Commit Graph

203 Commits

Author SHA1 Message Date
Daniel J Walsh
d03de9fdcd * Sun Jul 29 2009 Dan Walsh <dwalsh@redhat.com> 2.0.68-1
- Fix location of man pages
- Update to upstream
	* Modify setfiles to exclude mounts without seclabel option in
	/proc/mounts on kernels >= 2.6.30 from Thomas Liu.
	* Re-enable disable_dontaudit rules upon semodule -B from Christopher
	Pardy and Dan Walsh.
	* setfiles converted to fts from Thomas Liu.
2009-07-29 13:43:53 +00:00
Daniel J Walsh
096b58de8c * Fri Jun 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.64-1
- Update to upstream
	* Keep setfiles from spamming console from Dan Walsh.
	* Fix chcat's category expansion for users from Dan Walsh.
- Update po files
- Fix sepolgen
2009-06-26 18:48:24 +00:00
Daniel J Walsh
7d0ef81ff4 * Wed May 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.63-1
- Update to upstream
	* Fix transaction checking from Dan Walsh.
	* Make fixfiles -R (for rpm) recursive.
	* Make semanage permissive clean up after itself from Dan Walsh.
	* add /root/.ssh/* to restorecond.conf
2009-05-22 18:00:00 +00:00
Daniel J Walsh
badeadc2fc * Wed Feb 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-1
- Update to upstream
	* Add btrfs to fixfiles from Dan Walsh.
	* Remove restorecond error for matching globs with multiple hard links
 	  and fix some error messages from Dan Walsh.
	* Make removing a non-existant module a warning rather than an error
	  from Dan Walsh.
	* Man page fixes from Dan Walsh.
2009-02-18 21:54:32 +00:00
Daniel J Walsh
d30e36478c * Wed Jan 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.61-2
- Split python into a separate package
2009-01-14 15:11:12 +00:00
Daniel J Walsh
f689b5c1ff * Tue Jan 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.61-1
- Update to upstream
	* chcat: cut categories at arbitrary point (25) from Dan Walsh
	* semodule: use new interfaces in libsemanage for compressed files
	  from Dan Walsh
	* audit2allow: string changes for usage
2009-01-13 14:09:47 +00:00
Daniel J Walsh
114d182b28 * Tue Jan 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.61-1
- Update to upstream
	* chcat: cut categories at arbitrary point (25) from Dan Walsh
	* semodule: use new interfaces in libsemanage for compressed files
	  from Dan Walsh
	* audit2allow: string changes for usage
2009-01-13 14:01:10 +00:00
Daniel J Walsh
461604839c * Mon Dec 1 2008 Dan Walsh <dwalsh@redhat.com> 2.0.60-1
- Update to upstream
	* semanage: use semanage_mls_enabled() from Stephen Smalley.
2008-12-01 16:49:49 +00:00
Daniel J Walsh
127ce1fef4 * Tue Nov 11 2008 Dan Walsh <dwalsh@redhat.com> 2.0.59-1
- Update to upstream
	* fcontext add checked local records twice, fix from Dan Walsh.
2008-11-11 21:18:08 +00:00
Daniel J Walsh
9bb9beca12 * Wed Oct 1 2008 Dan Walsh <dwalsh@redhat.com> 2.0.57-1
- Update to upstream
	* Update po files from Dan Walsh.
2008-10-06 19:05:59 +00:00
Daniel J Walsh
2cfc77b157 * Fri Sep 12 2008 Dan Walsh <dwalsh@redhat.com> 2.0.56-1
- Fix semanage help display
- Update to upstream
	* fixfiles will now remove all files in /tmp and will check for
	  unlabeled_t in /tmp and /var/tmp from Dan Walsh.
	* add glob support to restorecond from Dan Walsh.
	* allow semanage to handle multi-line commands in a single transaction
	  from Dan Walsh.
2008-09-12 15:58:45 +00:00
Daniel J Walsh
2a4d967daa * Thu Aug 28 2008 Dan Walsh <dwalsh@redhat.com> 2.0.55-1
- Update to upstream
	* Merged semanage node support from Christian Kuester.
