| 2.0.83 2010-06-10 |
| * Add sandbox support from Dan Walsh with modifications from Steve Lawrence. |
| |
| 2.0.82 2010-03-12 |
| * Add avc's since boot from Dan Walsh. |
| |
| 2.0.81 2010-03-12 |
| * Add dontaudit flag to audit2allow from Dan Walsh. |
| |
| 2.0.80 2010-03-06 |
| * Module enable/disable support from Dan Walsh. |
| |
| 2.0.79 2010-01-26 |
| * Fix double-free in newrole |
| |
| 2.0.78 2009-11-27 |
| * Remove non-working OUTFILE from fixfiles from Dan Walsh. |
| * Additional exception handling in chcat from Dan Walsh. |
| |
| 2.0.77 2009-11-19 |
| * Fixed bug preventing semanage node -a from working |
| from Chad Sellers |
| * Fixed bug preventing semanage fcontext -l from working |
| from Chad Sellers |
| |
| 2.0.76 2009-11-18 |
| * Remove setrans management from semanage, as it does not work |
| from Dan Walsh. |
| * Move load_policy from /usr/sbin to /sbin from Dan Walsh. |
| |
| 2.0.75 2009-11-02 |
| * Factor out restoring logic from setfiles.c into restore.c |
| |
| 2.0.74 2009-09-16 |
| * Change semodule upgrade behavior to install even if the module |
| is not present from Dan Walsh. |
| * Make setfiles label if selinux is disabled and a seclabel aware |
| kernel is running from Caleb Case. |
| * Clarify forkpty() error message in run_init from Manoj Srivastava. |
| |
| 2.0.73 2009-09-04 |
| * Add semanage dontaudit to turn off dontaudits from Dan Walsh. |
| * Fix semanage to set correct mode for setrans file from Dan Walsh. |
| * Fix malformed dictionary in portRecord from Dan Walsh. |
| |
| 2.0.72 2009-09-03 |
| * Restore symlink handling support to restorecon based on a patch by |
| Martin Orr. This fixes the restorecon /dev/stdin performed by Debian |
| udev scripts that was broken by policycoreutils 2.0.70. |
| |
| 2.0.71 2009-08-11 |
| * Modify setfiles/restorecon checking of exclude paths. Only check |
| user-supplied exclude paths (not automatically generated ones based on |
| lack of seclabel support), don't require them to be directories, and |
| ignore permission denied errors on them (it is ok to exclude a path to |
| which the caller lacks permission). |
| |
| 2.0.70 2009-08-04 |
| * Modify restorecon to only call realpath() on user-supplied pathnames |
| from Stephen Smalley. |
| |
| 2.0.69 2009-07-30 |
| * Fix typo in fixfiles that prevented it from relabeling btrfs |
| filesystems from Dan Walsh. |
| |
| 2.0.68 2009-07-24 |
| * Modify setfiles to exclude mounts without seclabel option in |
| /proc/mounts on kernels >= 2.6.30 from Thomas Liu. |
| |
| 2.0.67 2009-07-07 |
| * Re-enable disable_dontaudit rules upon semodule -B from Christopher |
| Pardy and Dan Walsh. |
| |
| 2.0.66 2009-07-07 |
| * setfiles converted to fts from Thomas Liu. |
| |
| 2.0.65 2009-06-24 |
| * Remove gui from po/Makefile and po/POTFILES and regenerate po files |
| |
| 2.0.64 2009-06-22 |
| * Keep setfiles from spamming console from Dan Walsh. |
| * Fix chcat's category expansion for users from Dan Walsh. |
| |
| 2.0.63 2009-05-15 |
| * Fix transaction checking from Dan Walsh. |
| * Make fixfiles -R (for rpm) recursive. |
| * Make semanage permissive clean up after itself from Dan Walsh. |
| * add /root/.ssh/* to restorecond.conf |
| |
| 2.0.62 2009-02-19 |
| * Add btrfs to fixfiles from Dan Walsh. |
| * Remove restorecond error for matching globs with multiple hard links |
| and fix some error messages from Dan Walsh. |
| * Make removing a non-existant module a warning rather than an error |
| from Dan Walsh. |
| * Man page fixes from Dan Walsh. |
| |
| 2.0.61 2009-01-12 |
| * chcat: cut categories at arbitrary point (25) from Dan Walsh |
| * semodule: use new interfaces in libsemanage for compressed files |
| from Dan Walsh |
| * audit2allow: string changes for usage |
| |
| 2.0.60 2008-11-12 |
| * semanage: use semanage_mls_enabled() from Stephen Smalley. |
| |
| 2.0.59 2008-11-11 |
| * fcontext add checked local records twice, fix from Dan Walsh. |
| |
| 2.0.58 2008-11-09 |
| * Allow local file context entries to override policy entries in |
| semanage from Dan Walsh. |
| * Newrole error message corrections from Dan Walsh. |
| * Add exception to audit2why call in audit2allow from Dan Walsh. |
| |
| 2.0.57 2008-09-18 |
| * Update po files from Dan Walsh. |
| |
| 2.0.56 2008-09-12 |
| * fixfiles will now remove all files in /tmp and will check for |
| unlabeled_t in /tmp and /var/tmp from Dan Walsh. |
| * add glob support to restorecond from Dan Walsh. |
| * allow semanage to handle multi-line commands in a single transaction |
| from Dan Walsh. |
| |
| 2.0.55 2008-08-26 |
| * Merged semanage node support from Christian Kuester. |
| |
| 2.0.54 2008-08-05 |
