[SELinux commit]SELinux userland upstream repository branch, queue, updated. 20080909-472-g9b3422e
eparis at oss.tresys.com
eparis at oss.tresys.com
Fri Aug 26 15:04:21 CDT 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "SELinux userland upstream repository".
The branch, queue has been updated
discards 49c66349ed01a05f7fbfe0aefffb418a425ca6dc (commit)
discards 81001ad26c5c3d1c44a301b622960309c04f12dc (commit)
discards 82ff0fd3c9cf481da2bf763d52908f3502b605f8 (commit)
discards 3089332ca498aa5cb3079870ec22c37631908d71 (commit)
discards 844abf2eb421a70639f457a2a37d24bda2ecbd5d (commit)
discards 7c9faa4cd638dde6d1d733d5f06431eb28451e2f (commit)
discards 82d4dbed174a4cdaeafd4377cbe7bc59ca3ce2be (commit)
discards ec33f673756ce7e9ba0844ddbaf7ade2e3747d2a (commit)
discards 01b7280a9eb3ebf3aafb903966d84c882425456c (commit)
discards c1859ee6711d0403df6dcb5cdb21675f9fdbb74f (commit)
discards d2d395b1f659a14a4f81c5eda509343eac16982a (commit)
discards fed9d387990cfb600062611459c51faea6f2bff6 (commit)
discards 4c60425a94b45da8c1ccf83333605796a7d1944a (commit)
discards a9e7352c033727aab5edf4ee5b1255299aeeeba6 (commit)
discards abb6185bc0ddabe38f2e27796de641c829cf70b9 (commit)
discards d25df987bf4fd086520c60f3bf49636a7b085bb9 (commit)
discards 15779c9c59e83f83a880d8402f43a70f131f7a0e (commit)
discards 57dd697a13b155662a65a9f3d8a45f22460d2463 (commit)
discards e417db5bd6ac9841a7920eb5af0a9ca6697181a5 (commit)
discards 137065edcf92ca2d73eebe29fe18dc07c7394a7f (commit)
discards a52c43db7bde8803c211b92aeb7e091d1356e8be (commit)
discards 294a82a5ca92f0b1fc986f974c0870f91508674f (commit)
discards d9bb07766c68dc10e6aea977fd420c54dc17d1bc (commit)
discards 031c9858647b202c8c751fd22703df1f931c3068 (commit)
discards 2f134c8e06f6f64bd472739a085ef20d03ee965e (commit)
discards 896f220fafcc486b8708a35cf6edbbbe9eeb9bc0 (commit)
discards 84fe4ecfe17480e07fe653f9b83290fac6310569 (commit)
discards 888c7916c04c6ccf3797dca6abef5075a37685d1 (commit)
discards 1dc806347dd1f1901fe776723b66803b641d82a6 (commit)
discards ebaa5a8e9d11a88271dead8bcbbd5ba1001adc9d (commit)
discards e1e120b325c901b3ea57ded20fedd547331d2498 (commit)
discards 16dba852df46655c2a299a888bd7c1e0b4944d88 (commit)
discards f00f98ce7cebcab4c3e5cb2e0c28e5fa2385b20a (commit)
discards 6d6c2103be445741ed30c0a146115a130763e2c5 (commit)
discards 9b6ef077c5f48768511027970bf305241c0a16b4 (commit)
discards 277408abd3baa37a744f7bd808b3b0a783429cdc (commit)
discards 620adfcf2f78c62a2dca12edeedcf6f41c96deab (commit)
discards c3159c0836adf61a408f6a72897d922b73b4be05 (commit)
discards 6905f7cb46a8d286c445ca3d0a8156cb52644e7e (commit)
discards dc6b1818781ffd46747bb55ef3b23a96819dd0d3 (commit)
discards 7c9777d183c9eaa7b826b14ce6fb1ccf37228da7 (commit)
discards 83f2345f290b50cd67730cd8846f0bd65312ab9e (commit)
discards 0a46a7ef75c0d5bc543cbca9186b1edd03c71011 (commit)
discards 226d44b5f2bb3523736a606e4ed36738c8fa33ec (commit)
discards 86505730ecaac7dc2be1cf838d687cd68873e6c3 (commit)
discards 70ac5d0eacf208d943fd66db26eb8a591872ff80 (commit)
discards 959f3be26410fd5e1c6ce93380e9cdd860bcf5c6 (commit)
discards 2a570997ceb66ecd71eea26cbef19e824f00318c (commit)
discards e3a983a1562bd1eb3f431245aba09019ff1a4c19 (commit)
discards 192d8137db0f27cbaa4f1e6d0b2f8014ce472617 (commit)
discards e693eea7fabf0d4be1a533d71ae7f7387bfb7427 (commit)
discards 715aefcdec50cb386169cd50ef7fe9822051e659 (commit)
discards 389162bd20a38b0a28012ec02956dd4f2ce3957e (commit)
