2010
setools (3.3.6.ds-7.2) unstable; urgency=low
* Non-maintainer upload. * Run the configure script with bash (Closes: #581884).
-- Jakub Wilk <jwilk@debian.org> Tue, 18 May 2010 18:47:37 +0200
setools (3.3.6.ds-7.1) unstable; urgency=low
* Non-maintainer upload.
* libsefs built with GCC 4.3 is not binary-compatible with itself built with
GCC 4.4. That's because mangling of va_list has changed in GCC 4.4. To
cope with this situation, provide compatibility aliases for the affected
symbols and update symbol files accordingly. (Closes: #577061).
-- Jakub Wilk <jwilk@debian.org> Thu, 13 May 2010 17:40:33 +0200
setools (3.3.6.ds-7) unstable; urgency=low
* Bug fix: "FTBFS with Python 2.6 as default", thanks to Jakub Wilk
(Closes: #571554).
* Also remove .pyc and .pyo files from the binary package.
* Bug fix: "Please support Renesas SH(sh4)", thanks to Nobuhiro Iwamatsu
(Closes: #565372).
-- Manoj Srivastava <srivasta@debian.org> Sun, 04 Apr 2010 00:41:26 -0700
2009
setools (3.3.6.ds-6) unstable; urgency=medium
* [9025371]: topic--qpol-include-list-fix: Added missing \ in Makefile
The missing \ truncated the list of files to be installed in
/usr/include/qpol
Bug fix: "qpol/policy.h: No such file or directory", thanks to Pierre
Chifflier (Closes: #545964).
-- Manoj Srivastava <srivasta@debian.org> Thu, 10 Sep 2009 10:53:37 -0500
setools (3.3.6.ds-5) unstable; urgency=low
* We really do need distinct symbols files for all the architectures,
thanks to va_list; so, with 13 architectures, and 5 libraries, those
are an added 65 files. However, this should fix the issue that setools
failed to build on every single buildd out there.
-- Manoj Srivastava <srivasta@debian.org> Thu, 03 Sep 2009 15:38:07 -0500
setools (3.3.6.ds-4) unstable; urgency=low
* First cut at providing symbols files.
* Check for extra libraries and shlib version numbers. Unless there is
a nocheck option in the deb build options variable, now we look to see
if there are extra libraries we have linked to.
-- Manoj Srivastava <srivasta@debian.org> Wed, 02 Sep 2009 00:00:40 -0500
setools (3.3.6.ds-3) unstable; urgency=low
* On reflection (and in discussion on IRC), it dawned on me that the
issues in the bug report might be related to the jobserver not being
enabled when building in parallel. This version should be friendlier
to the jobserver.
Bug fix: "FTBFS: dpkg-gencontrol: error: install new files list file:
No such file or directory", thanks to Lucas Nussbaum
(Closes: #543004).
-- Manoj Srivastava <srivasta@debian.org> Sat, 22 Aug 2009 19:12:30 -0500
setools (3.3.6.ds-2) unstable; urgency=low
* [ed1be40]: [topic--pointer-conversion]: Missing function prototypes
Missing function prototypes are likely to cause setools to segfault on
architectures where the size of a pointer is greater than the size
of an integer, such as ia64 and amd64. This patch adds the
prototypes, and the doxygen comments to the header file.
Bug fix: "implicit pointer conversions", thanks to dann frazier
(Closes: #541862).
-- Manoj Srivastava <srivasta@debian.org> Mon, 17 Aug 2009 11:11:16 -0500
setools (3.3.6.ds-1) unstable; urgency=low
* New upstream release
+ Change default log for seaudit to /var/log/audit/audit.log.
+ Change context parsing in libseaudit to use libselinux functions.
+ Add support for display of level and clearance of contexts to seaudit.
+ Add support for filterting by level and clearance to seaudit.
+ Modified seaudit to show the raw audit message when doubleclicking
an entry.
+ Add libqpol and libapol support for policy capabilities and
permissive domains.
+ Add policy capabilities and permissive domains querying to seinfo.
+ Add support for using attribute names available in version 24
binary policies.
+ Fixed error in qpol_policy_rebuild_opt() where a policy's
neverallow rules are expanded when the rebuild option is
QPOL_POLICY_OPTION_NO_RULES.