| * Add support for boolean files and group support for seusers from Dan Walsh. |
| * Ensure that setfiles -p output is newline terminated from Russell Coker. |
| |
| 2.0.53 2008-07-29 |
| * Change setfiles to validate all file_contexts files when using -c from Stephen Smalley. |
| |
| 2.0.52 2008-07-02 |
| * Add permissive domain capability to semanage from Dan Walsh. |
| |
| 2.0.51 2008-06-28 |
| * Add onboot option to fixfiles from Dan Walsh. |
| * Change restorecon.init to not run on boot by default from Dan Walsh. |
| |
| 2.0.50 2008-06-30 |
| * Fix audit2allow generation of role-type rules from Karl MacMillan. |
| |
| 2.0.49 2008-05-16 |
| * Remove security_check_context calls for prefix validation from semanage. |
| |
| 2.0.48 2008-05-16 |
| * Change setfiles and restorecon to not relabel if the file already has the correct context value even if -F/force is specified. |
| |
| 2.0.47 2008-04-18 |
| * Update semanage man page for booleans from Dan Walsh. |
| * Add further error checking to seobject.py for setting booleans. |
| |
| 2.0.46 2008-03-18 |
| * Update audit2allow to report dontaudit cases from Dan Walsh. |
| |
| 2.0.45 2008-03-18 |
| * Fix semanage port to use --proto from Caleb Case. |
| |
| 2.0.44 2008-02-22 |
| * Fixed semodule to correctly handle error when unable to create a handle. |
| |
| 2.0.43 2008-02-08 |
| * Merged fix fixfiles option processing from Vaclav Ovsik. |
| |
| 2.0.42 2008-02-02 |
| * Make semodule_expand use sepol_set_expand_consume_base to reduce |
| peak memory usage. |
| |
| 2.0.41 2008-01-28 |
| * Merged audit2why fix and semanage boolean --on/--off/-1/-0 support from Dan Walsh. |
| |
| 2.0.40 2008-01-25 |
| * Merged a second fixfiles -C fix from Marshall Miller. |
| |
| 2.0.39 2008-01-24 |
| * Merged fixfiles -C fix from Marshall Miller. |
| |
| 2.0.38 2008-01-24 |
| * Merged audit2allow cleanups and boolean descriptions from Dan Walsh. |
| * Merged setfiles -0 support by Benny Amorsen via Dan Walsh. |
| * Merged fixfiles fixes and support for ext4 and gfs2 from Dan Walsh. |
| |
| 2.0.37 2008-01-23 |
| * Merged replacement for audit2why from Dan Walsh. |
| |
| 2.0.36 2008-01-23 |
| * Merged update to chcat, fixfiles, and semanage scripts from Dan Walsh. |
| |
| 2.0.35 2007-12-21 |
| * Merged support for non-interactive newrole command invocation from Tim Reed. |
| |
| 2.0.34 2007-12-14 |
| * Update Makefile to not build restorecond if |
| /usr/include/sys/inotify.h is not present |
| |
| 2.0.33 2007-12-07 |
| * Drop verbose output on fixfiles -C from Dan Walsh. |
| * Fix argument handling in fixfiles from Dan Walsh. |
| * Enhance boolean support in semanage, including using the .xml description when available, from Dan Walsh. |
| |
| 2.0.32 2007-10-16 |
| * load_policy initial load option from Chad Sellers. |
| |
| 2.0.31 2007-10-15 |
| * Fix semodule option handling from Dan Walsh. |
| |
| 2.0.30 2007-10-11 |
| * Add deleteall support for ports and fcontexts in semanage from Dan Walsh. |
| |
| 2.0.29 2007-10-05 |
| * Add genhomedircon script to invoke semodule -Bn from Dan Walsh. |
| |
| 2.0.28 2007-10-05 |
| * Update semodule man page for -D from Dan Walsh. |
| * Add boolean, locallist, deleteall, and store support to semanage from Dan Walsh. |
| |
| 2.0.27 2007-09-19 |
| * Improve semodule reporting of system errors from Stephen Smalley. |
| |
| 2.0.26 2007-09-18 |
| * Fix setfiles selabel option flag setting for 64-bit from Stephen Smalley. |
| |
| 2.0.25 2007-08-23 |
| * Remove genhomedircon script (functionality is now provided |
| within libsemanage) from Todd Miller. |
| |
| 2.0.24 2007-08-23 |
| * Fix genhomedircon searching for USER from Todd Miller |
| * Install run_init with mode 0755 from Dan Walsh. |
| * Fix chcat from Dan Walsh. |
| * Fix fixfiles pattern expansion and error reporting from Dan Walsh. |
| * Optimize genhomedircon to compile regexes once from Dan Walsh. |
| * Fix semanage gettext call from Dan Walsh. |
| |
| 2.0.23 2007-08-16 |
| * Disable dontaudits via semodule -D |
| |
| 2.0.22 2007-06-20 |
| * Rebase setfiles to use new labeling interface. |
| |
| 2.0.21 2007-06-13 |
| * Fixed setsebool (falling through to error path on success). |
| |
| 2.0.20 2007-06-05 |
| * Merged genhomedircon fixes from Dan Walsh. |
| * Merged setfiles -c usage fix from Dan Walsh. |
| * Merged restorecon fix from Yuichi Nakamura. |
| * Dropped -lsepol where no longer needed. |
| |
| 2.0.19 2007-05-11 |
| * Merge newrole support for alternate pam configs from Ted X Toth. |
| |
| 2.0.18 2007-05-11 |
| * Merged merging of restorecon into setfiles from Stephen Smalley. |
| |
| 2.0.17 2007-05-09 |
| * Merged genhomedircon fix to find conflicting directories correctly from Dan Walsh. |