discards 11394da2021feefa57355d4d2384244028d71b1a (commit)
discards 8927e443e19a81c152a809505a16a211492684d0 (commit)
discards 13adc3498c39ca39a7d06f6ca213303bcde4eee4 (commit)
discards 3be31907e25dacf0b331b59bd1a3f3bee380a619 (commit)
discards 562c3e5518d673ec44332120f741c15ca124741e (commit)
discards 5b9dbdad4df6f933e2618c9c146fef9b41ed767b (commit)
discards e2e0d6d4fbd16b308d84d4cb38a437ba2e0d42a0 (commit)
discards e1f14621bdeef94c2c34f5092f9ae54e92fe2d71 (commit)
discards db750ca6eba023fe7b4ca510992da6bc386bfa7c (commit)
discards 37e725be18f3726b343f1ea29441fe5750708376 (commit)
discards 507380aaf54ac54756a4f05b17dafa5c31baf9d4 (commit)
discards b4b7a6d0a254ad45f6408a81f2275f6910611660 (commit)
discards f382041e22eff834b18c02151e25015979bb190e (commit)
discards 359cea968c46c3af11ce526962f9f4e620674975 (commit)
discards f505825c59c3f44612429fd3ad1cd47e108ab6e5 (commit)
discards 2bb9cbad00025af10a1a69b71726fd9c5ee3df16 (commit)
discards 823d1bb8c25ce95a0e88669bfd069a4be6ba09f8 (commit)
discards 54e9ca7369e04dedc56f0f8227df7efc140e4f90 (commit)
discards 47fee8030fe83a27d0de6be3eb214f421d03ce21 (commit)
discards 896aa3e78b5082604c3100912c7bdd5793e894bb (commit)
discards b92c8c9b7d72121cdf9dedcb7bf13ddd6deb10b2 (commit)
discards 2e0ddb52ca4a943cbc2f11e326d5a90cdbe17c13 (commit)
discards 00ce774f781c93df269109a47967e13dc1da733e (commit)
discards dcca498b0d495f96d3846a9027f19429404365da (commit)
via 9b3422ed11ee8e6395ebcd805d0e295131fc2695 (commit)
via 9ca9bcc6b86e09ef04916a89a21261305f878cb8 (commit)
via 9bcf431467cb9327a6cf8adb609a37d316183a13 (commit)
via 1350f9963e9de71914d3ce8332ac155c69a42029 (commit)
via fa2fc9d7ce979eadd911b5117e52727d5245b7cf (commit)
via 31864eeeffc878bb826e7a6d035f4a3f25719b2d (commit)
via a5cb5b1349cf1b9a04c9c2ca0537a948f82a4f94 (commit)
via 698ccc8f9061893e6fbf15172089fb5da020e141 (commit)
via f075cab79e517c02c7626cde8e5e412974f601e4 (commit)
via 69f21aafd22d67d4cb8a5690e252ddee5abc3ac5 (commit)
via 1fb3123795446e29c538359ea5a9951b59f4e669 (commit)
via b0caaaa53af053244c94acf7269b76f8e545aed9 (commit)
via dd8c644af0008abcea8bcc86dc4d7f1d128b9dd7 (commit)
via df40a225b65df5ef2e08f8856a184b1faa18a101 (commit)
via 03a0b77a0e9e13ee08afab0d780eb289efdea481 (commit)
via 2691144b50cd5b8da9dbe64c6f89b89672cdaa12 (commit)
via cd384b927e34311b7358946863364b146ec4efc7 (commit)
via d2b398193b834ff1602e89b4c437a7d755e804f4 (commit)
via d92b1cce407b032564606b6f061f7d1bb6cbea93 (commit)
via 798472711a371c35bda11a576aa548f064741f36 (commit)
via 21165d77c31f5ae380ddd4748aacdb5db9709c82 (commit)
via fb307878662e92b771dc3091a00c843d481ed99b (commit)
via 34f15fa9e152f29451fcd2463dabbef7a1d812c4 (commit)
via 5a970f6f15f5043d60873da4f2628c67d8fddab0 (commit)
via 922582c659d1c76a5b23dba68cb3027a1cb7464c (commit)
via 6e42c115b37741c4c5739274ecd0df3928dd732f (commit)
via 7752828f670f092d3e9ff86cf42d106184d120b3 (commit)
via 43ef64c0fd626284c702c116d343e802ddb8a59c (commit)
via f83a49135b06c3f6973054f22a61970c78d46a05 (commit)
via a57109fa5ea01a1fb959490f44baf41e677a71ee (commit)
via d3b26af9d777106462d457d406218c3e94e011d0 (commit)
via 038ef21bf51bcc12e4308f8b85608a0f59475bd8 (commit)
via 17d40df081f03f00926b0c7a255f768ece1f8600 (commit)
via cac681eaab63e2b3b99c0d65ee8fd7588d12d141 (commit)
via a09146fb320275351d1a683787df5235446a8b49 (commit)
via bbd280df897929d35ca2a82170a700322812844f (commit)
