selinux/sepolgen/ChangeLog

126 lines
4.0 KiB
Plaintext

1.1.8 2012-09-13
* Allow returning of bastard matches
* sepolgen: return and output constraint violation information
* audit2allow: one role/type pair per line
1.1.7 2012-06-28
* Make use of setools optional within sepolgen
* We need to support files that have a + in them
1.1.6 2012-03-28
* Fix dead links to www.nsa.gov/selinux
* audit.py Dont crash if empty data is passed to sepolgen
* do not use md5 when calculating hash signatures
* fix detection of policy loads
1.1.5 2011-12-21
* better analysis of why things broke
1.1.4 2011-12-05
* Allow ~ as a file identifier
1.1.3 2011-11-03
* Ignore permissive qualifier if found in an interface
* Return name field in avc data
1.1.2 2011-09-15
* src: sepolgen: add attribute storing infrastructure
* Change perm-map and add open to try to get better results on
* look for booleans that might solve problems
* sepolgen: audit2allow is mistakakenly not allowing valid module names
* tree: default make target to all not install
1.1.1 2011-08-26
* refparser: include open among valid permissions
* refparser: add support for filename_trans rules
1.1.0 2011-07-27
* Release, minor version bump
1.0.23 2010-03-24
* Fix unit tests from Dan Walsh.
1.0.22 2010-03-23
* improve parser error recovery from Karl MacMillan.
1.0.21 2010-03-18
* Add since-last-boot option to audit2allow from Dan Walsh.
* Fix sepolgen output to match what Chris expects for upstream
refpolicy from Dan Walsh.
1.0.20 2010-03-12
* Add dontaudit flag to audit2allow from Dan Walsh.
1.0.19 2009-11-27
* fix sepolgen to read a "type 1403" msg as a policy load by Stephen
Smalley <sds@tycho.nsa.gov>
1.0.18 2009-10-14
* Add support for Xen ocontexts from Paul Nuzzi.
1.0.17 2009-05-15
* Fix typo in RoleTypeSet from Marshall Miller.
1.0.16 2009-02-18
* Convert sepolgen to using hashlib instead of the deprecated md5
module from Dan Walsh.
1.0.15 2009-01-12
* fix to return length of role dict for len(roles) from Dan Walsh.
1.0.14 2008-09-12
* fix multiple gen_requires block generation from Dan Walsh.
1.0.13 2008-07-29
* Only append s0 suffix if MLS is enabled from Karl MacMillan.
1.0.12 2008-06-30
* Fix generation of role-type and role allow rules from Karl MacMillan.
1.0.11 2008-01-23
* Merged sepolgen fixes from Dan Walsh.
1.0.10 2007-09-10
* Expand the sepolgen parser to parse all current refpolicy modules from Karl MacMillan.
* Suppress generation of rules for non-denials from Karl MacMillan (take 3).
1.0.9 2007-08-16
* Supress generation of rules for non-denials from Karl MacMillan.
1.0.8 2007-04-10
* Merged updates to sepolgen parser and tools from Karl MacMillan.
This includes improved debugging support, handling of interface
calls with list parameters, support for role transition rules,
updated range transition rule support, and looser matching.
1.0.7 2007-03-26
* Merged patch to discard self from types when generating requires from Karl MacMillan.
1.0.6 2007-03-21
* Merged patch to move the sepolgen runtime data from /usr/share to /var/lib to facilitate a read-only /usr from Karl MacMillan.
1.0.5 2007-03-21
* Merged patch to fix type_transition style and unit tests from Karl MacMillan.
1.0.4 2007-03-01
* Merged better matching for refpolicy style from Karl MacMillan
* Merged support for extracting interface paramaters from interface calls from Karl MacMillan
* Merged support for parsing USER_AVC audit messages from Karl MacMillan.
1.0.3 2007-02-27
* Merged support for enabling parser debugging from Karl MacMillan.
1.0.2 2007-02-22
* Merged patch to leave generated files (e.g. local.te) in current directory from Karl MacMillan.
* Merged patch to make run-tests.py use unittest.main from Karl MacMillan.
* Merged patch to update PLY from Karl MacMillan.
* Merged patch to update the sepolgen parser to handle the latest reference policy from Karl MacMillan.
1.0.1 2007-02-21
* Merged Makefile and refparser.py patch from Dan Walsh.
Fixes PYTHONLIBDIR definition and error handling on interface files.
1.0.0 2007-02-05
* Initial merge from Karl MacMillan.