- Add try catch for files that may not exists
* Mon Dec 19 2005 Dan Walsh <dwalsh@redhat.com> 1.29.2-3
- Remove commands from genhomedircon for installer
- Update to match NSA
* Merged fix for audit2allow long option list from Dan Walsh.
* Merged -r option for restorecon (alias for -R) from Dan Walsh.
* Merged chcat script and man page from Dan Walsh.
- Update to match NSA
- Add chcat to policycoreutils, adding +/- syntax
`
* Tue Dec 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.36-2
- Require new version of libsemanage
- Update to match NSA
- Add chcat to policycoreutils, adding +/- syntax
`
* Tue Dec 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.36-2
- Require new version of libsemanage
- Update to match NSA
* Changed genhomedircon to warn on use of ROLE in homedir_template
if using managed policy, as libsemanage does not yet support it.
* Added -B (--build) option to semodule to force a rebuild.
* Reverted setsebool patch to call semanage_set_reload_bools().
* Changed setsebool to disable policy reload and to call
security_set_boolean_list to update the runtime booleans.
* Changed setfiles -c to use new flag to set_matchpathcon_flags()
to disable context translation by matchpathcon_init().
- Update to match NSA
* Changed setfiles for the context canonicalization support.
* Changed setsebool to call semanage_is_managed() interface
and fall back to security_set_boolean_list() if policy is
not managed.
* Merged setsebool memory leak fix from Ivan Gyurdiev.
* Merged setsebool patch to call semanage_set_reload_bools()
interface from Ivan Gyurdiev.
- Update to match NSA
* Merged setsebool patch from Ivan Gyurdiev.
This moves setsebool from libselinux/utils to policycoreutils,
and rewrites it to use libsemanage for permanent boolean changes.
- Update to match NSA
* Merged setsebool patch from Ivan Gyurdiev.
This moves setsebool from libselinux/utils to policycoreutils,
and rewrites it to use libsemanage for permanent boolean changes.
- Update to match NSA
* Merged semodule support for reload, noreload, and store options
from Joshua Brindle.
* Merged semodule_package rewrite from Joshua Brindle.
- Update to match NSA
* Merged semodule support for reload, noreload, and store options
from Joshua Brindle.
* Merged semodule_package rewrite from Joshua Brindle.
- Update to match NSA
* Cleaned up usage and error messages and releasing of memory by
semodule_* utilities.
* Corrected error reporting by semodule.
* Updated semodule_expand for change to sepol interface.
* Merged fixes for make DESTDIR= builds from Joshua Brindle.
- Update to match NSA
* Cleaned up usage and error messages and releasing of memory by
semodule_* utilities.
* Corrected error reporting by semodule.
* Updated semodule_expand for change to sepol interface.
* Merged fixes for make DESTDIR= builds from Joshua Brindle.
- Update to match NSA
* Updated semodule_expand to use get interfaces for hidden sepol_module_package type.
* Merged newrole and run_init pam config patches from Dan Walsh (Red Hat).
* Merged fixfiles patch from Dan Walsh (Red Hat).
* Updated semodule for removal of semanage_strerror.
- Update to match NSA
* Updated semodule_expand to use get interfaces for hidden sepol_module_package type.
* Merged newrole and run_init pam config patches from Dan Walsh (Red Hat).
* Merged fixfiles patch from Dan Walsh (Red Hat).
* Updated semodule for removal of semanage_strerror.
- Update to match NSA
* Updated semodule_link and semodule_expand to use shared libsepol.
Fixed audit2why to call policydb_init prior to policydb_read (still
uses the static libsepol).
- Update to match NSA
* Updated for changes to libsepol.
Changed semodule and semodule_package to use the shared libsepol.
Disabled build of semodule_link and semodule_expand for now.
Updated audit2why for relocated policydb internal headers,
still needs to be converted to a shared lib interface.
- Update to match NSA
* Merged patch to update semodule to the new libsemanage API
and improve the user interface from Karl MacMillan (Tresys).
* Modified semodule for the create/connect API split.
- Update to match NSA
* Merged patch to update semodule to the new libsemanage API
and improve the user interface from Karl MacMillan (Tresys).
* Modified semodule for the create/connect API split.
- Update to match NSA
* Merged error shadowing bug fix for restorecon from Dan Walsh.
* Merged setfiles usage/man page update for -r option from Dan Walsh.
* Merged fixfiles -C patch to ignore :s0 addition on update
to a MCS/MLS policy from Dan Walsh.
