage.conf man page
	* create man5dir if not exist
 2011-11-04 09:37:32 -04:00
Dan Walsh
86ba998b25 Fix handling of umask, so files get created with the correct label. 2011-10-20 15:03:03 -04:00
Dan Walsh
cfabb609a8 Add Guido Trentalancia semanage.conf man page 2011-09-19 07:59:28 -04:00
Dan Walsh
0b324a21d7 Add Guido Trentalancia semanage.conf man page 2011-09-19 07:29:40 -04:00
Dan Walsh
71a9b31459 Update to upstream 
* Create a new preserve_tunables flag
	* tree: default make target to all not
	* fix semanage_store_access_check calling arguments
 2011-09-19 06:57:07 -04:00
Dan Walsh
f79f8038c0 Add support for preserving tunables 2011-09-14 22:47:54 -04:00
Dan Walsh
b7399a1357 Add support for preserving tunables 2011-09-14 22:29:13 -04:00
Dan Walsh
43cf1c48fa Update to upstream 
* python wrapper makefile changes
 2011-08-30 16:34:31 -04:00
Dan Walsh
f6b3fbbaf6 Update to upstream 
2.1.2 2011-08-17
	* print error debug info for buggy fc
	* introduce semanage_set_root and friends
	* throw exceptions in python rather than return
	* python3 support.
	* patch for MCS/MLS in user files
 2011-08-22 10:55:59 -04:00
Dan Walsh
5e780f2aa2 Update to upstream 
2.1.2 2011-08-17
	* print error debug info for buggy fc
	* introduce semanage_set_root and friends
	* throw exceptions in python rather than return
	* python3 support.
	* patch for MCS/MLS in user files
 2011-08-22 09:46:21 -04:00
Dan Walsh
617897ade9 Update to upstream 
2.1.2 2011-08-17
	* print error debug info for buggy fc
	* introduce semanage_set_root and friends
	* throw exceptions in python rather than return
	* python3 support.
	* patch for MCS/MLS in user files
 2011-08-18 07:16:10 -04:00
Dan Walsh
38aed09666 Update to upstream 
* Release, minor version bump
 2011-07-28 11:53:53 -04:00
Dan Walsh
c00e96cc0c More fixes for disabled modules 2011-06-08 14:46:29 -04:00
Dan Walsh
410db78cc0 Change libsemanage mechanism for handling disabled modules. Now it will only create a flag for a module 
indicating the module is disabled.  MODULE.pp.disabled, it will no longer rename the module.  This way we can
ship active modules in rpm.
 2011-06-07 13:14:57 -04:00
Dan Walsh
0984542175 Add semanage_set_selinux_path, to allow semodule to work on alternate selinux pools 2011-06-02 12:14:52 -04:00
Dennis Gilmore
c01771c86b - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 05:20:19 -06:00
David Malcolm
fb1cbdda8d Reworking of python support to cope with PEP 3149 changes in latest python 3.2 
* Thu Dec 30 2010 David Malcolm <dmalcolm@redhat.com> - 2.0.46-2
- big reworking of the support-multiple-python-builds patch to deal with
PEP 3149: the latest Python 3.2 onwards uses include paths and library names
that don't fit prior naming patterns, and so we must query python3-config for
this information.  To complicate things further, python 2's python-config
doesn't understand all of the options needed ("--extension-suffix").  I've
thus added new Makefile variables as needed, to be supplied by the specfile by
invoking the appropriate config tool (or by hardcoding the old value for
"--extension-suffix" i.e. ".so")
- rework python3 manifest for PEP 3149, and rebuild for newer python3
 2010-12-30 10:50:53 -05:00
Dan Walsh
6120de7432 - Update to upstream 
* Fix compliation under GCC 4.6 by Justin Mattock
 2010-12-21 16:35:11 -05:00
Thomas Spura
2a013f888e fix typo in %files 2010-08-25 18:10:25 +02:00
Thomas Spura
1003ac17a4 rebuild with python3.2 
http://lists.fedoraproject.org/pipermail/devel/2010-August/141368.html
 2010-08-25 18:00:50 +02:00
dmalcolm
ced26f3e2f - Rebuilt for 
https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
 2010-07-22 02:20:06 +00:00
Daniel J Walsh
fc28aa840f - add python3 subpackage 2010-05-06 15:50:55 +00:00
Daniel J Walsh
1088cc0705 - Fix -devel package to point at the correct shared library 2010-04-07 16:27:30 +00:00
Daniel J Walsh
8e01c2c706 - Move shared library to /usr/lib 2010-03-26 18:24:02 +00:00
Daniel J Walsh
0b6b0c93f2 - Update to upstream 
Add enable/disable patch support from Dan Walsh.