| |
| 2.0.16 2007-05-03 |
| * Merged support for modifying the prefix via semanage from Dan Walsh. |
| |
| 2.0.15 2007-04-26 |
| * Merged move of audit2why to /usr/bin from Dan Walsh. |
| |
| 2.0.14 2007-04-25 |
| * Build fix for setsebool. |
| |
| 2.0.13 2007-04-24 |
| * Merged setsebool patch to only use libsemanage for persistent boolean changes from Stephen Smalley. |
| |
| 2.0.12 2007-04-24 |
| * Merged genhomedircon patch to use the __default__ setting from Dan Walsh. |
| |
| 2.0.11 2007-04-24 |
| * Dropped -b option from load_policy in preparation for always preserving booleans across reloads in the kernel. |
| |
| 2.0.10 2007-04-24 |
| * Merged chcat, fixfiles, genhomedircon, restorecond, and restorecon patches from Dan Walsh. |
| |
| 2.0.9 2007-04-12 |
| * Merged seobject setransRecords patch to return the first alias from Xavier Toth. |
| |
| 2.0.8 2007-04-10 |
| * Merged updates to sepolgen-ifgen from Karl MacMillan. |
| |
| 2.0.7 2007-03-01 |
| * Merged restorecond init script LSB compliance patch from Steve Grubb. |
| |
| 2.0.6 2007-02-22 |
| * Merged newrole O_NONBLOCK fix from Linda Knippers. |
| |
| 2.0.5 2007-02-22 |
| * Merged sepolgen and audit2allow patches to leave generated files |
| in the current directory from Karl MacMillan. |
| |
| 2.0.4 2007-02-22 |
| * Merged restorecond memory leak fix from Steve Grubb. |
| |
| 2.0.3 2007-02-21 |
| * Merged translations update from Dan Walsh. |
| * Merged chcat fixes from Dan Walsh. |
| * Merged man page fixes from Dan Walsh. |
| * Merged seobject prefix validity checking from Dan Walsh. |
| |
| 2.0.2 2007-02-20 |
| * Merged seobject exception handler fix from Caleb Case. |
| * Merged setfiles memory leak patch from Todd Miller. |
| |
| 2.0.1 2007-02-08 |
| * Merged small fix to correct include of errcodes.h in semodule_deps from Dan Walsh. |
| |
| 2.0.0 2007-02-05 |
| * Merged new audit2allow from Karl MacMillan. |
| This audit2allow depends on the new sepolgen python module. |
| Note that you must run the sepolgen-ifgen tool to generate |
| the data needed by audit2allow to generate refpolicy. |
| |
| 1.34.1 2007-01-22 |
| * Fixed newrole non-pam build. |
| |
| 1.34.0 2007-01-18 |
| * Updated version for stable branch. |
| |
| 1.33.16 2007-01-18 |
| * Merged po file updates from Dan Walsh. |
| * Removed update-po from all target in po/Makefile. |
| |
| 1.33.15 2007-01-17 |
| * Merged unicode-to-string fix for seobject audit from Dan Walsh. |
| * Merged man page updates to make "apropos selinux" work from Dan Walsh. |
| |
| 1.33.14 2007-01-16 |
| * Merged newrole man page patch from Michael Thompson. |
| |
| 1.33.13 2007-01-16 |
| * Merged patch to fix python unicode problem from Dan Walsh. |
| |
| 1.33.12 2007-01-11 |
| * Merged newrole securetty check from Dan Walsh. |
| * Merged semodule patch to generalize list support from Karl MacMillan. |
| |
| 1.33.11 2007-01-09 |
| * Merged fixfiles and seobject fixes from Dan Walsh. |
| * Merged semodule support for list of modules after -i from Karl MacMillan. |
| |
| 1.33.10 2007-01-08 |
| * Merged patch to correctly handle a failure during semanage handle |
| creation from Karl MacMillan. |
| |
| 1.33.9 2007-01-05 |
| * Merged patch to fix seobject role modification from Dan Walsh. |
| |
| 1.33.8 2007-01-04 |
| * Merged patches from Dan Walsh to: |
| - omit the optional name from audit2allow |
| - use the installed python version in the Makefiles |
| - re-open the tty with O_RDWR in newrole |
| |
| 1.33.7 2007-01-03 |
| * Patch from Dan Walsh to correctly suppress warnings in load_policy. |
| |
| 1.33.6 2006-11-29 |
| * Patch from Dan Walsh to add an pam_acct_msg call to run_init |
| * Patch from Dan Walsh to fix error code returns in newrole |
| * Patch from Dan Walsh to remove verbose flag from semanage man page |
| * Patch from Dan Walsh to make audit2allow use refpolicy Makefile |
| in /usr/share/selinux/<SELINUXTYPE> |
| |
| 1.33.5 2006-11-27 |
| * Merged patch from Michael C Thompson to clean up genhomedircon |
| error handling. |
| 1.33.4 2006-11-21 |
| * Merged po file updates from Dan Walsh. |
| |
| 1.33.3 2006-11-21 |
| * Merged setsebool patch from Karl MacMillan. |
| This fixes a bug reported by Yuichi Nakamura with |
| always setting booleans persistently on an unmanaged system. |
| |
| 1.33.2 2006-11-20 |
| * Merged patch from Dan Walsh (via Karl MacMillan): |
| * Added newrole audit message on login failure |
| * Add /var/log/wtmp to restorecond.conf watch list |
| * Fix genhomedircon, semanage, semodule_expand man pages. |
| |
| 1.33.1 2006-11-13 |
| * Merged newrole patch set from Michael Thompson. |
| |
| 1.32 2006-10-17 |
| * Updated version for release. |