- Update to match NSA
* Updated audit2why for sepol_ prefixes on Flask types to
avoid namespace collision with libselinux, and to
include <selinux/selinux.h> now.
- Update to match NSA
* Updated audit2why for sepol_ prefixes on Flask types to
avoid namespace collision with libselinux, and to
include <selinux/selinux.h> now.
- Update to version from NSA
* Merged load_policy is_selinux_enabled patch from Dan Walsh.
* Merged restorecon verbose output patch from Dan Walsh.
* Merged setfiles altroot patch from Chris PeBenito.
- Update to released version from NSA
* Merged rewrite of genhomedircon by Eric Paris.
* Changed fixfiles to relabel jfs since it now supports security xattrs
(as of 2.6.11). Removed reiserfs until 2.6.12 is released with
fixed support for reiserfs and selinux.
- Apply Uli patch
* The Makefiles should use the -Wall option even if compiled in beehive
* Add -W, too
* use -Werror when used outside of beehive. This could also be used unconditionally
* setfiles/setfiles.c: fix resulting warning
* restorecon/restorecon.c: Likewise
* run_init/open_init_pty.c: argc hasn't been checked, the program would crash if
called without parameters. ignore the return value of nice properly.
* run_init: don't link with -ldl lutil
* load_policy: that's the bad bug. pointer to unsigned int is passed, size_t is
written to. fails on 64-bit archs
* sestatus: signed vs unsigned problem
* newrole: don't link with -ldl
- Update from NSA
* Merged further change to fixfiles -C from Dan Walsh.
* Merged updated fixfiles script from Dan Walsh.
- Fix error handling of restorecon
- More cleanup of sed patch
- Upgrade to latest from NSA
* Merged updated fixfiles script from Dan Walsh.
* Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
* Reverted fixfiles patch for file_contexts.local;
obsoleted by setfiles rewrite.
* Merged error handling patch for restorecon from Dan Walsh.
* Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
* Rewrote setfiles to use matchpathcon and the new interfaces
exported by libselinux (>= 1.21.5).
- Fix fixfiles patch
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
- Fix fixfiles patch
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
- Upgrade to latest from NSA
* Prevent overflow of spec array in setfiles.
- Add diff comparason between file_contexts to fixfiles
- Allow restorecon to give an warning on file not found instead of exiting
- Upgrade to latest from NSA
* Fixed restorecon to not treat errors from is_context_customizable()
as a customizable context.
* Merged setfiles/restorecon patch to not reset user field unless
-F option is specified from Dan Walsh.
* Merged open_init_pty helper for run_init from Manoj Srivastava.
* Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
- Upgrade to latest from NSA
* Fixed restorecon to not treat errors from is_context_customizable()
as a customizable context.
* Merged setfiles/restorecon patch to not reset user field unless
-F option is specified from Dan Walsh.
* Merged open_init_pty helper for run_init from Manoj Srivastava.
* Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
- Fix fixfiles handling of rpm
- Fix restorecon to not warn on symlinks unless -v -v
- Fix output of verbose to show old context as well as new context
- Fix fixfiles handling of rpm
- Fix restorecon to not warn on symlinks unless -v -v
- Fix output of verbose to show old context as well as new context
* Mon Aug 16 2004 Dan Walsh <dwalsh@redhat.com> 1.15.7-1
- Update to latest from upstream
* Thu Aug 12 2004 Dan Walsh <dwalsh@redhat.com> 1.15.6-1
- Add Man page for load_policy
* Mon Jul 19 2004 Dan Walsh <dwalsh@redhat.com> 1.15.2-2
- Only mail files less than 100 lines from fixfiles.cron
- Add Russell's fix for genhomedircon
* Wed Jun 30 2004 Dan Walsh <dwalsh@redhat.com> 1.14.1-1
- Update from NSA
- Add cron capability to fixfiles
* Fri Jun 25 2004 Dan Walsh <dwalsh@redhat.com> 1.13.4-1
- Update from NSA
* Wed Jun 23 2004 Dan Walsh <dwalsh@redhat.com> 1.13.3-1
- Update latest from NSA
- Add -o option to setfiles to save output of any files with incorrect context.