Add usepasswd flag to semanage.conf to disable genhomedircon using passwd
    from Dan Walsh.
regenerate swig wrappers
 2010-03-08 18:19:41 +00:00
Daniel J Walsh
4e0d31fc07 - Cleanup spec file 2010-01-28 20:39:21 +00:00
Daniel J Walsh
88ec2a622c - Splect libsemanage.a into a static subpackage to keep fedora packaging 
guidelines happy
 2010-01-18 21:54:15 +00:00
Daniel J Walsh
854b5d7cb1 - Splect libsemanage.a into a static subpackage to keep fedora packaging 
guidelines happy
 2010-01-18 21:45:33 +00:00
Daniel J Walsh
bae6b411c7 - Rebuild all c programs with -fPIC 2009-12-16 21:11:12 +00:00
Daniel J Walsh
ec76bdf88d - Update to upstream 
Move libsemanage.so to /usr/lib
Add NAME lines to man pages from Manoj Srivastava<srivasta@debian.org>
 2009-12-01 22:47:17 +00:00
Daniel J Walsh
71c0c5e065 - Update to upstream 
Move load_policy from /usr/sbin to /sbin from Dan Walsh.
 2009-11-18 22:19:06 +00:00
Daniel J Walsh
372c07f302 - Update to upstream 
Add pkgconfig file from Eamon Walsh.
Add semanage_set_check_contexts() function to disable calling setfiles
 2009-11-02 18:11:54 +00:00
Daniel J Walsh
5111246f5b - Update to upstream 
Add pkgconfig file from Eamon Walsh.
Add semanage_set_check_contexts() function to disable calling setfiles
 2009-11-02 18:01:53 +00:00
Daniel J Walsh
f8b7dc8e1c - Update to upstream 
make swigify
 2009-09-28 20:36:12 +00:00
Daniel J Walsh
b1238c466b - Dont relabel /root with genhomedircon 2009-09-20 11:43:05 +00:00
Daniel J Walsh
b05566938b - Update to upstream 
Change semodule upgrade behavior to install even if the module is not
    present from Dan Walsh.
Make genhomedircon trim excess '/' from homedirs from Dan Walsh.
 2009-09-17 13:02:59 +00:00
Daniel J Walsh
5aeb590264 - Update to upstream 
Fix persistent dontaudit support to rebuild policy if the dontaudit state
    is changed from Chad Sellers.
- Move load_policy to /sbin
 2009-09-09 17:57:13 +00:00
Daniel J Walsh
f6a1eaa2e3 - Add enable/disable modules 2009-08-28 18:03:05 +00:00
Daniel J Walsh
7313e2e746 - Make sure /root is not used in genhomedircon 2009-08-26 19:06:23 +00:00
Daniel J Walsh
168ea7cab1 Revert hard linking of files between tmp/active/previous. 
Enable configuration of bzip behavior from Stephen Smalley.
    bzip-blocksize=0 to disable compression and decompression support.
    bzip-blocksize=1..9 to set the blocksize for compression.
    bzip-small=true to reduce memory usage for decompression.
 2009-08-05 19:21:58 +00:00
Jesse Keating
6eb64237b0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild 2009-07-25 08:35:48 +00:00
Daniel J Walsh
1639efd7cd - Put check for /root back into genhomedircon 2009-07-10 18:46:52 +00:00
Daniel J Walsh
f4a5c19066 - Update to upstream 2009-07-07 21:09:15 +00:00
Daniel J Walsh
3652b31671 - Update to upstream 
Ruby bindings from David Quigley.
 2009-06-08 19:05:19 +00:00
Daniel J Walsh
713ea522a4 - Return error on invalid file 2009-04-17 15:25:00 +00:00
Daniel J Walsh
9b8c9f0229 - Fix typo 2009-03-11 19:38:20 +00:00
Jesse Keating
13cd6ad189 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild 2009-02-25 18:01:54 +00:00
Daniel J Walsh
dd8fa006e0 - Fix link to only link on sandbox 2009-01-15 20:56:45 +00:00
Daniel J Walsh
cee66038e2 - Update to upstream 
Policy module compression (bzip) support from Dan Walsh.
Hard link files between tmp/active/previous from Dan Walsh.