-- Manoj Srivastava <srivasta@debian.org> Fri, 14 Aug 2009 02:40:19 -0500
setools (3.3.5.ds-6) unstable; urgency=low
* [437e101]: [debiandir] Remove autogenerated files during the clean
process
* [a5fadee]:[autotools-cleanup] Remove aitogenerated files from git
This commit removes files that are generated by autoreconf.
* [140f035]: Updated build dependencies to combat FTBS.
* Bug fix: "FTBFS: policy_define.c:134: undefined reference to
`expand_rule'", thanks to Lucas Nussbaum (Closes: #527730).
-- Manoj Srivastava <srivasta@debian.org> Sat, 20 Jun 2009 18:12:01 -0500
2008
setools (3.3.5.ds-5) unstable; urgency=low
* [a636aeb] Unpack the path object before using in string.
-- Manoj Srivastava <srivasta@debian.org> Wed, 15 Oct 2008 00:56:40 -0500
setools (3.3.5.ds-4) unstable; urgency=low
* [a4eef03] Name the file that fails to load in the "Open Policy" error dialog
Bug fix: "Could not open policy error is not specific", thanks to
Russell Coker. This is a documentation/diagnostic fix, only change
happens in the diagnostic string. (Closes: #499967).
* [debian-dir 9f1e6da] Add an example script to show how to use apol
with modular policy
Bug fix: "needs a script to run apol with the current list of
modules", thanks to Russell Coker. This is an important bugfix.
(Closes: #499968).
-- Manoj Srivastava <srivasta@debian.org> Tue, 14 Oct 2008 18:07:53 -0500
setools (3.3.5.ds-3) unstable; urgency=low
* AArgh. Really fix important bug #498539. While setools did depend on
libsetools-tcl, we did not include the paths in that package for
addition to the load-path. And for some reason, on my test machine,
all the paths are apparently in the load path.
-- Manoj Srivastava <srivasta@debian.org> Tue, 14 Oct 2008 18:05:05 -0500
setools (3.3.5.ds-2) unstable; urgency=medium
* Bug fix: "apol fails and says it can't find the libraries", thanks
to Russell Coker. Change the configure.ac to add
/usr/lib/setools/apol_tcl to the path. This is an important bug;
with a one line fix, and should get into Lenny (Closes: #498539).
-- Manoj Srivastava <srivasta@debian.org> Fri, 12 Sep 2008 10:49:13 -0500
setools (3.3.5.ds-1) unstable; urgency=high
* New upstream release, required for the new SELinux toolchain changes.
Closes serious bug. Closes: #492776, #493830
+ This is the official release of SETools 3.3.5.
+ Fixed errors in libapol's AV and TE rule rendering functions
where errno was not being set properly.
+ Fixed error in apol_syn_avrule_render() where braces were not
being added around the target set when there is exactly one target
type and the keyword 'self'. Thanks to Ryan Kagin for reporting
this error.
+ Synched libqpol to libsepol version 2.0.32, policy parser to
2.0.16.
+ Synched libqpol to libsepol version 2.0.26, policy parser to
2.0.14.
+ Added qpol_type_get_ispermissive(). SETools can now handle
version 23 policy; bumped libqpol to version 1.4.
* Fix build system. Closes: #490329
-- Manoj Srivastava <srivasta@debian.org> Sat, 30 Aug 2008 01:02:34 -0500
setools (3.3.4.ds-4) unstable; urgency=low
* Update to the new policy version (mostly changes for
DEB_BUILD_OPTIONS change in policy)
* Bug fix: "setools: adjust build-dependency (gcj not built on alpha,
arm, hppa and hurd-i386)", thanks to Matthias Klose. Also adjust the
build process to try and not use javac when it is not available.
(Closes: #477904).
* Bug fix: "setools: runs configure multiple times", thanks to Bernhard
R. Link. Move to the new make -j friendly targets in ./debian/rules.
(Closes: #477950).
-- Manoj Srivastava <srivasta@debian.org> Thu, 05 Jun 2008 15:16:25 -0500
setools (3.3.4.ds-3) unstable; urgency=low
* Add automake as a build dependency. We need to add automake as a
buuild dependency, since we use autoreconf, which tries to run aclocal
and automake. We used to just depend on autoconf, which just
recommends automake -- which was therefore never pulled in on the
build daemons. This is a gotcha unless your build environment does not
install recommends by default.