* Tue Jun 22 2004 Dan Walsh <dwalsh@redhat.com> 1.13.2-2
- Add rpm support to fixfiles
- Update restorecon to add file input support
* Sat Jun 12 2004 Dan Walsh <dwalsh@redhat.com> 1.13.1-2
- Fix run_init to use policy formats
* Wed Jun 02 2004 Dan Walsh <dwalsh@redhat.com> 1.13.1-1
- Update from NSA
* Fri May 21 2004 Dan Walsh <dwalsh@redhat.com> 1.13-1
- Update to latest from NSA
- Change fixfiles to prompt before deleteing /tmp files
* Tue May 18 2004 Dan Walsh <dwalsh@redhat.com> 1.12-2
- have restorecon ingnore <<none>>
- Hand matchpathcon the file status
* Fri May 14 2004 Dan Walsh <dwalsh@redhat.com> 1.12-1
- Update to match NSA
* Mon May 10 2004 Dan Walsh <dwalsh@redhat.com> 1.11-4
- Move location of log file to /var/tmp
* Mon May 10 2004 Dan Walsh <dwalsh@redhat.com> 1.11-3
- Better grep command for bind
* Fri May 07 2004 Dan Walsh <dwalsh@redhat.com> 1.11-2
- Eliminate bind and context mounts
* Wed May 05 2004 Dan Walsh <dwalsh@redhat.com> 1.11-1
- update to match NSA
* Wed Apr 28 2004 Dan Walsh <dwalsh@redhat.com> 1.10-4
- Log fixfiles to the /tmp directory
* Wed Apr 21 2004 Colin Walters <walters@redhat.com> 1.10-3
- Add patch to fall back to authenticating via uid if
the current user's SELinux user identity is the default
identity
- Add BuildRequires pam-devel
* Mon Apr 12 2004 Dan Walsh <dwalsh@redhat.com> 1.10-2
- Add man page, thanks to Richard Halley
* Thu Apr 08 2004 Dan Walsh <dwalsh@redhat.com> 1.10-1
- Upgrade to latest from NSA
* Fri Apr 02 2004 Dan Walsh <dwalsh@redhat.com> 1.9.2-1
- Update with latest from gentoo and NSA
* Thu Apr 01 2004 Dan Walsh <dwalsh@redhat.com> 1.9.1-1
- Check return codes in sestatus.c
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-19
- Fix sestatus to not double free
- Fix sestatus.conf to be unix format
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-18
- Warn on setfiles failure to relabel.
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-17
- Updated version of sestatus
* Mon Mar 29 2004 Dan Walsh <dwalsh@redhat.com> 1.9-16
- Fix fixfiles to checklabel properly
* Fri Mar 26 2004 Dan Walsh <dwalsh@redhat.com> 1.9-15
- add sestatus
* Thu Mar 25 2004 Dan Walsh <dwalsh@redhat.com> 1.9-14
- Change free call to freecon
- Cleanup
* Tue Mar 23 2004 Dan Walsh <dwalsh@redhat.com> 1.9-12
- Remove setfiles-assoc patch
- Fix restorecon to not crash on missing dir
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-11
- Eliminate trailing / in restorecon
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-10
- Add Verbosity check
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-9
- Change restorecon to not follow symlinks. It is too difficult and confusing
- to figure out the file context for the file pointed to by a symlink.
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-8
- Fix restorecon
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-7
- Read restorecon patch
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-6
- Change genhomedircon to take POLICYSOURCEDIR from command line
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-5
- Add checkselinux
- move fixfiles and restorecon to /sbin
* Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.9-4
- Restore patch of genhomedircon
* Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.9-3
- Add setfiles-assoc patch to try to freeup memory use
* Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.9-2
- Add fixlabels
* Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.9-1
- Update to latest from NSA
* Wed Mar 10 2004 Dan Walsh <dwalsh@redhat.com> 1.6-8
- Increase the size of buffer accepted by setfiles to BUFSIZ.
* Tue Mar 09 2004 Dan Walsh <dwalsh@redhat.com> 1.6-7
- genhomedircon should complete even if it can't read /etc/default/useradd
* Tue Mar 09 2004 Dan Walsh <dwalsh@redhat.com> 1.6-6
- fix restorecon to relabel unlabled files.
* Fri Mar 05 2004 Dan Walsh <dwalsh@redhat.com> 1.6-5
- Add genhomedircon from tresys
- Fixed patch for restorecon
* Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6-4
- exit out when selinux is not enabled
* Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6-3
- Fix minor bugs in restorecon
* Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6-2
- Add restorecon c program
* Tue Feb 24 2004 Dan Walsh <dwalsh@redhat.com> 1.6-1
- Update to latest tarball from NSA
* Thu Feb 19 2004 Dan Walsh <dwalsh@redhat.com> 1.4-9
- Add sort patch
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt