- Update to match NSA
* Merged semanage getpwnam bug fix from Serge Hallyn (IBM).
* Merged patch series from Ivan Gyurdiev.
This includes patches to:
- cleanup setsebool
- update setsebool to apply active booleans through libsemanage
- update semodule to use the new semanage_set_rebuild() interface
- fix various bugs in semanage
* Merged patch from Dan Walsh (Red Hat).
This includes fixes for restorecon, chcat, fixfiles, genhomedircon,
and semanage.
- Update to match NSA
* Merged semanage getpwnam bug fix from Serge Hallyn (IBM).
* Merged patch series from Ivan Gyurdiev.
This includes patches to:
- cleanup setsebool
- update setsebool to apply active booleans through libsemanage
- update semodule to use the new semanage_set_rebuild() interface
- fix various bugs in semanage
* Merged patch from Dan Walsh (Red Hat).
This includes fixes for restorecon, chcat, fixfiles, genhomedircon,
and semanage.
- Add try catch for files that may not exists
* Mon Dec 19 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-3
- Remove commands from genhomedircon for installer
- Update to match NSA
* Merged fix for audit2allow long option list from Dan Walsh.
* Merged -r option for restorecon (alias for -R) from Dan Walsh.
* Merged chcat script and man page from Dan Walsh.
- Update to match NSA
- Add chcat to policycoreutils, adding +/- syntax
`
* Tue Dec 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.36-2
- Require new version of libsemanage
- Update to match NSA
- Add chcat to policycoreutils, adding +/- syntax
`
* Tue Dec 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.36-2
- Require new version of libsemanage
- Update to match NSA
* Changed genhomedircon to warn on use of ROLE in homedir_template
if using managed policy, as libsemanage does not yet support it.
* Added -B (--build) option to semodule to force a rebuild.
* Reverted setsebool patch to call semanage_set_reload_bools().
* Changed setsebool to disable policy reload and to call
security_set_boolean_list to update the runtime booleans.
* Changed setfiles -c to use new flag to set_matchpathcon_flags()
to disable context translation by matchpathcon_init().
- Update to match NSA
* Changed setfiles for the context canonicalization support.
* Changed setsebool to call semanage_is_managed() interface
and fall back to security_set_boolean_list() if policy is
not managed.
* Merged setsebool memory leak fix from Ivan Gyurdiev.
* Merged setsebool patch to call semanage_set_reload_bools()
interface from Ivan Gyurdiev.
- Update to match NSA
* Merged setsebool patch from Ivan Gyurdiev.
This moves setsebool from libselinux/utils to policycoreutils,
and rewrites it to use libsemanage for permanent boolean changes.
- Update to match NSA
* Merged setsebool patch from Ivan Gyurdiev.
This moves setsebool from libselinux/utils to policycoreutils,
and rewrites it to use libsemanage for permanent boolean changes.
- Update to match NSA
* Merged semodule support for reload, noreload, and store options
from Joshua Brindle.
* Merged semodule_package rewrite from Joshua Brindle.
- Update to match NSA
* Merged semodule support for reload, noreload, and store options
from Joshua Brindle.
* Merged semodule_package rewrite from Joshua Brindle.
- Update to match NSA
* Cleaned up usage and error messages and releasing of memory by
semodule_* utilities.
* Corrected error reporting by semodule.
* Updated semodule_expand for change to sepol interface.
* Merged fixes for make DESTDIR= builds from Joshua Brindle.
- Update to match NSA
* Cleaned up usage and error messages and releasing of memory by
semodule_* utilities.
* Corrected error reporting by semodule.
* Updated semodule_expand for change to sepol interface.
* Merged fixes for make DESTDIR= builds from Joshua Brindle.
- Update to match NSA
* Updated semodule_expand to use get interfaces for hidden sepol_module_package type.
* Merged newrole and run_init pam config patches from Dan Walsh (Red Hat).
* Merged fixfiles patch from Dan Walsh (Red Hat).
* Updated semodule for removal of semanage_strerror.
- Update to match NSA
* Updated semodule_expand to use get interfaces for hidden sepol_module_package type.
* Merged newrole and run_init pam config patches from Dan Walsh (Red Hat).
* Merged fixfiles patch from Dan Walsh (Red Hat).
* Updated semodule for removal of semanage_strerror.
- Update to match NSA
* Updated semodule_link and semodule_expand to use shared libsepol.
Fixed audit2why to call policydb_init prior to policydb_read (still
uses the static libsepol).
- Update to match NSA
* Updated for changes to libsepol.
Changed semodule and semodule_package to use the shared libsepol.
Disabled build of semodule_link and semodule_expand for now.
Updated audit2why for relocated policydb internal headers,
still needs to be converted to a shared lib interface.
- Update to match NSA
* Merged patch to update semodule to the new libsemanage API
and improve the user interface from Karl MacMillan (Tresys).
* Modified semodule for the create/connect API split.
- Update to match NSA
* Merged patch to update semodule to the new libsemanage API
and improve the user interface from Karl MacMillan (Tresys).
* Modified semodule for the create/connect API split.
- Update to match NSA
* Merged error shadowing bug fix for restorecon from Dan Walsh.
* Merged setfiles usage/man page update for -r option from Dan Walsh.
* Merged fixfiles -C patch to ignore :s0 addition on update
to a MCS/MLS policy from Dan Walsh.
- Update to match NSA
* Updated audit2why for sepol_ prefixes on Flask types to
avoid namespace collision with libselinux, and to
include <selinux/selinux.h> now.
- Update to match NSA
* Updated audit2why for sepol_ prefixes on Flask types to
avoid namespace collision with libselinux, and to
include <selinux/selinux.h> now.
- Update to version from NSA
* Merged load_policy is_selinux_enabled patch from Dan Walsh.
* Merged restorecon verbose output patch from Dan Walsh.
* Merged setfiles altroot patch from Chris PeBenito.
- Update to released version from NSA
* Merged rewrite of genhomedircon by Eric Paris.
* Changed fixfiles to relabel jfs since it now supports security xattrs
(as of 2.6.11). Removed reiserfs until 2.6.12 is released with
fixed support for reiserfs and selinux.
- Apply Uli patch
* The Makefiles should use the -Wall option even if compiled in beehive
* Add -W, too
* use -Werror when used outside of beehive. This could also be used unconditionally
* setfiles/setfiles.c: fix resulting warning
* restorecon/restorecon.c: Likewise
* run_init/open_init_pty.c: argc hasn't been checked, the program would crash if
called without parameters. ignore the return value of nice properly.
* run_init: don't link with -ldl lutil
* load_policy: that's the bad bug. pointer to unsigned int is passed, size_t is
written to. fails on 64-bit archs
* sestatus: signed vs unsigned problem
* newrole: don't link with -ldl
- Update from NSA
* Merged further change to fixfiles -C from Dan Walsh.
* Merged updated fixfiles script from Dan Walsh.
- Fix error handling of restorecon
- More cleanup of sed patch
- Upgrade to latest from NSA
* Merged updated fixfiles script from Dan Walsh.
* Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
* Reverted fixfiles patch for file_contexts.local;
obsoleted by setfiles rewrite.
* Merged error handling patch for restorecon from Dan Walsh.
* Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
* Rewrote setfiles to use matchpathcon and the new interfaces
exported by libselinux (>= 1.21.5).
- Fix fixfiles patch
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
- Fix fixfiles patch
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting