1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198
|
sepolgen (1.1.5-3) unstable; urgency=low
* Team upload.
* Bump python-setools dependency to >= 3.3.7-2
-- Laurent Bigonville <bigon@debian.org> Tue, 20 Mar 2012 19:39:48 +0100
sepolgen (1.1.5-2) unstable; urgency=low
* Team upload.
* Move to dh sequence and dh_python2
* debian/control:
- Bump Standards-Version to 3.9.3 (no further change)
- Restructure long description and remove leading article of short
description to please lintian
- Drop C/P/R for sepolgen binary package, it's gone for a long time
- Add python-selinux and python-setools as build-dependency
- Add python-selinux and python-setools as dependency (Closes: #662600)
- Update Vcs-* fields
- Put the package under Debian SELinux team maintenance
* Switch to dpkg-source 3.0 (quilt) format
* Add debian/gbp.conf file
-- Laurent Bigonville <bigon@debian.org> Wed, 14 Mar 2012 23:07:45 +0100
sepolgen (1.1.5-1) unstable; urgency=low
* New upstream version, adds support for filename trans and some small
fixes.
-- Russell Coker <russell@coker.com.au> Tue, 28 Feb 2012 16:48:11 +1100
sepolgen (1.1.0-1) unstable; urgency=low
* New upstream release for version bump
-- Russell Coker <russell@coker.com.au> Tue, 30 Aug 2011 15:28:37 +1000
sepolgen (1.0.23-1) unstable; urgency=low
* New upstream release
+ Fix unit tests from Dan Walsh.
+ improve parser error recovery from Karl MacMillan.
+ Add since-last-boot option to audit2allow from Dan Walsh.
+ Fix sepolgen output to match what Chris expects for upstream
refpolicy from Dan Walsh.
+ Add dontaudit flag to audit2allow from Dan Walsh.
+ fix sepolgen to read a "type 1403" msg as a policy load by Stephen
Smalley <sds@tycho.nsa.gov>
-- Manoj Srivastava <srivasta@debian.org> Sun, 28 Mar 2010 10:31:28 -0700
sepolgen (1.0.18-1) unstable; urgency=low
* New upstream point release. Add support for Xen ocontexts from Paul
Nuzzi.
-- Manoj Srivastava <srivasta@debian.org> Thu, 15 Oct 2009 23:28:53 -0500
sepolgen (1.0.17-3) unstable; urgency=low
* [a1816e2]: [topic--audit-msg-fix]: fix detection of policy loads
Originally audit2allow used the avc: allowed message generated by
auditallow statement for load_policy to identify policy reloads.
Later it was switched to use the MAC_POLICY_LOAD events generated by
the audit framework. Those events should still get logged via printk
if auditd is not running, but it appears that the code
(audit_printk_skb) will then log the type= field as an integer
rather than a string, and audit2allow/sepolgen only looks for the
string MAC_POLICY_LOAD. So I suspect that this would be resolved by
modifying sepolgen/audit.py to also match on type=1403 for load
messages.
Bug fix: "audit2allow -l doesn't work", thanks to Russell Coker
(Closes: #503252).
-- Manoj Srivastava <srivasta@debian.org> Wed, 14 Oct 2009 02:42:59 -0500
sepolgen (1.0.17-2) unstable; urgency=low
* [8ed32c1]:policycoreutils, sepolgen (sepolgen-ifgen) issues
I am running into an issue with sepolgen. Debian ships more
than one version of the refpolicy, a default one, and a MLS enabled
one. So, the include files live in either
/usr/share/selinux/{default,mls}/include sepolgen (in
src/sepolgen/defaults.py) sets refpolicy_devel() to a single
location -- and thus, only one version of the security policy may be
supported. So, sepolgen-ifgen from policycoreutils can only work
with one policy, which may not be the one installed on the target
machine. Could this be made configurable, somehow? As far as I can
see, sepolgen's python library does not offer any way to set the
value. This change fixes that. Now you may set the path to look for
development headers in /etc/selinux/sepolgen.conf, in the variable
SELINUX_DEVEL_PATH. The builtin default will have it work on Debian
and fedora machines out of the box.
