mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-09 23:55:07 +00:00
44121f6624
Bump checkpolicy to 2.1.0 Bump libselinux to 2.1.0 Bump libsepol to 2.1.0 Bump libsemanage to 2.1.0 Bump policycoreutils to 2.1.0 Bump sepolgen to 1.1.0
728 lines
23 KiB
Plaintext
728 lines
23 KiB
Plaintext
2.1.0 2011-07-27
|
|
* Release, minor version bump
|
|
|
|
2.0.46 2010-12-16
|
|
* Fix compliation under GCC 4.6 by Justin Mattock
|
|
|
|
2.0.45 2010-03-06
|
|
* Add enable/disable patch support from Dan Walsh.
|
|
* Add usepasswd flag to semanage.conf to disable genhomedircon using
|
|
passwd from Dan Walsh.
|
|
* regenerate swig wrappers
|
|
|
|
2.0.44 2010-02-02
|
|
* Replace usage of fmemopen() with sepol_policy_file_set_mem() since
|
|
glibc < 2.9 does not support binary mode ('b') for fmemopen'd
|
|
streams.
|
|
|
|
2.0.43 2009-11-27
|
|
* Move libsemanage.so to /usr/lib
|
|
* Add NAME lines to man pages from Manoj Srivastava<srivasta@debian.org>
|
|
|
|
2.0.42 2009-11-18
|
|
* Move load_policy from /usr/sbin to /sbin from Dan Walsh.
|
|
|
|
2.0.41 2009-10-29
|
|
* Add pkgconfig file from Eamon Walsh.
|
|
|
|
2.0.40 2009-10-22
|
|
* Add semanage_set_check_contexts() function to disable calling
|
|
setfiles
|
|
|
|
2.0.39 2009-09-24
|
|
* make swigify
|
|
|
|
2.0.38 2009-09-16
|
|
* Change semodule upgrade behavior to install even if the module
|
|
is not present from Dan Walsh.
|
|
* Make genhomedircon trim excess '/' from homedirs from Dan Walsh.
|
|
|
|
2.0.37 2009-09-04
|
|
* Fix persistent dontaudit support to rebuild policy if the
|
|
dontaudit state is changed from Chad Sellers.
|
|
|
|
2.0.36 2009-08-24
|
|
* Changed bzip-blocksize=0 handling to support existing compressed
|
|
modules in the store.
|
|
|
|
2.0.35 2009-08-05
|
|
* Revert hard linking of files between tmp/active/previous.
|
|
|
|
2.0.34 2009-08-05
|
|
* Enable configuration of bzip behavior from Stephen Smalley.
|
|
bzip-blocksize=0 to disable compression and decompression support.
|
|
bzip-blocksize=1..9 to set the blocksize for compression.
|
|
bzip-small=true to reduce memory usage for decompression.
|
|
|
|
2.0.33 2009-07-07
|
|
* Maintain disable dontaudit state from Christopher Pardy.
|
|
|
|
2.0.32 2009-05-28
|
|
* Ruby bindings from David Quigley.
|
|
|
|
2.0.31 2009-01-12
|
|
* Policy module compression (bzip) support from Dan Walsh.
|
|
* Hard link files between tmp/active/previous from Dan Walsh.
|
|
|
|
2.0.30 2008-11-12
|
|
* Add semanage_mls_enabled() interface from Stephen Smalley.
|
|
|
|
2.0.29 2008-11-11
|
|
* Add USER to lines to homedir_template context file from Chris PeBenito.
|
|
|
|
2.0.28 2008-09-15
|
|
* allow fcontext and seuser changes without rebuilding the policy from Dan Walsh
|
|
|
|
2.0.27 2008-08-05
|
|
* Modify genhomedircon to skip %groupname entries.
|
|
Ultimately we need to expand them to the list of users to support per-role homedir labeling when using the %groupname syntax.
|
|
|
|
2.0.26 2008-07-29
|
|
* Fix bug in genhomedircon fcontext matches logic from Dan Walsh.
|
|
Strip any trailing slash before appending /*$.
|
|
|
|
2.0.25 2008-04-21
|
|
* Do not call genhomedircon if the policy was not rebuilt from Stephen Smalley.
|
|
Fixes semanage boolean -D seg fault (bug 441379).
