- Changes submitted by MargueriteSu:
Update to version 2.5
* sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss.
* sepolicy: Rename policy global variable conflict, from Nicolas Iooss.
* newrole: Add missing defined in #if, from Nicolas Iooss.
* newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec.
* secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec
* semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach.
* chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville.
* semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach.
* semanage: replace string.join() with str.join(), from Petr Lautrbach.
* Man page warning fixes, from Ville Skyttä.
* sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl.
* semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach.
* sepolicy: Improve sepolicy command line interface, from Petr Lautrbach.
* audit2allow/why: ignore setlocale errors, from Petr Lautrbach.
* semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy.
* audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach.
* Fix PEP8 issues, from Jason Zaman.
* semanage: fix moduleRecords deleteall method, from Stephen Smalley.
* Improve compatibility with Python 3, from Michal Srb.
* semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville.
* semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach.
* sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen.
* mcstransd: don't reinvent getpeercon, from Stephen Smalley.
* setfiles/restorecon: fix -r/-R option, from Petr Lautrbach.
* org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley.
* hll: Move core functions of pp to libsepol, from James Carter
* run_init: Use a ring buffer in open_init_pty, from Jason Zaman.
* run_init: fix open_init_pty availability check, from Nicolas Iooss.
OBS-URL: https://build.opensuse.org/request/show/408447
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/policycoreutils?expand=0&rev=82
- Version 2.3
sepolgen: Add back attributes flag to fix exception crash from Dan Walsh.
(drop policycoreutils-sepolgen_missing_attributes.patch)
* Add -P semodule option to man page from Dan Walsh.
* selinux_current_policy_path will return none on a disabled SELinux system
* Add new icons for sepolicy gui from Dan Walsh.
* Only return writeable files that are enabled from Dan Walsh.
* Add domain to short list of domains, when -t and -d from Dan Walsh.
* Fix up desktop files to match current standards from Dan Walsh.
* Add support to return sensitivities and categories for python from Dan Walsh.
* Cleanup whitespace from Dan Walsh.
* Add message to tell user to install sandbox policy from Dan Walsh.
* Add systemd unit file for mcstrans from Laurent Bigonville.
* Improve restorecond systemd unit file from Laurent Bigonville.
* Minor man pages improvements from Laurent Bigonville.
* Ignore selevel/serange if MLS is disabled from Sven Vermeulen.
* Revert automatic setting of serange and seuser in seobject; was breaking non-MLS systems.
* Apply polkit check on all dbus interfaces and restrict to active user from Dan Walsh.
* Fix typo in sepolicy gui dbus.relabel_on_boot call from Dan Walsh.
* Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh.
* Make yum/extract_rpms optional for sepolicy generate from Dan Walsh.
* Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.
OBS-URL: https://build.opensuse.org/request/show/235966
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/policycoreutils?expand=0&rev=35
- Version 2.3
sepolgen: Add back attributes flag to fix exception crash from Dan Walsh.
(drop policycoreutils-sepolgen_missing_attributes.patch)
* Add -P semodule option to man page from Dan Walsh.
* selinux_current_policy_path will return none on a disabled SELinux system
* Add new icons for sepolicy gui from Dan Walsh.
* Only return writeable files that are enabled from Dan Walsh.
* Add domain to short list of domains, when -t and -d from Dan Walsh.
* Fix up desktop files to match current standards from Dan Walsh.
* Add support to return sensitivities and categories for python from Dan Walsh.
* Cleanup whitespace from Dan Walsh.
* Add message to tell user to install sandbox policy from Dan Walsh.
* Add systemd unit file for mcstrans from Laurent Bigonville.
* Improve restorecond systemd unit file from Laurent Bigonville.
* Minor man pages improvements from Laurent Bigonville.
* Ignore selevel/serange if MLS is disabled from Sven Vermeulen.
* Revert automatic setting of serange and seuser in seobject; was breaking non-MLS systems.
* Apply polkit check on all dbus interfaces and restrict to active user from Dan Walsh.
* Fix typo in sepolicy gui dbus.relabel_on_boot call from Dan Walsh.
* Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh.
* Make yum/extract_rpms optional for sepolicy generate from Dan Walsh.
* Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.
OBS-URL: https://build.opensuse.org/request/show/234490
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/policycoreutils?expand=0&rev=74