via e74341c339e34aa2fe2e86d9bbb0191a4472dff5 (commit)
via 165e29a42e30eb90439c89289d3135c2ac512b31 (commit)
via 481b52a41c261ec0c071ccbeed53280e65431e42 (commit)
via 28b3989d0c070fde3ba9f6493dc633bd2adaf047 (commit)
via 62772ad4bb08eb44a7af664c29c209a9c69b4172 (commit)
via 8649deb75b3085acb918d29f454044624e00f731 (commit)
via 2b29596f5ae35683422a2ae1c522ab371c983f10 (commit)
via 7df148fd2b29f3609c1833adca0b84d5866235eb (commit)
via 2fdaf4d24bdf0fceb0f631f1814056a3f11a0aab (commit)
via 9a5fb08360cacd89d0e388e1e45d3ff14a57a563 (commit)
via c39dbd52815f8c4616abff83af34df5bf58e75cf (commit)
via 4bf3322f2367c0a403dd9879fefa86ac10cc1dc9 (commit)
via 1f8cf403be49dd8b918e2ff21969a6a47928d672 (commit)
via 3f1446944eef99734bf4caef093b7fc1de51c747 (commit)
via de311acdc976f8a8ec186d99181782e56b12b454 (commit)
via ddc5063c167ea3c253262c79c177d72c6aab68f9 (commit)
via a0e2e16878c2aae375920f8fef8efe07bcd6ac3d (commit)
via 37644bfa936505cbfa9ab9cc20842ccaea89e036 (commit)
via 83e6416bca8d0d4a2c0ab804e9789610acd40426 (commit)
via f6558d9cecae6653e589039359465f796cca7d9a (commit)
via bf22cff3ea931abfe431856b015390600f969770 (commit)
via 149afc688a53839e57ca541dfa1f84c946bb6399 (commit)
via d6c09608cd6a1c29fa2befd1b9769350f3bdee50 (commit)
via 64b7a309c5d44ea1cefe84888e638dcdd6fa7ec4 (commit)
via 26ff83cf87b58247646894bd252de4ed74b391f8 (commit)
via da7ae7951c692a60b6137ebaf6f33232a9bd63be (commit)
via 3c5abbc34110b8f4393d011a2d6eb8484131ca24 (commit)
via baf4d59407c1663b29498c533b54e75bf648567b (commit)
via d7258412392f005e297d3a02670740e14057790f (commit)
via 74bb5c01d651d1f35f863d53671e55d9686cd079 (commit)
via 1701e786eaaf25b8b2fa3484691b9a06e6130658 (commit)
via 406ae12e31ac60ccbecc67dc1314dd88491ca9cd (commit)
via 89e3dd6c30edc2ffa1e52e8ed162c1085c6d6c9b (commit)
via 8fb9a4571d3db8675ec12ba5ee1e2f2c3cefbeec (commit)
via 242a98cd21adcb126305c9e2f0522564b702af3e (commit)
via 5ffa296798f892c6ba4946bd8181036dfddf29c9 (commit)
via 142209161fc5a383a8f34a7fd73bf6a8ecf349f3 (commit)
via e759841c08eb97bf7c8f7cd3197fe7758cd4cba6 (commit)
via acb4ecaa0111a428b2c443e0db937caa09696923 (commit)
via bc1a8e2a4af543d04e8df70a92a5a7a3aeebf669 (commit)
via 7df397d3d916e7018981b9fcf8062f992b4cec49 (commit)
via 57c6012f8662d8f40d42fe145a5ec55bbd1b0f73 (commit)
This update added new revisions after undoing existing revisions. That is
to say, the old revision is not a strict subset of the new revision. This
situation occurs when you --force push a change and generate a repository
containing something like this:
* -- * -- B -- O -- O -- O (49c66349ed01a05f7fbfe0aefffb418a425ca6dc)
\
N -- N -- N (9b3422ed11ee8e6395ebcd805d0e295131fc2695)
When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9b3422ed11ee8e6395ebcd805d0e295131fc2695
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 23 14:56:15 2011 -0400
sepolgen: FIXME add attribute handling to sepolgen so it can take into account the attributes within an interface
Better changelog and review
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 9ca9bcc6b86e09ef04916a89a21261305f878cb8
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 23 14:53:44 2011 -0400
sepolgen: FIXME Allow returning of bastard matches
Better changelog and review
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 9bcf431467cb9327a6cf8adb609a37d316183a13
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 23 14:52:47 2011 -0400
