policycoreutils-newrole-3.0-lp152.1.3 >  A ^#Ǹ/=„%R]xhS΁F d'OMrUL7S jr6dqm3*H2?]d߮yzWeT`]DOyӑMIWۈK] ! zAoA1 ID&gѩF sy0^Y֪*ed$WrƘeQk{m˸{*Eg麲=Qf4J=9{>'cEKy(4?x;ъ[q(brB!.Co04cb0d9c7c82f32c112c9442ad5ba9b8b111725c18365f0cc203715c52adf7efed5ec686f8c4f3d9d45ae4a4837a15801dd5a8c6n^#Ǹ/=„I9+`K㉤,o{8T/ sre v/Īs$i8%-9vÓG`Jd)'@dM{V_l+ SO<@@@'E.]i0|+:I@`|x TSl٤bM, {O]yx]cG*/" tQ- 4i7Ӈ%:"sS#޳7Ëݗ$Mrz>pB8?8d ( M  !KQX     ,Td (F7M8 9 : >4]C4eF4mG4H4I4X4Y4\4]4^5b5Yc6d6he6mf6pl6ru6v6w8,x8<y8L z8|8888Cpolicycoreutils-newrole3.0lp152.1.3The newrole application for RBAC/MLSRBAC/MLS policy machines require newrole as a way of changing the role or level of a logged-in user.^#lamb12wopenSUSE Leap 15.2openSUSEGPL-2.0-or-laterhttps://bugs.opensuse.orgProductivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxx86_64 if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/bin/newrole fij*/큤^#^#^#^#0c0171b7579b3c3e2a69df88a47e9516b97b53ac201795b7904b71c9867248353a2a0f9953db653cb1a0c1d46e6eeb8712278637700fde09985568434c3d4380f718e568ba9e86aeabffa77aef9ce5c5ef68e5b9e21847f5ca085f21896b4b92dd0663d9211486b6a18050d5a0217dc64419451f152cca982a4e55a5e416ffcbrootrootrootrootrootrootrootrootpolicycoreutils-3.0-lp152.1.3.src.rpmconfig(policycoreutils-newrole)policycoreutils-newrolepolicycoreutils-newrole(x86-64)!@@@@@@@@@@@@    /bin/sh/bin/shconfig(policycoreutils-newrole)libaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.8)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpam_misc.so.0()(64bit)libpam_misc.so.0(LIBPAM_MISC_1.0)(64bit)libselinux.so.1()(64bit)permissionspolicycoreutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0-lp152.1.33.03.0.4-14.6.0-14.0-15.2-14.14.1 /usr/bin/chkstat -n --warn --system -e /usr/bin/newrole 1>&2^f/^^F^W@^M#@]@]@\+@\d\Yz\X)@\R@\8@\3?@\ `\ `[H[%@[$@Z@Z@Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@Johannes Segitz Johannes Segitz Johannes Segitz Johannes Segitz Johannes Segitz Johannes Segitz jsegitz@suse.comjsegitz@suse.comJan Engelhardt jsegitz@suse.comBernhard Wiedemann jsegitz@suse.comMarcus Rueckert jsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.commcepl@suse.comdimstar@opensuse.orgjsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.com- Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines- Update to version 3.0 * fixfiles: Fix "verify" option * fixfiles: Fix [-B] [-F] onboot * fixfiles: Force full relabel when SELinux is disabled * semodule: Enable CIL logging * semanage: Add support for DCCP and SCTP protocols * semanage: Do not use default s0 range in "semanage login -a" * semanage: Document DCCP and SCTP support * semanage: Improve handling of "permissive" statements * semanage: fix moduleRecords.customized() Refreshed chcat_join.patch- Ship working pam config for newrole (bsc#1163020) - Recommend policycoreutils-devel to have perm_map file available- Package perm_map as it's used by audit2* tools- Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262)- Added run_init_use_pam_keyinit.patch Added pam_keyinit to the run_init pam config (bsc#1144052)- Update to version 2.9 * secon: free scon_trans before returning * audit2allow/sepolgen-ifgen: show errors on stderr * audit2allow: allow using audit2why as non-root user * chcat: use check_call instead of getstatusoutput * restorecon: add force option * semanage module: Fix handling of -a/-e/-d/-r options * semanage/seobject: Fix listing boolean values * semanage: Drop python shebang from seobject.py * semanage: Fix logger class definition * semanage: Include MCS/MLS range when exporting local customizations * semanage: Load a store policy and set the store SELinux policy root * semanage: Start exporting "ibendport" and "ibpkey" entries * semanage: Stop logging loginRecords changes * semanage: Stop rejecting aliases in semanage commands * semanage: Use standard argparse.error() method in handlePermissive * semanage: do not show "None" levels when using a non-MLS policy * semanage: import sepolicy only when it's needed * semanage: move valid_types initialisations to class constructors * sepolgen: close /etc/selinux/sepolgen.conf after parsing it * sepolgen: fix access vector initialization * sepolgen: fix refpolicy parsing of "permissive" * sepolgen: print all AV rules correctly * sepolgen: refpolicy installs its Makefile in include/Makefile * sepolgen: return NotImplemented instead of raising it * sepolgen: silence linter warning about has_key * sepolgen: use self when accessing members in FilesystemUse * sepolicy: Add sepolicy.load_store_policy(store) * sepolicy: Make policy files sorting more robust * sepolicy: Stop rejecting aliases in sepolicy commands * sepolicy: Update to work with setools-4.2.0 * sepolicy: add missing % in network tab help text * sepolicy: initialize mislabeled_files in __init__() * sepolicy: search() also for dontaudit rules * add xperms support to audit2allow * replace aliases with corresponding type names - Dropped python3.patch, upstream now- Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437)- Replace overly complicated %setup calls.- Removed hardcoded python 3.6 path from spec file- Fix build with python 3.7- Required python3-policycoreutils instead of just recommending it for policycoreutils (bsc#1121455) - Added requires for python3-setuptools to python3-policycoreutils (bsc#1121455) - Removed requires for audit-libs-python from policycoreutils (bsc#1121455)- properly obsolete/provides for policycoreutils-python - remove unneeded obsolete from the devel package- Don't require selinux-policy-devel for the devel package- Obsolete policycoreutils-python in policycoreutils and policycoreutils-devel to prevent file conflicts- Included content of selinux-python-2.8 and semodule-utils-2.8. I think it's easier to have all the relevant binaries in the policycoreutils package (bsc#1116596). Added make_targets.patch for this - Removed restorecond, is now a separate package - Added python3.patch to use python3 interpreter - New runtime requires: * libsepol1 * python3-ipy * python3-networkx * python3-semanage - Provides and obsolete policycoreutils-python- Adjusted source urls (bsc#1115052)- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt- Rebase to 2.7 * Rather large rewrite of the SPEC file * Significantly, support for python2 removed For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt - Dropped patches: * policycoreutils-initscript.patch * policycoreutils-pam-common.patch * loadpolicy_path.patch * CVE-2018-1063.patch- Don't build policycoreutils-gui for anything suse_version >= 1500: there is no reason te believe that SLE16 will have those old, depreacted dependencies back. Fixes also the issues for Tumbleweed, where -gui was not installable.- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)/bin/sh/bin/shlamb12 15896503583.0-lp152.1.33.0-lp152.1.33.0-lp152.1.3newrolenewrolenewrole.1.gznewrole.1.gz/etc/pam.d//usr/bin//usr/share/man/man1//usr/share/man/ru/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Leap:15.2/standard/7c00ae564a0bef922e28e26599082f2a-policycoreutilscpioxz5x86_64-suse-linuxASCII textELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, BuildID[sha1]=b3fa49117f757f53845535d7d5adb1bc61b293cf, for GNU/Linux 3.2.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix) R R RR RRRRR R RR%RbKSutf-81ae3f343291df61989f651380e5a99c6dc29e71a8780c54c496b80dc557d892b?7zXZ !t/z0] crv(vX0eva%Ra% /ˆ/w'ɽFR$};λw56FS@hQ8ѩ@Oų}g >l͂a2U27S[<lxl2dx+`GGj`JnDpa5bPEA^516%ީbUЍZiޤi¶B2G@XFϳQ31L̳0;} XZj\{e K, _?n?Iq+R.lHqړlXm9l\i+ɜ׷-.ř߯O3Ĩgɒ}Mr!VbzpQCH+!t՝:@ [*uN-*N3Cj82Pi>>%U8M:ϐA_G'; _ltmBlzw4DOFc1js[d4dH^?^M."pt+ q]>T],k\]ԙu}I}OQϑO)(O k?I8 oǧ?h.e;D26# mXEY:K%h[wyѡ^ymhˇ}R_y[5r¯-Hw.uH=>R|x&L g쥏0ߌ@[ЬH$:x8JA1s0G oT Sƍ12xl@g<o#!$Ho}ic#Rg諍#6&t/?A5]tl JmIFć;#'gxNF\umB$Ll)BG 66$(%N/yiक*.Khu#Pf{C|UT䑱"Lk`]2l~W&A!@zse k/y'H.L ?"n.[/\{FT݊$*tL0UOՍTbZ_fؖt`?e"YR?!y QӢBvn: XljGf&읯 +1v<8ၓVoʚE傇KxUwZ{Bsq,*T0 ؜\Ԋs:,'j1>҄PKAJ`f 6^ջ؜ڷz NҚ`8':]Gْ_ng4 cO ykppԁr\](O*'rayd@k9;5zHK%.`!unݏİ?*ZN-CUިK(JT8/uw /ab0ʙ$t9jٟrU 1jCT 2#c΅iY\qScs<ģ1i*ͪċ!7M8${( Wmrթ|]5r @hz.m;aNSYx?9R>JPΊK3VF VY &w۪4 HHټ1OfYώ>)&_,M?gǖ9dɸCWH[U2%ժLۀ jporyFZol^\eE v ˜Wfl 4eGI,I)ߋ>Nœ4ӑ?+TLI6ASC҅E,KmhHQAo8EBiv~Xtx&> jlHyjl~@aˍYu{|\͠49n݇M"3!0ŋꨏ_@T%ќ6̍SD!E)i=J8L!nؖJ^SpTvm!IQA͖)͆{C?~䵝m%컆F&n&1ZgJ_Ez#7 bD̻:(s(t < | >|jrN4ʰu8)`04Ym9.{K> [Om(S2x~]<|A&#0>*0$.OĽ$ u-ԋH & C?kR'ߍ%YN|b-C"͝P |6:dl^*~ҭy@ WzV^\S ]",QKЊj+S !`-S&\u ҍTpWVWz7+8Xt82kG6oy^ž]-H/t-W*0纴R ,EIDX iƁԄ$y yAd$ ͢B՟X|񶫲 |R+O_ ! vGl9VCj5?s==W6ͮJ]j)Nļ$3F윉 k0b?o,H|:ږdt$_UeN0-HRj+d"͘FvMR[2KқE h0¦U{Gq1j_ˁ\ hrGLޘ¼':Mw ݄ᚴVaef'x'y~+m,daåo.0[q@'Rx\/ )ZT1pb sWO1)@Bاvf&%m'əg7(3/-MERrPRv!͏C6,S1Xb|g*l*t'HVz e77V?tX j2&XfXƁ 2 OS!ph9iZKY4 Vƍ3Y B}ۘ~̣n+ojӱ(FF- eu:bKWl( L17NoJs_tN"PdgT}\"1ܣ|,_ʁ8K,+7f#DzlwAK ]BVe'SmBY3Tߵ1ӡD5\J_#"Ԉ 1y$hV2PO4JΚ9v(OIL W|-'m>(:&o\şX-D#ˈv =0:|ngX e+U> _C>oB|ӗ=_!gptK}vuZ /A_/qm!}Œ-Z@8hH2=,1Ӫ#[zU{}8 ath|+&5I5n&@D1FV>QO0U| UWD _`qf6dY;qRrk>i\AP HL`*4\7TH$1wV}t9Opm}Cij$"u̴>PQ.Θ PDfܯI\6,Ea49'$&ePcSZE=F*VorcRE3Bnu]xZ'ǀz`SPkj.ֆ8 l>κ@'$x1d&Sp}x@=Dc2]۷*1Gl)fs+we[2wqy\f'Vr9knC$D.-.v׈K󗃪+ 嬭젘+"q]8w^fqdJqdmC RwLb~~?0)YTנS¨*YY8涮Z*aΐ@k,)Y}wLjOSqjC:QXf/;b5 tVEzjCݘslӬ6&I1sMTB0>1vv#0Фe a>9W"0iL*@RZMcvu~m_HA/-B7^Ī u;GO%MwumxSP+3kWppY}&|lJ~EK:,L)a8yXѾ 1+9ŃJg}o5um׋L$ KoR@PZc_{U7R:d{j-+L/p(r ?]1C3_7׼l`U3 w̶ڮ>fJGBSSIO{K'Պ̪2>vР`-NrGrpbn-bSEMdGD:&:oֽHVF wwT)A K%q{E>IJILzV5nq"ײ6>[S;/{nPrXV0,~u[j64{rB ^t.u4ԥ :I=fnKpzܛ@NgC`tY5tºռ|/eƿ>ԪR%v!+Nt%gO^\dr΀!ȯGoL'- 4lb<6F)ZVI<ʧO|}3ͮ. l8@l&tm*哖sUaH[5쾶:ܼ7iuw/Q HT$Ui+(N$nStU-hn k{K;/X>&sӁNZ%|dgMxL '@zۃA8$GP=?xBSJ"ƕ3m5u溃@b.j*l\pD4NZMkU">EpbFn7GW<8 Ă ӶJlM{EHՈ.vYb3J@ԥ9Ybe#jXݷ,I026բcsX]{N/KJORgYWfM -ׯz()k}rMa%'^l"s-J^זT9uڍ'I!9Λ5kuQo1O)\#19#aJfE~kÑS_2(b$;]@/.~\v섻O~>91ekVy8<"r=؈>ЯkO]FBRpk_K; |a<2BRFPS2OEs{TmnBp&g'?"\{I\QLNI6BJ]JaL&窠04؜߼MYϟD[zBdGKH9/k ncar.DW x{7NH)hG3h7=\CK[PyFIrnKlM:]{pvG*82(}I&o`pB}=`':׏+><{J8- 8msd`5MD(,찌 8nF::OxY5] 4Ha6m3&pWcrAI,%e.Id-9F^ )C8fI\*ryB:943ȡR+M`&q+7L l zob{Vd~>`r֓%:t$%moѮbhüCwNJnnAq8tBIIYŢ:ά-w髚iۗjk*uUK녂 6 r8z„9'R!ۭ3ji>}5(YVe|UeHdz@Ɯƺ7scdYLgJveW(sUԳ 2>X9CuQ_ %=Q8.H'S5dϼ!Q:lON핷c=YMf&$)^5/!>7I˭ЁD̓$Tule~ά0Jש1;&-z.WJ )W̉;$c; "1?Rv'\ؼ[{?\` U[ekMW F(Rʭ)3D b˿`Qm/>CR!~ B* :[+F μsQY< |FJN*mDJQKo%ֽ]a s"2bɸxv=xU`,{q?wq9Il @$ ZYP &j@ Im3nX_U/ B (pz vB[)_'u,CkۊQ`Y"lG鷺ʥ;;! cnm̚!fJ^| !eҊ=gf1˯ut%Hѷw8zpj,)emh/$g^㍺WTYU2`>.(q1 c颣J 1F+Iֆ ToUK ÔZo^e Ol>uܐ ܣf*=)XzjAyc2ǯ{y d9aؓ--.ps5O&nPx5L[,A 2k~6Z>Nj!b =1.C+U '0G)X:@H~>K| S{cݜm1z%9GaHŀoy@ 4@lr`Ad*S3x?ԟHC eA1S^jHAvP.'@q׽M)nφLZQ#D)^ĆLk2gGLi4n%)'~.䐃mM`Z%Ըȍ=vA#.͕֓7ee h^Cż0|q{/6W㺯t,&1βQ3zS rjB0iT bKrB,xK`>jEC{y?. 7e.5]6eY3 -}0{}h$aLq[r)m@JAC1;n~Ԙ@M^aʌyK [ߐY.If R)-v*at$1 YZ