SHA256
1
0
forked from pool/libselinux
Commit Graph

86 Commits

Author SHA256 Message Date
Johannes Segitz
8a0ed0bdd6 Accepting request 820925 from home:jsegitz:branches:security:SELinux
- Update to version 3.1:
  * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were
    removed. All userspace object managers should have been updated to use the
    dynamic class/perm mapping support.
    Use string_to_security_class(3) and string_to_av_perm(3) to map the class
    and permission names to their policy values, or selinux_set_mapping(3) to
    create a mapping from class and permission index values used by the
    application to the policy values.
  * Removed restrictions in libsepol and checkpolicy that required all declared
    initial SIDs to be assigned a context.
  * Support for new policy capability genfs_seclabel_symlinks
  * selinuxfs is mounted with noexec and nosuid
  * `security_compute_user()` was deprecated
  * Refreshed python3.8-compat.patch

- Update to version 3.1:
  * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were
    removed. All userspace object managers should have been updated to use the
    dynamic class/perm mapping support.
    Use string_to_security_class(3) and string_to_av_perm(3) to map the class
    and permission names to their policy values, or selinux_set_mapping(3) to
    create a mapping from class and permission index values used by the
    application to the policy values.
  * Removed restrictions in libsepol and checkpolicy that required all declared
    initial SIDs to be assigned a context.
  * Support for new policy capability genfs_seclabel_symlinks
  * selinuxfs is mounted with noexec and nosuid
  * `security_compute_user()` was deprecated

OBS-URL: https://build.opensuse.org/request/show/820925
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=126
2020-07-14 14:13:39 +00:00
Johannes Segitz
c400328f5b Accepting request 810878 from home:jsegitz:branches:security:SELinux
- Added skip_cycles.patch to skip directory cycles and not error
  out

OBS-URL: https://build.opensuse.org/request/show/810878
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=124
2020-06-02 15:31:13 +00:00
Johannes Segitz
8d14ff5615 Accepting request 781796 from home:jsegitz:branches:security:SELinux
- Update to version 3.0
  * Ignore the stem when looking up all matches in file context
  * Save digest of all partial matches for directory
  * Use Python distutils to install SELinux python bindings
  * ensure that digest_len is not zero
  * fix string conversion of unknown perms
  * mark all exported function "extern"

- Update to version 3.0
  * Ignore the stem when looking up all matches in file context
  * Save digest of all partial matches for directory
  * Use Python distutils to install SELinux python bindings
  * ensure that digest_len is not zero
  * fix string conversion of unknown perms
  * mark all exported function "extern"
  Dropped Use-Python-distutils-to-install-SELinux.patch, included
  upstream

OBS-URL: https://build.opensuse.org/request/show/781796
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=122
2020-03-05 10:13:39 +00:00
Johannes Segitz
bdda6228da Accepting request 757382 from home:jsegitz:branches:security:SELinux
- Added swig4_moduleimport.patch to prevent import errors due to
  SWIG 4

OBS-URL: https://build.opensuse.org/request/show/757382
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=120
2019-12-16 16:05:46 +00:00
Johannes Segitz
3eb0216478 Accepting request 748053 from home:jsegitz:branches:security:SELinux
- Added Use-Python-distutils-to-install-SELinux.patch to use 
  Python's distutils instead of building and installing python 
  bindings manually

OBS-URL: https://build.opensuse.org/request/show/748053
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=118
2019-11-13 08:25:35 +00:00
Johannes Segitz
b41ac15d94 Accepting request 744322 from home:mcepl:branches:security:SELinux
Add python3.8-compat.patch which makes build possible even with
Python 3.8, which doesn’t automatically adds -lpython<ver>

OBS-URL: https://build.opensuse.org/request/show/744322
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=117
2019-11-11 07:03:37 +00:00
962c260ba0 Accepting request 705829 from home:marxin:branches:security:SELinux
- Disable LTO (boo#1133244).

OBS-URL: https://build.opensuse.org/request/show/705829
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=114
2019-06-12 09:33:33 +00:00
Johannes Segitz
4a6ecd2856 Accepting request 707195 from home:jsegitz:branches:security:SELinux
- In selinux-ready
  * Removed check for selinux-policy package as we don't ship one
    (bsc#1136845)
  * Add check that restorecond is installed and enabled

OBS-URL: https://build.opensuse.org/request/show/707195
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=113
2019-06-03 14:23:38 +00:00
Johannes Segitz
4947377882 Accepting request 705234 from home:jsegitz:branches:security:SELinux
- Set License: to correct value (bsc#1135710)

- Set License: to correct value (bsc#1135710)

OBS-URL: https://build.opensuse.org/request/show/705234
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=111
2019-05-24 12:37:42 +00:00
Johannes Segitz
32407a8d14 Accepting request 697749 from home:marxin:branches:security:SELinux
- Disable LTO (boo#1133244).