sepolgen: Change analysys of sepolgen to return booleans and te rules that would tell audit2allow if there are booleans that can handle the AVC
Better changelog and review
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 1350f9963e9de71914d3ce8332ac155c69a42029
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 23 14:51:41 2011 -0400
sepolgen: FIXME Change analysys of sepolgen to return booleans and te rules that would tell audit2allow if there are booleans that can handle the AVC
Better changelog and review
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit fa2fc9d7ce979eadd911b5117e52727d5245b7cf
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 23 14:51:05 2011 -0400
sepolgen: FIXME Change analysys of sepolgen to return booleans and te rules that would tell audit2allow if there are booleans that can handle the AVC
Better changelog and review
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 31864eeeffc878bb826e7a6d035f4a3f25719b2d
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 23 14:49:45 2011 -0400
sepolgen: FIXME Change perm-map and add open to try to get better results on matches
Better changelog and review
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit a5cb5b1349cf1b9a04c9c2ca0537a948f82a4f94
Author: Eric Paris <eparis at redhat.com>
Date: Mon Aug 8 14:44:08 2011 -0400
policycoreutils: sandbox: FIXME man page install line in Makefile
The source calls the man page sandbox.conf.5 but we wish to install it
as sandbox.5
This doesn't make sense. Shouldn't the man page for sandbox.conf be at
sandbox.conf?
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 698ccc8f9061893e6fbf15172089fb5da020e141
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Jul 6 20:52:05 2011 -0400
policycoreutils: sandbox: cntrl-c should kill entire process control group
Change the signal handler to handle ctrl-C and exit properly
Signed-off-by: Eric Paris <eparis at redhat.com>
Acked-by: Dan Walsh <dwalsh at redhat.com>
commit f075cab79e517c02c7626cde8e5e412974f601e4
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Jul 6 20:22:26 2011 -0400
policycoreutils: sandbox: FIXME add level based kill option
add kill option to seunshare to kill all processes that are still running
with the execcon MCS label. Default sandbox to call seunshare with the -k
if it created an mcs level
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 69f21aafd22d67d4cb8a5690e252ddee5abc3ac5
Author: Eric Paris <eparis at redhat.com>
Date: Mon Aug 8 15:47:43 2011 -0400
policycoreutils: sandbox: FIXME do not bind mount so much
Why not?
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 1fb3123795446e29c538359ea5a9951b59f4e669
Author: Eric Paris <eparis at redhat.com>
Date: Mon Aug 15 19:58:08 2011 -0400
policycoreutils: sandbox: rewrite /tmp handling FIXME
seunshare now creates a runtime temporary directory owned by root and
with the sticky bit set properly. Files from the user-specified directory
are copied to the runtime directory and the changes synced back (using rsync)
at the end of the seunshare run.
review needed to changelog correctness/completeness
Signed-off-by: Eric Paris <eparis at redhat.com>
commit b0caaaa53af053244c94acf7269b76f8e545aed9
Author: Eric Paris <eparis at redhat.com>
Date: Mon Aug 15 20:10:14 2011 -0400
policycoreutils: sandbox: introduce package name and language stuff FIXME
I don't know what this does. Something with languages maybe?
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit dd8c644af0008abcea8bcc86dc4d7f1d128b9dd7
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 15:09:22 2011 -0400
policycoreutils: sandbox: add sandbox cgroup support
Add cgroup support
Signed-off-by: Eric Paris <eparis at redhat.com>
commit df40a225b65df5ef2e08f8856a184b1faa18a101
Author: Eric Paris <eparis at redhat.com>
Date: Fri Aug 26 15:26:25 2011 -0400
policycoreutils: sandbox: add -Wall and -Werror to makefile
Just like everything else we should be erroring out on warnings.
Signed-off-by: Eric Paris <eparis at redhat.com>
commit 03a0b77a0e9e13ee08afab0d780eb289efdea481
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 9 09:58:53 2011 -0400
policycoreutils: restorecon: Always check return code on asprintf
Do not assume it is always a success and error gracefully when it isn't.
Signed-off-by: Eric Paris <eparis at redhat.com>
Acked-by: Dan Walsh <dwalsh at redhat.com>
commit 2691144b50cd5b8da9dbe64c6f89b89672cdaa12
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Aug 1 17:09:10 2011 -0400
policycoreutils: restorecond: Restore restorecond code to F15 version
commit cd384b927e34311b7358946863364b146ec4efc7
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 14:10:38 2011 -0400
policycoreutils: restorecon: fix memory leaks FIXME
merge with patch which introduced the memory leaks.
commit d2b398193b834ff1602e89b4c437a7d755e804f4
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 12:23:45 2011 -0400
policycoreutils: restorecon: FIXME No idea
I just broke the restorecon changes into a patch, but I don't know if
it's 'good'
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit d92b1cce407b032564606b6f061f7d1bb6cbea93
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 11:40:47 2011 -0400
policycoreutils: restorecon: FIXME Lots of undocumented restorecon changes
I really need a changelog here, and probably should break this even
smaller.
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 798472711a371c35bda11a576aa548f064741f36
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 11:38:03 2011 -0400
policycoreutils: newrole: FIXME do not call drop_capabilities
I don't know why this is a good thing, but apparently we does it!
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 21165d77c31f5ae380ddd4748aacdb5db9709c82
Author: Eric Paris <eparis at redhat.com>
Date: Wed Jul 20 12:19:48 2011 -0400
policycoreutils: run_init: FIXME Build option for call to open_init_pty
This patch introduces a new build flag, USE_OPEN_INIT_PTY, which
decides if run_init uses open_init_pty to launch new programs or just
does so directly.
This patch seems broken since nothing is ever going to set
USE_OPEN_INIT_PTY
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit fb307878662e92b771dc3091a00c843d481ed99b
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 12:00:30 2011 -0400
policycoreutils: semanage: whitespace changes in seobject FIXME
Just whitespace and indention changes. No real code. I'm not certain
they are all a good idea.
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
Acked-by: Dan Walsh <dwalsh at redhat.com>
commit 34f15fa9e152f29451fcd2463dabbef7a1d812c4
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 11:57:34 2011 -0400
policycoreutils: semanage: surround getopt with its own try block FIXME
This patch adds another try/except block which only includes the getopt
processing. I don't understand why the single larger block was
inadequate.
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 5a970f6f15f5043d60873da4f2628c67d8fddab0
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 11:53:43 2011 -0400
policycoreutils: semanage: FIXME do not use set_action
This patch causes enable/disable to not use setaction and to instead
throw their own error. I do not believe it is needed.
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 922582c659d1c76a5b23dba68cb3027a1cb7464c
Author: Eric Paris <eparis at redhat.com>
Date: Tue Jul 19 11:27:23 2011 -0400
policycoreutils: semanage: FIXME: force utf8 encoding
Somehow this is a good idea. I don't know why.
Signed-off-by: Eric Paris <eparis at redhat.com>
commit 6e42c115b37741c4c5739274ecd0df3928dd732f
Author: Eric Paris <eparis at redhat.com>
Date: Tue Jul 19 11:27:22 2011 -0400
policycoreutils: semanage: FIXME set modified correctly
Something is happening here, and I'm sure it's good...
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 7752828f670f092d3e9ff86cf42d106184d120b3
Author: Eric Paris <eparis at redhat.com>
Date: Mon Jul 18 13:19:30 2011 -0400
policycoreutils: semanage: FIXME missing modify=True
Not sure really what it does, but it does it...
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 43ef64c0fd626284c702c116d343e802ddb8a59c
Author: Eric Paris <eparis at redhat.com>
Date: Fri Jul 15 18:43:31 2011 +0200
policycoreutils: semanage: do not print fcontext header if no fcontexts
Don't print a header with no entries.
[todo: everthing else the same way]
Signed-off-by: Eric Paris <eparis at redhat.com>
commit f83a49135b06c3f6973054f22a61970c78d46a05
Author: Eric Paris <eparis at redhat.com>
Date: Fri Jul 15 18:32:28 2011 +0200
policycoreutils: semanage: FIXME make add operations into modify
Scripts which use semanage often don't know if what they intend to do
has already been done. Should they use a -a because it doesn't exist or
should they use -m because it does? This patch just makes -a use -m if
an entry already exists.
I'm not certain this is good practice. Why can't scripts tell the
reason and handle the error themselves rather than not have a choice in
the tools? What if two different rpms wanted to install a new selinux
user and the creator of those rpms didn't know about the other one?
They'd have no way of knowing about the name collision and the fact that
policy was likely not what they intended....
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit a57109fa5ea01a1fb959490f44baf41e677a71ee
Author: Eric Paris <eparis at redhat.com>
Date: Fri Jul 15 18:28:16 2011 +0200
policycoreutils: semanage: FIXME use local store in nodeRecords __modify
Everything else in this function uses the global store so I don't
understand why this patch uses the local store.
Dan says "Neither do I but I am sure there was a reason."
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit d3b26af9d777106462d457d406218c3e94e011d0
Author: Eric Paris <eparis at redhat.com>
Date: Fri Jul 15 15:42:37 2011 +0200
policycoreutils: semanage: something with coolean and localstore FIXME
Again I have no idea.
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 038ef21bf51bcc12e4308f8b85608a0f59475bd8
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Aug 9 09:53:49 2011 -0400
policycoreutils: setfiles: FIXME Fix potential crash using dereferenced ftsent
If fts_read() fails for any reason ftsent will be NULL. Previously we
would have reported the error and then continued processing. Now we
report the error and stop using the NULL pointer.
FIXME: Would this be somehow a normal condition for an empty directory?
Don't know the code well enough to tell.
Signed-off-by: Eric Paris <eparis at redhat.com>
commit 17d40df081f03f00926b0c7a255f768ece1f8600
Author: Eric Paris <eparis at redhat.com>
Date: Sun Jul 10 16:54:25 2011 +0200
policycoreutils: setfiles: FIXME switch from stat to stat64
This looks bad. glibc takes care of this. We should do send this
upstream but I would like to know why you did it in Fedora....
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit cac681eaab63e2b3b99c0d65ee8fd7588d12d141
Author: Eric Paris <eparis at redhat.com>
Date: Sun Jul 10 16:25:18 2011 +0200
policycoreutils: fixfiles: FIXME label /root but not /var/lib/BackupPC
This patch removes /root from the excluded dirs.
This also adds /var/lib/BackupPC to list of directories to ignore
labeling. Mainly because this directory tends to be Huge and causes a
huge spike in the amount of time it takes to relabel. Especially if
there is a relabel caused by a policy update.
I'm not certain if either/both of these changes are appropriate.
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit a09146fb320275351d1a683787df5235446a8b49
Author: Eric Paris <eparis at redhat.com>
Date: Wed Jun 29 02:42:08 2011 -0400
policycoreutils: audit2allow: specify alternate policy
Add a --policy option to audit2allow to make it use an alternate use
specified policy instead of the running policy.
Signed-off-by: Eric Paris <eparis at redhat.com>
commit bbd280df897929d35ca2a82170a700322812844f
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 11:11:40 2011 -0400
policycoreutils: audit2allow: sepolgen-ifgen use the attr helper FIXME
This patch adds support to actually use the new sepolgen-ifgen attr
helper. We included the helper which generates attribute information
but this patch makes use of it.