2008-08-29 19:05:21 +00:00
Daniel J Walsh
14f807a094 * Tue Aug 5 2008 Dan Walsh <dwalsh@redhat.com> 2.0.54-1
- Update to upstream
	* Add support for boolean files and group support for seusers from Dan Walsh.
	* Ensure that setfiles -p output is newline terminated from Russell Coker.
2008-08-05 14:18:33 +00:00
Daniel J Walsh
0fdc47a89f * Tue Jul 29 2008 Dan Walsh <dwalsh@redhat.com> 2.0.53-1
- Update to upstream
	* Change setfiles to validate all file_contexts files when using -c from Stephen Smalley.
2008-07-29 18:06:14 +00:00
Daniel J Walsh
1e4d97ba6c * Tue Jul 29 2008 Dan Walsh <dwalsh@redhat.com> 2.0.52-6
- Fix boolean handling
- Upgrade to latest sepolgen
- Update po patch
2008-07-29 13:30:54 +00:00
Daniel J Walsh
c66a0ee3f8 * Wed Jul 2 2008 Dan Walsh <dwalsh@redhat.com> 2.0.52-1
- Default prefix to "user"
2008-07-02 21:22:58 +00:00
Daniel J Walsh
8ac1404c6b * Tue Jul 1 2008 Dan Walsh <dwalsh@redhat.com> 2.0.50-2
- Remove semodule use within semanage
2008-07-02 00:52:32 +00:00
Daniel J Walsh
d21474fea3 * Mon Jun 30 2008 Dan Walsh <dwalsh@redhat.com> 2.0.50-1
- Update to upstream
	* Fix audit2allow generation of role-type rules from Karl MacMillan.
2008-06-30 15:52:24 +00:00
Daniel J Walsh
6c5a205c34 * Mon May 12 2008 Dan Walsh <dwalsh@redhat.com> 2.0.49-1
- Update to upstream
	* Remove security_check_context calls for prefix validation from semanage.
	* Change setfiles and restorecon to not relabel if the file already has the correct context value even if -F/force is specified.
2008-05-16 15:16:20 +00:00
Daniel J Walsh
2219648009 *** empty log message *** 2008-05-07 11:38:31 +00:00
Daniel J Walsh
7d1caca617 * Tue Mar 18 2008 Dan Walsh <dwalsh@redhat.com> 2.0.46-1
- Update to upstream
	* Update audit2allow to report dontaudit cases from Dan Walsh.
	* Fix semanage port to use --proto from Caleb Case.
2008-03-18 20:59:17 +00:00
Daniel J Walsh
ea11570a87 * Fri Feb 22 2008 Dan Walsh <dwalsh@redhat.com> 2.0.44-1
- Update to upstream
	* Fix for segfault when conf file parse error occurs.
2008-02-22 19:36:05 +00:00
Daniel J Walsh
08594f6d5f * Wed Feb 13 2008 Dan Walsh <dwalsh@redhat.com> 2.0.43-1
- Update to upstream
	* Merged fix fixfiles option processing from Vaclav Ovsik.
- Added existing users, staff and user_t users to polgengui
2008-02-13 20:55:23 +00:00
Daniel J Walsh
68de8438ea * Sat Feb 2 2008 Dan Walsh <dwalsh@redhat.com> 2.0.42-1
- Update to upstream
	* Make semodule_expand use sepol_set_expand_consume_base to reduce
	  peak memory usage.
2008-02-02 21:40:53 +00:00
Daniel J Walsh
75c4c38f00 * Tue Jan 29 2008 Dan Walsh <dwalsh@redhat.com> 2.0.41-1
- Update to upstream
	* Merged audit2why fix and semanage boolean --on/--off/-1/-0 support from Dan Walsh.
	* Merged a second fixfiles -C fix from Marshall Miller.
