[policycoreutils/f19] Allow hostname to use all inherited ttys
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Aug 28 19:24:04 UTC 2013
commit ecf5132b5cb6186b9e451a27e3ca9cd495df187e
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Aug 28 15:23:43 2013 -0400
Allow hostname to use all inherited ttys
policycoreutils.spec | 215 +++++++++++++++++++++++++-------------------------
1 files changed, 109 insertions(+), 106 deletions(-)
---
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 358f018..d52ae28 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -47,7 +47,7 @@ load_policy to load policies, setfiles to label filesystems, newrole
to switch roles.
%prep
-%setup -q -a 1
+%setup -q -a 1
%patch -p2 -b .rhat
%patch1 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}
%patch2 -p1 -b .f20
@@ -55,7 +55,7 @@ to switch roles.
%build
cp %{SOURCE3} gui/
make LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" SEMODULE_PATH="/usr/sbin" all
-make -C sepolgen-%{sepolgenver} SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all
+make -C sepolgen-%{sepolgenver} SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all
%install
mkdir -p %{buildroot}/var/lib/selinux
@@ -69,7 +69,7 @@ cp COPYING %{buildroot}/%{_usr}/share/doc/%{name}-%{version}/
make LSPP_PRIV=y DESTDIR="%{buildroot}" SBINDIR="%{buildroot}%{_sbindir}" LIBDIR="%{buildroot}%{_libdir}" SEMODULE_PATH="/usr/sbin" install
-# Systemd
+# Systemd
rm -rf %{buildroot}/%{_sysconfdir}/rc.d/init.d/restorecond
make -C sepolgen-%{sepolgenver} DESTDIR="%{buildroot}" SBINDIR="%{buildroot}%{_sbindir}" LIBDIR="%{buildroot}%{_libdir}" install
@@ -97,21 +97,26 @@ rm -f %{buildroot}%{_datadir}/system-config-selinux/system-config-selinux.deskto
%package python
Summary: SELinux policy core python utilities
Group: System Environment/Base
-Requires:policycoreutils = %{version}-%{release}
+Requires:policycoreutils = %{version}-%{release}
Requires:libsemanage-python >= %{libsemanagever} libselinux-python libcgroup
-Requires:audit-libs-python >= %{libauditver}
+Requires:audit-libs-python >= %{libauditver}
Requires(pre): python >= 2.6
Obsoletes: policycoreutils < 2.0.61-2
Requires: python-IPy yum
%description python
-The policycoreutils-python package contains the management tools use to manage
+The policycoreutils-python package contains the management tools use to manage
an SELinux environment.
%files python
%{_sbindir}/semanage
%{_bindir}/chcat
%{_bindir}/sandbox
+%{_bindir}/audit2allow
+%{_bindir}/audit2why
+%{_mandir}/man1/audit2allow.1*
+%{_mandir}/ru/man1/audit2allow.1*
+%{_mandir}/man1/audit2why.1*
%{python_sitearch}/seobject.py*
%{python_sitearch}/sepolgen
%{python_sitearch}/sepolicy
@@ -130,7 +135,7 @@ an SELinux environment.
%package devel
Summary: SELinux policy core policy devel utilities
Group: System Environment/Base
-Requires: policycoreutils-python = %{version}-%{release}
+Requires: policycoreutils-python = %{version}-%{release}
Requires: /usr/bin/make
Requires: checkpolicy
Requires: selinux-policy-devel
@@ -139,16 +144,11 @@ Requires: selinux-policy-devel
The policycoreutils-devel package contains the management tools use to develop policy in an SELinux environment.
%files devel
-%{_bindir}/audit2allow
-%{_bindir}/audit2why
%{_bindir}/sepolgen
%{_bindir}/sepolgen-ifgen
%{_bindir}/sepolgen-ifgen-attr-helper
%dir /var/lib/sepolgen
/var/lib/sepolgen/perm_map
-%{_mandir}/man1/audit2allow.1*
-%{_mandir}/ru/man1/audit2allow.1*
-%{_mandir}/man1/audit2why.1*
%{_bindir}/sepolicy
%{_mandir}/man8/sepolicy*.8*
%{_mandir}/man8/sepolgen.8*
@@ -157,14 +157,14 @@ The policycoreutils-devel package contains the management tools use to develop p
%package sandbox
Summary: SELinux sandbox utilities
Group: System Environment/Base
-Requires: policycoreutils-python = %{version}-%{release}
+Requires: policycoreutils-python = %{version}-%{release}
Requires: xorg-x11-server-Xephyr >= 1.14.1-2 /usr/bin/rsync /usr/bin/xmodmap
Requires: openbox
BuildRequires: openbox
BuildRequires: libcap-ng-devel
%description sandbox
-The policycoreutils-sandbox package contains the scripts to create graphical
+The policycoreutils-sandbox package contains the scripts to create graphical
sandboxes
%files sandbox
@@ -176,12 +176,12 @@ sandboxes
%{_mandir}/man5/sandbox.5*
%package newrole
-Summary: The newrole application for RBAC/MLS
+Summary: The newrole application for RBAC/MLS
Group: System Environment/Base
-Requires: policycoreutils = %{version}-%{release}
+Requires: policycoreutils = %{version}-%{release}
%description newrole
-RBAC/MLS policy machines require newrole as a way of changing the role
+RBAC/MLS policy machines require newrole as a way of changing the role
or level of a logged in user.