 2009-01-13 13:14:25 +00:00
Daniel J Walsh
25dcff4b7d - Fix up patch to get it upstreamed 2009-01-12 15:55:47 +00:00
Ignacio Vazquez-Abrams
26c90567dd Rebuild for Python 2.6 2008-12-04 21:09:08 +00:00
Daniel J Walsh
81984aa5a2 Add semanage_mls_enabled() interface from Stephen Smalley. 2008-12-04 20:19:01 +00:00
Daniel J Walsh
1990483943 Add semanage_mls_enabled() interface from Stephen Smalley. 2008-12-04 19:39:35 +00:00
Ignacio Vazquez-Abrams
ee2fde0d11 Rebuild for Python 2.6 2008-11-29 16:48:06 +00:00
Daniel J Walsh
ab25b0bd42 - Update to upstream 
Add USER to lines to homedir_template context file from Chris PeBenito.
 2008-11-11 21:16:07 +00:00
Daniel J Walsh
43a16b6241 - Add compression support 2008-11-07 14:23:16 +00:00
Daniel J Walsh
688b1ed5d1 - Add compression support 2008-11-07 14:12:03 +00:00
Daniel J Walsh
be978502a0 - Update to upstream 
allow fcontext and seuser changes without rebuilding the policy from Dan
    Walsh
 2008-09-15 16:24:31 +00:00
Daniel J Walsh
ead711e339 - Additional fixes for Don't rebuild on fcontext or seuser modifications 2008-09-10 14:37:31 +00:00
Daniel J Walsh
dd1def2551 - Don't rebuild on fcontext or seuser modifications 2008-08-15 16:59:10 +00:00
Daniel J Walsh
5142c61edd - Don't rebuild on fcontext or seuser modifications 2008-08-14 20:17:19 +00:00
Daniel J Walsh
8bffda7314 - Update to upstream 
Modify genhomedircon to skip %groupname entries. Ultimately we need to
    expand them to the list of users to support per-role homedir labeling
    when using the %groupname syntax.
 2008-08-05 14:29:44 +00:00
Daniel J Walsh
feb8552515 - Update to upstream 
Fix bug in genhomedircon fcontext matches logic from Dan Walsh. Strip any
    trailing slash before appending /*$.
 2008-07-29 13:25:12 +00:00
Daniel J Walsh
e69414a046 - Another fix for genhomedircon 2008-07-17 18:35:34 +00:00
Tom Callaway
3296a8cd7e fix license tag 2008-05-28 21:43:40 +00:00
Daniel J Walsh
272f92ab1c - Update to upstream 
Do not call genhomedircon if the policy was not rebuilt from Stephen
    Smalley. Fixes semanage boolean -D seg fault (bug 441379).
 2008-05-06 21:38:01 +00:00
Daniel J Walsh
084654f4e3 - Update to upstream 
make swigify
 2008-02-26 13:16:43 +00:00
Daniel J Walsh
ac914e44de - Update to upstream 
Use vfork rather than fork for libsemanage helpers to reduce memory
    overhead as suggested by Todd Miller.
 2008-02-05 20:26:58 +00:00
Daniel J Walsh
811753b1b0 - Update to upstream 
Free policydb before fork from Joshua Brindle.
Drop the base module immediately after expanding to permit memory re-use
    from Stephen Smalley.
 2008-02-04 17:25:53 +00:00
Daniel J Walsh
448d3446cf - Update to upstream 
Use sepol_set_expand_consume_base to reduce peak memory usage when using
    semodule
 2008-02-02 21:47:57 +00:00
Daniel J Walsh
ade6fffd9e - Update to upstream 
Use sepol_set_expand_consume_base to reduce peak memory usage when using
    semodule
 2008-02-02 21:38:32 +00:00
Daniel J Walsh
283295614d - Update to upstream 
Fix genhomedircon to not override a file context with a homedir context
    from Todd Miller.
 2008-02-01 10:49:29 +00:00
Daniel J Walsh
e2b1d219e7 - Update to upstream 
Fix spurious out of memory error reports.
Merged second version of fix for genhomedircon handling from Caleb Case.
 2008-01-29 13:36:49 +00:00
Daniel J Walsh
36d79c42d3 - Update to upstream 
Merged fix for genhomedircon handling of missing HOME_DIR or HOME_ROOT
    templates from Caleb Case.
 2008-01-25 16:20:02 +00:00
Daniel J Walsh
924325dc15 - Stop differentiating on user for homedir labeling 2008-01-22 19:38:14 +00:00
Daniel J Walsh
1427637c48 - Update to upstream 
Fix genhomedircon handling of shells and missing user context template from
    Dan Walsh.
Copy the store path in semanage_select_store from Dan Walsh.
