policycoreutils-newrole-3.0-1.20 >  A ^ p9|G:P LM֝4, YEzln SPx҆^EY‹ S|+5{u_huH6AX?F}N>`"|}ߖA0Fȱxꩬ6 %a Mm_}dL"4wi<[dT={pY Ceo- f=Q~h my[ 5v4ƂgB<vP &d>2sRw{I2?_2>Xfiw2 >Wk#.q0>pB7?7d # H %;eks       4Hl|(78 9 : >3EC3MF3UG3lH3|I3X3Y3\3]3^3b45c4d5?e5Df5Gl5Iu5\v5lw7x7,y7<z7\7l7p7v7Cpolicycoreutils-newrole3.01.20The newrole application for RBAC/MLSRBAC/MLS policy machines require newrole as a way of changing the role or level of a logged-in user.^ 2nebbioloSUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/Productivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxppc64le if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/bin/newrole fi p*/큤^ +^ ,^ &^ &0c0171b7579b3c3e2a69df88a47e9516b97b53ac201795b7904b71c986724835644af93e6e002e93dc2441f8a4200f95abe478e592bcb37950add646b4f0e458f718e568ba9e86aeabffa77aef9ce5c5ef68e5b9e21847f5ca085f21896b4b92dd0663d9211486b6a18050d5a0217dc64419451f152cca982a4e55a5e416ffcbrootrootrootrootrootrootrootrootpolicycoreutils-3.0-1.20.src.rpmconfig(policycoreutils-newrole)policycoreutils-newrolepolicycoreutils-newrole(ppc-64)!@@@@@@@@    /bin/sh/bin/shconfig(policycoreutils-newrole)libaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpam_misc.so.0()(64bit)libpam_misc.so.0(LIBPAM_MISC_1.0)(64bit)libselinux.so.1()(64bit)permissionspolicycoreutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0-1.203.03.0.4-14.6.0-14.0-15.2-14.14.1 /usr/bin/chkstat -n --warn --system -e /usr/bin/newrole 1>&2^f/^^F^W@^M#@]@]@\+@\d\Yz\X)@\R@\8@\3?@\ `\ `[H[%@[$@Z@Z@Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@jsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.comjsegitz@suse.comjengelh@inai.dejsegitz@suse.combwiedemann@suse.comjsegitz@suse.commrueckert@suse.dejsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.commcepl@suse.comdimstar@opensuse.orgjsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.com- Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines- Update to version 3.0 * fixfiles: Fix "verify" option * fixfiles: Fix [-B] [-F] onboot * fixfiles: Force full relabel when SELinux is disabled * semodule: Enable CIL logging * semanage: Add support for DCCP and SCTP protocols * semanage: Do not use default s0 range in "semanage login -a" * semanage: Document DCCP and SCTP support * semanage: Improve handling of "permissive" statements * semanage: fix moduleRecords.customized() Refreshed chcat_join.patch- Ship working pam config for newrole (bsc#1163020) - Recommend policycoreutils-devel to have perm_map file available- Package perm_map as it's used by audit2* tools- Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262)- Added run_init_use_pam_keyinit.patch