%files newrole
@@ -193,7 +193,7 @@ or level of a logged in user.
%package gui
Summary: SELinux configuration GUI
Group: System Environment/Base
-Requires: policycoreutils-devel = %{version}-%{release}
+Requires: policycoreutils-devel = %{version}-%{release}
Requires: gnome-python2-gnome, pygtk2, pygtk2-libglade, gnome-python2-canvas
Requires: usermode-gtk
Requires: python >= 2.6
@@ -311,6 +311,9 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service
%changelog
+* Fri Jun 21 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-46.5
+- Move audit2allow back into policycoreutils-python package
+
* Fri Jun 21 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-46.4
- Fix generation of booleans in man pages
@@ -332,6 +335,7 @@ The policycoreutils-restorecond package contains the restorecond service.
* Sun May 26 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-46
- Fix the name of the spec file generated in the build script
+- Add mgrepl patch to support argparse for semanage command parsing
* Tue May 21 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-45
- Fix sandbox to always use sandbox_file_t, so generated policy will work.
@@ -339,7 +343,7 @@ The policycoreutils-restorecond package contains the restorecond service.
* Thu May 16 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-44
- Fix sepolicy-generate man page to clear up options/policy type
-- Add Miroslav Grepl to not generate man page when doing
+- Add Miroslav Grepl to not generate man page when doing
sepolicy generate --customize
- Add support for executing semanage user within spec file
- Fix generation of confined admin domains, to handle booleans properly.
@@ -483,7 +487,7 @@ The policycoreutils-restorecond package contains the restorecond service.
- sepolgen-ifgen should use the current policy path if selinux is enabled
* Fri Feb 22 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-10
-- Fix sepolicy to be able to work on an SELinux disabled system.
+- Fix sepolicy to be able to work on an SELinux disabled system.
- Needed to be able to build man pages in selinux-policy package
* Thu Feb 21 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-9
@@ -521,7 +525,7 @@ do not drop capabilities when run as root.
- Fix empty system-config-selinux.png
* Thu Feb 7 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-1
-- Update to upstream
+- Update to upstream
* setfiles: estimate percent progress
* load_policy: make link at the destination directory
* Rebuild polgen.glade with glade-3
@@ -562,7 +566,7 @@ do not drop capabilities when run as root.
* Fri Jan 25 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-57
- Update to latest patches from eparis/Upstream
-- fixfiles onboot will write any flags handed to it to /.autorelabel.
+- fixfiles onboot will write any flags handed to it to /.autorelabel.
- * Patch sent to initscripts to have fedora-autorelabel pass flags back to fixfiles restore
- * This should allow fixfiles -F onboot, to force a hard relabel.
- Add -p to show progress on full relabel.
@@ -604,12 +608,12 @@ do not drop capabilities when run as root.
* Fri Jan 4 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-51
- Update translations
- Fix sepolicy booleans to handle autogenerated booleans descriptions
-- Cleanups of sepolicy manpage
+- Cleanups of sepolicy manpage
- Fix crash on git_shell man page generation
* Thu Jan 3 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-50
- Update translations
-- update sepolicy manpage to generate fcontext equivalence data and to list
+- update sepolicy manpage to generate fcontext equivalence data and to list
default file context paths.
- Add ability to generate policy for confined admins and domains like puppet.
@@ -618,7 +622,7 @@ default file context paths.
- Update translations
* Wed Dec 19 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-48
-- Fix semanage permissive
+- Fix semanage permissive
- Change to use correct gtk forward button
- Update po
@@ -631,7 +635,7 @@ default file context paths.
* Mon Dec 10 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-45
- Apply patch from Miroslav to display proper range description in man pages g
-- Should print warning on missing default label when run in recusive mode iff
+- Should print warning on missing default label when run in recusive mode iff
- Remove extra -R description, and fix recursive description
* Thu Dec 6 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-44
@@ -710,8 +714,8 @@ recusively
- Fix sepolicy generate to not include subdirs in generated fcontext file. (mgrepl patch)
* Sat Nov 3 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-24
-- Fix manpage to generate proper man pages for alternate policy,
-basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as
+- Fix manpage to generate proper man pages for alternate policy,
+basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as
I pull the policy, policy.xml and file_contexts and file_contexts.homedir
* Thu Nov 1 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-23
@@ -763,7 +767,7 @@ I pull the policy, policy.xml and file_contexts and file_contexts.homedir
- Patch initiated by Miroslav Grepl
* Wed Oct 10 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-9
-- Fix semanage to verify that types are appropriate for commands.
