249 lines
11 KiB
Text
249 lines
11 KiB
Text
* Wed Jul 29 2020 kukuk@suse.com
|
|
- Add /var/lib/selinux
|
|
* Wed Jul 15 2020 jsegitz@suse.com
|
|
- Remove libsemanage-update-map-file.patch to prevent checkers from declining
|
|
the submission. Keeping the snippet in the spec file in case we try to
|
|
enable LTO again
|
|
* Tue Jul 14 2020 jsegitz@suse.com
|
|
- Update to version 3.1
|
|
* Improved manpage
|
|
* fsync final files before rename
|
|
* Tue Jun 16 2020 jsegitz@suse.com
|
|
- Disabled LTO again. This breaks e.g. shadow and also other packages
|
|
in security:SELinux
|
|
* Fri Jun 12 2020 pmonrealgonzalez@suse.com
|
|
- Fix build with LTO: [bsc#1133102]
|
|
* Enable LTO (Link Time Optimization) and build with -ffat-lto-objects
|
|
* Update map file to include new symbols and remove wildcards
|
|
- Add libsemanage-update-map-file.patch
|
|
* Thu Jun 4 2020 dimstar@opensuse.org
|
|
- Drop suse_path.patch: replace it with a grep/sed logic replacing
|
|
/usr/libexec in all files with the correct value for all distros
|
|
(taking into account that openSUSE is in progress of migrating
|
|
from /usr/lib to /usr/libexec).
|
|
* Fri May 29 2020 jsegitz@suse.de
|
|
- Apply suse_path.patch only for older distributions. Newer
|
|
use libexec
|
|
* Tue Mar 3 2020 jsegitz@suse.de
|
|
- Update to version 3.0
|
|
* Add support for DCCP and SCTP protocols
|
|
* include internal header to use the hidden function prototypes
|
|
* mark all exported function "extern"
|
|
* optionally optimize policy on rebuild
|
|
Refreshed suse_path.patch
|
|
* Thu Jun 20 2019 mliska@suse.cz
|
|
- Disable LTO due to symbol versioning (boo#1138812).
|
|
* Wed Mar 20 2019 jsegitz@suse.com
|
|
- Update to version 2.9
|
|
* Always set errno to 0 before calling getpwent()
|
|
* Include user name in ROLE_REMOVE audit events
|
|
* genhomedircon - improve handling large groups
|
|
* improve semanage_migrate_store import failure
|
|
* reset umask before creating directories
|
|
* set selinux policy root around calls to selinux_boolean_sub
|
|
* use previous seuser when getting the previous name
|
|
* Thu Nov 8 2018 jengelh@inai.de
|
|
- Use more %%make_install.
|
|
* Thu Nov 8 2018 jsegitz@suse.com
|
|
- Adjusted source urls (bsc#1115052)
|
|
* Thu Sep 27 2018 pmonrealgonzalez@suse.com
|
|
- update to version 2.8
|
|
* semanage fcontext -l now also lists home directory entries from
|
|
file_contexts.homedirs.
|
|
* libsemanage no longer deletes the tmp directory if there is an error
|
|
while committing the policy transaction, so that any temporary files
|
|
can be further inspected for debugging purposes (e.g. to examine a
|
|
particular line of the generated CIL module). The tmp directory will
|
|
be deleted upon the next transaction, so no manual removal is needed.
|
|
* When overriding PREFIX, BINDIR, SBINDIR, SHLIBDIR, LIBEXECDIR, etc.,
|
|
DESTDIR has to be removed from the definition. For example on Arch
|
|
Linux, SBINDIR="${pkgdir}/usr/bin" was changed to SBINDIR="/usr/bin".
|
|
* PYSITEDIR has been renamed PYTHONLIBDIR (and its definition changed).
|
|
- Clened with spec-cleaner
|
|
* Thu Mar 8 2018 rgoldwyn@suse.com
|
|
- Update to version 2.7. Changes:
|
|
* IB support
|
|
* saves linked policy and skips relinking whenever possible
|
|
* Fri Nov 24 2017 jsegitz@suse.com
|
|
- Update to version 2.6. Notable changes:
|
|
* genhomedircon: do not suppress logging from libsepol
|
|
* genhomedircon: use userprefix as the role for homedir
|
|
* Fix bug preventing the installation of base modules
|
|
* Use pp module name instead of filename when installing module
|
|
* genhomedircon: remove hardcoded refpolicy strings
|
|
* genhomedircon: add support for %%group syntax
|
|
* genhomedircon: generate contexts for logins mapped to the default user
|
|
* Validate and compile file contexts before installing
|
|
* Swap tcp and udp protocol numbers
|
|
* genhomedircon: %%{USERID} and %%{USERNAME} support and code cleanups
|
|
* Mon Dec 12 2016 dimstar@opensuse.org
|
|
- Split out the Policy Store Migration tool into
|
|
libsemanage-store-migrate: it is not a devel tool to start with.
|
|
Additionally, it causes the -devel package to depend on python,
|
|
which we want to avoid (libsemanabe being part of the core build
|
|
cycle). The library suggests libsemanage-store-migrate.
|
|
* Sun Jul 17 2016 jengelh@inai.de
|
|
- Update RPM groups, trim description, combine filelist entries,
|
|
ensure pkgconfig() symbols are generated.
|
|
* Thu Jul 14 2016 jsegitz@novell.com
|
|
- Without bug number no submit to SLE 12 SP2 is possible, so to make
|
|
sle-changelog-checker happy: bsc#988977
|
|
* Wed Jul 13 2016 jsegitz@novell.com
|
|
- Added suse_path.patch to fix path to hll compiler
|
|
* Fri Jul 8 2016 i@marguerite.su
|
|
- update version 2.5
|
|
* Do not overwrite CFLAGS in test Makefile, from Nicolas Iooss.
|
|
* Fix uninitialized variable in direct_commit and direct_api
|
|
* semanage_migrate_store: Load libsepol.so.1 instead of libsepol.so
|
|
* Store homedir_template and users_extra in policy store
|
|
* Fix null pointer dereference in semanage_module_key_destroy
|
|
* Add semanage_module_extract() to extract a module as CIL or HLL
|
|
* semanage_migrate_store: add -r <root> option for migrating inside chroots
|
|
* Add file_contexts and seusers to the store
|
|
* Add policy binary and file_contexts.local to the store
|
|
* Allow to install compressed modules without a compression extension
|
|
* Do not copy contexts in semanage_migrate_store
|
|
* Fix logic in bunzip for uncompressed pp files
|
|
* Fix fname[] initialization in test_utilities.c
|
|
* Add remove-hll semanage.conf option to remove HLL files after
|
|
compilation to CIL
|
|
* Fix memory leaks when parsing semanage.conf
|
|
* Change bunzip to use heap instead of stack to prevent segfault on
|
|
systems with small stack size
|
|
- changes in 2.4
|
|
* Fix Makefile to allow LIBDIR and SHLIBDIR to be set to different
|
|
directories
|
|
* Fix bugs found by hardened gcc flags
|
|
* Add missing manpage links to security_load_policy
|
|
* Fix failing libsemanage pywrap tests
|
|
* Fix deprecation warning for bison
|
|
* Skip policy module relink when only setting booleans
|
|
* Only try to compile file contexts if they exist
|
|
* Fix memory leak when setting a custom store path
|
|
* Add semodule option to set store root path in semanage.conf and the
|
|
semodule command
|
|
* Add semanage.conf option to set an alternative root path for policy
|
|
store
|
|
* Add support for High Level Language (HLL) to CIL compilers. The HLL
|
|
compiler path is configurable, but should be placed in
|
|
/usr/libexec/selinux/hll by default
|
|
* Create a policy migration script for migrating the policy store from
|
|
/etc/selinux to /var/lib/selinux
|
|
* Add python3 support to the migration script
|
|
* Use libcil to compile modules
|
|
* Use symbolic versioning to maintain ABI compatibility for old install
|
|
functions
|
|
* Add a target-platform option to semanage.conf to control how policies
|
|
are built
|
|
* Add API to handle modules and source policies, moving module store to
|
|
/var/lib/selinux
|
|
* Only try to compile file contexts if they exist
|
|
* Sun May 18 2014 crrodriguez@opensuse.org
|
|
- version 2.3
|
|
* Fix memory leak in semanage_genhomedircon from Thomas Hurd.
|
|
* Tue Feb 11 2014 vcizek@suse.com
|
|
- add semanage.conf as SOURCE and install it instead of the default
|
|
one
|
|
* Thu Oct 31 2013 p.drouand@gmail.com
|
|
- Update to version 2.2
|
|
* Avoid duplicate list entries
|
|
* Add audit support to libsemanage
|
|
* Remove policy.kern and replace with symlink
|
|
* Apply a MAX_UID check for genhomedircon
|
|
* Fix man pages
|
|
- Add audit-devel BuildRequires; new dependency
|
|
- Add fdupes BuildRequires and use it to symlink duplicate manpages
|
|
* Thu Jun 27 2013 vcizek@suse.com
|
|
- change the source url to the official 2.1.10 release tarball
|
|
* Thu Apr 4 2013 vcizek@suse.com
|
|
- fixed source url
|
|
- removed old tarball
|
|
* Fri Mar 29 2013 vcizek@suse.com
|
|
- update to 2.1.10
|
|
* Add sefcontext_compile to compile regex everytime policy is rebuilt
|
|
* Cleanup/fix enable/disable/remove module.