|
|
|
|
2.0.24 2008-02-26
|
|
* make swigify
|
|
|
|
2.0.23 2008-02-04
|
|
* Use vfork rather than fork for libsemanage helpers to reduce memory overhead as suggested by Todd Miller.
|
|
|
|
2.0.22 2008-02-04
|
|
* Free policydb before fork from Joshua Brindle.
|
|
|
|
2.0.21 2008-02-04
|
|
* Drop the base module immediately after expanding to permit memory re-use from Stephen Smalley.
|
|
|
|
2.0.12 2008-02-02
|
|
* Use sepol_set_expand_consume_base to reduce peak memory usage when
|
|
using semodule from Joshua Brindle.
|
|
|
|
2.0.19 2008-01-31
|
|
* Fix genhomedircon to not override a file context with a homedir context from Todd Miller.
|
|
|
|
2.0.18 2008-01-28
|
|
* Fix spurious out of memory error reports.
|
|
|
|
2.0.17 2008-01-25
|
|
* Merged second version of fix for genhomedircon handling from Caleb Case.
|
|
|
|
2.0.16 2008-01-24
|
|
* Merged fix for genhomedircon handling of missing HOME_DIR or HOME_ROOT templates from Caleb Case.
|
|
|
|
2.0.15 2007-12-05
|
|
* Fix genhomedircon handling of shells and missing user context template from Dan Walsh.
|
|
* Copy the store path in semanage_select_store from Dan Walsh.
|
|
|
|
2.0.14 2007-11-05
|
|
* Call rmdir() rather than remove() on directory removal so that errno isn't polluted from Stephen Smalley.
|
|
|
|
2.0.13 2007-11-05
|
|
* Allow handle_unknown in base to be overridden by semanage.conf from Stephen Smalley.
|
|
|
|
2.0.12 2007-10-05
|
|
* ustr cleanups from James Antill.
|
|
* Ensure that /root gets labeled even if using the default context from Dan Walsh.
|
|
|
|
2.0.11 2007-09-28
|
|
* Fix ordering of file_contexts.homedirs from Todd Miller and Dan Walsh.
|
|
|
|
2.0.10 2007-09-28
|
|
* Fix error checking on getpw*_r functions from Todd Miller.
|
|
* Make genhomedircon skip invalid homedir contexts from Todd Miller.
|
|
* Set default user and prefix from seusers from Dan Walsh.
|
|
* Add swigify Makefile target from Dan Walsh.
|
|
|
|
2.0.9 2007-09-24
|
|
* Pass CFLAGS to CC even on link command, per Dennis Gilmore.
|
|
|
|
2.0.8 2007-09-19
|
|
* Clear errno on non-fatal errors to avoid reporting them upon a
|
|
later error that does not set errno.
|
|
|
|
2.0.7 2007-09-19
|
|
* Improve reporting of system errors, e.g. full filesystem or read-only filesystem from Stephen Smalley.
|
|
|
|
2.0.6 2007-09-10
|
|
* Change to use getpw* function calls to the _r versions from Todd Miller.
|
|
|
|
2.0.5 2007-08-23
|
|
* Replace genhomedircon script with equivalent functionality within
|
|
libsemanage and introduce disable-genhomedircon option in
|
|
semanage.conf from Todd Miller.
|
|
Note: Depends on ustr.
|
|
|
|
2.0.4 2007-08-16
|
|
* Allow dontaudits to be turned off via semanage interface when
|
|
updating policy from Joshua Brindle.
|
|
|
|
2.0.3 2007-04-25
|
|
* Fix to libsemanage man patches so whatis will work better from Dan Walsh
|
|
|
|
2.0.2 2007-04-24
|
|
* Merged optimizations from Stephen Smalley.
|
|
- do not set all booleans upon commit, only those whose values have changed
|
|
- only install the sandbox upon commit if something was rebuilt
|
|
|
|
2.0.1 2007-03-12
|
|
* Merged dbase_file_flush patch from Dan Walsh.
|
|
This removes any mention of specific tools (e.g. semanage)
|
|
from the comment header of the auto-generated files,
|
|
since there are multiple front-end tools.
|
|
|
|
2.0.0 2007-02-20
|
|
* Merged Makefile test target patch from Caleb Case.
|
|
* Merged get_commit_number function rename patch from Caleb Case.
|
|
* Merged strnlen -> strlen patch from Todd Miller.
|
|
|
|
1.10.1 2007-01-26
|
|
* Merged python binding fix from Dan Walsh.
|
|
|
|
1.10.0 2007-01-18
|
|
* Updated version for stable branch.
|
|
|
|
1.9.2 2007-01-08
|
|
* Merged patch to optionally reduce disk usage by removing
|
|
the backup module store and linked policy from Karl MacMillan
|
|
* Merged patch to correctly propagate return values in libsemanage
|
|
|
|
1.9.1 2006-11-27
|
|
* Merged patch to compile wit -fPIC instead of -fpic from
|
|
Manoj Srivastava to prevent hitting the global offest table
|
|
limit. Patch changed to include libselinux and libsemanage in
|
|
addition to libsepol.
|
|
|
|
1.8 2006-10-17
|
|
* Updated version for release.
|
|
|
|
1.6.17 2006-09-29
|
|
* Merged patch to skip reload if no active store exists and
|
|
the store path doesn't match the active store path from Dan Walsh.
|
|
* Merged patch to not destroy sepol handle on error path of
|
|
connect from James Athey.
|
|
* Merged patch to add genhomedircon path to semanage.conf from
|
|
James Athey.
|
|
|
|
1.6.16 2006-08-14
|
|
* Make most copy errors fatal, but allow exceptions for
|
|
file_contexts.local, seusers, and netfilter_contexts if
|
|
the source file does not exist in the store.
|
|
|
|
1.6.15 2006-08-11
|
|
* Merged separate local file contexts patch from Chris PeBenito.
|
|
|
|
1.6.14 2006-08-11
|
|
* Merged patch to make most copy errors non-fatal from Dan Walsh.
|
|
|
|
1.6.13 2006-08-03
|
|
* Merged netfilter contexts support from Chris PeBenito.
|
|
|
|
1.6.12 2006-07-11
|
|
* Merged support for read operations on read-only fs from
|
|
Caleb Case (Tresys Technology).
|
|
|
|
1.6.11 2006-06-29
|
|
* Lindent.
|
|
|
|
1.6.10 2006-06-26
|
|
* Merged setfiles location check patch from Dan Walsh.
|
|
|
|
1.6.9 2006-06-16
|
|
* Merged several fixes from Serge Hallyn:
|
|
dbase_file_cache: deref of uninit data on error path.
|
|
dbase_policydb_cache: clear fp to avoid double fclose
|
|
semanage_fc_sort: destroy temp on error paths
|
|
|
|
1.6.8 2006-06-02
|
|
* Updated default location for setfiles to /sbin to
|
|
match policycoreutils. This can also be adjusted via
|
|
semanage.conf using the syntax:
|
|
[setfiles]
|
|
path = /path/to/setfiles
|
|
args = -q -c $@ $<
|
|
[end]
|
|
|
|
1.6.7 2006-05-05
|
|
* Merged fix warnings patch from Karl MacMillan.
|
|
|
|
1.6.6 2006-04-14
|
|
* Merged updated file context sorting patch from Christopher
|
|
Ashworth, with bug fix for escaped character flag.
|
|
|
|
1.6.5 2006-04-13
|
|
* Merged file context sorting code from Christopher Ashworth
|
|
(Tresys Technology), based on fc_sort.c code in refpolicy.
|
|
|
|
1.6.4 2006-04-12
|
|
* Merged python binding t_output_helper removal patch from Dan Walsh.
|
|
* Regenerated swig files.
|
|
|
|
1.6.3 2006-03-30
|
|
* Merged corrected fix for descriptor leak from Dan Walsh.
|
|
|
|
1.6.2 2006-03-20
|
|
* Merged Makefile PYLIBVER definition patch from Dan Walsh.
|
|
|
|
1.6.1 2006-03-20
|
|
* Merged man page reorganization from Ivan Gyurdiev.
|
|
|
|
1.6 2006-03-14
|
|
* Updated version for release.
|
|
|
|
1.5.31 2006-03-09
|
|
* Merged abort early on merge errors patch from Ivan Gyurdiev.