+- Fix semanage to verify that types are appropriate for commands.
* Patch initiated by mgrepl
* Fixes problem of specifying non file_types for fcontext, or not port_types for semanage port
@@ -794,7 +798,7 @@ I pull the policy, policy.xml and file_contexts and file_contexts.homedir
- Use systemd post install scriptlets
* Thu Sep 13 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-1
-- Update to upstream
+- Update to upstream
* genhomedircon: manual page improvements
* setfiles/restorecon minor improvements
* run_init: If open_init_pty is not available then just use exec
@@ -844,7 +848,7 @@ I pull the policy, policy.xml and file_contexts and file_contexts.homedir
* Thu Jul 19 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-4
- Fix restorecon to generate a better percentage of completion on restorecon -R /.
-- Have audit2allow look at the constaint violation and tell the user whether it
+- Have audit2allow look at the constaint violation and tell the user whether it
- is because of user,role or level
@@ -855,7 +859,7 @@ I pull the policy, policy.xml and file_contexts and file_contexts.homedir
- Remove load_policy symbolic link on usrmove systems this breaks the system
* Wed Jul 4 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-1
-- Update to upstream
+- Update to upstream
- policycoreutils
* restorecond: wrong options should exit with non-zero error code
* restorecond: Add -h option to get usage command
@@ -888,7 +892,7 @@ I pull the policy, policy.xml and file_contexts and file_contexts.homedir
- Fix semanage dontaudit off/on exception
* Tue May 8 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-12
-- Add -N qualifier to semanage, setsebool and semodule to allow you to update
+- Add -N qualifier to semanage, setsebool and semodule to allow you to update
- policy without reloading it into the kernel.
* Thu May 3 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-11
@@ -926,7 +930,7 @@ I pull the policy, policy.xml and file_contexts and file_contexts.homedir
- Change policycoreutils-python to require selinux-policy-devel package
* Thu Mar 29 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-1
-- Update to upstream
+- Update to upstream
- policycoreutils
* sandbox: do not propogate inside mounts outside
* sandbox: Removing sandbox init script, should no longer be necessary
@@ -981,7 +985,7 @@ I pull the policy, policy.xml and file_contexts and file_contexts.homedir
- Add systemd_passwd_agent_exec($1), and systemd_read_fifo_file_passwd_run($1) to templates for _admin interface
* Fri Feb 3 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.10-21
-- On full relabels we will now show a estimated percent complete rather then
+- On full relabels we will now show a estimated percent complete rather then
just *s.
* Wed Feb 1 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.10-20
@@ -1024,7 +1028,7 @@ just *s.
- Eliminate not needed Requires
* Wed Jan 18 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.10-9
-- fix sepolgen to not crash on echo "" | audit2allow
+- fix sepolgen to not crash on echo "" | audit2allow
* Mon Jan 16 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.10-8
- Remove sandbox init script, should no longer be necessary
@@ -1037,7 +1041,7 @@ just *s.
* Fri Dec 23 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.10-4
- Fix the handling of namespaces in seunshare/sandbox.
-- Currently mounting of directories within sandbox is propogating to the
+- Currently mounting of directories within sandbox is propogating to the
- parent namesspace.
* Thu Dec 22 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.10-3
@@ -1085,13 +1089,13 @@ just *s.
- Fix semange fcontext -a to check for more conflicts on equivalency
* Tue Nov 29 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.8-7
-- Fix dpi handling in sandbox
+- Fix dpi handling in sandbox
- Make sure semanage fcontext -l -C prints if only local equiv have changed
* Wed Nov 16 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.8-6
- Add listing of distribution equivalence class from semanage fcontext -l
- Add checking to semanage fcontext -a to guarantee a file specification will not be masked by an equivalence
-
+
* Wed Nov 16 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.8-5
- Allow ~ as a valid part of a filename in sepolgen
@@ -1130,7 +1134,7 @@ just *s.
* Return name field in avc data
* Mon Oct 31 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-6
-- Rebuild versus newer libsepol
+- Rebuild versus newer libsepol
* Fri Oct 28 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-5
- A couple of minor coverity fixes for a potential leaked file descriptor
@@ -1194,14 +1198,14 @@ just *s.
* Wed Sep 7 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.5-4
- Maintain the LANG environment Variable into the sandbox
-- Change restorecon/setfiles to only change type part of the context unless
+- Change restorecon/setfiles to only change type part of the context unless
-f qualifier is given
* Tue Sep 6 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.5-3
- Remove lockdown wizard, since gtkhtml2 is no longer supported.
