- cil: Create new keep field for type attribute sets
- build: follow standard semantics for DESTDIR and PREFIX
- cil: show an error when cil_expr_to_string() fails
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
- reset pointer after free in cil_strpool_destroy()
- cil: Add ability to redeclare types[attributes]
- cil: Keep attributes used by generated attributes in neverallow
ules
- use IN6ADDR_ANY_INIT to initialize IPv6 addresses
- fix memory leak in sepol_bool_query()
- cil: drop wrong unused attribute
- cil: fix -Wwrite-strings warning
- cil: __cil_post_db_neverallow_attr_helper() does not use extra_args
The following steps are used to execute the tests using the standard test interface:
Docker
sudo ANSIBLE_INVENTORY=$(test -e inventory && echo inventory || echo /usr/share/ansible/inventory) TEST_SUBJECTS=docker:docker.io/library/fedora:26 TEST_ARTIFACTS=$PWD/artifacts ansible-playbook --tags container tests.yml
Classic
sudo ANSIBLE_INVENTORY=$(test -e inventory && echo inventory || echo /usr/share/ansible/inventory) TEST_SUBJECTS="" TEST_ARTIFACTS=$PWD/artifacts ansible-playbook --tags classic tests.yml
https://src.fedoraproject.org/rpms/libsepol/pull-request/1
- Fix neverallow bug when checking conditional policy
- Destroy the expanded level when mls_semantic_level_expand() fails
- Do not seg fault on sepol_*_key_free(NULL)
- Check for too many permissions in classes and commons in CIL
- Fix xperm mapping between avrule and avtab
- tests: Fix mispelling of optimization option
- Fix unused/uninitialized variables on mac build
- Produce more meaningful error messages for conflicting type rules in CIL
- make "make test" fail when a CUnit test fails
- tests: fix g_b_role_2 test
- Change which attributes CIL keeps in the binary policy
- Port str_read() from kernel and remove multiple occurances of similar code
- Use calloc instead of malloc for all the *_to_val_structs
- Fix bugs found by AFL
- Fix memory leak in expand.c
- Fix invalid read when policy file is corrupt
- Fix possible use of uninitialized variables
- Correctly detect unknown classes in sepol_string_to_security_class
- Sort object files for deterministic linking order
- Fix neverallowxperm checking on attributes
- Remove libsepol.map when cleaning
- Add high-level language line marking support to CIL
Fixes:
+ '[' 0 -ne 0 ']'
+ cd libsepol-2.5
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ /usr/bin/git init -q
/var/tmp/rpm-tmp.yCRSdD: line 42: /usr/bin/git: No such file or directory
error: Bad exit status from /var/tmp/rpm-tmp.yCRSdD (%prep)
Bad exit status from /var/tmp/rpm-tmp.yCRSdD (%prep)
* Improve error message for name-based transition conflicts.
* Revert libsepol: filename_trans: use some better sorting to compare and merge.
* Report source file and line information for neverallow failures.
* Fix valgrind errors in constraint_expr_eval_reason from Richard Haines.
* Add sepol_validate_transition_reason_buffer function from Richard Haines.
* Improve error message for name-based transition conflicts.
* Revert libsepol: filename_trans: use some better sorting to compare and merge.
* Report source file and line information for neverallow failures.
* Fix valgrind errors in constraint_expr_eval_reason from Richard Haines.
* Add sepol_validate_transition_reason_buffer function from Richard Haines.