|
|
|
|
1.5.30 2006-03-08
|
|
* Cleaned up error handling in semanage_split_fc based on a patch
|
|
by Serge Hallyn (IBM) and suggestions by Ivan Gyurdiev.
|
|
|
|
1.5.29 2006-02-21
|
|
* Merged MLS handling fixes from Ivan Gyurdiev.
|
|
|
|
1.5.28 2006-02-16
|
|
* Merged bug fix for fcontext validate handler from Ivan Gyurdiev.
|
|
|
|
1.5.27 2006-02-16
|
|
* Merged base_merge_components changes from Ivan Gyurdiev.
|
|
|
|
1.5.26 2006-02-15
|
|
* Merged paths array patch from Ivan Gyurdiev.
|
|
* Merged bug fix patch from Ivan Gyurdiev.
|
|
|
|
1.5.25 2006-02-14
|
|
* Merged improve bindings patch from Ivan Gyurdiev.
|
|
|
|
1.5.24 2006-02-14
|
|
* Merged use PyList patch from Ivan Gyurdiev.
|
|
* Merged memory leak fix patch from Ivan Gyurdiev.
|
|
* Merged nodecon support patch from Ivan Gyurdiev.
|
|
* Merged cleanups patch from Ivan Gyurdiev.
|
|
* Merged split swig patch from Ivan Gyurdiev.
|
|
|
|
1.5.23 2006-02-13
|
|
* Merged optionals in base patch from Joshua Brindle.
|
|
|
|
1.5.22 2006-02-13
|
|
* Merged treat seusers/users_extra as optional sections patch from
|
|
Ivan Gyurdiev.
|
|
* Merged parse_optional fixes from Ivan Gyurdiev.
|
|
|
|
1.5.21 2006-02-07
|
|
* Merged seuser/user_extra support patch from Joshua Brindle.
|
|
* Merged remote system dbase patch from Ivan Gyurdiev.
|
|
|
|
1.5.20 2006-02-02
|
|
* Merged clone record on set_con patch from Ivan Gyurdiev.
|
|
|
|
1.5.19 2006-01-30
|
|
* Merged fname parameter patch from Ivan Gyurdiev.
|
|
* Merged more size_t -> unsigned int fixes from Ivan Gyurdiev.
|
|
* Merged seusers.system patch from Ivan Gyurdiev.
|
|
* Merged improve port/fcontext API patch from Ivan Gyurdiev.
|
|
|
|
1.5.18 2006-01-27
|
|
* Merged seuser -> seuser_local rename patch from Ivan Gyurdiev.
|
|
|
|
1.5.17 2006-01-27
|
|
* Merged set_create_store, access_check, and is_connected interfaces
|
|
from Joshua Brindle.
|
|
|
|
1.5.16 2006-01-19
|
|
* Regenerate python wrappers.
|
|
|
|
1.5.15 2006-01-18
|
|
* Merged pywrap Makefile diff from Dan Walsh.
|
|
* Merged cache management patch from Ivan Gyurdiev.
|
|
* Merged bugfix for dbase_llist_clear from Ivan Gyurdiev.
|
|
* Merged remove apply_local function patch from Ivan Gyurdiev.
|
|
* Merged only do read locking in direct case patch from Ivan Gyurdiev.
|
|
* Merged cache error path memory leak fix from Ivan Gyurdiev.
|
|
* Merged auto-generated file header patch from Ivan Gyurdiev.
|
|
* Merged pywrap test update from Ivan Gyurdiev.
|
|
* Merged hidden defs update from Ivan Gyurdiev.
|
|
|
|
1.5.14 2006-01-13
|
|
* Merged disallow port overlap patch from Ivan Gyurdiev.
|
|
|
|
1.5.13 2006-01-12
|
|
* Merged join prereq and implementation patches from Ivan Gyurdiev.
|
|
* Merged join user extra data part 2 patch from Ivan Gyurdiev.
|
|
* Merged bugfix patch from Ivan Gyurdiev.
|
|
|
|
1.5.12 2006-01-12
|
|
* Merged remove add_local/set_local patch from Ivan Gyurdiev.
|
|
* Merged user extra data part 1 patch from Ivan Gyurdiev.
|
|
* Merged size_t -> unsigned int patch from Ivan Gyurdiev.
|
|
* Merged calloc check in semanage_store patch from Ivan Gyurdiev,
|
|
bug noticed by Steve Grubb.
|
|
* Merged cleanups after add/set removal patch from Ivan Gyurdiev.
|
|
|
|
1.5.11 2006-01-09
|
|
* Merged fcontext compare fix from Ivan Gyurdiev.
|
|
|
|
1.5.10 2006-01-06
|
|
* Fixed commit to return the commit number aka policy sequence number.
|
|
|
|
1.5.9 2006-01-06
|
|
* Merged const in APIs patch from Ivan Gyurdiev.
|
|
* Merged validation of local file contexts patch from Ivan Gyurdiev.
|
|
* Merged compare2 function patch from Ivan Gyurdiev.
|
|
* Merged hidden def/proto update patch from Ivan Gyurdiev.
|
|
|
|
1.5.8 2006-01-05
|
|
* Re-applied string and file optimization patch from Russell Coker,
|
|
with bug fix.
|
|
|
|
1.5.7 2006-01-05
|
|
* Reverted string and file optimization patch from Russell Coker.
|
|
|
|
1.5.6 2006-01-05
|
|
* Clarified error messages from parse_module_headers and
|
|
parse_base_headers for base/module mismatches.
|
|
|
|
1.5.5 2006-01-05
|
|
* Merged string and file optimization patch from Russell Coker.
|
|
* Merged swig header reordering patch from Ivan Gyurdiev.
|
|
* Merged toggle modify on add patch from Ivan Gyurdiev.
|
|
* Merged ports parser bugfix patch from Ivan Gyurdiev.
|
|
* Merged fcontext swig patch from Ivan Gyurdiev.
|
|
* Merged remove add/modify/delete for active booleans patch from Ivan Gyurdiev.
|
|
* Merged man pages for dbase functions patch from Ivan Gyurdiev.
|
|
* Merged pywrap tests patch from Ivan Gyurdiev.
|
|
|
|
1.5.4 2006-01-04
|
|
* Merged patch series from Ivan Gyurdiev.
|
|
This includes patches to:
|
|
- separate file rw code from linked list
|
|
- annotate objects
|
|
- fold together internal headers
|
|
- support ordering of records in compare function
|
|
- add active dbase backend, active booleans
|
|
- return commit numbers for ro database calls
|
|
- use modified flags to skip rebuild whenever possible
|
|
- enable port interfaces
|
|
- update swig interfaces and typemaps
|
|
- add an API for file_contexts.local and file_contexts
|
|
- flip the traversal order in iterate/list
|
|
- reorganize sandbox_expand
|
|
- add seusers MLS validation
|
|
- improve dbase spec/documentation
|
|
- clone record on set/add/modify
|
|
|
|
1.5.3 2005-12-14
|
|
* Merged further header cleanups from Ivan Gyurdiev.
|
|
|
|
1.5.2 2005-12-13
|
|
* Merged toggle modified flag in policydb_modify, fix memory leak
|
|
in clear_obsolete, polymorphism vs headers fix, and include guards
|
|
for internal headers patches from Ivan Gyurdiev.
|
|
|
|
1.5.1 2005-12-12
|
|
* Added file-mode= setting to semanage.conf, default to 0644.
|
|
Changed semanage_copy_file and callers to use this mode when
|
|
installing policy files to runtime locations.
|
|
|
|
1.4 2005-12-07
|
|
* Updated version for release.
|
|
|
|
1.3.64 2005-12-06
|
|
* Changed semanage_handle_create() to set do_reload based on
|
|
is_selinux_enabled(). This prevents improper attempts to
|
|
load policy on a non-SELinux system.
|
|
|
|
1.3.63 2005-12-05
|
|
* Dropped handle from user_del_role interface.
|
|
|
|
1.3.62 2005-12-05
|
|
* Removed defrole interfaces.
|
|
|
|
1.3.61 2005-11-29
|
|
* Merged Makefile python definitions patch from Dan Walsh.
|
|
|
|
1.3.60 2005-11-29
|
|
* Removed is_selinux_mls_enabled() conditionals in seusers and users
|
|
file parsers.