Added pam_keyinit to the run_init pam config (bsc#1144052)- Update to version 2.9 * secon: free scon_trans before returning * audit2allow/sepolgen-ifgen: show errors on stderr * audit2allow: allow using audit2why as non-root user * chcat: use check_call instead of getstatusoutput * restorecon: add force option * semanage module: Fix handling of -a/-e/-d/-r options * semanage/seobject: Fix listing boolean values * semanage: Drop python shebang from seobject.py * semanage: Fix logger class definition * semanage: Include MCS/MLS range when exporting local customizations * semanage: Load a store policy and set the store SELinux policy root * semanage: Start exporting "ibendport" and "ibpkey" entries * semanage: Stop logging loginRecords changes * semanage: Stop rejecting aliases in semanage commands * semanage: Use standard argparse.error() method in handlePermissive * semanage: do not show "None" levels when using a non-MLS policy * semanage: import sepolicy only when it's needed * semanage: move valid_types initialisations to class constructors * sepolgen: close /etc/selinux/sepolgen.conf after parsing it * sepolgen: fix access vector initialization * sepolgen: fix refpolicy parsing of "permissive" * sepolgen: print all AV rules correctly * sepolgen: refpolicy installs its Makefile in include/Makefile * sepolgen: return NotImplemented instead of raising it * sepolgen: silence linter warning about has_key * sepolgen: use self when accessing members in FilesystemUse * sepolicy: Add sepolicy.load_store_policy(store) * sepolicy: Make policy files sorting more robust * sepolicy: Stop rejecting aliases in sepolicy commands * sepolicy: Update to work with setools-4.2.0 * sepolicy: add missing % in network tab help text * sepolicy: initialize mislabeled_files in __init__() * sepolicy: search() also for dontaudit rules * add xperms support to audit2allow * replace aliases with corresponding type names - Dropped python3.patch, upstream now- Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437)- Replace overly complicated %setup calls.- Removed hardcoded python 3.6 path from spec file- Fix build with python 3.7- Required python3-policycoreutils instead of just recommending it for policycoreutils (bsc#1121455) - Added requires for python3-setuptools to python3-policycoreutils (bsc#1121455) - Removed requires for audit-libs-python from policycoreutils (bsc#1121455)- properly obsolete/provides for policycoreutils-python - remove unneeded obsolete from the devel package- Don't require selinux-policy-devel for the devel package- Obsolete policycoreutils-python in policycoreutils and policycoreutils-devel to prevent file conflicts- Included content of selinux-python-2.8 and semodule-utils-2.8. I think it's easier to have all the relevant binaries in the policycoreutils package (bsc#1116596). Added make_targets.patch for this - Removed restorecond, is now a separate package - Added python3.patch to use python3 interpreter - New runtime requires: * libsepol1 * python3-ipy * python3-networkx * python3-semanage - Provides and obsolete policycoreutils-python- Adjusted source urls (bsc#1115052)- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt- Rebase to 2.7 * Rather large rewrite of the SPEC file * Significantly, support for python2 removed For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt - Dropped patches: * policycoreutils-initscript.patch * policycoreutils-pam-common.patch * loadpolicy_path.patch * CVE-2018-1063.patch- Don't build policycoreutils-gui for anything suse_version >= 1500: there is no reason te believe that SLE16 will have those old, depreacted dependencies back. Fixes also the issues for Tumbleweed, where -gui was not installable.- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)/bin/sh/bin/shnebbiolo 15914132983.0-1.203.0-1.203.0-1.20newrolenewrolenewrole.1.gznewrole.1.gz/etc/pam.d//usr/bin//usr/share/man/man1//usr/share/man/ru/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP2:GA/standard/7c00ae564a0bef922e28e26599082f2a-policycoreutilscpioxz5ppc64le-suse-linuxASCII textELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/l, BuildID[sha1]=624eb373e7813b009b4b382b6de6be38be5bb385, for GNU/Linux 3.10.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)R RRR RRRR3bH R.utf-8f5ca1a6f09bf5ec6b60f2996d03cf8f5495d81cd4def668da5606725376a01dd?7zXZ !t//5:] crv(vX0fP6Z47"j;ǖ"F3T`@-lz懲HPUe`A02!Ħ= Ȯ`@(;&_&& v9`pzS-u7 .3E(@ Ho?%.uRJ;^R Ax&}cl~1>ȑ`r O鈚\\PNAG\׋;΍ƠRrhx/ha#ݱW(@HKνR}(;c޺B!qnRw`cҘB)Ybb{(x=IJD (Ze?Rpz@ao=))#Ʃj}_:CRPHV2bth \pRb2:dD'Պ)$>f@P fZNaLrb: K$Wokqz$} EMp3UP!`fv_y -ZQl=~ReD _׸lJKLX7_!ĩXʶךi+O:&#cթG41bb%1BNOV-,be& %_ћي`~e~<|y6^)e8 retʵ_RVbҍ;'Π\[:˔Q'J|bf%AYxr$A jönXF:L5,xa.*ucڔ}$!ʉ׹U=Ư@rgЉHHFCk 0IM @8qnN ,vCqߨ6WZ#,`3DyA&|Ӑ0CJTr~ce /U<@jV؞*orɑ"\5y. uB P)c|eM}veZTxg{0"t0"]׀f=%,*cWv\O83pnr1z:˻?|Xh,;_F-nZ*KN. Jlh:KC\Sxs:'÷X2L/AyJ޴E:ω|߆:kmfZM~ՍPQ pWl|B7tU܁Q*#!pLp[%!GW>$)$0nY]Na$HORY#71֮k4=庠[=yN[Eڜ?뼺ұx^a+GL!DX }8mw)eJ+ⅅ{; 6 N-J]JS\9_Uk^dqܸq~pX,+HE(Ÿܒˤ"RŶW7[YK:&.Ycܸj}Jo-fl`Z'd]S$AeVtg*/{:I-\xV&u}f.XPwJ4\V^Nyôի:ZfI%|#JÀ〫'l'9fhYL?'̶:U<]Pis]UqN2r.-T=Xa@Q~zare;{8[jbK it#4XkjmY xxz=k=w=`R[MNvM" $ܓ_]]tWr⡃@ b Svnܟ.L"%ڸ%1WKHr3.$26FAK0۟X/ɧmz~zK#hʶy{@܍Ј-:Y=WQ)uݹ0Pj½~3?7@}Do/(wLD=<{,\=Őɜ%71;wx.^Z2Ԧ!e/θ=HV_tqx6lQ S@i!~slQTUa3u QNTv=erDh*?jfi m_(Vs{KЙVG.8B[4x0{DF vi4Jň;U!G …ZU7ZpRl"Q5U6`|fk!5GS٧χO&K=}!5~|s RBU:ѬJZ"RaF!&"-ԿR6%s-f)i+ˑk&{ݭ(6UKԇրƗVSLa؜aCYMS[7NjYot#&X[cfM۝ C~#]i;){Mf8mNr_mzLw9y Zt ׊Ga @~:dI5IiS7YbfM+0%1htgH+_ YfiE1v@ N>dᩦֹR*`@pp&DeQfx3~LiER9/|"]8FE^BA (ݩ~ .tb\^m$Us*= `(J7X#2Xqu$s6[=Lw>֚>}ݷ%DxJphTKsʖ:1)SD|bH pk#2ϣ:7$6< FBK겍g"-0*n$g4"XTc[x)̠(l U y8y,A G ,?&{/ΐԒUmb}=ak5ƑH8ZP ܻ*Ν9lTcп\~~i{mb|\mLA՞w9^ֺّX k4f{Ǘ11 wsڨ"pw!Zĥ+i kIվk""D!\׺5/ <͸;_5f`>}m->ĵbn G"a-uwL\FI&k{h!]sD ɰXcJHy%02HSՆr.K/` ;NJRm0o(/^6==9,/u-ho6&8u-'ʑKHphʖ]9EΪι-汙ZE'Y8p`#///xus%QE,✒^!w,K'%gA(PNv._ C@V9kt&&E՘>i\?&B՝kdуKtmk/>8T>1<9ڄ}lP[K\/2LÈ%L6yX@VVr&5"а?7X2vzpC0}_m/e1x@sDK]Qw7Hg1W̷{%[ x0p-]^yC&t> o.lȀs!QS2fYq"Ur 6 hfU=/;#!T*GaZ^tME򴣢Pfnv9]Ll(Ӿ8*}в#il"4GPۨ"\_f)hTE&e&j~o [2B2mBݑ MX2=.OZ#Cإuaf(|afgh97#m=SGO.FrPGFԱgp@Ҡx亜IdƵح Jΐ,in+nz&6 :RlZ+dqB 620T՟TZЎhycr. ^,)a0 %_%+'3iU|xrՋ$$؈tK;=Cft82YC6_,`82֤i'w Mf_3 VӺ7vuـ}=UAi:t7CtP݋>=9_-oZmԣD~me}6jwSp$MzW1$V/ĸC4bЪ~!d ɖe[H9t3Xe򓽦FJH>eR\~dX?F0I R뷧eש%A^n]T쾹vxX{׮AOП-7^>#*GW:m Y{.7M _LL(%+xhB|]I,Zn]6!zpP88hŋZAm6ߕ6@,w-dj+;c`8 `>g:l4`z8RLC?s* LxT^Wq0vRm^ wn'kP>]_fYH;S"v;@NA 0DD̂C pA.KF9uP7yL)A;~ښM5*rk#ѠK}LKm'e\)B:~W@ٺe -y܊?B'Fv6ENⴍD8Tjcם:]z7:*6!k<OFm1dM/b Vx: 'dƴNX^ IEanYbAjՖ! kkk!u₎(L$9@>A?LV򦀜Q 2וq;J5uZ6'!(J#m c0`/WbSZ+K _ˇ>[c:䢌]!9#0uBig8J ed<"b[-#7U3o,kHITeV[yp8z=V##8Z@6M5'n ٤r$S"U (9.iU5 3mk2R:j4sgZS&y,۲yS!RҐ&S-ny X[0tNTzLjd41$B3@y|^"8us3r,!~xcܵDɳ̌~\++! m<'rb?jlf9g͋h[zM@Z?i^X`P*[LVGGHd>p2"աg+䓡 "~1K6v`ν꬇f%,:bƤ ]*pR?#ml@[YZX$ QyF7`D ,.{Yh"* xefjBcT}fzJ8)_m| *Cky P~6/yFǜk}]=xírkE Z,"g88*Pay^0걵EU>eVEqJ~k/T(>J律/- :(졤;\R%fnuj 㹢7xԭVfo *2Dܒkƚ/P.Y%K `-|0/@s6NE!:֍LHT^T9V2@%S:@mm3qgs]6v=~NgNqFURî0r:tйO@7˪> 8zI? ڬFk"$KQ4$x#t7$ ziq-q,[êXn ~&%g Kr{َ%6P޶\%ғa¿++?sWD6$j~zk)[wA0A?Ր-U>o"ef޷ֽu "]s\7e˟H@ 㴠`HCby\e;+iIf:WtsE@pF4jg$]f^y#⵲n{;kW%CBW@A:QB(>jҗ@á0 K[3G|߆z"I S8?M̂sK=Lk6"j;kQ/k0g ϸ2Ho"Iu $aE/d^An@aIX e,ݎ<PJeup(mcm\8Vo-ѢRqARuU2oH4>E Q'ZcyOw|EmT*peM]:rxlIKQk&7&A#$ kEh[+ "7Cꓯc nwǐ#b/D\:O 2?rtR}A%NJ7MY 10߭eyEi4r3{M蔤qHe gTB3b(m5n (bo-JlMIfWWdLCbXpD"=;Y%VWZPrsp~;_dL)b^:©$ikF1XBP6"`gE E׵Xx( qD믝sN鰽9Vf+:؞U'XnfHny^ç.l;)1a;(ԑfN<0^-^4%zy+dC4 ;:6Ap:$^Ȯo!U=dކ?w6Z|y5&HmrsY/_XL|Mosx^f."(|\\'`s),r?H+FDnZi!|,H\wYv.A69/0(Y:nCsRUSu8j?--TN!;%MƬ\Ft%L#Zse&zb$shj( yHxl+h\ٗD s"@ؚĉu{ c @ 9.M[djY (z?`^,ثdn,Sd[=Hi1DCqKRhHU,v?.Dnw8w R6up.l9JڜNB !Ψ хyPy2zEƿ.{lџqs#0X@`zr'+O:hfcE)p݀L5yb+{jsJ/()ɗuGԹ$͆pEFu_CMGGq@sp|r*-nnpIB<ؠxdi[OCQQgDxYx[CsM`EQy5l??Q=]{q1zL8,}o{7O:/XEP tŸ$Y (ڱ.w[ƍr}"0,$2T =EzmIsS )maW@@V&Ѷ0X݉foڿԉPg_b C2Rt?~<`e6C(fj -rHUAwD֘]o? &aKJsDϓ[)n!: ҳYZ<m:8^JSx&Κ%z &یu Ojt9{}rʮLo̤b ^']`B`3L*os:g<<ԑFP3("Lgμl^2i ժ2!@׏!M4nYbι;; ,86|Ei l[)͠x2Ntc_p]zgdռJ״7! ӓW Kv-,TzW>VmF晁CM˥JSo yI=HA8 GR譈1]d)Ô CA~6~[EN4\N38=o80ڽ(T[~Lb¹:< O!e0>q3<+%J`D1Ų-JIyxĜiQzc0Q)jeNRIxrs\Sc;c4W/_!+@?X9%Q">yϑtQ'(9dJ6L^fh78)Bxtn T1| nHN687LB7!"+oca~\CpV2_ Lcah9pD9Lm3[ĦF E*V,ZhLjt