policycoreutils-devel-2.8-lp151.3.1 >  A \i/=„=[f?,<|#=nb૒l=5Γhu;e#f"+EzD{} ojۭMf0W/!Ҟ#,~\\UԗAua_ xAAl#EE|e'>QPeA8Ҕם(eCd&A3bT(߄-s; P_>iO&ck+a!kD]IBulWps)m yW#2d368d4a94c15ca113867cce25d2ea75c84e2d4e5385bd43308765e123d53c1d6fa86d0bde572186d440d706f16f9584f314c72dTЉ\i/=„c iXtQ\ĞB"'3G@[X@{N|,/>--p](fN7 W[ d]Q ~ZOݗfj b.-/VnWyBxURq(_/jn |ego1K\Q~.: jX%TH4\cÇEcl#i[۲ZWdkN/+ ";˨&nlTDYkc,->p>E?Ed & Q 1[ahp t x   D\+(/88/9/:2/FCGCHCICXCYC\C]C^CbDcDdEeEfElEuE0vE8zEME`EdEjECpolicycoreutils-devel2.8lp151.3.1SELinux policy core policy devel utilitiesThe policycoreutils-devel package contains the management tools use to develop policy in an SELinux environment.\ibuild84 openSUSE Leap 15.1openSUSEGPL-2.0-or-laterhttps://bugs.opensuse.orgProductivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxx86_64 A큤\i\i960388d9b25353c228706cc424c254de3e03e01d5510165a1896c30f963fa1e6rootrootrootrootpolicycoreutils-2.8-lp151.3.1.src.rpmpolicycoreutils-develpolicycoreutils-devel(x86-64)    /usr/bin/makepython3-policycoreutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.8-lp151.3.13.0.4-14.6.0-14.0-15.2-1 policycoreutils-python2.64.14.1\d\X)@\8@\3?@\ `\ `[H[%@[$@Z@Z@Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@T @SxRRRrF@Q)@Q\QU@Q @P @P7@P|@P!@O:LO8@M~@MK@LKK[Kf@J]J;}J+@jsegitz@suse.comjsegitz@suse.comjsegitz@suse.comMarcus Rueckert jsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.commcepl@suse.comdimstar@opensuse.orgjsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.comjsegitz@suse.comcrrodriguez@opensuse.orgvcizek@suse.comvcizek@suse.comp.drouand@gmail.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comaj@suse.demeissner@suse.commvyskocil@suse.czcoolo@suse.comprusnak@opensuse.orgtoddrme2178@gmail.comprusnak@opensuse.orgmeissner@suse.deprusnak@suse.czprusnak@suse.czprusnak@suse.czprusnak@suse.czprusnak@suse.cz- Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437)- Removed hardcoded python 3.6 path from spec file- Required python3-policycoreutils instead of just recommending it for policycoreutils (bsc#1121455) - Added requires for python3-setuptools to python3-policycoreutils (bsc#1121455) - Removed requires for audit-libs-python from policycoreutils (bsc#1121455)- properly obsolete/provides for policycoreutils-python - remove unneeded obsolete from the devel package- Don't require selinux-policy-devel for the devel package- Obsolete policycoreutils-python in policycoreutils and policycoreutils-devel to prevent file conflicts- Included content of selinux-python-2.8 and semodule-utils-2.8. I think it's easier to have all the relevant binaries in the policycoreutils package (bsc#1116596). Added make_targets.patch for this - Removed restorecond, is now a separate package - Added python3.patch to use python3 interpreter - New runtime requires: * libsepol1 * python3-ipy * python3-networkx * python3-semanage - Provides and obsolete policycoreutils-python- Adjusted source urls (bsc#1115052)- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt- Rebase to 2.7 * Rather large rewrite of the SPEC file * Significantly, support for python2 removed For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt - Dropped patches: * policycoreutils-initscript.patch * policycoreutils-pam-common.patch * loadpolicy_path.patch * CVE-2018-1063.patch- Don't build policycoreutils-gui for anything suse_version >= 1500: there is no reason te believe that SLE16 will have those old, depreacted dependencies back. Fixes also the issues for Tumbleweed, where -gui was not installable.- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)- removed execute permission from systemd unit file- Version 2.3 sepolgen: Add back attributes flag to fix exception crash from Dan Walsh. (drop policycoreutils-sepolgen_missing_attributes.patch) * Add -P semodule option to man page from Dan Walsh. * selinux_current_policy_path will return none on a disabled SELinux system * Add new icons for sepolicy gui from Dan Walsh. * Only return writeable files that are enabled from Dan Walsh. * Add domain to short list of domains, when -t and -d from Dan Walsh. * Fix up desktop files to match current standards from Dan Walsh. * Add support to return sensitivities and categories for python from Dan Walsh. * Cleanup whitespace from Dan Walsh. * Add message to tell user to install sandbox policy from Dan Walsh. * Add systemd unit file for mcstrans from Laurent Bigonville. * Improve restorecond systemd unit file from Laurent Bigonville. * Minor man pages improvements from Laurent Bigonville. * Ignore selevel/serange if MLS is disabled from Sven Vermeulen. * Revert automatic setting of serange and seuser in seobject; was breaking non-MLS systems. * Apply polkit check on all dbus interfaces and restrict to active user from Dan Walsh. * Fix typo in sepolicy gui dbus.relabel_on_boot call from Dan Walsh. * Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh. * Make yum/extract_rpms optional for sepolicy generate from Dan Walsh. * Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.- sepolgen: add back attributes * fixes build of selinux-policy * policycoreutils-sepolgen_missing_attributes.patch- fix issues which prevented accepting to Factory * mention the dropped patches (merged upstream): - policycoreutils-rhat.patch - policycoreutils-sepolgen.patch- update to version 2.2 * Properly build the swig exception file * Fix man pages * Support overriding PATH and INITDIR in Makefile * Fix LDFLAGS usage * Fix init_policy warning * Fix semanage logging * Open newrole stdin as read/write * Fix sepolicy transition * Support overriding CFLAGS * Create correct man directory for run_init * restorecon GLOB_BRACE change * Extend audit2why to report additional constraint information. * Catch IOError errors within audit2allow * semanage export/import fixes * Improve setfiles progress reporting * Document setfiles -o option in usage * Change setfiles to always return -1 on failure * Improve setsebool error r eporting * Major overhaul of gui * Fix sepolicy handling of non-MLS policy * Support returning type aliases * Add sepolicy tests * Add org.selinux.config.policy * Improve range and user input checking by semanage * Prevent source or target arguments that end with / for substitutions * Allow use of <> for semanage fcontext * Report customized user levels * Support deleteall for restoring disabled modules * Improve semanage error reporting * Only list disabled modules for module locallist * Fix logging * Define new constants for file type character codes * Improve bash completions * Convert semanage to argparse * Add semanage tests * Split semanage man pages * Move bash completion scripts * Replace genhomedircon script with a link to semodule * Fix fixfiles * Add support for systemd service for restorecon * Spelling corrections * Improve sandbox support for home dir symlinks and file caps * Switch sandbox to openbox window manager * Coalesce audit2why and audit2allow * Change audit2allow to append to output file * Update translations * Change audit2why to use selinux_current_policy_path - Update sepolgen to version 1.2 * Return additional constraint information. * Fix bug in calls to attributes * Add support for filename transitions * Fix sepolgen tests - Remove restorecond.service; use upstream service file - Don't provide support for sysvinit and systemd on a same system Use either one or the other- change the source url to the official release tarballs- fixed source url - removed old tarball- update to 2.1.14 * setfiles: estimate percent progress * load_policy: make link at the destination directory * Rebuild polgen.glade with glade-3 * sepolicy: new command to unite small utilities * sepolicy: Update Makefiles and po files * sandbox: use sepolicy to look for sandbox_t * gui: switch to use sepolicy * gui: sepolgen: use sepolicy to generate * semanage: use sepolicy for boolean dictionary * add po file configuration information * po: stop running update-po on all * semanage: seobject verify policy types before allowing you to assign them. * gui: Start using Popen, instead of os.spawnl * sandbox: Copy /var/tmp to /tmp as they are the same inside * qualifier to shred content * semanage: Fix handling of boolean_sub names when using the -F flag * semanage: man: roles instead of role * gui: system-config-selinux: Catch no DISPLAY= error * setfiles: print error if no default label found * semanage: list logins file entries in semanage login -l * semanage: good error message is sepolgen python module missing * gui: system-config-selinux: do not use lokkit * secon: add support for setrans color information in prompt output * restorecond: remove /etc/mtab from default list * gui: If you are not able to read enforcemode set it to False * genhomedircon: regenerate genhomedircon more often * restorecond: Add /etc/udpatedb.conf to restorecond.conf * genhomedircon generation to allow spec file to pass in SEMODULE_PATH * fixfiles: relabel only after specific date * po: update translations * sandbox: seunshare: do not reassign realloc value * seunshare: do checking on setfsuid * sestatus: rewrite to shut up coverity - removed policycoreutils-glibc217.patch (upstream fix) - added patches: * policycoreutils-rhat.patch * policycoreutils-sepolgen.patch * loadpolicy_path.patch- update to 2.1.13 - drop policycoreutils-po.patch.bz2 (updated upstream) - drop policycoreutils-gui.patch.bz2 (added to upstream) - drop sandbox init scripts (shouldn't be needed anymore) - numerous other changes- added service unit for restorecond- semanage needs python-xml and python-ipy to run- Fix compilation with glibc 2.17 (add patch policycoreutils-glibc217.patch extracted from Fedora)- updated policycoreutils to 2.1.10 - adapated patches - updated sepolgen to 1.1.5- fix seceral rpmlint errors and warnings * use /var/adm/fillup-template for sandbox * don't use /var/lock/subsys in any of init script * use set_permissions macro and add correct Requires(pre) * fix the languages to new -lang package * fix policycoreutils-sandbox Group * remove runlevel 4 from inint scripts- patch license to follow spdx.org standard- updated to 2.0.85 * changes too numerous to list- fix a typo in the package group- remove usermode-gtk from Requires of -gui subpackage- remove incorrect and unnecessary rpmlintrc.- fix build by moving _GNU_SOURCE define (gnusource.patch), thx darix- updated to 2.0.79 * changes too numerous to list- disable Requires usermode-gtk- added libsepol-static-devel to BuildRequires- updated to 2.0.62 * Add btrfs to fixfiles from Dan Walsh. * Remove restorecond error for matching globs with multiple hard links and fix some error messages from Dan Walsh. * Make removing a non-existant module a warning rather than an error from Dan Walsh. * Man page fixes from Dan Walsh.build84 15504324032.8-lp151.3.12.8-lp151.3.1sepolgenperm_map/var/lib//var/lib/sepolgen/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Leap:15.1/standard/75205d2fd750c29bb2aba6e9a68c697e-policycoreutilscpioxz5x86_64-suse-linuxdirectoryASCII textC7TL麦^l@utf-8d82492646baefd06c7ca88f71131fc145226e072b6e5cf43de0cce9c94287de1? 7zXZ !t/ ] crt:bLL t/EvzrV$U|XD5'= WY~2X:v. A5|-4QlDfI't޴lWϟ]fޏ"%CN>j!s#j5[F^C4n# ^O :#S;4y/ᕼ z{ur"NDpY/*gJrXخSV¾;LJ|D9ϸtK;Tο|rO9+PFRbypʒjpwasIy{4蜇B ~+22WtytŨV[!EpKwG0,botb 8+X%zr0ΜqݜҽÑPɍUэ徔E%i/ZtT) z 6k+X70\bsQrQyJ_ny"["?`eAa7j07k`j su&OD_M:Ov#0aMyqS(@DmZHDФtXm14S:P1i}bhQ-i/*@xo;ޮߝ:4ZL -<h< 41F y&q[2qD5KR"D"e:)[8:eRdS؁} '}("< I|&>V[i?R~8k2#NJ9B+a6I*g(&G& 1srMVͯ a~y%$ڑLw[CĉI%A@~GtapJ707W֫+|CC9^QhcqS7#c6!tI!mN!QQߧD8ò6Ύ{:@s@=X>7.>ás$׽{\. ӋX#-zi}!ۓHuʮp*P /",xO^ ީ` ̒G, Bt-%K-dqՕ{niq/yBi5-ϨAHBf\j4 k=g% i\QeJҏ.n ۆDsTxߑ)m]_VQuQQZ蔐TS:(; vWdAص݉3Bm"&)>Y&O.+3ЁHӃ.0T7&||Mݕ7L~U;2:&tJ!q5߱vۥ`DQjy2A)ҒR(k6YB\EK+- lGRь*<㇉H=~z'}]PԺfGcm^tJ@傱UZ_(OUD Tcdmy688-=_mIwjkX;?,m}sC GGxiKVC-LIn6d0&ķ E!3ksa>NpD6.@SZG;AYnBwTRr 7zUf#3nMS/ܮ&nVq@/BrϹݘn3oe2}-32{>;)M8らNLLPf0/+ YХQ*E,[I׾B]z YZ