OBS-URL: https://build.opensuse.org/request/show/697749
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=109
2019-04-26 07:36:49 +00:00
Johannes Segitz
dd555c640a OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=107 2019-03-21 09:41:17 +00:00
Johannes Segitz
a921acf0e7 Accepting request 662825 from home:jsegitz:branches:security:SELinux
- Remove unneeded build requires for python3 (bsc#1120255)

OBS-URL: https://build.opensuse.org/request/show/662825
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=105
2019-01-04 14:49:04 +00:00
Johannes Segitz
310d40239e Accepting request 657437 from home:jsegitz:branches:security:SELinux
OBS-URL: https://build.opensuse.org/request/show/657437
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=104
2018-12-12 09:53:37 +00:00
Johannes Segitz
eeaec68a4f Accepting request 657416 from home:jsegitz:branches:security:SELinux
- Update to version 2.8 (bsc#1111732). 
  For changes please see
  https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt
- ran spec-cleaner on spec files
  For changes please see
  https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt
  For changes please see
  https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt
- ran spec-cleaner on spec files
  For changes please see
  https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt

OBS-URL: https://build.opensuse.org/request/show/657416
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=103
2018-12-12 09:16:33 +00:00
Johannes Segitz
89b8affa1a Accepting request 657404 from security:SELinux
Revert to revision pre merged -bindigs

OBS-URL: https://build.opensuse.org/request/show/657404
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=102
2018-12-12 08:31:21 +00:00
OBS User buildservice-autocommit
9af355fb4d Updating link to change in openSUSE:Factory/libselinux revision 51.0
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=3cf65fff759ee1875ede1cd2103c8ed6
2018-12-10 21:42:31 +00:00
Johannes Segitz
8b14e33853 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=100 2018-12-06 14:43:31 +00:00
Johannes Segitz
4d22c060dd Accepting request 652674 from home:jengelh:branches:security:SELinux
- Replace old $RPM_* shell vars.

OBS-URL: https://build.opensuse.org/request/show/652674
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=99
2018-12-01 07:36:52 +00:00
Johannes Segitz
f0b2b5c4ba Accepting request 651402 from home:jsegitz:branches:security:SELinux
OBS-URL: https://build.opensuse.org/request/show/651402
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=98
2018-11-23 15:27:12 +00:00
Vítězslav Čížek
a92929b64d Accepting request 642651 from home:jsegitz:branches:security:SELinux
- Update to version 2.8 (bsc#1111732)

- Update to version 2.8 (bsc#1111732)

OBS-URL: https://build.opensuse.org/request/show/642651
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=97
2018-10-23 12:13:57 +00:00
Johannes Segitz
f80cff1a4a Accepting request 609004 from home:mcepl:SELinux
Rebase to 2.7

OBS-URL: https://build.opensuse.org/request/show/609004
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=96
2018-05-23 07:59:14 +00:00
Johannes Segitz
a9b0f4a216 Accepting request 590073 from home:jsegitz:branches:libselinux
- Updated spec file to use python3. Added python3.patch to fix
  build

OBS-URL: https://build.opensuse.org/request/show/590073
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=94
2018-03-22 10:58:22 +00:00
Johannes Segitz
b0259f782e OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=92 2017-11-27 09:18:52 +00:00
9e1669780b Accepting request 513170 from home:Andreas_Schwab:glibc:rebuild
- readv-proto.patch: include <sys/uio.h> for readv prototype

OBS-URL: https://build.opensuse.org/request/show/513170
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=90
2017-08-03 08:16:09 +00:00
Johannes Segitz
cef88e84da Accepting request 415258 from home:jengelh:branches:security:SELinux
resubmit because merge conflict ensued

- Update RPM groups, trim description and combine filelist entries.
Note that the *SRPM* group field is updated here,
which must not be System/Libraries. Or at least should not be,
because there is a much better group for selinux
(be it System/Base, or Security/lol or D/L/C)

OBS-URL: https://build.opensuse.org/request/show/415258
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=88
2016-07-26 14:56:29 +00:00
Johannes Segitz
1f94f8811a Accepting request 414915 from home:elvigia:branches:security:SELinux
- -devel static subpackage requires libpcre-devel and libsepol-devel

- Avoid mounting /proc outside of selinux_init_load_policy().
  (Stephen Smalley) reverts upstream 5a8d8c4, 9df4988, fixes
  among other things systemd seccomp sandboxing otherwise all
  filters must allow mount(2)
  (libselinux-proc-mount-only-if-needed.patch)

OBS-URL: https://build.opensuse.org/request/show/414915
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=87
2016-07-26 12:15:13 +00:00
Johannes Segitz
2aadb1f9f1 Accepting request 408436 from home:jsegitz:branches:security:SELinux
- Adjusted source link

- Adjusted source link

OBS-URL: https://build.opensuse.org/request/show/408436
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=85
2016-07-14 08:42:04 +00:00
Johannes Segitz
9503bfe5fe Accepting request 408218 from security:SELinux
1

OBS-URL: https://build.opensuse.org/request/show/408218
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=84
2016-07-13 07:22:28 +00:00
Johannes Segitz
9a44e1df85 Accepting request 319563 from home:jsegitz:branches:security:SELinux
- Update to version 2.3 
* Get rid of security_context_t and fix const declarations.
* Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.

