RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,222 Commits 4 Branches 681 Tags 21 MiB
C 74.6%
Python 16.2%
Roff 5.2%
SWIG 1.1%
Makefile 1.1%
Other 1.8%
Go to file
Stephen Smalley ae1cd12076 libsepol: Define nnp_nosuid_transition policy capability 
Define the nnp_nosuid_transition policy capability used to enable
SELinux domain transitions under NNP or nosuid if the
nnp_transition permission or nosuid_transition permission is
allowed between the old and new contexts. When this capability is not
enabled, such transitions remain limited to bounded transitions as they
were prior to the introduction of this capability.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 		2017-07-28 15:42:36 -04:00
checkpolicy Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
dbus Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
gui Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
libselinux libselinux: fix thread safety issues with lookup_common() 2017-07-26 16:23:04 -04:00
libsemanage Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
libsepol libsepol: Define nnp_nosuid_transition policy capability 2017-07-28 15:42:36 -04:00
mcstrans Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
policycoreutils Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
python sepolicy: File labels used to be sorted in a man page 2017-07-27 09:49:32 -04:00
restorecond Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
sandbox Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
scripts Fix release script 2016-11-16 11:19:51 -05:00
secilc Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
semodule-utils Update VERSION files for 2.7-rc5 2017-07-18 12:01:26 -04:00
.gitignore restorecond: Add gitignore 2016-11-16 11:20:05 -05:00
.travis.yml Travis-CI: test defining CFLAGS, LDFLAGS, etc. on make command line 2017-06-30 08:56:43 -04:00
CleanSpec.mk Add empty top level Android.mk / CleanSpec.mk files 2015-04-16 07:54:09 -04:00
Makefile Add includes for DESTDIR only in root Makefile 2017-04-25 08:31:10 -04:00
README libsepol compilation fixes for macOS. 2017-01-20 13:19:57 -05:00

README 

Please submit all bug reports and patches to selinux@tycho.nsa.gov.
Subscribe via selinux-join@tycho.nsa.gov.

Build dependencies on Fedora:
yum install audit-libs-devel bison bzip2-devel dbus-devel dbus-glib-devel flex flex-devel flex-static glib2-devel libcap-devel libcap-ng-devel pam-devel pcre-devel python-devel setools-devel swig xmlto redhat-rpm-config

To build and install everything under a private directory, run:
make DESTDIR=~/obj install install-pywrap

To install as the default system libraries and binaries
(overwriting any previously installed ones - dangerous!),
on x86_64, run:
make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel
or on x86 (32-bit), run:
make install install-pywrap relabel

This may render your system unusable if the upstream SELinux userspace
lacks library functions or other dependencies relied upon by your
distribution.  If it breaks, you get to keep both pieces.

To install libsepol on macOS (mainly for policy analysis):
cd libsepol; make DESTDIR=/usr/local PREFIX=/usr/local install

This requires GNU coreutils (brew install coreutils).