| |
| 1.30.31 2006-10-17 |
| * Merged audit2allow -l fix from Yuichi Nakamura. |
| * Merged restorecon -i and -o - support from Karl MacMillan. |
| * Merged semanage/seobject fix from Dan Walsh. |
| * Merged fixfiles -R and verify changes from Dan Walsh. |
| |
| 1.30.30 2006-09-29 |
| * Merged newrole auditing of failures due to user actions from |
| Michael Thompson. |
| |
| 1.30.29 2006-09-13 |
| * Man page corrections from Dan Walsh |
| * Change all python invocations to /usr/bin/python -E |
| * Add missing getopt flags to genhomedircon |
| |
| 1.30.28 2006-09-01 |
| * Merged fix for restorecon // handling from Erich Schubert. |
| * Merged translations update and fixfiles fix from Dan Walsh. |
| |
| 1.30.27 2006-08-24 |
| * Merged fix for restorecon symlink handling from Erich Schubert. |
| |
| 1.30.26 2006-08-11 |
| * Merged semanage local file contexts patch from Chris PeBenito. |
| |
| 1.30.25 2006-08-03 |
| * Merged patch from Dan Walsh with: |
| * audit2allow: process MAC_POLICY_LOAD events |
| * newrole: run shell with - prefix to start a login shell |
| * po: po file updates |
| * restorecond: bail if SELinux not enabled |
| * fixfiles: omit -q |
| * genhomedircon: fix exit code if non-root |
| * semodule_deps: install man page |
| |
| 1.30.24 2006-08-03 |
| * Merged secon Makefile fix from Joshua Brindle. |
| |
| 1.30.23 2006-08-03 |
| * Merged netfilter contexts support patch from Chris PeBenito. |
| |
| 1.30.22 2006-07-28 |
| * Merged restorecond size_t fix from Joshua Brindle. |
| |
| 1.30.21 2006-07-28 |
| * Merged secon keycreate patch from Michael LeMay. |
| |
| 1.30.20 2006-07-26 |
| * Merged restorecond fixes from Dan Walsh. |
| Merged updated po files from Dan Walsh. |
| |
| 1.30.19 2006-07-26 |
| * Merged python gettext patch from Stephen Bennett. |
| |
| 1.30.18 2006-07-25 |
| * Merged semodule_deps from Karl MacMillan. |
| |
| 1.30.17 2006-06-29 |
| * Lindent. |
| |
| 1.30.16 2006-06-26 |
| * Merged patch from Dan Walsh with: |
| * -p option (progress) for setfiles and restorecon. |
| * disable context translation for setfiles and restorecon. |
| * on/off values for setsebool. |
| |
| 1.30.15 2006-06-26 |
| * Merged setfiles and semodule_link fixes from Joshua Brindle. |
| |
| 1.30.14 2006-06-16 |
| * Merged fix for setsebool error path from Serge Hallyn. |
| |
| 1.30.13 2006-06-16 |
| * Merged patch from Dan Walsh with: |
| * Updated po files. |
| * Fixes for genhomedircon and seobject. |
| * Audit message for mass relabel by setfiles. |
| |
| 1.30.12 2006-06-02 |
| * Updated fixfiles script for new setfiles location in /sbin. |
| |
| 1.30.11 2006-05-26 |
| * Merged more translations from Dan Walsh. |
| * Merged patch to relocate setfiles to /sbin for early relabel |
| when /usr might not be mounted from Dan Walsh. |
| * Merged semanage/seobject patch to preserve fcontext ordering in list. |
| * Merged secon patch from James Antill. |
| |
| 1.30.10 2006-05-22 |
| * Merged patch with updates to audit2allow, secon, genhomedircon, |
| and semanage from Dan Walsh. |
| |
| 1.30.9 2006-05-08 |
| * Fixed audit2allow and po Makefiles for DESTDIR= builds. |
| * Merged .po file patch from Dan Walsh. |
| * Merged bug fix for genhomedircon. |
| |
| 1.30.8 2006-05-08 |
| * Merged patch from Dan Walsh. |
| This includes audit2allow changes for analysis plugins, |
| internationalization support for several additional programs |
| and added po files, some fixes for semanage, and several cleanups. |
| It also adds a new secon utility. |
| |
| 1.30.7 2006-05-05 |
| * Merged fix warnings patch from Karl MacMillan. |
| |
| 1.30.6 2006-04-14 |
| * Merged semanage prefix support from Russell Coker. |
| |
| 1.30.5 2006-04-11 |
| * Added a test to setfiles to check that the spec file is |
| a regular file. |
| |
| 1.30.4 2006-03-29 |
| * Merged audit2allow fixes for refpolicy from Dan Walsh. |
| * Merged fixfiles patch from Dan Walsh. |
| * Merged restorecond daemon from Dan Walsh. |
| |
| 1.30.3 2006-03-29 |
| * Merged semanage non-MLS fixes from Chris PeBenito. |
| |
| 1.30.2 2006-03-29 |
| * Merged semanage and semodule man page examples from Thomas Bleher. |
| |
| 1.30.1 2006-03-20 |
| * Merged semanage labeling prefix patch from Ivan Gyurdiev. |
| |
| 1.30 2006-03-14 |
| * Updated version for release. |
| |
| 1.29.28 2006-03-13 |
| * Merged German translations (de.po) by Debian translation team from Manoj Srivastava. |
| |
| 1.29.27 2006-03-08 |
| * Merged audit2allow -R support, chcat fix, semanage MLS checks |
| and semanage audit calls from Dan Walsh. |
| |
| 1.29.26 2006-02-15 |
| * Merged semanage bug fix patch from Ivan Gyurdiev. |
| |
| 1.29.25 2006-02-14 |