- fixed selinux-ready to work with initrd files created by dracut (bsc#940006)

OBS-URL: https://build.opensuse.org/request/show/319563
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=83
2015-07-30 12:06:49 +00:00
Vítězslav Čížek
2e246b5644 Accepting request 308905 from home:dimstar:Factory
Fix building of libselinux-bindings: make proper use of ruby 2.2

OBS-URL: https://build.opensuse.org/request/show/308905
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=81
2015-05-28 09:05:55 +00:00
Johannes Segitz
0b8e4bc585 Accepting request 247967 from home:jsegitz:branches:security:SELinux
- updated selinux-ready script to handle initrd files compressed with xz

OBS-URL: https://build.opensuse.org/request/show/247967
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=79
2014-09-08 09:42:21 +00:00
Johannes Segitz
e6aba78eb0 fixed source URLs
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=77
2014-05-19 10:10:20 +00:00
Johannes Segitz
f034316b28 changed source URL
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=76
2014-05-19 10:09:35 +00:00
Johannes Segitz
69bcccb4c3 Accepting request 234489 from home:elvigia:branches:security:SELinux
- Update to version 2.3 
* Get rid of security_context_t and fix const declarations.
* Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.

OBS-URL: https://build.opensuse.org/request/show/234489
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=75
2014-05-19 07:31:10 +00:00
921d475c08 Accepting request 205373 from home:posophe:branches:security:SELinux
- Update to version 2.2
  * Fix avc_has_perm() returns -1 even when SELinux is in permissive mode.
  * Support overriding Makefile RANLIB
  * Update pkgconfig definition
  * Mount sysfs before trying to mount selinuxfs.
  * Fix man pages
  * Support overriding PATH  and LIBBASE in Makefile
  * Fix LDFLAGS usage
  * Avoid shadowing stat in load_mmap
  * Support building on older PCRE libraries
  * Fix handling of temporary file in sefcontext_compile
  * Fix procattr cache
  * Define python constants for getenforce result
  * Fix label substitution handling of /
  * Add selinux_current_policy_path from
  * Change get_context_list to only return good matches
  * Support udev-197 and higher
  * Add support for local substitutions
  * Change setfilecon to not return ENOSUP if context is already correct
  * Python wrapper leak fixes
  * Export SELINUX_TRANS_DIR definition in selinux.h
  * Add selinux_systemd_contexts_path
  * Add selinux_set_policy_root
  * Add man page for sefcontext_compile
- Remove libselinux-rhat.patch; merged on upstream
- Adapt libselinux-ruby.patch to upstream changes
- Use fdupes to symlink duplicate manpages

OBS-URL: https://build.opensuse.org/request/show/205373
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=73
2013-11-07 10:18:12 +00:00
d86c4f4446 Accepting request 181179 from home:vitezslav_cizek:branches:security:SELinux
- change the source url to the official 2.1.13 release tarball

- change the source url to the official 2.1.13 release tarball

OBS-URL: https://build.opensuse.org/request/show/181179
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=71
2013-07-01 09:25:36 +00:00
3a697a447e Accepting request 176378 from home:jengelh:branches:security:SELinux
- Reuse implicit dependencies injected by pkgconfig

OBS-URL: https://build.opensuse.org/request/show/176378
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=69
2013-05-27 08:46:56 +00:00
d5e79fae52 fixed source url
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=67
2013-04-05 08:29:00 +00:00
9f921c5cff use correct source url
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=66
2013-04-05 08:24:08 +00:00
08d19fcab7 Accepting request 162652 from home:vitezslav_cizek:branches:security:SELinux
- fixed source url in libselinux-bindings.spec
- removed old tarball

OBS-URL: https://build.opensuse.org/request/show/162652
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=65
2013-04-05 07:46:43 +00:00
4b0ee85c84 Accepting request 162382 from home:vitezslav_cizek:branches:security:SELinux
- fix source url
- document changes in libselinux-rhat.patch from previous submission:
  (most code of the removed code was integrated upstream)
  * Add matchpathcon -P /etc/selinux/mls support by allowing users
    to set alternate root
  * Add new constant SETRANS_DIR which points to the directory
    where mstransd can find the socket and libvirt can write its
    translations files