|
|
|
|
1.3.59 2005-11-28
|
|
* Merged wrap char*** for user_get_roles patch from Joshua Brindle.
|
|
|
|
1.3.58 2005-11-28
|
|
* Merged remove defrole from sepol patch from Ivan Gyurdiev.
|
|
|
|
1.3.57 2005-11-28
|
|
* Merged swig wrappers for modifying users and seusers from Joshua Brindle.
|
|
|
|
1.3.56 2005-11-16
|
|
* Fixed free->key_free bug.
|
|
|
|
1.3.55 2005-11-16
|
|
* Merged clear obsolete patch from Ivan Gyurdiev.
|
|
|
|
1.3.54 2005-11-15
|
|
* Merged modified swigify patch from Dan Walsh
|
|
(original patch from Joshua Brindle).
|
|
* Merged move genhomedircon call patch from Chad Sellers.
|
|
|
|
1.3.53 2005-11-10
|
|
* Merged move seuser validation patch from Ivan Gyurdiev.
|
|
* Merged hidden declaration fixes from Ivan Gyurdiev,
|
|
with minor corrections.
|
|
|
|
1.3.52 2005-11-09
|
|
* Merged cleanup patch from Ivan Gyurdiev.
|
|
This renames semanage_module_conn to semanage_direct_handle,
|
|
and moves sepol handle create/destroy into semanage handle
|
|
create/destroy to allow use even when disconnected (for the
|
|
record interfaces).
|
|
|
|
1.3.51 2005-11-08
|
|
* Clear modules modified flag upon disconnect and commit.
|
|
|
|
1.3.50 2005-11-08
|
|
* Added tracking of module modifications and use it to
|
|
determine whether expand-time checks should be applied
|
|
on commit.
|
|
|
|
1.3.49 2005-11-08
|
|
* Reverted semanage_set_reload_bools() interface.
|
|
|
|
1.3.48 2005-11-08
|
|
* Disabled calls to port dbase for merge and commit and stubbed
|
|
out calls to sepol_port interfaces since they are not exported.
|
|
|
|
1.3.47 2005-11-08
|
|
* Merged rename instead of copy patch from Joshua Brindle (Tresys).
|
|
|
|
1.3.46 2005-11-07
|
|
* Added hidden_def/hidden_proto for exported symbols used within
|
|
libsemanage to eliminate relocations. Wrapped type definitions
|
|
in exported headers as needed to avoid conflicts. Added
|
|
src/context_internal.h and src/iface_internal.h.
|
|
|
|
1.3.45 2005-11-07
|
|
* Added semanage_is_managed() interface to allow detection of whether
|
|
the policy is managed via libsemanage. This enables proper handling
|
|
in setsebool for non-managed systems.
|
|
|
|
1.3.44 2005-11-07
|
|
* Merged semanage_set_reload_bools() interface from Ivan Gyurdiev,
|
|
to enable runtime control over preserving active boolean values
|
|
versus reloading their saved settings upon commit.
|
|
|
|
1.3.43 2005-11-04
|
|
* Merged seuser parser resync, dbase tracking and cleanup, strtol
|
|
bug, copyright, and assert space patches from Ivan Gyurdiev.
|
|
|
|
1.3.42 2005-11-04
|
|
* Added src/*_internal.h in preparation for other changes.
|
|
* Added hidden/hidden_proto/hidden_def to src/debug.[hc] and
|
|
src/seusers.[hc].
|
|
|
|
1.3.41 2005-11-03
|
|
* Merged interface parse/print, context_to_string interface change,
|
|
move assert_noeof, and order preserving patches from Ivan Gyurdiev.
|
|
* Added src/dso.h in preparation for other changes.
|
|
|
|
1.3.40 2005-11-01
|
|
* Merged install seusers, handle/error messages, MLS parsing,
|
|
and seusers validation patches from Ivan Gyurdiev.
|
|
|
|
1.3.39 2005-10-31
|
|
* Merged record interface, dbase flush, common database code,
|
|
and record bugfix patches from Ivan Gyurdiev.
|
|
|
|
1.3.38 2005-10-27
|
|
* Merged dbase policydb list and count change from Ivan Gyurdiev.
|
|
|
|
1.3.37 2005-10-27
|
|
* Merged enable dbase and set relay patches from Ivan Gyurdiev.