| * Merged improve bindings patch from Ivan Gyurdiev. |
| |
| 1.29.24 2006-02-14 |
| * Merged semanage usage patch from Ivan Gyurdiev. |
| * Merged use PyList patch from Ivan Gyurdiev. |
| |
| 1.29.23 2006-02-13 |
| * Merged newrole -V/--version support from Glauber de Oliveira Costa. |
| |
| 1.29.22 2006-02-13 |
| * Merged genhomedircon prefix patch from Dan Walsh. |
| |
| 1.29.21 2006-02-13 |
| * Merged optionals in base patch from Joshua Brindle. |
| |
| 1.29.20 2006-02-07 |
| * Merged seuser/user_extra support patch to semodule_package |
| from Joshua Brindle. |
| |
| 1.29.19 2006-02-06 |
| * Merged getopt type fix for semodule_link/expand and sestatus |
| from Chris PeBenito. |
| |
| 1.29.18 2006-02-02 |
| * Merged clone record on set_con patch from Ivan Gyurdiev. |
| |
| 1.29.17 2006-01-30 |
| * Merged genhomedircon fix from Dan Walsh. |
| |
| 1.29.16 2006-01-30 |
| * Merged seusers.system patch from Ivan Gyurdiev. |
| * Merged improve port/fcontext API patch from Ivan Gyurdiev. |
| * Merged genhomedircon patch from Dan Walsh. |
| |
| 1.29.15 2006-01-27 |
| * Merged newrole audit patch from Steve Grubb. |
| |
| 1.29.14 2006-01-27 |
| * Merged seuser -> seuser local rename patch from Ivan Gyurdiev. |
| |
| 1.29.13 2006-01-27 |
| * Merged semanage and semodule access check patches from Joshua Brindle. |
| |
| 1.29.12 2006-01-26 |
| * Merged restorecon, chcat, and semanage patches from Dan Walsh. |
| |
| 1.29.11 2006-01-25 |
| * Modified newrole and run_init to use the loginuid when |
| supported to obtain the Linux user identity to re-authenticate, |
| and to fall back to real uid. Dropped the use of the SELinux |
| user identity, as Linux users are now mapped to SELinux users |
| via seusers and the SELinux user identity space is separate. |
| |
| 1.29.10 2006-01-20 |
| * Merged semanage bug fixes from Ivan Gyurdiev. |
| * Merged semanage fixes from Russell Coker. |
| * Merged chcat.8 and genhomedircon patches from Dan Walsh. |
| |
| 1.29.9 2006-01-19 |
| * Merged chcat, semanage, and setsebool patches from Dan Walsh. |
| |
| 1.29.8 2006-01-18 |
| * Merged semanage fixes from Ivan Gyurdiev. |
| * Merged semanage fixes from Russell Coker. |
| * Merged chcat, genhomedircon, and semanage diffs from Dan Walsh. |
| |
| 1.29.7 2006-01-13 |
| * Merged newrole cleanup patch from Steve Grubb. |
| * Merged setfiles/restorecon performance patch from Russell Coker. |
| * Merged genhomedircon and semanage patches from Dan Walsh. |
| |
| 1.29.6 2006-01-12 |
| * Merged remove add_local/set_local patch from Ivan Gyurdiev. |
| |
| 1.29.5 2006-01-05 |
| * Added filename to semodule error reporting. |
| |
| 1.29.4 2006-01-05 |
| * Merged genhomedircon and semanage patch from Dan Walsh. |
| * Changed semodule error reporting to include argv[0]. |
| |
| 1.29.3 2006-01-04 |
| * Merged semanage getpwnam bug fix from Serge Hallyn (IBM). |
| * Merged patch series from Ivan Gyurdiev. |
| This includes patches to: |
| - cleanup setsebool |
| - update setsebool to apply active booleans through libsemanage |
| - update semodule to use the new semanage_set_rebuild() interface |
| - fix various bugs in semanage |
| * Merged patch from Dan Walsh (Red Hat). |
| This includes fixes for restorecon, chcat, fixfiles, genhomedircon, |
| and semanage. |
| |
| 1.29.2 2005-12-14 |
| * Merged patch for chcat script from Dan Walsh. |
| |
| 1.29.1 2005-12-08 |
| * Merged fix for audit2allow long option list from Dan Walsh. |
| * Merged -r option for restorecon (alias for -R) from Dan Walsh. |
| * Merged chcat script and man page from Dan Walsh. |
| |
| 1.28 2005-12-07 |
| * Updated version for release. |
| |
| 1.27.37 2005-12-07 |
| * Clarified the genhomedircon warning message. |
| |
| 1.27.36 2005-12-05 |
| * Changed genhomedircon to warn on use of ROLE in homedir_template |
| if using managed policy, as libsemanage does not yet support it. |
| |
| 1.27.35 2005-12-02 |
| * Merged genhomedircon bug fix from Dan Walsh. |
| |
| 1.27.34 2005-12-02 |
| * Revised semodule* man pages to refer to checkmodule and |
| to include example sections. |
| |
| 1.27.33 2005-12-01 |
| * Merged audit2allow --tefile and --fcfile support from Dan Walsh. |
| * Merged genhomedircon fix from Dan Walsh. |
| * Merged semodule* man pages from Dan Walsh, and edited them. |
| |
| 1.27.32 2005-12-01 |
| * Changed setfiles to set the MATCHPATHCON_VALIDATE flag to |
| retain validation/canonicalization of contexts during init. |
| |
| 1.27.31 2005-11-29 |
| * Changed genhomedircon to always use user_r for the role in the |
| managed case since user_get_defrole is broken. |
| |
| 1.27.30 2005-11-29 |
| * Merged sestatus, audit2allow, and semanage patch from Dan Walsh. |
| * Fixed semodule -v option. |