* Fri Sep 2 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.5-2
-- Allow setfiles and restorecon to use labeledprefix to speed up processing
+- Allow setfiles and restorecon to use labeledprefix to speed up processing
and limit memory.
* Tue Aug 30 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.5-1
@@ -1313,15 +1317,15 @@ and limit memory.
- Fix seunshare usage statement
* Thu Jul 7 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-18
-- Change seunshare to send kill signals to the childs session.
+- Change seunshare to send kill signals to the childs session.
- Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
* Wed Jul 6 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-17
-- Add -k qualifier to seunshare to have it attempt to kill all processes with
+- Add -k qualifier to seunshare to have it attempt to kill all processes with
the matching MCS label.
* Tue Jul 5 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-16
-- Add -C option to sandbox and seunshare to maintain capabilities, otherwise
+- Add -C option to sandbox and seunshare to maintain capabilities, otherwise
the bounding set will be dropped.
- Change --cgroups short name -c rather then -C for consistancy
- Fix memory and fd leaks in seunshare
@@ -1330,7 +1334,7 @@ the bounding set will be dropped.
- Introduce systemd unit file for restorecond drop SysV support
* Mon Jun 13 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-14
-- Do not drop capability bounding set in seunshare, this allows sandbox to
+- Do not drop capability bounding set in seunshare, this allows sandbox to
- run setuid apps.
* Fri Jun 10 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-13
@@ -1359,7 +1363,7 @@ the bounding set will be dropped.
* Fri Apr 22 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-6
- Apply patches from Christoph A.
- * fix sandbox title
+ * fix sandbox title
* stop xephyr from li
- Also ignore errors on sandbox include of directory missing files
@@ -1373,7 +1377,7 @@ the bounding set will be dropped.
- rebuild versus latest libsepol
* Tue Apr 12 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-1
-- Update to upstream
+- Update to upstream
* Use correct color range in mcstrand by Richard Haines.
* Mon Apr 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-30
@@ -1406,7 +1410,7 @@ the bounding set will be dropped.
* Fri Mar 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-21
- change default location of HOMEDIR in sandbox to /tmp/.sandbox_home_*
-- This will allow default sandboxes to work on NFS homedirs without allowing
+- This will allow default sandboxes to work on NFS homedirs without allowing
access to homedir data
* Fri Mar 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-20
@@ -1427,7 +1431,7 @@ the bounding set will be dropped.
* Mon Mar 7 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-16
- Require python-IPy for policycoreutils-python package
-- Fixes for sepologen
+- Fixes for sepologen
- Usage statement needs -n name
- Names with _ are being prevented
- dbus apps should get _chat interface
@@ -1533,7 +1537,7 @@ the bounding set will be dropped.
- Stop polgengui from crashing if selinux policy is not installed
* Thu Sep 9 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-25
-- Fix bug preventing sandbox from using -l
+- Fix bug preventing sandbox from using -l
* Tue Sep 7 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-24
- Eliminate quotes fro desktop files
@@ -1560,7 +1564,7 @@ the bounding set will be dropped.
- Fix sandbox error handling
* Fri Aug 13 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-17
-- Apply patch to restorecond from Chris Adams, which will cause restorecond
+- Apply patch to restorecond from Chris Adams, which will cause restorecond
- to watch first user that logs in.
* Thu Aug 12 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-16
@@ -1618,13 +1622,13 @@ Resolves: #610473
Resolve: #603001
* Tue Jun 8 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-30
-- Add cgroup support for sandbox
+- Add cgroup support for sandbox
* Mon Jun 7 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-29
- Allow creation of /var/cache/DOMAIN from sepolgen
* Thu Jun 3 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-28
-- Fix sandbox init script
+- Fix sandbox init script
- Add dbus-launch to sandbox -X
Resolve: #599599
@@ -1688,13 +1692,13 @@ Resolves: #588280
Resolves: #587263
* Wed Apr 28 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-11
-- Make semanage boolean work on disabled machines
+- Make semanage boolean work on disabled machines
* Tue Apr 27 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-10
- Make sepolgen-ifgen be quiet
* Wed Apr 21 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-8
-- Make sepolgen report on more interfaces
+- Make sepolgen report on more interfaces
- Fix system-config-selinux display of modules
* Thu Apr 15 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-7
@@ -1713,16 +1717,16 @@ Resolves: #582533
- Fix sandbox to throw error on bad executable
* Tue Apr 6 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-4
-- Fix spacing in templates
+- Fix spacing in templates
* Wed Mar 31 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-3
- Fix semanage return codes
* Tue Mar 30 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-2
-- Fix sepolgen to confirm to the "Reference Policy Style Guide"
+- Fix sepolgen to confirm to the "Reference Policy Style Guide"
* Tue Mar 23 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-1
-- Update to upstream
+- Update to upstream
* Add avc's since boot from Dan Walsh.
* Fix unit tests from Dan Walsh.