2008-01-29 13:23:41 +00:00
Daniel J Walsh
dc637d77fd * Thu Jan 24 2008 Dan Walsh <dwalsh@redhat.com> 2.0.39-1
- Don't initialize audit2allow for audit2why call.  Use default
- Update to upstream
	* Merged fixfiles -C fix from Marshall Miller.
2008-01-25 16:14:52 +00:00
Daniel J Walsh
375c226ef2 * Thu Jan 24 2008 Dan Walsh <dwalsh@redhat.com> 2.0.38-1
- Update to upstream
  * Merged audit2allow cleanups and boolean descriptions from Dan Walsh.
  * Merged setfiles -0 support by Benny Amorsen via Dan Walsh.
  * Merged fixfiles fixes and support for ext4 and gfs2 from Dan Walsh.
2008-01-24 19:45:03 +00:00
Daniel J Walsh
5031b9bd5a * Wed Jan 23 2008 Dan Walsh <dwalsh@redhat.com> 2.0.37-1
- Update to upstream
  * Merged replacement for audit2why from Dan Walsh.
2008-01-23 22:11:23 +00:00
Daniel J Walsh
f8fdb548ab * Wed Jan 23 2008 Dan Walsh <dwalsh@redhat.com> 2.0.36-1
- Update to upstream
	* Merged update to chcat, fixfiles, and semanage scripts from Dan Walsh.
2008-01-23 19:44:15 +00:00
Daniel J Walsh
34a3b99b21 * Fri Jan 11 2008 Dan Walsh <dwalsh@redhat.com> 2.0.35-1
- Update to upstream
	* Merged support for non-interactive newrole command invocation from Tim Reed.
2008-01-11 18:33:07 +00:00
Daniel J Walsh
bac931cd73 * Tue Dec 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-1
- Update to upstream
* Tue Dec 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-4
- Fix sepolgen to be able to parse Fedora 9 policy
      Handle ifelse statements
      Handle refpolicywarn inside of define
      Add init.if and inetd.if into parse
      Add parse_file to syntax error message
2007-12-19 17:55:58 +00:00
Daniel J Walsh
9ecec66343 * Mon Dec 10 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-1
- Upgrade from NSA
	* Drop verbose output on fixfiles -C from Dan Walsh.
	* Fix argument handling in fixfiles from Dan Walsh.
	* Enhance boolean support in semanage, including using the .xml description when available, from Dan Walsh.
- Fix handling of final screen in polgengui
2007-12-11 02:47:29 +00:00
Daniel J Walsh
8d32038fbc * Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.32-1
- Upgrade from NSA
	* load_policy initial load option from Chad Sellers.
2007-11-30 20:11:38 +00:00
Daniel J Walsh
ccbc11e287 * Mon Oct 15 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-1
- Remove no.po
- Update to upstream
	* Fix semodule option handling from Dan Walsh.
	* Add deleteall support for ports and fcontexts in semanage from Dan Walsh.
2007-10-15 18:09:34 +00:00
Daniel J Walsh
105dca2943 * Sun Oct 7 2007 Dan Walsh <dwalsh@redhat.com> 2.0.29-1
- Update to upstream
	* Add genhomedircon script to invoke semodule -Bn from Dan Walsh.
- Add deleteall for ports and fcontext
2007-10-08 14:44:26 +00:00
Daniel J Walsh
6827dc2d8b * Fri Oct 5 2007 Dan Walsh <dwalsh@redhat.com> 2.0.28-1
- Update to upstream
	* Update semodule man page for -D from Dan Walsh.
	* Add boolean, locallist, deleteall, and store support to semanage from Dan Walsh.
2007-10-05 17:16:35 +00:00
Daniel J Walsh
a8f58ae116 * Thu Sep 27 2007 Dan Walsh <dwalsh@redhat.com> 2.0.27-2
- Fix bug in building policy with polgengui
2007-09-27 15:24:00 +00:00
Daniel J Walsh
1452353611 * Tue Sep 18 2007 Dan Walsh <dwalsh@redhat.com> 2.0.26-1
- Update to upstream
  * Fix setfiles selabel option flag setting for 64-bit from Stephen Smalley.