|
|
|
|
1.3.36 2005-10-27
|
|
* Merged query APIs and dbase_file_set patches from Ivan Gyurdiev.
|
|
|
|
1.3.35 2005-10-26
|
|
* Merged sepol handle passing, seusers support, and policydb cache
|
|
patches from Ivan Gyurdiev.
|
|
|
|
1.3.34 2005-10-25
|
|
* Merged resync to sepol changes and booleans fixes/improvements
|
|
patches from Ivan Gyurdiev.
|
|
|
|
1.3.33 2005-10-25
|
|
* Merged support for genhomedircon/homedir template, store selection,
|
|
explicit policy reload, and semanage.conf relocation from Joshua
|
|
Brindle.
|
|
|
|
1.3.32 2005-10-24
|
|
* Merged resync to sepol changes and transaction fix patches from
|
|
Ivan Gyurdiev.
|
|
|
|
1.3.31 2005-10-21
|
|
* Merged reorganize users patch from Ivan Gyurdiev.
|
|
* Merged remove unused relay functions patch from Ivan Gyurdiev.
|
|
|
|
1.3.30 2005-10-20
|
|
* Fixed policy file leaks in semanage_load_module and
|
|
semanage_write_module.
|
|
* Merged further database work from Ivan Gyurdiev.
|
|
|
|
1.3.29 2005-10-20
|
|
* Fixed bug in semanage_direct_disconnect.
|
|
|
|
1.3.28 2005-10-20
|
|
* Merged interface renaming patch from Ivan Gyurdiev.
|
|
* Merged policy component patch from Ivan Gyurdiev.
|
|
|
|
1.3.27 2005-10-20
|
|
* Renamed 'check=' configuration value to 'expand-check=' for
|
|
clarity.
|
|
* Changed semanage_commit_sandbox to check for and report errors
|
|
on rename(2) calls performed during rollback.
|
|
|
|
1.3.26 2005-10-19
|
|
* Added optional check= configuration value to semanage.conf
|
|
and updated call to sepol_expand_module to pass its value
|
|
to control assertion and hierarchy checking on module expansion.
|
|
|
|
1.3.25 2005-10-19
|
|
* Merged fixes for make DESTDIR= builds from Joshua Brindle.
|
|
|
|
1.3.24 2005-10-19
|
|
* Merged default database from Ivan Gyurdiev.
|
|
* Merged removal of connect requirement in policydb backend from
|
|
Ivan Gyurdiev.
|
|
* Merged commit locking fix and lock rename from Joshua Brindle.
|
|
* Merged transaction rollback in lock patch from Joshua Brindle.
|
|
|
|
1.3.23 2005-10-18
|
|
* Changed default args for load_policy to be null, as it no longer
|
|
takes a pathname argument and we want to preserve booleans.
|
|
|
|
1.3.22 2005-10-18
|
|
* Merged move local dbase initialization patch from Ivan Gyurdiev.
|
|
* Merged acquire/release read lock in databases patch from Ivan Gyurdiev.
|
|
* Merged rename direct -> policydb as appropriate patch from Ivan Gyurdiev.
|
|
|
|
1.3.21 2005-10-18
|
|
* Added calls to sepol_policy_file_set_handle interface prior
|
|
to invoking sepol operations on policy files.
|
|
* Updated call to sepol_policydb_from_image to pass the handle.
|
|
|
|
1.3.20 2005-10-17
|
|
* Merged user and port APIs - policy database patch from Ivan
|
|
Gyurdiev.
|
|
|
|
1.3.19 2005-10-17
|
|
* Converted calls to sepol link_packages and expand_module interfaces
|
|
from using buffers to using sepol handles for error reporting, and
|
|
changed direct_connect/disconnect to create/destroy sepol handles.
|
|
|
|
1.3.18 2005-10-14
|
|
* Merged bugfix patch from Ivan Gyurdiev.
|
|
|
|
1.3.17 2005-10-14
|
|
* Merged seuser database patch from Ivan Gyurdiev.
|
|
Merged direct user/port databases to the handle from Ivan Gyurdiev.
|
|
|
|
1.3.16 2005-10-14
|
|
* Removed obsolete include/semanage/commit_api.h (leftover).