 2007-12-07 01:18:18 +00:00
Daniel J Walsh
f026dfbc02 - Fix handling of /etc/shells so genhomedircon will work 2007-12-03 20:55:15 +00:00
Daniel J Walsh
3d2cf39af1 - Fix handling of /etc/shells so genhomedircon will work 2007-12-03 19:22:33 +00:00
Daniel J Walsh
e3e8d634bb - Allow semanage_genhomedircon to work with out a USER int homedir.template 2007-11-30 20:08:17 +00:00
Daniel J Walsh
90bffa9795 - Upgrade to latest from NSA 
Call rmdir() rather than remove() on directory removal so that errno isn't
    polluted from Stephen Smalley.
Allow handle_unknown in base to be overridden by semanage.conf from Stephen
    Smalley.
 2007-11-06 18:33:05 +00:00
Daniel J Walsh
58209b633d - Upgrade to latest from NSA 
Call rmdir() rather than remove() on directory removal so that errno isn't
    polluted from Stephen Smalley.
Allow handle_unknown in base to be overridden by semanage.conf from Stephen
    Smalley.
 2007-11-06 18:01:51 +00:00
Daniel J Walsh
2511741eac - Upgrade to latest from NSA 
ustr cleanups from James Antill.
Ensure that /root gets labeled even if using the default context from Dan
    Walsh.
 2007-10-05 17:20:57 +00:00
Daniel J Walsh
fbe2b7390b - Upgrade to latest from NSA 
ustr cleanups from James Antill.
Ensure that /root gets labeled even if using the default context from Dan
    Walsh.
 2007-10-05 17:18:12 +00:00
Daniel J Walsh
3ba23c823c - Upgrade to latest from NSA 
Fix ordering of file_contexts.homedirs from Todd Miller and Dan Walsh.
 2007-10-01 16:29:27 +00:00
Daniel J Walsh
add9ada6d8 - Upgrade to latest from NSA 
Fix error checking on getpw*_r functions from Todd Miller.
Make genhomedircon skip invalid homedir contexts from Todd Miller.
Set default user and prefix from seusers from Dan Walsh.
Add swigify Makefile target from Dan Walsh.
 2007-09-28 13:53:30 +00:00
Daniel J Walsh
8bb5a230f2 - Upgrade to latest from NSA 
Pass CFLAGS to CC even on link command, per Dennis Gilmore.
Clear errno on non-fatal errors to avoid reporting them upon a later error
    that does not set errno.
Improve reporting of system errors, e.g. full filesystem or read-only
    filesystem from Stephen Smalley.
 2007-09-27 00:20:09 +00:00
Daniel J Walsh
09711868c7 - Fix genhomedircon code to only generate valid context 
- Fixes autorelabel problem
 2007-09-26 20:51:43 +00:00
Daniel J Walsh
422f3b68fd - Upgrade to latest from NSA 
Change to use getpw* function calls to the _r versions from Todd Miller.
 2007-09-13 12:29:42 +00:00
Daniel J Walsh
c0c84efd96 - Upgrade to latest from NSA 2007-09-06 02:48:04 +00:00
Daniel J Walsh
8f8294e39e - Upgrade to latest from NSA 2007-09-05 19:01:41 +00:00
Daniel J Walsh
cf2b1c22f9 - Upgrade to latest from NSA 
Allow dontaudits to be turned off via semanage interface when updating
    policy
 2007-08-20 23:30:14 +00:00
Daniel J Walsh
6da4db8e6f - Add ability to load a policy without dontaudit rules 
-
 2007-08-11 10:53:39 +00:00
Daniel J Walsh
a65d30f4d2 - Rebuild to fix segfault on x86 platforms, swigify on each build 2007-08-11 10:42:54 +00:00
Daniel J Walsh
3068364d58 - Rebuild to fix segfault on x86 platforms, swigify on each build 2007-06-26 09:43:57 +00:00
Daniel J Walsh
65c9f7004a - Rebuild to fix segfault on x86 platforms, swigify on each build 2007-06-26 09:39:27 +00:00
Daniel J Walsh
d49d036d30 - Rebuild for rawhide 2007-06-01 14:45:13 +00:00
Daniel J Walsh
212e1b703f - Apply patch to fix dependencies in spec file from Robert Scheck 2007-05-04 17:26:34 +00:00
Daniel J Walsh
3e627b0d72 - Upgrade to latest from NSA 
Fix to libsemanage man patches so whatis will work better from Dan Walsh
 2007-04-26 00:05:03 +00:00
Daniel J Walsh
b8748b2834 - Upgrade to latest from NSA 
Merged optimizations from Stephen Smalley.
- do not set all booleans upon commit, only those whose values have changed
- only install the sandbox upon commit if something was rebuilt
 2007-04-25 15:11:21 +00:00