* Bug fix: "setools: missing command name in
/etc/logwatch/scripts/services/seaudit-report-service", thanks to
Patrice DUROUX. (Closes: Bug#475968)
-- Manoj Srivastava <srivasta@debian.org> Wed, 16 Apr 2008 22:54:13 -0500
setools (3.3.4.ds-2) unstable; urgency=medium
* Bug fix: "setools - FTBFS: Error: symbol `fstatat64' is already
defined", thanks to Bastian Blank and Lucas Nussbaum. The culprit was
a -D__attreibute(x)='' setting in libseaudit/swig/python/Makefile.am.
There is nothing in the commit logs to indicate that his is a
requirement, and things seem to compile fine and initial testing shows
no regressions. (Closes: #474428, #474904).
* Since we change configure.ac, and things in Makefile.am, run
autoreconf -f to ensure that everything gets rebuilt.
* Delete generated .xcf files, to prevent a FTBS when building twice
from source.
-- Manoj Srivastava <srivasta@debian.org> Thu, 10 Apr 2008 03:24:24 -0500
setools (3.3.4.ds-1) unstable; urgency=low
* Change build dependencies to use python-all-dev, and compile for the
default version, rather than hard coding version 2.4. This also paves
the way for trying to compile support for more than one version of
Python.
* Simplify the long descriptions; users do not generally care for names
of included binaries when selecting packages (and thus mitigate the
possibility future package development would make the long description
incorrect.
* Add correct dependencies for setools; it depends on bwidget (>= 1.8)
and tk.
* Moved libraries needed by apol back into setools from
libsetools-tcl. Thanks to Jason Trang for pointing out the above
problems and providing fixes.
-- Manoj Srivastava <srivasta@debian.org> Mon, 31 Mar 2008 18:20:08 -0500
setools (3.3.4-1) unstable; urgency=low
* New upstream release, with new apol. Closes: Bug#438872 * Fixed the FTBS-twice errors. Closes: Bug#424259 * The current debian/watch works (was used to download this version) Closes: Bug#449853
-- Manoj Srivastava <srivasta@debian.org> Sun, 30 Mar 2008 14:29:22 -0500
2007
setools (3.1-2) unstable; urgency=low
* Bug fix: "setools: FTBFS if built twice in a row", thanks to Martin
Zobel-Helas. The target is CLEAN/libsefs-dev, not CLEAN/libsef-dev.
(Closes: #424259).
-- Manoj Srivastava <srivasta@debian.org> Sat, 07 Jul 2007 12:51:55 -0500
setools (3.1-1) unstable; urgency=low
* New upstream release. The tools have been updated to work with modular
policy. There has been a shlibs bump for all the shared libraries
packaged.
* Added XS-VCS-Arch and XS-VCS-Browse to debian/control.
-- Manoj Srivastava <srivasta@debian.org> Thu, 19 Apr 2007 13:13:36 -0500
2006
setools (2.4-3) unstable; urgency=low
* Bug fix: "symlink error on /usr/share/setools/seaudit-report.conf",
thanks to Kevin Mark (Closes: #396495).
-- Manoj Srivastava <srivasta@debian.org> Mon, 6 Nov 2006 10:12:40 -0600
setools (2.4-2) unstable; urgency=low
* Since we have flex scanners built into our libapol shared libraries,
and that needs to link with the flex library, which is static;
therefore we need to explicitly link with libfl_pic, which has the
position independent code required for all components of a shared
library.
* Split up setools into multiple packages, so that the shared libraries
and devel tools can be provided separately. Split up the single
package setools into several library packages, since it was pointed
out to me that the package was in violation of ยง8.2 of the Debian
policy. Now each library has a runtime and a dev package, so each
library can develop at its own pace.
* Bug fix: "setools: FTBFS (amd64): libfl.a(libyywrap.o): relocation
R_X86_64_32 against `a local symbol' can not be used when making a
shared object; recompile with -fPIC", thanks to Andreas Jochens
(Closes: #373170).
* Bug fix: "setools: Please adjust SELinux spelling to that of other
SELinux-related packages", thanks to Sven Mueller (Closes: #376613).
* Provide md5sums
* Also, tweak some file paths to better reflect a default Debian
installation.
-- Manoj Srivastava <srivasta@debian.org> Thu, 7 Sep 2006 19:54:50 -0500
setools (2.4-1) unstable; urgency=low
* New upstream release
apol:
File contexts tab now allows for MLS range searching if
the loaded database is from a MLS filesystem.