OBS-URL: https://build.opensuse.org/request/show/162382
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=64
2013-04-03 13:10:52 +00:00
eed1af708c Accepting request 161739 from home:vitezslav_cizek:branches:security:SELinux
-update to 2.1.13
 * audit2why: make sure path is nul terminated
 * utils: new file context regex compiler
 * label_file: use precompiled filecontext when possible
 * do not leak mmapfd
 * sefcontontext_compile: Add error handling to help debug problems in libsemanage.
 * man: make selinux.8 mention service man pages
 * audit2why: Fix segfault if finish() called twice
 * audit2why: do not leak on multiple init() calls
 * mode_to_security_class: interface to translate a mode_t in to a security class
 * audit2why: Cleanup audit2why analysys function
 * man: Fix program synopsis and function prototypes in man pages
 * man: Fix man pages formatting
 * man: Fix typo in man page
 * man: Add references and man page links to _raw function variants
 * Use ENOTSUP instead of EOPNOTSUPP for getfilecon functions
 * man: context_new(3): fix the return value description
 * selinux_status_open: handle error from sysconf
 * selinux_status_open: do not leak statusfd on exec
 * Fix errors found by coverity
 * Change boooleans.subs to booleans.subs_dist.
 * optimize set*con functions
 * pkg-config do not specifc ruby version
 * unmap file contexts on selabel_close()
 * do not leak file contexts with mmap'd backend
 * sefcontext_compile: do not leak fd on error
 * matchmediacon: do not leak fd
 * src/label_android_property: do not leak fd on error

OBS-URL: https://build.opensuse.org/request/show/161739
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=63
2013-04-02 11:49:27 +00:00
Vítězslav Čížek
0fcea24e2c - added BuildRequires: pcre-devel
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=61
2013-02-01 13:33:54 +00:00
Vítězslav Čížek
0586d2c8c0 Accepting request 150434 from home:vitezslav_cizek:branches:security:SELinux
- update to 2.1.12

- update to 2.1.12
  - added the recent libselinux-rhat.patch
  * Add support for lxc_contexts_path
  * utils: add service to getdefaultcon
  * libsemanage: do not set soname needlessly
  * libsemanage: remove PYTHONLIBDIR and ruby equivalent
  * boolean name equivalency
  * getsebool: support boolean name substitution
  * Add man page for new selinux_boolean_sub function.
  * expose selinux_boolean_sub
  * matchpathcon: add -m option to force file type check
  * utils: avcstat: clear sa_mask set
  * seusers: Check for strchr failure
  * booleans: initialize pointer to silence coveriety
  * stop messages when SELinux disabled
  * Ensure that we only close the selinux netlink socket once.
  * improve the file_contexts.5 manual page
  * Fortify source now requires all code to be compiled with -O flag
  * asprintf return code must be checked
  * avc_netlink_recieve handle EINTR
  * audit2why: silence -Wmissing-prototypes warning
  * libsemanage: remove build warning when build swig c files
  * matchpathcon: bad handling of symlinks in /
  * seusers: remove unused lineno
  * seusers: getseuser: gracefully handle NULL service
  * New Android property labeling backend
  * label_android_property whitespace cleanups
  * additional makefile support for rubywrap

OBS-URL: https://build.opensuse.org/request/show/150434
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=60
2013-01-31 15:22:24 +00:00
Vítězslav Čížek
db430ea9d8 Accepting request 147460 from home:jengelh:branches:security:SELinux
- Remove obsolete defines/sections

OBS-URL: https://build.opensuse.org/request/show/147460
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=59
2013-01-08 10:50:42 +00:00
Thomas Biege
f023200040 Accepting request 145303 from home:vitezslav_cizek:branches:security:SELinux
- update selinux-ready script
  * use -L when stat()ing /etc/selinux/config
  * make sure that SELINUX isn't disabled in /etc/selinux/config
  * look for either of /sys/fs/selinux and /selinux directory
  * use systemctl to check for restorecond
  * don't look for booleans file (deprecated)

OBS-URL: https://build.opensuse.org/request/show/145303
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=57
2012-12-14 14:01:01 +00:00
a3f964e427 Accepting request 143038 from home:vitezslav_cizek:branches:security:SELinux
- update selinux-ready script

OBS-URL: https://build.opensuse.org/request/show/143038
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=55
2012-11-27 14:46:54 +00:00
9696cb31b5 - updated to 2.1.9 again (see below)
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=53
2012-08-10 19:40:37 +00:00
146d4e58d3 selinuxexeccon
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=52
2012-07-25 13:33:06 +00:00
80abb8133f refreshed patch
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=51
2012-07-25 11:46:17 +00:00