| |
| 1.27.29 2005-11-28 |
| * Merged audit2allow python script from Dan Walsh. |
| (old script moved to audit2allow.perl, will be removed later). |
| * Merged genhomedircon fixes from Dan Walsh. |
| * Merged semodule quieting patch from Dan Walsh |
| (inverts default, use -v to restore original behavior). |
| |
| 1.27.28 2005-11-15 |
| * Merged genhomedircon rewrite from Dan Walsh. |
| |
| 1.27.27 2005-11-09 |
| * Merged setsebool cleanup patch from Ivan Gyurdiev. |
| |
| 1.27.26 2005-11-09 |
| * Added -B (--build) option to semodule to force a rebuild. |
| |
| 1.27.25 2005-11-08 |
| * Reverted setsebool patch to call semanage_set_reload_bools(). |
| * Changed setsebool to disable policy reload and to call |
| security_set_boolean_list to update the runtime booleans. |
| |
| 1.27.24 2005-11-08 |
| * Changed setfiles -c to use new flag to set_matchpathcon_flags() |
| to disable context translation by matchpathcon_init(). |
| |
| 1.27.23 2005-11-07 |
| * Changed setfiles for the context canonicalization support. |
| |
| 1.27.22 2005-11-07 |
| * Changed setsebool to call semanage_is_managed() interface |
| and fall back to security_set_boolean_list() if policy is |
| not managed. |
| |
| 1.27.21 2005-11-07 |
| * Merged setsebool memory leak fix from Ivan Gyurdiev. |
| * Merged setsebool patch to call semanage_set_reload_bools() |
| interface from Ivan Gyurdiev. |
| |
| 1.27.20 2005-11-04 |
| * Merged setsebool patch from Ivan Gyurdiev. |
| This moves setsebool from libselinux/utils to policycoreutils, |
| and rewrites it to use libsemanage for permanent boolean changes. |
| |
| 1.27.19 2005-10-25 |
| * Merged semodule support for reload, noreload, and store options |
| from Joshua Brindle. |
| * Merged semodule_package rewrite from Joshua Brindle. |
| |
| 1.27.18 2005-10-20 |
| * Cleaned up usage and error messages and releasing of memory by |
| semodule_* utilities. |
| |
| 1.27.17 2005-10-20 |
| * Corrected error reporting by semodule. |
| |
| 1.27.16 2005-10-19 |
| * Updated semodule_expand for change to sepol interface. |
| |
| 1.27.15 2005-10-19 |
| * Merged fixes for make DESTDIR= builds from Joshua Brindle. |
| |
| 1.27.14 2005-10-18 |
| * Updated semodule_package for sepol interface changes. |
| |
| 1.27.13 2005-10-17 |
| * Updated semodule_expand/link for sepol interface changes. |
| |
| 1.27.12 2005-10-14 |
| * Merged non-PAM Makefile support for newrole and run_init from Timothy Wood. |
| |
| 1.27.11 2005-10-13 |
| * Updated semodule_expand to use get interfaces for hidden sepol_module_package type. |
| |
| 1.27.10 2005-10-13 |
| * Merged newrole and run_init pam config patches from Dan Walsh (Red Hat). |
| |
| 1.27.9 2005-10-13 |
| * Merged fixfiles patch from Dan Walsh (Red Hat). |
| |
| 1.27.8 2005-10-13 |
| * Updated semodule for removal of semanage_strerror. |
| |
| 1.27.7 2005-10-11 |
| * Updated semodule_link and semodule_expand to use shared libsepol. |
| Fixed audit2why to call policydb_init prior to policydb_read (still |
| uses the static libsepol). |
| |
| 1.27.6 2005-10-07 |
| * Updated for changes to libsepol. |
| Changed semodule and semodule_package to use the shared libsepol. |
| Disabled build of semodule_link and semodule_expand for now. |
| Updated audit2why for relocated policydb internal headers, |
| still needs to be converted to a shared lib interface. |
| |
| 1.27.5 2005-10-06 |
| * Fixed warnings in load_policy. |
| |
| 1.27.4 2005-10-06 |
| * Rewrote load_policy to use the new selinux_mkload_policy() |
| interface provided by libselinux. |
| |
| 1.27.3 2005-09-28 |
| * Merged patch to update semodule to the new libsemanage API |
| and improve the user interface from Karl MacMillan (Tresys). |
| * Modified semodule for the create/connect API split. |
| |
| 1.27.2 2005-09-20 |
| * Merged run_init open_init_pty bug fix from Manoj Srivastava |
| (unblock SIGCHLD). Bug reported by Erich Schubert. |
| |
| 1.27.1 2005-09-20 |
| * Merged error shadowing bug fix for restorecon from Dan Walsh. |
| * Merged setfiles usage/man page update for -r option from Dan Walsh. |
| * Merged fixfiles -C patch to ignore :s0 addition on update |
| to a MCS/MLS policy from Dan Walsh. |
| |
| 1.26 2005-09-06 |
| * Updated version for release. |
| |
| 1.25.9 2005-08-31 |
| * Changed setfiles -c to translate the context to raw format |
| prior to calling libsepol. |
| |
| 1.25.8 2005-08-31 |
| * Changed semodule to report errors even without -v, |
| to detect extraneous arguments, and corrected usage message. |
| |
| 1.25.7 2005-08-25 |
| * Merged patch for fixfiles -C from Dan Walsh. |
| |
| 1.25.6 2005-08-22 |
| * Merged fixes for semodule_link and sestatus from Serge Hallyn (IBM). |