@@ -1751,7 +1755,7 @@ Resolves: #582533
* Module enable/disable support from Dan Walsh.
* Mon Mar 1 2010 Dan Walsh <dwalsh at redhat.com> 2.0.79-5
-- Rewrite of sandbox script, add unit test for sandbox
+- Rewrite of sandbox script, add unit test for sandbox
- Update translations
* Mon Mar 1 2010 Dan Walsh <dwalsh at redhat.com> 2.0.79-4
@@ -1789,7 +1793,7 @@ Resolves: 555835
- Add use_resolve to sepolgen
* Wed Jan 27 2010 Dan Walsh <dwalsh at redhat.com> 2.0.78-14
-- Add session capability to sandbox
+- Add session capability to sandbox
- sandbox -SX -H ~/.homedir -t unconfined_t -l s0:c15 /etc/gdm/Xsession
* Thu Jan 21 2010 Dan Walsh <dwalsh at redhat.com> 2.0.78-13
@@ -2000,7 +2004,7 @@ Resolves: 555835
- Update to upstream
* Modify restorecon to only call realpath() on user-supplied pathnames
from Stephen Smalley.
- * Fix typo in fixfiles that prevented it from relabeling btrfs
+ * Fix typo in fixfiles that prevented it from relabeling btrfs
filesystems from Dan Walsh.
* Wed Jul 29 2009 Dan Walsh <dwalsh at redhat.com> 2.0.68-1
@@ -2152,7 +2156,7 @@ Resolves: 555835
* Tue Nov 11 2008 Dan Walsh <dwalsh at redhat.com> 2.0.59-1
- Update to upstream
- * fcontext add checked local records twice, fix from Dan Walsh.
+ * fcontext add checked local records twice, fix from Dan Walsh.
* Mon Nov 10 2008 Dan Walsh <dwalsh at redhat.com> 2.0.58-1
- Update to upstream
@@ -2252,7 +2256,7 @@ Resolves: 555835
- Allow semanage user to add group lists % groupname
* Tue Jul 29 2008 Dan Walsh <dwalsh at redhat.com> 2.0.53-2
-- Fix help
+- Fix help
* Tue Jul 29 2008 Dan Walsh <dwalsh at redhat.com> 2.0.53-1
- Update to upstream
@@ -2326,7 +2330,7 @@ Resolves: 555835
* Wed May 7 2008 Dan Walsh <dwalsh at redhat.com> 2.0.47-1
- Make restorecond not start by default
- Fix polgengui to allow defining of confined roles.
-- Add patches from Lubomir Rintel <lkundrak at v3.sk>
+- Add patches from Lubomir Rintel <lkundrak at v3.sk>
* Add necessary runtime dependencies on setools-console for -gui
* separate stderr when run seinfo commands
- Update to upstream
@@ -2334,7 +2338,7 @@ Resolves: 555835
* Add further error checking to seobject.py for setting booleans.
* Fri Apr 18 2008 Matthias Clasen <mclasen at redhat.com> - 2.0.46-5
-- Uninvasive (ie no string or widget changes) HIG approximations
+- Uninvasive (ie no string or widget changes) HIG approximations
in selinux-polgenui
* Fri Apr 18 2008 Matthias Clasen <mclasen at redhat.com> - 2.0.46-4
@@ -2490,7 +2494,7 @@ Resolves: 555835
- Fix fixfiles argument parsing
* Thu Nov 15 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-15
-- Fix File Labeling add
+- Fix File Labeling add
* Thu Nov 8 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-14
- Fix semanage to handle state where policy.xml is not installed
@@ -2592,7 +2596,7 @@ Resolves: 555835
* Suppress generation of rules for non-denials from Karl MacMillan (take 3).
* Tue Sep 11 2007 Dan Walsh <dwalsh at redhat.com> 2.0.25-12
-- Remove bogus import libxml2
+- Remove bogus import libxml2
* Mon Sep 10 2007 Dan Walsh <dwalsh at redhat.com> 2.0.25-11
- Lots of fixes for polgengui
@@ -2630,7 +2634,7 @@ Resolves: 555835
* Fix genhomedircon searching for USER from Todd Miller
* Install run_init with mode 0755 from Dan Walsh.
* Fix chcat from Dan Walsh.
- * Fix fixfiles pattern expansion and error reporting from Dan Walsh.
+ * Fix fixfiles pattern expansion and error reporting from Dan Walsh.
* Optimize genhomedircon to compile regexes once from Dan Walsh.
* Fix semanage gettext call from Dan Walsh.