I'm just hoping I didn't miss other necessary changes with this patch.
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit e74341c339e34aa2fe2e86d9bbb0191a4472dff5
Author: Eric Paris <eparis at redhat.com>
Date: Sun Jul 10 11:53:29 2011 +0200
policycoreutils: sepolgen-ifgen: new attr-helper does something - FIXME
Why do we need this? Should it be a library or something rather than a
freestanding helper program? I don't know...
Signed-off-by: Eric Paris <eparis at redhat.com>
commit 165e29a42e30eb90439c89289d3135c2ac512b31
Author: Harry Ciao <qingtao.cao at windriver.com>
Date: Tue Aug 23 18:08:32 2011 +0800
libsepol: FIXME Skip tunable identifier and cond_node_t in expansion.
The effective branch of a tunable has been appended to its home
decl->avrules list during link, in expansion we should just skip
tunable from expanding its rule into te_cond_avtab and adding to
the out->cond_list queue.
Also if tunables are ever combined with booleans in one expression,
they would be "transformed" as booleans and the cond_node_t would still
be regarded as of "boolean" style, so no tunable identifier would ever
be needed again during expansion.
Signed-off-by: Harry Ciao <qingtao.cao at windriver.com>
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 481b52a41c261ec0c071ccbeed53280e65431e42
Author: Harry Ciao <qingtao.cao at windriver.com>
Date: Tue Aug 23 18:08:31 2011 +0800
libsepol: FIXME Copy and check the cond_bool_datum_t.flags during link.
Copy the TUNABLE flag for cond_bool_datum_t during link, and check
if there is a mismatch between boolean/tunable declaration and
usage among modules. In this case an information would be printed.
Signed-off-by: Harry Ciao <qingtao.cao at windriver.com>
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 28b3989d0c070fde3ba9f6493dc633bd2adaf047
Author: Harry Ciao <qingtao.cao at windriver.com>
Date: Tue Aug 23 18:08:30 2011 +0800
libsepol: FIXME Permanently enable the if or else branch of a tunable during link.
For a cond_node_t in one decl->cond_list queue, append its
avtrue_list or avfalse_list to the avrules list of its home decl
depending on its state value, so that these effective rules would
be permanently added to te_avtab.
If tunables and booleans co-exist in one expression, then the tunables
would be "transformed" as boolean.
Signed-off-by: Harry Ciao <qingtao.cao at windriver.com>
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 62772ad4bb08eb44a7af664c29c209a9c69b4172
Author: Harry Ciao <qingtao.cao at windriver.com>
Date: Tue Aug 23 18:08:29 2011 +0800
libsepol: FIXME Write and read TUNABLE flags in related data structures.
All flags in cond_bool_datum_t and cond_node_t structures are
written/read for policy modules which version is no less than
MOD_POLICYDB_VERSION_TUNABLE_SEP.
Signed-off-by: Harry Ciao <qingtao.cao at windriver.com>
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 8649deb75b3085acb918d29f454044624e00f731
Author: Harry Ciao <qingtao.cao at windriver.com>
Date: Tue Aug 23 18:08:28 2011 +0800
checkpolicy: FIXME Separate tunable from boolean during compile.
Both boolean and tunable keywords are processed by define_bool_tunable(),
argument 0 and 1 would be passed for boolean and tunable respectively.
For tunable, a TUNABLE flag would be set in cond_bool_datum_t.flags.
Note, when creating an if-else conditional, we can not know if the
tunable identifier is indeed a tunable(for example, boolean may be
used in tunable_policy(), optionally along with other tunables), thus
we can not know if the current if-else conditional is of tunable at
the compile time(but at link time when all boolean/tunable copied).
Signed-off-by: Harry Ciao <qingtao.cao at windriver.com>
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 2b29596f5ae35683422a2ae1c522ab371c983f10
Author: Harry Ciao <qingtao.cao at windriver.com>
Date: Tue Aug 23 18:08:27 2011 +0800
libsepol: FIXME Indicate when boolean is indeed a tunable.
Add flags to cond_bool_datum_t and cond_node_t structures to indicate
that the boolean and related if-else conditionals are about a tunable.
Signed-off-by: Harry Ciao <qingtao.cao at windriver.com>
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 7df148fd2b29f3609c1833adca0b84d5866235eb
Author: Harry Ciao <qingtao.cao at windriver.com>
Date: Tue Aug 16 16:08:52 2011 +0800
libsepol: FIXME Skip writing role attributes for policy.X and downgraded pp.