| Bugs found by Coverity. |
| |
| 1.25.5 2005-08-02 |
| * Merged patch to move module read/write code from libsemanage |
| to libsepol from Jason Tang (Tresys). |
| |
| 1.25.4 2005-07-27 |
| * Changed semodule* to link with libsemanage. |
| |
| 1.25.3 2005-07-26 |
| * Merged restorecon patch from Ivan Gyurdiev. |
| |
| 1.25.2 2005-07-11 |
| * Merged load_policy, newrole, and genhomedircon patches from Red Hat. |
| |
| 1.25.1 2005-07-06 |
| * Merged loadable module support from Tresys Technology. |
| |
| 1.24 2005-06-20 |
| * Updated version for release. |
| |
| 1.23.11 2005-05-19 |
| * Merged fixfiles and newrole patch from Dan Walsh. |
| * Merged audit2why man page from Dan Walsh. |
| |
| 1.23.10 2005-05-16 |
| * Extended audit2why to incorporate booleans and local user |
| settings when analyzing audit messages. |
| |
| 1.23.9 2005-05-13 |
| * Updated audit2why for sepol_ prefixes on Flask types to |
| avoid namespace collision with libselinux, and to |
| include <selinux/selinux.h> now. |
| |
| 1.23.8 2005-05-13 |
| * Added audit2why utility. |
| |
| 1.23.7 2005-04-29 |
| * Merged patch for fixfiles from Dan Walsh. |
| Allow passing -F to force reset of customizable contexts. |
| |
| 1.23.6 2005-04-13 |
| * Fixed signed/unsigned pointer bug in load_policy. |
| * Reverted context validation patch for genhomedircon. |
| |
| 1.23.5 2005-04-12 |
| * Reverted load_policy is_selinux_enabled patch from Dan Walsh. |
| Otherwise, an initial policy load cannot be performed using |
| load_policy, e.g. for anaconda. |
| |
| 1.23.4 2005-04-08 |
| * Merged load_policy is_selinux_enabled patch from Dan Walsh. |
| * Merged restorecon verbose output patch from Dan Walsh. |
| * Merged setfiles altroot patch from Chris PeBenito. |
| |
| 1.23.3 2005-03-17 |
| * Merged context validation patch for genhomedircon from Eric Paris. |
| |
| 1.23.2 2005-03-16 |
| * Changed setfiles -c to call set_matchpathcon_flags(3) to |
| turn off processing of .homedirs and .local. |
| |
| 1.23.1 2005-03-14 |
| * Merged rewrite of genhomedircon by Eric Paris. |
| * Changed fixfiles to relabel jfs since it now supports security xattrs |
| (as of 2.6.11). Removed reiserfs until 2.6.12 is released with |
| fixed support for reiserfs and selinux. |
| |
| 1.22 2005-03-09 |
| * Updated version for release. |
| |
| 1.21.22 2005-03-07 |
| * Merged restorecon and genhomedircon patch from Dan Walsh. |
| |
| 1.21.21 2005-02-28 |
| * Merged load_policy and genhomedircon patch from Dan Walsh. |
| |
| 1.21.20 2005-02-24 |
| * Merged fixfiles and genhomedircon patch from Dan Walsh. |
| |
| 1.21.19 2005-02-22 |
| * Merged several fixes from Ulrich Drepper. |
| |
| 1.21.18 2005-02-18 |
| * Changed load_policy to fall back to the original policy upon |
| an error from sepol_genusers(). |
| |
| 1.21.17 2005-02-17 |
| * Merged new genhomedircon script from Dan Walsh. |
| |
| 1.21.16 2005-02-17 |
| * Changed load_policy to call sepol_genusers(). |
| |
| 1.21.15 2005-02-09 |
| * Changed relabel Makefile target to use restorecon. |
| |
| 1.21.14 2005-02-08 |
| * Merged restorecon patch from Dan Walsh. |
| |
| 1.21.13 2005-02-07 |
| * Merged sestatus patch from Dan Walsh. |
| * Merged further change to fixfiles -C from Dan Walsh. |
| |
| 1.21.12 2005-02-02 |
| * Merged further patches for restorecon/setfiles -e and fixfiles -C. |
| |
| 1.21.11 2005-02-02 |
| * Merged patch for fixfiles -C option from Dan Walsh. |
| * Merged patch -e support for restorecon from Dan Walsh. |
| * Merged updated -e support for setfiles from Dan Walsh. |
| |
| 1.21.10 2005-01-31 |
| * Merged patch for open_init_pty from Manoj Srivastava. |
| |
| 1.21.9 2005-01-28 |
| * Merged updated fixfiles script from Dan Walsh. |
| * Merged updated man page for fixfiles from Dan Walsh and re-added unzipped. |
| * Reverted fixfiles patch for file_contexts.local; |
| obsoleted by setfiles rewrite. |
| * Merged error handling patch for restorecon from Dan Walsh. |
| * Merged semi raw mode for open_init_pty helper from Manoj Srivastava. |
| |
| 1.21.8 2005-01-28 |
| * Rewrote setfiles to use matchpathcon and the new interfaces |
| exported by libselinux (>= 1.21.5). |
| |
| 1.21.7 2005-01-27 |
| * Prevent overflow of spec array in setfiles. |
| |
| 1.21.6 2005-01-27 |
| * Merged genhomedircon STARTING_UID bug fix from Dan Walsh. |
| |
| 1.21.5 2005-01-26 |
| * Merged newrole -l support from Darrel Goeddel (TCS). |
| |
| 1.21.4 2005-01-25 |
| * Merged fixfiles patch for file_contexts.local from Dan Walsh. |
| |
| 1.21.3 2005-01-21 |
| * Fixed restorecon to not treat errors from is_context_customizable() |
| as a customizable context. |
| * Merged setfiles/restorecon patch to not reset user field unless |