|
|
Merged seuser record patch from Ivan Gyurdiev.
|
|
|
|
1.3.15 2005-10-14
|
|
* Merged boolean and interface databases from Ivan Gyurdiev.
|
|
|
|
1.3.14 2005-10-13
|
|
* Updated to use get interfaces for hidden sepol_module_package type.
|
|
|
|
1.3.13 2005-10-13
|
|
* Changed semanage_expand_sandbox and semanage_install_active
|
|
to generate/install the latest policy version supported by libsepol
|
|
by default (unless overridden by semanage.conf), since libselinux
|
|
will now downgrade automatically for load_policy.
|
|
|
|
1.3.12 2005-10-13
|
|
* Merged new callback-based error reporting system and ongoing
|
|
database work from Ivan Gyurdiev.
|
|
|
|
1.3.11 2005-10-11
|
|
* Fixed semanage_install_active() to use the same logic for
|
|
selecting a policy version as semanage_expand_sandbox(). Dropped
|
|
dead code from semanage_install_sandbox().
|
|
|
|
1.3.10 2005-10-07
|
|
* Updated for changes to libsepol, and to only use types and interfaces
|
|
provided by the shared libsepol.
|
|
|
|
1.3.9 2005-10-06
|
|
* Merged further database work from Ivan Gyurdiev.
|
|
|
|
1.3.8 2005-10-04
|
|
* Merged iterate, redistribute, and dbase split patches from
|
|
Ivan Gyurdiev.
|
|
|
|
1.3.7 2005-09-30
|
|
* Merged patch series from Ivan Gyurdiev.
|
|
(pointer typedef elimination, file renames, dbase work, backend
|
|
separation)
|
|
|
|
1.3.6 2005-09-28
|
|
* Split interfaces from semanage.[hc] into handle.[hc], modules.[hc].
|
|
* Separated handle create from connect interface.
|
|
* Added a constructor for initialization.
|
|
* Moved up src/include/*.h to src.
|
|
* Created a symbol map file; dropped dso.h and hidden markings.
|
|
|
|
1.3.5 2005-09-28
|
|
* Merged major update to libsemanage organization and functionality
|
|
from Karl MacMillan (Tresys).
|
|
|
|
1.3.4 2005-09-23
|
|
* Merged dbase redesign patch from Ivan Gyurdiev.
|
|
|
|
1.3.3 2005-09-21
|
|
* Merged boolean record, stub record handler, and status codes
|
|
patches from Ivan Gyurdiev.
|
|
|
|
1.3.2 2005-09-16
|
|
* Merged stub iterator functionality from Ivan Gyurdiev.
|
|
* Merged interface record patch from Ivan Gyurdiev.
|
|
|
|
1.3.1 2005-09-14
|
|
* Merged stub functionality for managing user and port records,
|
|
and record table code from Ivan Gyurdiev.
|
|
|
|
1.2 2005-09-06
|
|
* Updated version for release.
|
|
|
|
1.1.6 2005-08-31
|
|
* Merged semod.conf template patch from Dan Walsh (Red Hat),
|
|
but restored location to /usr/share/semod/semod.conf.
|
|
|
|
1.1.5 2005-08-30
|
|
* Fixed several bugs found by valgrind.
|
|
* Fixed bug in prior patch for the semod_build_module_list leak.
|
|
|
|
1.1.4 2005-08-25
|
|
* Merged errno fix from Joshua Brindle (Tresys).
|
|
* Merged fix for semod_build_modules_list leak on error path
|
|
from Serge Hallyn (IBM). Bug found by Coverity.
|
|
|
|
1.1.3 2005-08-22
|
|
* Merged several fixes from Serge Hallyn (IBM). Bugs found by
|
|
Coverity.
|
|
* Fixed several other bugs and warnings.
|
|
|
|
1.1.2 2005-08-02
|
|
* Merged patch to move module read/write code from libsemanage
|
|
to libsepol from Jason Tang (Tresys).
|
|
|
|
1.1.1 2005-08-02
|
|
* Merged relay records patch from Ivan Gyurdiev.
|
|
* Merged key extract patch from Ivan Gyurdiev.
|
|
|
|
1.0 2005-07-27
|
|
* Initial version.
|