selinux/sepolgen/ChangeLog

160 lines
5.4 KiB
Plaintext

2.6 2016-10-14
* Remove additional files when cleaning, from Nicolas Iooss.
* Add support for TYPEBOUNDS statement in INTERFACE policy files, from Miroslav Grepl.
1.2.3 2016-02-23
* Support latest refpolicy interfaces, from Nicolas Iooss.
* Make sepolgen-ifgen output deterministic with Python>=3.3, from Nicolas Iooss.
* Use key function in sort(), from Petr Lautrbach.
* Reset line numbers when parsing files, from Nicolas Iooss.
* Convert cmp functions to key functions, from Robert Kuska.
* Decode output from Popen in Python3, from Robert Kuska.
* Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach.
* Add support for python3, from Robert Kuska.
* Add device tree ocontext nodes to Xen policy, from Daniel De Graaf.
1.2.2 2015-02-02
* Fix bugs found by hardened gcc flags, from Nicolas Iooss.
* Remove unnecessary grammar in interface call param list to fix poor
interface vectors, from Steve Lawrence
1.2.1 2013-10-31
* Add back attributes flag to fix exception crash from Dan Walsh.
1.2 2013-10-30
* Return additional constraint information.
* Fix bug in calls to attributes from Dan Walsh.
* Add support for filename transitions from Dan Walsh.
* Fix sepolgen tests from Dan Walsh.
1.1.9 2013-02-01
* audit.py: Handle times in foreign locals for audit2allow -b
* Use refpolicy_makefile() instead of hardcoding Makefile path
* understand role attributes
1.1.8 2012-09-13
* Allow returning of bastard matches
* sepolgen: return and output constraint violation information
* audit2allow: one role/type pair per line
1.1.7 2012-06-28
* Make use of setools optional within sepolgen
* We need to support files that have a + in them
1.1.6 2012-03-28
* Fix dead links to www.nsa.gov/selinux
* audit.py Dont crash if empty data is passed to sepolgen
* do not use md5 when calculating hash signatures
* fix detection of policy loads
1.1.5 2011-12-21
* better analysis of why things broke
1.1.4 2011-12-05
* Allow ~ as a file identifier
1.1.3 2011-11-03
* Ignore permissive qualifier if found in an interface
* Return name field in avc data
1.1.2 2011-09-15
* src: sepolgen: add attribute storing infrastructure
* Change perm-map and add open to try to get better results on
* look for booleans that might solve problems
* sepolgen: audit2allow is mistakakenly not allowing valid module names
* tree: default make target to all not install
1.1.1 2011-08-26
* refparser: include open among valid permissions
* refparser: add support for filename_trans rules
1.1.0 2011-07-27
* Release, minor version bump
1.0.23 2010-03-24
* Fix unit tests from Dan Walsh.
1.0.22 2010-03-23
* improve parser error recovery from Karl MacMillan.
1.0.21 2010-03-18
* Add since-last-boot option to audit2allow from Dan Walsh.
* Fix sepolgen output to match what Chris expects for upstream
refpolicy from Dan Walsh.
1.0.20 2010-03-12
* Add dontaudit flag to audit2allow from Dan Walsh.
1.0.19 2009-11-27
* fix sepolgen to read a "type 1403" msg as a policy load by Stephen
Smalley <sds@tycho.nsa.gov>
1.0.18 2009-10-14
* Add support for Xen ocontexts from Paul Nuzzi.
1.0.17 2009-05-15
* Fix typo in RoleTypeSet from Marshall Miller.
1.0.16 2009-02-18
* Convert sepolgen to using hashlib instead of the deprecated md5
module from Dan Walsh.
1.0.15 2009-01-12
* fix to return length of role dict for len(roles) from Dan Walsh.
1.0.14 2008-09-12
* fix multiple gen_requires block generation from Dan Walsh.
1.0.13 2008-07-29
* Only append s0 suffix if MLS is enabled from Karl MacMillan.
1.0.12 2008-06-30
* Fix generation of role-type and role allow rules from Karl MacMillan.
1.0.11 2008-01-23
* Merged sepolgen fixes from Dan Walsh.
1.0.10 2007-09-10
* Expand the sepolgen parser to parse all current refpolicy modules from Karl MacMillan.
* Suppress generation of rules for non-denials from Karl MacMillan (take 3).
1.0.9 2007-08-16
* Supress generation of rules for non-denials from Karl MacMillan.
1.0.8 2007-04-10
* Merged updates to sepolgen parser and tools from Karl MacMillan.
This includes improved debugging support, handling of interface
calls with list parameters, support for role transition rules,
updated range transition rule support, and looser matching.
1.0.7 2007-03-26
* Merged patch to discard self from types when generating requires from Karl MacMillan.
1.0.6 2007-03-21
* Merged patch to move the sepolgen runtime data from /usr/share to /var/lib to facilitate a read-only /usr from Karl MacMillan.
1.0.5 2007-03-21
* Merged patch to fix type_transition style and unit tests from Karl MacMillan.
1.0.4 2007-03-01
* Merged better matching for refpolicy style from Karl MacMillan
* Merged support for extracting interface paramaters from interface calls from Karl MacMillan
* Merged support for parsing USER_AVC audit messages from Karl MacMillan.
1.0.3 2007-02-27
* Merged support for enabling parser debugging from Karl MacMillan.
1.0.2 2007-02-22
* Merged patch to leave generated files (e.g. local.te) in current directory from Karl MacMillan.
* Merged patch to make run-tests.py use unittest.main from Karl MacMillan.
* Merged patch to update PLY from Karl MacMillan.
* Merged patch to update the sepolgen parser to handle the latest reference policy from Karl MacMillan.
1.0.1 2007-02-21
* Merged Makefile and refparser.py patch from Dan Walsh.
Fixes PYTHONLIBDIR definition and error handling on interface files.
1.0.0 2007-02-05
* Initial merge from Karl MacMillan.