2007-09-19 02:29:47 +00:00
Daniel J Walsh
d7f1fcd1a3 * Tue Sep 13 2007 Dan Walsh <dwalsh@redhat.com> 2.0.25-13
- Upgrade version of sepolgen from NSA
	* Expand the sepolgen parser to parse all current refpolicy modules from Karl MacMillan.
	* Suppress generation of rules for non-denials from Karl MacMillan (take 3).
2007-09-13 12:32:16 +00:00
Daniel J Walsh
4373ede8c2 * Sat Aug 25 2007 Dan Walsh <dwalsh@redhat.com> 2.0.25-3
- Add selinux-polgengui to desktop
2007-08-25 10:55:38 +00:00
Daniel J Walsh
32455f343f * Thu Aug 23 2007 Dan Walsh <dwalsh@redhat.com> 2.0.25-1
- Update semodule man page
	* Fix genhomedircon searching for USER from Todd Miller
	* Install run_init with mode 0755 from Dan Walsh.
	* Fix chcat from Dan Walsh.
	* Fix fixfiles pattern expansion and error reporting from Dan Walsh.
	* Optimize genhomedircon to compile regexes once from Dan Walsh.
	* Fix semanage gettext call from Dan Walsh.
2007-08-23 21:00:38 +00:00
Daniel J Walsh
0f56395076 * Mon Aug 20 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-1
- Update to match NSA
  	* Disable dontaudits via semodule -D
2007-08-21 13:02:46 +00:00
Daniel J Walsh
a57e4b7bc5 * Thu Jun 21 2007 Dan Walsh <dwalsh@redhat.com> 2.0.22-1
- Update to match NSA
	* Rebase setfiles to use new labeling interface.
2007-06-21 15:34:48 +00:00
Daniel J Walsh
2112f918a0 * Wed Jun 13 2007 Dan Walsh <dwalsh@redhat.com> 2.0.21-1
- Update to match NSA
	* Fixed setsebool (falling through to error path on success).
2007-06-13 12:50:55 +00:00
Daniel J Walsh
a0ef77a17e * Mon Jun 11 2007 Dan Walsh <dwalsh@redhat.com> 2.0.20-1
- Update to match NSA
	* Merged genhomedircon fixes from Dan Walsh.
	* Merged setfiles -c usage fix from Dan Walsh.
	* Merged restorecon fix from Yuichi Nakamura.
	* Dropped -lsepol where no longer needed.
2007-06-11 18:44:01 +00:00
Daniel J Walsh
6f8d76967a * Fri May 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.19-1
- Update to match NSA
2007-05-18 14:44:34 +00:00
Daniel J Walsh
5bafb36498 * Tue May 4 2007 Dan Walsh <dwalsh@redhat.com> 2.0.16-1
- Updated version of policycoreutils
	* Merged support for modifying the prefix via semanage from Dan Walsh.
- Fixed genhomedircon to find homedirs correctly.
2007-05-04 17:30:00 +00:00
Daniel J Walsh
323af3f0d5 * Tue May 1 2007 Dan Walsh <dwalsh@redhat.com> 2.0.15-1
- Updated version of policycoreutils
	* Merged po file updates from Dan Walsh.
- Fix semanage to be able to modify prefix in user record
2007-05-01 13:44:29 +00:00
Daniel J Walsh
ad6111b387 * Wed Apr 25 2007 Dan Walsh <dwalsh@redhat.com> 2.0.14-1
- Updated version of policycoreutils
	* Build fix for setsebool.
2007-04-26 00:28:19 +00:00
Daniel J Walsh
0652cce264 * Wed Apr 25 2007 Dan Walsh <dwalsh@redhat.com> 2.0.13-1
- Updated version of policycoreutils
	* Merged setsebool patch to only use libsemanage for persistent boolean changes from Stephen Smalley.
	* Merged genhomedircon patch to use the __default__ setting from Dan Walsh.
	* Dropped -b option from load_policy in preparation for always preserving booleans across reloads in the kernel.
2007-04-25 15:32:00 +00:00