@@ -2655,11 +2659,11 @@ Resolves: 555835
- rebuild for toolchain bug
* Tue Jul 24 2007 Dan Walsh <dwalsh at redhat.com> 2.0.22-8
-- Add requires libselinux-python
+- Add requires libselinux-python
* Mon Jul 23 2007 Dan Walsh <dwalsh at redhat.com> 2.0.22-7
- Fix fixfiles to report incorrect rpm
-- Patch provided by Tony Nelson
+- Patch provided by Tony Nelson
* Fri Jul 20 2007 Dan Walsh <dwalsh at redhat.com> 2.0.22-6
- Clean up spec file
@@ -2777,7 +2781,7 @@ Resolves: 555835
- Updated version of sepolgen
* Merged updates to sepolgen-ifgen from Karl MacMillan.
* Merged updates to sepolgen parser and tools from Karl MacMillan.
- This includes improved debugging support, handling of interface
+ This includes improved debugging support, handling of interface
calls with list parameters, support for role transition rules,
updated range transition rule support, and looser matching.
@@ -2837,7 +2841,7 @@ Resolves: 555835
- Update to upstream
- policycoreutils
* Merged newrole O_NONBLOCK fix from Linda Knippers.
- * Merged sepolgen and audit2allow patches to leave generated files
+ * Merged sepolgen and audit2allow patches to leave generated files
in the current directory from Karl MacMillan.
* Merged restorecond memory leak fix from Steve Grubb.
-sepolgen
@@ -2882,7 +2886,7 @@ Resolves: 555835
* Merged new audit2allow from Karl MacMillan.
This audit2allow depends on the new sepolgen python module.
Note that you must run the sepolgen-ifgen tool to generate
- the data needed by audit2allow to generate refpolicy.
+ the data needed by audit2allow to generate refpolicy.
* Fixed newrole non-pam build.
- Fix Changelog and spelling error in man page
@@ -2927,7 +2931,7 @@ Resolves: #200110
* Tue Jan 9 2007 Dan Walsh <dwalsh at redhat.com> 1.33.11-1
- Update to upstream
* Merged fixfiles and seobject fixes from Dan Walsh.
- * Merged semodule support for list of modules after -i from Karl MacMillan.
+ * Merged semodule support for list of modules after -i from Karl MacMillan.
* Tue Jan 9 2007 Dan Walsh <dwalsh at redhat.com> 1.33.10-1
- Update to upstream
@@ -2951,7 +2955,7 @@ Resolves: #200110
* Patch from Dan Walsh to correctly suppress warnings in load_policy.
* Tue Jan 2 2007 Dan Walsh <dwalsh at redhat.com> 1.33.6-9
-- Fix fixfiles script to use tty command correctly. If this command fails, it
+- Fix fixfiles script to use tty command correctly. If this command fails, it
should set the LOGFILE to /dev/null
Resolves: #220879
@@ -2964,7 +2968,7 @@ Resolves: #219421
* Mon Dec 18 2006 Dan Walsh <dwalsh at redhat.com> 1.33.6-6
- Fix audit2allow generating reference policy
-- Fix semanage to manage user roles properly
+- Fix semanage to manage user roles properly
Resolves: #220071
* Fri Dec 8 2006 Dan Walsh <dwalsh at redhat.com> 1.33.6-5
@@ -2990,7 +2994,7 @@ Resolves: #216920
* Patch from Dan Walsh to remove verbose flag from semanage man page
* Patch from Dan Walsh to make audit2allow use refpolicy Makefile
in /usr/share/selinux/<SELINUXTYPE>
-
+
* Wed Nov 29 2006 Dan Walsh <dwalsh at redhat.com> 1.33.5-4
- Fixing the Makefile line again to build with LSPP support
Resolves: #208838
@@ -3014,7 +3018,7 @@ Resolves: #208838
* Wed Nov 22 2006 Dan Walsh <dwalsh at redhat.com> 1.33.4-1
- Upstream accepted my patches
- * Merged setsebool patch from Karl MacMillan.
+ * Merged setsebool patch from Karl MacMillan.
This fixes a bug reported by Yuichi Nakamura with
always setting booleans persistently on an unmanaged system.
@@ -3079,7 +3083,7 @@ Resolves: #208838
* Thu Sep 21 2006 Dan Walsh <dwalsh at redhat.com> 1.30.29-6
- Pass -i qualifier to restorecon for fixfiles -R
- Update translations
-
+
* Thu Sep 21 2006 Dan Walsh <dwalsh at redhat.com> 1.30.29-5
- Remove recursion from fixfiles -R calls
- Fix semanage to verify prefix
@@ -3111,7 +3115,7 @@ Resolves: #208838
* Fri Sep 8 2006 Dan Walsh <dwalsh at redhat.com> 1.30.28-6
- Change setfiles and restorecon to use stderr except for -o flag
- Also -o flag will now output files
-
+
* Thu Sep 7 2006 Dan Walsh <dwalsh at redhat.com> 1.30.28-5
- Put back Erich's change
@@ -3161,7 +3165,7 @@ Resolves: #208838
* newrole: run shell with - prefix to start a login shell
* po: po file updates
* restorecond: bail if SELinux not enabled
- * fixfiles: omit -q
+ * fixfiles: omit -q
* genhomedircon: fix exit code if non-root
* semodule_deps: install man page
* Merged secon Makefile fix from Joshua Brindle.