| -F option is specified from Dan Walsh. |
| |
| 1.21.2 2005-01-21 |
| * Merged open_init_pty helper for run_init from Manoj Srivastava. |
| * Merged audit2allow and genhomedircon man pages from Manoj Srivastava. |
| |
| 1.21.1 2005-01-19 |
| * Merged customizable contexts patch for restorecon/setfiles from Dan Walsh. |
| |
| 1.20 2005-01-06 |
| * Merged fixfiles rewrite from Dan Walsh. |
| * Merged restorecon patch from Dan Walsh. |
| * Merged fixfiles and restorecon patches from Dan Walsh. |
| * Changed restorecon to ignore ENOENT errors from matchpathcon. |
| * Merged nonls patch from Chris PeBenito. |
| * Removed fixfiles.cron. |
| * Merged run_init.8 patch from Dan Walsh. |
| |
| 1.18 2004-11-01 |
| * Merged audit2allow patch from Thomas Bleher, with mods by Dan Walsh. |
| * Merged sestatus patch from Steve Grubb. |
| * Merged fixfiles patch from Dan Walsh. |
| * Added -l option to setfiles to log changes via syslog. |
| * Merged -e option to setfiles to exclude directories. |
| * Merged -R option to restorecon for recursive descent. |
| * Merged sestatus patch from Steve Grubb via Dan Walsh. |
| * Merged load_policy and fixfiles.cron patches from Dan Walsh. |
| * Merged fix for setfiles context validation patch from Colin Walters. |
| * Merged setfiles context validation patch from Colin Walters. |
| * Merged genhomedircon patch from Russell Coker. |
| * Merged restorecon patch from Russell Coker. |
| |
| 1.16 2004-08-13 |
| * Merged audit2allow fix from Tom London. |
| * Merged load_policy man page from Dan Walsh. |
| * Merged newrole bug fix from Chad Hanson. |
| * Changed load_policy to preserve booleans by default. |
| * Changed load_policy to invoke sepol_genbools() instead. |
| * Changed load_policy to also invoke security_load_booleans(). |
| * Merged genhomedircon fixes from Dan Walsh. |
| * Changed restorecon to use realpath. |
| * Merged fixfiles patch from Dan Walsh. |
| * Merged genhomedircon patch from Russell Coker and Dan Walsh. |
| * Merged fixfiles patch and fixfiles.cron script from Dan Walsh. |
| * Merged stat fix for setfiles -s from Russell Coker. |
| |
| 1.14 2004-06-25 |
| * Merged fix for fixfiles. |
| * Merged enhancements to setfiles, fixfiles and restorecon from Dan Walsh. |
| * Merged updated genhomedircon script from Russell Coker. |
| * Merged run_init patch to find initrc_context from Dan Walsh. |
| * Merged fixfiles patch for /etc/selinux from Dan Walsh. |
| * Merged restorecon patch from Dan Walsh. |
| * Merged fixfiles patch from Dan Walsh. |
| |
| 1.12 2004-05-10 |
| * Merged newrole patch from Colin Walters. |
| * Merged fixfiles from Dan Walsh. |
| |
| 1.10 2004-04-05 |
| * Changed setfiles to not abort upon lsetfilecon failures. |
| * Merged sestatus from Chris PeBenito. |
| * Merged fixes for restorecon. |
| * Merged setfiles verbosity patch from Dan Walsh and Stephen Tweedie. |
| * Merged restorecon patch from Dan Walsh. |
| * Revert add_assoc change from setfiles. |
| * Moved restorecon to /sbin. |
| * Disable add_assoc in setfiles by default, use -a to enable. |
| * Merged genhomedircon patch from Dan Walsh. |
| * Merged restorecon patch from Dan Walsh. |
| * Merged setfiles buffer size change from Dan Walsh. |
| * Merged genhomedircon fix from Karl MacMillan of Tresys. |
| This generates separate lines for each prefix. |
| |
| 1.8 2004-03-09 |
| * Merged genhomedircon patch from Karl MacMillan of Tresys. |
| * Removed checkcon script (obsoleted by restorecon -nv). |
| * Replaced restorecon script with C program from Dan Walsh. |
| Uses the new matchpathcon function from libselinux. |
| |
| 1.6 2004-02-18 |
| * Fixed setfiles sorting problem reported by Colin Walters. |
| * Merged setfiles patch from Robert Bihlmeyer, amended by Russell Coker. |
| * Added scripts (checkcon, restorecon, genhomedircon) from Dan Walsh. |
| * Quiet warning about duplicate same specifications if -q is used. |
| * Fixed usage message of audit2allow. |
| |
| 1.4 2003-12-01 |
| * Merged patch from Russell Coker. |
| * Added audit2allow (formerly newrules.pl from policy). |
| * Dropped -lattr from Makefiles. |
| * Merged setfiles check type first patch by Russell Coker. |
| |
| 1.2 2003-09-30 |
| * Merged run_init close file patch from Chris PeBenito. |
| * Merged setfiles stem compression patch by Russell Coker. |
| * Merged setfiles usage/getopt/err patch by Russell Coker. |
| * Merged setfiles altroot patch by Hardened Gentoo team. |
| * Merged i18n patch by Dan Walsh. |
| * Changed Makefiles to allow non-root rpm builds. |
| |
| 1.1 2003-08-13 |
| * Dropped obsolete psid code from setfiles. |
| |
| 1.0 2003-07-11 |
| * Initial public release. |
| |
