------------------------------------------------------------------- Fri Nov 24 09:14:13 UTC 2017 - jsegitz@suse.com - Update to version 2.6. Notable changes: * genhomedircon: do not suppress logging from libsepol * genhomedircon: use userprefix as the role for homedir * Fix bug preventing the installation of base modules * Use pp module name instead of filename when installing module * genhomedircon: remove hardcoded refpolicy strings * genhomedircon: add support for %group syntax * genhomedircon: generate contexts for logins mapped to the default user * Validate and compile file contexts before installing * Swap tcp and udp protocol numbers * genhomedircon: %{USERID} and %{USERNAME} support and code cleanups ------------------------------------------------------------------- Wed Sep 27 15:51:27 UTC 2017 - jmatejek@suse.com - build both python2 and python3 version of the semanage binding with the singlespec machinery ------------------------------------------------------------------- Sun Jul 17 15:21:03 UTC 2016 - jengelh@inai.de - Summary/description update ------------------------------------------------------------------- Fri Jul 8 15:35:05 UTC 2016 - i@marguerite.su - update version 2.5 * Do not overwrite CFLAGS in test Makefile, from Nicolas Iooss. * Fix uninitialized variable in direct_commit and direct_api * semanage_migrate_store: Load libsepol.so.1 instead of libsepol.so * Store homedir_template and users_extra in policy store * Fix null pointer dereference in semanage_module_key_destroy * Add semanage_module_extract() to extract a module as CIL or HLL * semanage_migrate_store: add -r option for migrating inside chroots * Add file_contexts and seusers to the store * Add policy binary and file_contexts.local to the store * Allow to install compressed modules without a compression extension * Do not copy contexts in semanage_migrate_store * Fix logic in bunzip for uncompressed pp files * Fix fname[] initialization in test_utilities.c * Add remove-hll semanage.conf option to remove HLL files after compilation to CIL * Fix memory leaks when parsing semanage.conf * Change bunzip to use heap instead of stack to prevent segfault on systems with small stack size - changes in 2.4 * Fix Makefile to allow LIBDIR and SHLIBDIR to be set to different directories * Fix bugs found by hardened gcc flags * Add missing manpage links to security_load_policy * Fix failing libsemanage pywrap tests * Fix deprecation warning for bison * Skip policy module relink when only setting booleans * Only try to compile file contexts if they exist * Fix memory leak when setting a custom store path * Add semodule option to set store root path in semanage.conf and the semodule command * Add semanage.conf option to set an alternative root path for policy store * Add support for High Level Language (HLL) to CIL compilers. The HLL compiler path is configurable, but should be placed in /usr/libexec/selinux/hll by default * Create a policy migration script for migrating the policy store from /etc/selinux to /var/lib/selinux * Add python3 support to the migration script * Use libcil to compile modules * Use symbolic versioning to maintain ABI compatibility for old install functions * Add a target-platform option to semanage.conf to control how policies are built * Add API to handle modules and source policies, moving module store to /var/lib/selinux * Only try to compile file contexts if they exist - changes in 2.3 * Fix memory leak in semanage_genhomedircon ------------------------------------------------------------------- Thu Oct 31 13:55:06 UTC 2013 - p.drouand@gmail.com - Update to version 2.2 * Avoid duplicate list entries * Add audit support to libsemanage * Remove policy.kern and replace with symlink * Apply a MAX_UID check for genhomedircon * Fix man pages - Add audit-devel BuildRequires; new dependency - Add fdupes BuildRequires and use it to symlink duplicate manpages ------------------------------------------------------------------- Thu Jun 27 14:57:01 UTC 2013 - vcizek@suse.com - change the source url to the official 2.1.10 release tarball ------------------------------------------------------------------- Wed Jan 30 12:01:03 UTC 2013 - vcizek@suse.com - update to 2.1.9 ------------------------------------------------------------------- Mon Jan 7 21:43:31 UTC 2013 - jengelh@inai.de - Remove obsolete defines/sections ------------------------------------------------------------------- Tue Oct 23 05:05:03 UTC 2012 - coolo@suse.com - buildrequire libbz2-devel ------------------------------------------------------------------- Wed Aug 1 07:54:48 UTC 2012 - meissner@suse.com - updated to 2.1.6 * changes too numerous to list ------------------------------------------------------------------- Mon May 23 14:15:42 UTC 2011 - prusnak@opensuse.org - split off python bindings to separate package to reduce build dependencies for rpm [bnc#695436] ------------------------------------------------------------------- Wed May 18 13:38:44 UTC 2011 - coolo@novell.com - add baselibs.conf for rpm-32bit to use ------------------------------------------------------------------- Wed Feb 23 05:42:43 UTC 2011 - coolo@novell.com - disable parallel build, it breaks too often ------------------------------------------------------------------- Thu Feb 25 14:59:32 UTC 2010 - prusnak@suse.cz - updated to 2.0.43 * changes too numerous to list ------------------------------------------------------------------- Fri Jan 16 14:24:38 CET 2009 - prusnak@suse.cz - fix assignment of wrong context [bnc#466793] ------------------------------------------------------------------- Wed Jan 14 14:06:28 CET 2009 - prusnak@suse.cz - updated to 2.0.31 * policy module compression (bzip) support from Dan Walsh * hard link files between tmp/active/previous from Dan Walsh * add semanage_mls_enabled() interface from Stephen Smalley ------------------------------------------------------------------- Mon Dec 1 11:35:58 CET 2008 - prusnak@suse.cz - updated to 2.0.29 * add USER to lines to homedir_template context file * add compression support * allow fcontext and seuser changes without rebuilding the policy * don't rebuild on fcontext or seuser modifications * modify genhomedircon to skip %groupname entries ------------------------------------------------------------------- Wed Oct 22 16:17:23 CEST 2008 - mrueckert@suse.de - fix debug_packages_requires define ------------------------------------------------------------------- Tue Sep 23 12:52:32 CEST 2008 - prusnak@suse.cz - require only version, not release [bnc#429053] ------------------------------------------------------------------- Tue Sep 2 12:13:42 CEST 2008 - prusnak@suse.cz - updated to 2.0.27 * Modify genhomedircon to skip %groupname entries. Ultimately we need to expand them to the list of users to support per-role homedir labeling when using the %groupname syntax. - updated to 2.0.26 * Fix bug in genhomedircon fcontext matches logic from Dan Walsh. Strip any trailing slash before appending /*$. ------------------------------------------------------------------- Fri Aug 1 17:32:21 CEST 2008 - ro@suse.de - fix requires for debuginfo package ------------------------------------------------------------------- Tue Jul 15 16:58:47 CEST 2008 - prusnak@suse.cz - initial version 2.0.25 * based on Fedora package by Dan Walsh