Policy statistics dialog now shows MLS and ocontexts
summaries.
libapol:
Added support for loading base policies containing optionals.
Added support for searching range transitions containing
attributes.
libseaudit:
Bugfix to support parsing FC5-style audit logs.
seaudit:
Added date filters.
secmds:
Added support to indexcon and searchcon for MLS filesytems.
Added support to findcon and replcon for MLS filesystems.
sechecker:
Added incomplete network access (inc_net_access) module.
Added unreachable domains (unreachable_doms) module.
Added impossible range transitions (imp_range_trans) module.
sesearch:
Allow user to search range transitions by attributes and
indirect matching.
Added RBAC searching.
-- Manoj Srivastava <srivasta@debian.org> Sun, 7 May 2006 00:16:22 -0500
setools (2.3-1) unstable; urgency=low
* New upstream release
apol:
- added new MLS components tab for sensitivities, levels, and
categories.
- changed users tab to support ranges and default levels.
- added range transition tab for searching range transition rules.
- added new tab for network context components.
- added new tab for file system context components.
libapol:
- added binpol support for MLS, network contexts, and file system
contexts.
seinfo:
- added command line options for MLS components.
- added command line options for network contexts and file system contexts.
sesearch:
- added command line option for searching for rules by conditional boolean name.
seaudit:
- added new column in the log view for the 'comm'
- field found in auditd log files.
- added filters for the 'comm' field and 'message' field.
manpages:
-added manpages for all tools.
-- Manoj Srivastava <srivasta@debian.org> Tue, 7 Feb 2006 11:54:03 -0600
2005
setools (2.2-2) unstable; urgency=low
* Added a preinst check to see if we should remove the obsolete conffile
/etc/setools/seuser.conf
-- Manoj Srivastava <srivasta@debian.org> Sat, 31 Dec 2005 14:51:20 -0600
setools (2.2-1) unstable; urgency=low
* New upstream release
libapol:
replaced the original dta algorithm with a new one to properly
support complements in rules. added new structures to support the
separation of diff elements. added support for parsing additional
policy components in source policies.
sediff:
enhanced the GUI for display and separation of diff elements. added
the ability to rename types.
sechecker:
added a new tool - a commandline modular and extensible policy
checker program
seuser: removed - deprecated
sepcut: removed - deprecated
-- Manoj Srivastava <srivasta@debian.org> Fri, 30 Dec 2005 01:32:46 -0600
setools (2.1.3-1) unstable; urgency=low
* New upstream release, fixed a mls bug in the source parser.
-- Manoj Srivastava <srivasta@debian.org> Sun, 16 Oct 2005 23:58:07 -0500
setools (2.1.2-1) unstable; urgency=low
* New upstream release
-- Manoj Srivastava <srivasta@debian.org> Thu, 15 Sep 2005 02:00:01 -0500
setools (2.1.1-1) unstable; urgency=low
* New upstream release. Excerpted changes:
* Version 2.1.1
libseaudit: updated code to compile with gcc-4.0.0
minor bug fixes
sediff: updated code to compile with gcc-4.0.0
seaudit: updated code to compile with gcc-4.0.0
libsefs: updated code to compile with gcc-4.0.0
libapol: updated code to compile with gcc-4.0.0
minor bug fixes
seuser: updated code to compile with gcc-4.0.0
* Version 2.1.0
apol: improved direct relabel analysis algorithm
libapol: added policy version 19 support
sediff: added role transitions, improved role allow
added conditional expression differences
-- Manoj Srivastava <srivasta@debian.org> Wed, 1 Jun 2005 23:51:27 -0500
setools (2.0-1) unstable; urgency=low
* New upstream release
* libsefs:
Converted to use an on-disk SQLite database backend and
re-designed API to provide the functionality to other
applications, such as apol.
* libapol:
Added support for analyzing direct file relabels.
Added support for analyzing relationship between two types.
Integrated use of hashtable structures for easily analyzing
differences between policies.
Minor bug fixes.
* libseuser:
Minor bug fixes.
* apol:
New analysis module for performing direct file relabel
analysis.
New analysis module for analyzing the relationship be-
tween two types.
New interface added for viewing file contexts from an
SELinux filesystem.
Improvements to domain transition analysis interface.
Minor bug fixes and GUI tweaks.
* secmds:
Updated indexcon/searchcon to use an on-disk SQLite database
in order to decrease memory use. These changes are not
backwards-compatible.
* seaudit:
Integrated reporting functionality into GUI.
Minor GUI tweaks.
* sediff:
New gtk GUI and command-line tools for analyzing the semantic
differences between two policies. The semantic difference
of a policy is different from the syntactic difference in
that it shows the cumulative effect of rules rather than
doing a line-by-line comparison.
-- Manoj Srivastava <srivasta@debian.org> Sun, 13 Mar 2005 00:40:06 -0600
setools (1.5.1-1) unstable; urgency=low
* New upstream release.
*apol: Fixed compatibility with tcl 8.3.
*libsefs: Fixed compile problem on PPC.
*secmds: Fixed fatal error in replcon.
*setools: Reverted to static linking and fixed various small bugs.
* apol:
Advanced options added to forward domain
transition analysis module for performing
more granular searching of transitions to
domains using specified classes, permissions
and target types.
Minor bug fixes and improvements.
* libapol:
Fixed to handle new libapol user structs.
Enhanced forward domain transition analysis to
perform more granular searching using specified
classes, permissions and target types.
Minor bug fixes.
* libseuser:
General clean up of the policy components.
Fixed handling of users to be consistent with rest.
* seaudit:
New tool (seaudit-report) for generating customized
reports on SE Linux audit messages using saved
seaudit view files. This tool is highly configurable
and can effectively integrate with the LogWatch
application for automating SE Linux audit log reporting.
Added feature for exporting audit messages to a
file, as well as viewing all components of an audit
message within a text view.
* libseaudit:
Updated library to store audit header information, such as
the system call timestamp and serial number.
Fixed parse errors for new logs.
* New tool (indexcon) for creating a snapshot of security
contexts for SE Linux filesystem entities.
* New tool (searchcon) for searching the SE Linux filesystem
database that was created using indexcon.
-- Manoj Srivastava <srivasta@debian.org> Thu, 13 Jan 2005 01:25:23 -0600
2004
setools (1.4.1-2) unstable; urgency=low
* Added build-depends libselinux1-dev, thanks for the NMU LaMont.
-- Russell Coker <russell@coker.com.au> Tue, 13 Jul 2004 19:35:00 +1000
setools (1.4.1-1) unstable; urgency=low
* New upstream.
-- Russell Coker <russell@coker.com.au> Thu, 8 Jul 2004 12:54:00 +1000
setools (1.4-1) unstable; urgency=low
* New upstream.
-- Russell Coker <russell@coker.com.au> Thu, 3 Jun 2004 12:49:00 +1000
setools (1.3-1) unstable; urgency=low
* New upstream.
-- Russell Coker <russell@coker.com.au> Fri, 16 Apr 2004 20:16:00 +1000
setools (1.2.1-1) unstable; urgency=low
* New upstream.
* Make it build-depend on tk8.4-dev.
Closes: 231876
-- Russell Coker <russell@coker.com.au> Thu, 26 Feb 2004 22:07:00 +1100
setools (1.2-1) unstable; urgency=low
* New upstream version.
-- Russell Coker <russell@coker.com.au> Fri, 6 Feb 2004 15:16:00 +1100
setools (1.1.1-3) unstable; urgency=low
* Fixed build-depends.
Closes: #230830
-- Russell Coker <russell@coker.com.au> Tue, 3 Feb 2004 10:16:00 +1100
setools (1.1.1-2) unstable; urgency=low
* Fixed build-depends.
Closes: #229170
-- Russell Coker <russell@coker.com.au> Sun, 25 Jan 2004 15:48:00 +1100
setools (1.1.1-1) unstable; urgency=low
* New upstream.
-- Russell Coker <russell@coker.com.au> Tue, 6 Jan 2004 12:50:00 +1100
setools (1.1-3) unstable; urgency=low
* Upload again with orig archive.
-- Russell Coker <russell@coker.com.au> Fri, 2 Jan 2004 21:48:00 +1100
setools (1.1-2) unstable; urgency=low
* Added copyright file.
-- Russell Coker <russell@coker.com.au> Fri, 2 Jan 2004 18:24:00 +1100
2003
setools (1.1-1) unstable; urgency=low
* New upstream.
-- Russell Coker <russell@coker.com.au> Tue, 23 Dec 2003 16:35:00 +1100
setools (1.0.1-1) unstable; urgency=low
* Initial Release.
-- Russell Coker <russell@coker.com.au> Wed, 19 Nov 2003 21:45:00 +1100