Bug fix: "sepolgen-ifgen fails", thanks to Martin Godisch
(Closes: #534305).
-- Manoj Srivastava <srivasta@debian.org> Sun, 23 Aug 2009 12:57:50 -0500
sepolgen (1.0.17-1) unstable; urgency=low
* New upstream point release
+ Fix typo in RoleTypeSet from Marshall Miller.
-- Manoj Srivastava <srivasta@debian.org> Sat, 20 Jun 2009 18:04:02 -0500
sepolgen (1.0.16-1) unstable; urgency=low
* New upstream release
+ Convert sepolgen to using hashlib instead of the deprecated md5
module from Dan Walsh.
+ fix to return length of role dict for len(roles) from Dan Walsh.
Bug fix: "python2.6 and python-sepolgen", thanks to Kees Cook
Patch incorporated upstream. (Closes: #525197).
+ fix multiple gen_requires block generation from Dan Walsh.
* [e171cfe]: Updated standards version. no changes.
-- Manoj Srivastava <srivasta@debian.org> Mon, 15 Jun 2009 14:30:39 -0500
sepolgen (1.0.13-1) unstable; urgency=low
* New upstream release
+ Only append s0 suffix if MLS is enabled from Karl MacMillan.
+ Fix generation of role-type and role allow rules from Karl
MacMillan.
-- Manoj Srivastava <srivasta@debian.org> Mon, 09 Feb 2009 23:31:58 -0600
sepolgen (1.0.11-5) unstable; urgency=low
* Bug fix: "Python errors during upgrade", thanks to Frans Pop
This is a serious bug. (Closes: #499087).
* Bug fix: "typo in package description", thanks to Andreas Juch
This is a documentation bug with a one character fix.
(Closes: #495595).
-- Manoj Srivastava <srivasta@debian.org> Tue, 16 Sep 2008 01:53:54 -0500
sepolgen (1.0.11-4) unstable; urgency=high
* Include patch from Jan Hülsbergen to fix module naming.
Closes: #487212
* This patch is necessary for full SE Linux functionality in Lenny.
-- Russell Coker <russell@coker.com.au> Wed, 30 Jul 2008 08:03:00 +1000
sepolgen (1.0.11-3) unstable; urgency=low
* Record the fact that this package has moved to a new git repository.
* Move to the new, make -j friendly targets in debian/rules.
-- Manoj Srivastava <srivasta@debian.org> Mon, 02 Jun 2008 09:53:56 -0500
sepolgen (1.0.11-2) unstable; urgency=low
* Change the name of the binary package, since this is a pure python
library package, and that is the nascent python convention. Also,
Ubuntu has named it python-sepolgen, so here goes for cross
distribution cooperation.
-- Manoj Srivastava <srivasta@debian.org> Thu, 03 Apr 2008 01:25:45 -0500
sepolgen (1.0.11-1) unstable; urgency=low
* New upstream release
* Merged sepolgen fixes from Dan Walsh.
-- Manoj Srivastava <srivasta@debian.org> Tue, 18 Mar 2008 02:01:32 -0500
sepolgen (1.0.10-1) unstable; urgency=low
* New upstream release
* Expand the sepolgen parser to parse all current refpolicy modules
from Karl MacMillan.
* Suppress generation of rules for non-denials from Karl MacMillan
(take 3).
-- Manoj Srivastava <srivasta@debian.org> Wed, 06 Feb 2008 14:11:08 -0600
sepolgen (1.0.8-1) unstable; urgency=low
* New upstream SVN HEAD.
+ Merged patch to discard self from types when generating requires
from Karl MacMillan.
+ Merged updates to sepolgen parser and tools from Karl
MacMillan. This includes improved debugging support, handling of
interface calls with list parameters, support for role transition
rules, updated range transition rule support, and looser matching.
-- Manoj Srivastava <srivasta@debian.org> Sun, 6 May 2007 17:49:44 -0500
sepolgen (1.0.6-1) unstable; urgency=low
* Initial upload of python libraries for SELinux policy parsing and
generation.
-- Manoj Srivastava <srivasta@debian.org> Fri, 20 Apr 2007 08:44:22 -0500
|