lp:debian/squeeze/sepolgen
- Get this branch:
- bzr branch lp:debian/squeeze/sepolgen
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 8. By Manoj
-
* New upstream release
+ Fix unit tests from Dan Walsh.
+ improve parser error recovery from Karl MacMillan.
+ Add since-last-boot option to audit2allow from Dan Walsh.
+ Fix sepolgen output to match what Chris expects for upstream
refpolicy from Dan Walsh.
+ Add dontaudit flag to audit2allow from Dan Walsh.
+ fix sepolgen to read a "type 1403" msg as a policy load by Stephen
Smalley <email address hidden> - 6. By Manoj
-
[8ed32c1]
:policycoreutil s, sepolgen (sepolgen-ifgen) issues
I am running into an issue with sepolgen. Debian ships more
than one version of the refpolicy, a default one, and a MLS enabled
one. So, the include files live in either
/usr/share/selinux/ {default, mls}/include sepolgen (in
src/sepolgen/defaults. py) sets refpolicy_devel() to a single
location -and thus, only one version of the security policy may be
supported. So, sepolgen-ifgen from policycoreutils can only work
with one policy, which may not be the one installed on the target
machine. Could this be made configurable, somehow? As far as I can
see, sepolgen's python library does not offer any way to set the
value. This change fixes that. Now you may set the path to look for
development headers in /etc/selinux/sepolgen. conf, in the variable
SELINUX_DEVEL_PATH. The builtin default will have it work on Debian
and fedora machines out of the box.
Bug fix: "sepolgen-ifgen fails", thanks to Martin Godisch
(Closes: #534305). - 4. By Manoj
-
* New upstream release
+ Only append s0 suffix if MLS is enabled from Karl MacMillan.
+ Fix generation of role-type and role allow rules from Karl
MacMillan. - 3. By Manoj
-
* Bug fix: "Python errors during upgrade", thanks to Frans Pop
This is a serious bug. (Closes: #499087).
* Bug fix: "typo in package description", thanks to Andreas Juch
This is a documentation bug with a one character fix.
(Closes: #495595). - 2. By Manoj
-
* New upstream SVN HEAD.
+ Merged patch to discard self from types when generating requires
from Karl MacMillan.
+ Merged updates to sepolgen parser and tools from Karl
MacMillan. This includes improved debugging support, handling of
interface calls with list parameters, support for role transition
rules, updated range transition rule support, and looser matching.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)