|
|
* redo genhomedircon minuid
|
|
* fixes from coverity
|
|
* semanage_store: do not leak memory in semanage_exec_prog
|
|
* genhomedircon: remove useless conditional in get_home_dirs
|
|
* genhomedircon: double free in get_home_dirs
|
|
* fcontext_record: do not leak on error in semanage_fcontext_key_create
|
|
* genhomedircon: do not leak on failure in write_gen_home_dir_context
|
|
* semanage_store: do not leak fd
|
|
* genhomedircon: do not leak shells list
|
|
* semanage_store: do not leak on strdup failure
|
|
* semanage_store: rewrite for readability
|
|
* Wed Jan 30 2013 vcizek@suse.com
|
|
- update to 2.1.9
|
|
* dropped libsemanage-2.1.6-NULL_level_fix.patch (fixed upstream)
|
|
* libsemanage: do not set soname needlessly
|
|
* libsemanage: remove PYTHONLIBDIR and ruby equivalent
|
|
* do boolean name substitution
|
|
* Fix segfault for building standard policies.
|
|
* remove build warning when build swig c files
|
|
* additional makefile support for rubywrap
|
|
* ignore 80 column limit for readability
|
|
* semanage_store: fix snprintf length argument by using asprintf
|
|
* Use default semanage.conf as a fallback
|
|
* use after free in python bindings
|
|
* Alternate path for semanage.conf
|
|
* do not link against libpython, this is considered bad in Debian
|
|
* Allow to build for several ruby version
|
|
* fallback-user-level
|
|
* Mon Jan 7 2013 jengelh@inai.de
|
|
- Remove obsolete defines/sections
|
|
* Wed Oct 24 2012 vcizek@suse.com
|
|
- when building "standard" (not MCS/MLS) selinux-policies,
|
|
libsemanage will crash, because "level" is NULL
|
|
(libsemanage-2.1.6-NULL_level_fix.patch)
|
|
* Mon Aug 27 2012 cfarrell@suse.com
|
|
- license update: LGPL-2.1+
|
|
Could not find any LGPL-2.1 "only" licensed files in the pacakge
|
|
* Wed Aug 1 2012 meissner@suse.com
|
|
- Updated to 2.1.6
|
|
* changes too numerous to list
|
|
* Wed Oct 5 2011 uli@suse.com
|
|
- cross-build fix: use %%__cc macro
|
|
* Thu Sep 22 2011 dmueller@suse.de
|
|
- buildrequire libbz2-devel
|
|
* Mon May 23 2011 prusnak@opensuse.org
|
|
- split off python bindings to separate package to reduce build
|
|
dependencies for rpm [bnc#695436]
|
|
* Wed May 18 2011 coolo@novell.com
|
|
- add baselibs.conf for rpm-32bit to use
|
|
* Wed Feb 23 2011 coolo@novell.com
|
|
- disable parallel build, it breaks too often
|
|
* Thu Feb 25 2010 prusnak@suse.cz
|
|
- updated to 2.0.43
|
|
* changes too numerous to list
|
|
* Fri Jan 16 2009 prusnak@suse.cz
|
|
- fix assignment of wrong context [bnc#466793]
|
|
* Wed Jan 14 2009 prusnak@suse.cz
|
|
- updated to 2.0.31
|
|
* policy module compression (bzip) support from Dan Walsh
|
|
* hard link files between tmp/active/previous from Dan Walsh
|
|
* add semanage_mls_enabled() interface from Stephen Smalley
|
|
* Mon Dec 1 2008 prusnak@suse.cz
|
|
- updated to 2.0.29
|
|
* add USER to lines to homedir_template context file
|
|
* add compression support
|
|
* allow fcontext and seuser changes without rebuilding the policy
|
|
* don't rebuild on fcontext or seuser modifications
|
|
* modify genhomedircon to skip %%groupname entries
|
|
* Wed Oct 22 2008 mrueckert@suse.de
|
|
- fix debug_packages_requires define
|
|
* Tue Sep 23 2008 prusnak@suse.cz
|
|
- require only version, not release [bnc#429053]
|
|
* Tue Sep 2 2008 prusnak@suse.cz
|
|
- updated to 2.0.27
|
|
* Modify genhomedircon to skip %%groupname entries.
|
|
Ultimately we need to expand them to the list of users to support
|
|
per-role homedir labeling when using the %%groupname syntax.
|
|
- updated to 2.0.26
|
|
* Fix bug in genhomedircon fcontext matches logic from Dan Walsh.
|
|
Strip any trailing slash before appending /*$.
|
|
* Fri Aug 1 2008 ro@suse.de
|
|
- fix requires for debuginfo package
|
|
* Tue Jul 15 2008 prusnak@suse.cz
|
|
- initial version 2.0.25
|
|
* based on Fedora package by Dan Walsh <dwalsh@redhat.com>
|