@@ -3209,7 +3213,7 @@ Resolves: #208838
* disable context translation for setfiles and restorecon.
* on/off values for setsebool.
* Merged setfiles and semodule_link fixes from Joshua Brindle.
-
+
* Thu Jun 22 2006 Dan Walsh <dwalsh at redhat.com> 1.30.14-5
- Add progress indicator on fixfiles/setfiles/restorecon
@@ -3296,7 +3300,7 @@ Resolves: #208838
* Merged fix warnings patch from Karl MacMillan.
* Merged patch from Dan Walsh.
This includes audit2allow changes for analysis plugins,
- internationalization support for several additional programs
+ internationalization support for several additional programs
and added po files, some fixes for semanage, and several cleanups.
It also adds a new secon utility.
@@ -3410,7 +3414,7 @@ Resolves: #208838
* Tue Feb 07 2006 Dan Walsh <dwalsh at redhat.com> 1.29.20-1
- Update from upstream
- * Merged seuser/user_extra support patch to semodule_package
+ * Merged seuser/user_extra support patch to semodule_package
from Joshua Brindle.
* Merged getopt type fix for semodule_link/expand and sestatus
from Chris PeBenito.
@@ -3486,7 +3490,7 @@ Resolves: #208838
- Update chcat to manage user categories also
* Sat Jan 14 2006 Dan Walsh <dwalsh at redhat.com> 1.29.7-3
-- Add check for root for semanage, genhomedircon
+- Add check for root for semanage, genhomedircon
* Sat Jan 14 2006 Dan Walsh <dwalsh at redhat.com> 1.29.7-2
- Add ivans patch
@@ -3547,7 +3551,7 @@ Resolves: #208838
* Tue Dec 20 2005 Dan Walsh <dwalsh at redhat.com> 1.29.2-4
- Add try catch for files that may not exists
-
+
* Mon Dec 19 2005 Dan Walsh <dwalsh at redhat.com> 1.29.2-3
- Remove commands from genhomedircon for installer
@@ -3714,7 +3718,7 @@ Resolves: #208838
* Mon Oct 10 2005 Dan Walsh <dwalsh at redhat.com> 1.27.6-1
- Update to match NSA
- * Updated for changes to libsepol.
+ * Updated for changes to libsepol.
Changed semodule and semodule_package to use the shared libsepol.
Disabled build of semodule_link and semodule_expand for now.
Updated audit2why for relocated policydb internal headers,
@@ -3731,7 +3735,7 @@ Resolves: #208838
interface provided by libselinux.
* Wed Oct 5 2005 Dan Walsh <dwalsh at redhat.com> 1.27.3-2
-- Rebuild with newer libararies
+- Rebuild with newer libararies
* Wed Sep 28 2005 Dan Walsh <dwalsh at redhat.com> 1.27.3-1
- Update to match NSA
@@ -3818,7 +3822,7 @@ Resolves: #208838
* Updated version for release.
* Tue Jun 14 2005 Dan Walsh <dwalsh at redhat.com> 1.23.11-4
-- Fix Ivan's patch for user role changes
+- Fix Ivan's patch for user role changes
* Sat May 28 2005 Dan Walsh <dwalsh at redhat.com> 1.23.11-3
- Add Ivan's patch for user role changes in genhomedircon
@@ -3837,13 +3841,13 @@ Resolves: #208838
* Tue May 17 2005 Dan Walsh <dwalsh at redhat.com> 1.23.10-1
- Update to match NSA
- * Extended audit2why to incorporate booleans and local user
+ * Extended audit2why to incorporate booleans and local user
settings when analyzing audit messages.
* Mon May 16 2005 Dan Walsh <dwalsh at redhat.com> 1.23.9-1
- Update to match NSA
* Updated audit2why for sepol_ prefixes on Flask types to
- avoid namespace collision with libselinux, and to
+ avoid namespace collision with libselinux, and to
include <selinux/selinux.h> now.
* Fri May 13 2005 Dan Walsh <dwalsh at redhat.com> 1.23.8-1
@@ -3893,7 +3897,7 @@ Resolves: #208838
- Update to released version from NSA
* Merged rewrite of genhomedircon by Eric Paris.
* Changed fixfiles to relabel jfs since it now supports security xattrs
- (as of 2.6.11). Removed reiserfs until 2.6.12 is released with
+ (as of 2.6.11). Removed reiserfs until 2.6.12 is released with
fixed support for reiserfs and selinux.
* Thu Mar 10 2005 Dan Walsh <dwalsh at redhat.com> 1.22-2
@@ -3920,7 +3924,7 @@ Resolves: #208838
- Add call to libsepol
* Thu Feb 24 2005 Dan Walsh <dwalsh at redhat.com> 1.21.19-4
-- Fix genhomedircon to handle root
+- Fix genhomedircon to handle root
- Fix fixfiles to better handle file system types
* Wed Feb 23 2005 Dan Walsh <dwalsh at redhat.com> 1.21.19-2
@@ -3960,15 +3964,15 @@ written to. fails on 64-bit archs
* Thu Feb 17 2005 Dan Walsh <dwalsh at redhat.com> 1.21.15-9
- Remove Red Hat rhpl usage
-- Add back in original syntax
+- Add back in original syntax
- Update man page to match new syntax
* Fri Feb 11 2005 Dan Walsh <dwalsh at redhat.com> 1.21.15-8
- Fix genhomedircon regular expression
-- Fix exclude in restorecon
+- Fix exclude in restorecon
* Thu Feb 10 2005 Dan Walsh <dwalsh at redhat.com> 1.21.15-5
-- Trap failure on write
+- Trap failure on write
- Rewrite genhomedircon to generate file_context.homedirs
- several passes
@@ -3992,7 +3996,7 @@ written to. fails on 64-bit archs
* Wed Feb 2 2005 Dan Walsh <dwalsh at redhat.com> 1.21.12-1
- More cleanup of fixfiles sed patch
- * Merged further patches for restorecon/setfiles -e and fixfiles -C.
+ * Merged further patches for restorecon/setfiles -e and fixfiles -C.
* Wed Feb 2 2005 Dan Walsh <dwalsh at redhat.com> 1.21.10-2
- More cleanup of fixfiles sed patch
@@ -4007,7 +4011,7 @@ written to. fails on 64-bit archs
- Upgrade to latest from NSA
* Merged updated fixfiles script from Dan Walsh.
* Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
- * Reverted fixfiles patch for file_contexts.local;
+ * Reverted fixfiles patch for file_contexts.local;
obsoleted by setfiles rewrite.
* Merged error handling patch for restorecon from Dan Walsh.
* Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
@@ -4065,7 +4069,7 @@ written to. fails on 64-bit archs
* Mon Jan 3 2005 Dan Walsh <dwalsh at redhat.com> 1.19.2-4
- Fix fixfiles handling of rpm
-- Fix restorecon to not warn on symlinks unless -v -v
+- Fix restorecon to not warn on symlinks unless -v -v
- Fix output of verbose to show old context as well as new context
* Wed Dec 29 2004 Dan Walsh <dwalsh at redhat.com> 1.19.2-1
@@ -4103,7 +4107,7 @@ written to. fails on 64-bit archs
* Merged -e option to setfiles to exclude directories.
* Merged -R option to restorecon for recursive descent.
* Fri Oct 1 2004 Dan Walsh <dwalsh at redhat.com> 1.17.5-6
-- Add -e (exclude directory) switch to setfiles
+- Add -e (exclude directory) switch to setfiles
- Add syslog to setfiles
* Fri Sep 24 2004 Dan Walsh <dwalsh at redhat.com> 1.17.5-5
@@ -4126,7 +4130,7 @@ written to. fails on 64-bit archs
- Add fix to get cdrom info from /proc/media in fixfiles.
* Wed Aug 25 2004 Dan Walsh <dwalsh at redhat.com> 1.17.3-4
-- Add Steve Grub patches for
+- Add Steve Grub patches for
* Fix fixfiles.cron MAILTO
* Several problems in sestatus
@@ -4175,7 +4179,7 @@ written to. fails on 64-bit archs
- Latest from NSA
* Thu Jul 8 2004 Dan Walsh <dwalsh at redhat.com> 1.15.1-2
-- Add ro warnings
+- Add ro warnings
* Thu Jul 8 2004 Dan Walsh <dwalsh at redhat.com> 1.15.1-1
- Latest from NSA
@@ -4343,7 +4347,7 @@ written to. fails on 64-bit archs
- Fix minor bugs in restorecon
* Thu Feb 26 2004 Dan Walsh <dwalsh at redhat.com> 1.6-2
-- Add restorecon c program
+- Add restorecon c program
* Tue Feb 24 2004 Dan Walsh <dwalsh at redhat.com> 1.6-1
- Update to latest tarball from NSA
@@ -4358,7 +4362,7 @@ written to. fails on 64-bit archs
- remove mods to run_init since init scripts don't require it anymore
* Wed Jan 28 2004 Dan Walsh <dwalsh at redhat.com> 1.4-6
-- fix genhomedircon not to return and error
+- fix genhomedircon not to return and error
* Wed Jan 28 2004 Dan Walsh <dwalsh at redhat.com> 1.4-5
- add setfiles quiet patch
@@ -4412,4 +4416,3 @@ written to. fails on 64-bit archs
* Mon Jun 2 2003 Dan Walsh <dwalsh at redhat.com> 1.0-1
- Initial version
-
More information about the scm-commits
mailing list