| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: checkpolicy | Distribution: SUSE Linux Framework One |
| Version: 3.5 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: slfo.1.1.7 | Build date: Mon Aug 26 10:52:45 2024 |
| Group: Productivity/Security | Build host: s390zl39 |
| Size: 1526633 | Source RPM: checkpolicy-3.5-slfo.1.1.7.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://github.com/SELinuxProject/selinux | |
| Summary: SELinux policy compiler | |
checkpolicy is the SELinux policy compiler. It uses libsepol to generate the binary policy. (Security-enhanced Linux is a feature of the kernel and some utilities that implement mandatory access control policies, such as Type Enforcement, Role-based Access Control and Multi-Level Security.)
GPL-2.0-or-later
* Fri Feb 24 2023 jsegitz@suse.com
- Update to version 3.5
* error out if required permission would exceed limit
* Improve error message for type bounds
- Added additional developer key (Jason Zaman)
* Mon May 09 2022 jsegitz@suse.com
- Update to version 3.4
* warn on bogus IP address or netmask in nodecon statement
* allow wildcard permissions in constraints
* mention class name on invalid permission
* Thu Nov 11 2021 jsegitz@suse.com
- Update to version 3.3
* When reading a binary policy by checkpolicy, do not automatically change the version
to the max policy version supported by libsepol or, if specified, the value given
using the "-c" flag.
* Updated documentation
* Prints the reason why opening a source policy file failed
* Tue Mar 09 2021 jsegitz@suse.com
- Update to version 3.2
* Fix a memleak and an integer overflow
* Tue Jul 14 2020 jsegitz@suse.com
- Update to version 3.1
* checkpolicy treats invalid characters as an error - might break rare use
cases (intentionally)
* Drop extern_te_assert_t.patch, is upstream
* Tue Mar 03 2020 jsegitz@suse.de
- Update to version 3.0
* add flag to enable policy optimization
* allow to write policy to stdout
* remove a redundant if-condition
* Wed Jan 15 2020 jsegitz@suse.de
- Add extern_te_assert_t.patch to mark te_assert_t as extern.
Prevents build failures on gcc10 (bsc#1160259)
* Wed Mar 20 2019 jsegitz@suse.com
- Update to version 2.9
* Add option to sort contexts when creating a binary policy
* Update manpage
* check the result value of hashtable_search
* destroy the class datum if it fails to initialize
* remove extraneous policy build noise
* Sun Nov 11 2018 jengelh@inai.de
- Enable parallel build. Remove ineffective LDFLAGS="$RPM_LD_FLAGS"
(RPM_LD_FLAGS is always empty).
* Wed Nov 07 2018 jsegitz@suse.com
- Source URL was invalid (bsc#1115052)
* Wed Oct 17 2018 jsegitz@suse.com
- Update to version 2.8 (bsc#1111732).
For changes please see
https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt
- Dropped checkpolicy-build.patch, not necessary anymore
- Removed BuildRequires for byacc. It builds without and this blocks
building on SLE 15
* Mon Jun 11 2018 jsegitz@suse.com
- checkpolicy-build.patch was added in the former change to fix build
failures
* Wed May 16 2018 mcepl@suse.com
- Rebase to 2.7.
For changes please see
https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt
* Fri Nov 24 2017 jsegitz@suse.com
- Update to version 2.6. Notable changes:
* Add types associated to a role in the current scope when parsing
* Extend checkpolicy pathname matching
* Set flex as default lexer
* Fix checkmodule output message
* Fail if module name different than output base filename
* Add support for portcon dccp protocol
* Thu Jun 29 2017 mpluskal@suse.com
- Use plain flex
* Thu Jul 21 2016 jengelh@inai.de
- Trim/update description
* Thu Jul 14 2016 jsegitz@novell.com
- Without bug number no submit to SLE 12 SP2 is possible, so to make
sle-changelog-checker happy: bsc#988977
* Fri Jul 08 2016 i@marguerite.su
- update version 2.5
* Add neverallow support for ioctl extended permissions
* fix double free on name-based type transitions
* switch operations to extended perms
* policy_define.c: fix compiler warnings
* Remove uses of -Wno-return-type
* Fix -Wreturn-type issues
* dispol: display operations as ranges
* dispol: Extend to display operations
* Add support for ioctl command whitelisting
* Add option to write CIL policy
* Add device tree ocontext nodes to Xen policy
* Widen Xen IOMEM context entries
* Expand allowed character set in paths
* Fix precedence between number and filesystem tokens
* dispol/dismod fgets function warnings fix
- changes in 2.4
* Fix bugs found by hardened gcc flags
* Add missing semicolon in cond_else parser rule
* Clear errno before call to strtol(3)
* Global C++11 compatibility
* Allow libsepol C++ static library on device
* Sun May 18 2014 crrodriguez@opensuse.org
- version 2.3
* Report source file and line information for neverallow failures.
* Prevent incompatible option combinations for checkmodule.
* Drop -lselinux from LDLIBS for test programs; not used.
* Add debug feature to display constraints/validatetrans from Richard Haines.
* Thu Oct 31 2013 p.drouand@gmail.com
- Update to version 2.2
* Fix hyphen usage in man pages
* handle-unknown / -U required argument fix
* Support overriding Makefile PATH and LIBDIR
* Support space and : in filenames
- Remove checkpolicy-rhat.patch; fixed on upstream
* Thu Jun 27 2013 vcizek@suse.com
- change the source url to the official 2.1.12 release tarball
* Fri Mar 29 2013 vcizek@suse.com
- update to 2.1.12
* Fix errors found by coverity
* implement default type policy syntax
* Free allocated memory when clean up / exit.
- changes in checkpolicy-rhat.patch:
* original hunk was merged upstream
* space should be allowed for file trans names
* Wed Jan 30 2013 vcizek@suse.com
- update to 2.1.11
* fd leak reading policy
* check return code on ebitmap_set_bit
* sepolgen: We need to support files that have a + in them
* implement new default labeling behaviors for usr, role, range
* Wed Jul 25 2012 meissner@suse.com
- updated to 2.1.8
- various fixes
* Sat Sep 17 2011 jengelh@medozas.de
- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build
* Thu Feb 25 2010 prusnak@suse.cz
- updated to 2.0.21
* Add support for building Xen policies from Paul Nuzzi.
* Add long options to checkpolicy and checkmodule by Guido
Trentalancia <guido@trentalancia.com>
* Tue Jun 23 2009 prusnak@suse.cz
- require libsepol-devel-static
* Wed May 27 2009 prusnak@suse.cz
- updated to 2.0.19
* fix alias field in module format, caused by boundary format change
from Caleb Case
* properly escape regex symbols in the lexer from Stephen Smalley
* add bounds support from KaiGai Kohei
* Mon Oct 20 2008 prusnak@suse.cz
- use flex-old for building (using flex does not build refpolicy)
* Tue Jul 15 2008 prusnak@suse.cz
- initial version 2.0.16
* based on Fedora package by Dan Walsh <dwalsh@redhat.com>
/usr/bin/checkmodule /usr/bin/checkpolicy /usr/bin/sedismod /usr/bin/sedispol /usr/share/man/man8/checkmodule.8.gz /usr/share/man/man8/checkpolicy.8.gz /usr/share/man/ru/man8/checkmodule.8.gz /usr/share/man/ru/man8/checkpolicy.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Nov 9 00:36:49 2024