Role attributes are redundant for policy.X, their destiny has been
fulfilled in the expand phase when their types.types ebitmap have
been populated to that of their sub regular roles.
When pp is downgraded, role_datum_t's the flavor flag and roles
ebitmap would be discarded, resulting in role attributes useless
at all. So for such case they should also be skipped.
Deduct the number of role attributes from p_roles.table->nel when
they are skipped.
Last, uncount attributes number before converting endianness.
THIS BREAKS THE ABILITY TO BUILD A WORKING POLICY IF IT IS DOWNGRADED.
APPARENTLY WE SHOULDN'T BE STRIPPING THIS EARLY AND SHOULD ONLY DO IT AT
THE VERY END.
Signed-off-by: Harry Ciao <qingtao.cao at windriver.com>
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 2fdaf4d24bdf0fceb0f631f1814056a3f11a0aab
Author: Eric Paris <eparis at redhat.com>
Date: Wed Jun 29 01:49:20 2011 -0400
libsemanage: don't mess with /root in genhomedircon
Fedora treats /root different then all other HOME Directories. We label
it admin_home_t, refpolicy labels it the same as /home/dwalsh. I feel
this is wrong since so many root processes deal with /root differently
then /home/dwalsh.
The code in genhomedircon that deals with /root is to setup labeling of
/root the same as /home/dwalsh
Signed-off-by: Eric Paris <eparis at redhat.com>
commit 9a5fb08360cacd89d0e388e1e45d3ff14a57a563
Author: Eric Paris <eparis at redhat.com>
Date: Wed Jun 29 01:38:51 2011 -0400
libsemanage: change module disabled from rename to symlink
Change the way libsemanage handles disabled modules. In the current
method libsemanage renames the FOO.pp file to FOO.pp.disabled and then
the rebuild process ignores *.disabled modules.
Since we want to start shipping
/etc/selinux/targeted/modules/active/modules/*.pp within the payload of
the rpm. If we continued this method, a policy update would re-enable a
module.
The new mechanism will just create a symbolic link between FOO.pp and
FOO.pp.disabled. Then the library will check all modules, and if a
module has a link, it will not be compiled into the policy. This solves
the rpm update problem. and actually gives us an easier update
capability since if FOO.pp.disabled already exists using the old method,
it will continue to work with the new method.
Signed-off-by: Eric Paris <eparis at redhat.com>
commit c39dbd52815f8c4616abff83af34df5bf58e75cf
Author: Eric Paris <eparis at redhat.com>
Date: Wed Aug 3 14:00:48 2011 -0400
libselinux: matchpathcon: use vsyslog instead of stderr FIXME
Convert matchpathcon to use vsyslog for errors instead of stderr.
This isn't a library, why shouldn't we use stderr?
NOT-Signed-off-by: Eric Paris <eparis at redhat.com>
commit 4bf3322f2367c0a403dd9879fefa86ac10cc1dc9
Author: Eric Paris <eparis at redhat.com>
Date: Tue Jul 5 00:28:42 2011 -0400
libselinux: do not use stderr/out if selinux is disabled
Kerberos libraries do not expect libraries many levels lower to spew
messages to STDERR or STDOUT, and this causes kerberos to potentially do
whacky things like deny access, because the user has a screwed up file
context file.
Signed-off-by: Eric Paris <eparis at redhat.com>
-----------------------------------------------------------------------
Summary of changes:
checkpolicy/ChangeLog | 3 +++
checkpolicy/VERSION | 2 +-
libselinux/ChangeLog | 5 +++++
libselinux/VERSION | 2 +-
libsemanage/ChangeLog | 3 +++
libsemanage/VERSION | 2 +-
policycoreutils/ChangeLog | 23 +++++++++++++++++++++++
policycoreutils/VERSION | 2 +-
policycoreutils/sandbox/sandbox | 1 -
policycoreutils/sandbox/seunshare.c | 2 +-
sepolgen/ChangeLog | 4 ++++
sepolgen/VERSION | 2 +-
12 files changed, 44 insertions(+), 7 deletions(-)
hooks/post-receive
--
SELinux userland upstream repository
More information about the selinux-commits
mailing list