policycoreutils-devel-3.0-1.20 >  A ^(p9|c8ˮŐ{waS-T2Ȧ4Uqі dk" Xt&|@ +;q0B[{ZKm6E7g3EZkSSAB.s ԈnٰTQXz遯xg^~S 2_}CF\SA]5S^}QИݨ6"\]0^u"Va#/IZM'iOܡW758abb0ec34a2b16eb8159b329af2e365bbdc19fb76e779510bb8ff49254c788bd5ca3919df5a7555943f1d849c91dde32fa85e5F^(p9|0*;F WZk F6%2^̍5 ̼Me7ɒGjU&BAx;$ {9&}dwT:-s*'t`8FnJ`TE+M>!Ι]I+:#G=lLmbBZ8( gOOz63'8;9=k 3ۏ *4X>|JZRFtxC ٤'ke\u( 3y;7A ^4>p>2?2d ! L  1Gqw     $Xp $;(?8H 9 : F0qG0H0I0X0Y0\0]0^0b0c1d1e1f1l1u2v2z212D2H2N2Cpolicycoreutils-devel3.01.20SELinux policy core policy devel utilitiesThe policycoreutils-devel package contains the management tools use to develop policy in an SELinux environment.^sheep59\SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/Productivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxx86_64\A큤^^3c2ca71f5de5b71157f6c748ed101de1a1bf9ee4164d86d742386a71165095a9rootrootrootrootpolicycoreutils-3.0-1.20.src.rpmpolicycoreutils-develpolicycoreutils-devel(x86-64)    /usr/bin/makepython3-policycoreutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0-1.203.0.4-14.6.0-14.0-15.2-1 policycoreutils-python2.64.14.1^f/^^F^W@^M#@]@]@\+@\d\Yz\X)@\R@\8@\3?@\ `\ `[H[%@[$@Z@Z@Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@jsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.comjsegitz@suse.comjengelh@inai.dejsegitz@suse.combwiedemann@suse.comjsegitz@suse.commrueckert@suse.dejsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.commcepl@suse.comdimstar@opensuse.orgjsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.com- Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines- Update to version 3.0 * fixfiles: Fix "verify" option * fixfiles: Fix [-B] [-F] onboot * fixfiles: Force full relabel when SELinux is disabled * semodule: Enable CIL logging * semanage: Add support for DCCP and SCTP protocols * semanage: Do not use default s0 range in "semanage login -a" * semanage: Document DCCP and SCTP support * semanage: Improve handling of "permissive" statements * semanage: fix moduleRecords.customized() Refreshed chcat_join.patch- Ship working pam config for newrole (bsc#1163020) - Recommend policycoreutils-devel to have perm_map file available- Package perm_map as it's used by audit2* tools- Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262)- Added run_init_use_pam_keyinit.patch Added pam_keyinit to the run_init pam config (bsc#1144052)- Update to version 2.9 * secon: free scon_trans before returning * audit2allow/sepolgen-ifgen: show errors on stderr * audit2allow: allow using audit2why as non-root user * chcat: use check_call instead of getstatusoutput * restorecon: add force option * semanage module: Fix handling of -a/-e/-d/-r options * semanage/seobject: Fix listing boolean values * semanage: Drop python shebang from seobject.py * semanage: Fix logger class definition * semanage: Include MCS/MLS range when exporting local customizations * semanage: Load a store policy and set the store SELinux policy root * semanage: Start exporting "ibendport" and "ibpkey" entries * semanage: Stop logging loginRecords changes * semanage: Stop rejecting aliases in semanage commands * semanage: Use standard argparse.error() method in handlePermissive * semanage: do not show "None" levels when using a non-MLS policy * semanage: import sepolicy only when it's needed * semanage: move valid_types initialisations to class constructors * sepolgen: close /etc/selinux/sepolgen.conf after parsing it * sepolgen: fix access vector initialization * sepolgen: fix refpolicy parsing of "permissive" * sepolgen: print all AV rules correctly * sepolgen: refpolicy installs its Makefile in include/Makefile * sepolgen: return NotImplemented instead of raising it * sepolgen: silence linter warning about has_key * sepolgen: use self when accessing members in FilesystemUse * sepolicy: Add sepolicy.load_store_policy(store) * sepolicy: Make policy files sorting more robust * sepolicy: Stop rejecting aliases in sepolicy commands * sepolicy: Update to work with setools-4.2.0 * sepolicy: add missing % in network tab help text * sepolicy: initialize mislabeled_files in __init__() * sepolicy: search() also for dontaudit rules * add xperms support to audit2allow * replace aliases with corresponding type names - Dropped python3.patch, upstream now- Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437)- Replace overly complicated %setup calls.- Removed hardcoded python 3.6 path from spec file- Fix build with python 3.7- Required python3-policycoreutils instead of just recommending it for policycoreutils (bsc#1121455) - Added requires for python3-setuptools to python3-policycoreutils (bsc#1121455) - Removed requires for audit-libs-python from policycoreutils (bsc#1121455)- properly obsolete/provides for policycoreutils-python - remove unneeded obsolete from the devel package- Don't require selinux-policy-devel for the devel package- Obsolete policycoreutils-python in policycoreutils and policycoreutils-devel to prevent file conflicts- Included content of selinux-python-2.8 and semodule-utils-2.8. I think it's easier to have all the relevant binaries in the policycoreutils package (bsc#1116596). Added make_targets.patch for this - Removed restorecond, is now a separate package - Added python3.patch to use python3 interpreter - New runtime requires: * libsepol1 * python3-ipy * python3-networkx * python3-semanage - Provides and obsolete policycoreutils-python- Adjusted source urls (bsc#1115052)- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt- Rebase to 2.7 * Rather large rewrite of the SPEC file * Significantly, support for python2 removed For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt - Dropped patches: * policycoreutils-initscript.patch * policycoreutils-pam-common.patch * loadpolicy_path.patch * CVE-2018-1063.patch- Don't build policycoreutils-gui for anything suse_version >= 1500: there is no reason te believe that SLE16 will have those old, depreacted dependencies back. Fixes also the issues for Tumbleweed, where -gui was not installable.- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)sheep59 15914085503.0-1.203.0-1.20sepolgenperm_map/var/lib//var/lib/sepolgen/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP2:GA/standard/7c00ae564a0bef922e28e26599082f2a-policycoreutilscpioxz5x86_64-suse-linuxdirectoryASCII text̨"G#utf-8af2058e498b8ddecdaadee7f1f6c5cda929b26b4796db8b9b965407f37730305? 7zXZ !t/^3] crt:bLL C{.9?bhbZ]y&"Vm8XzWA_ Ap4M \v)AMTʼDyHk?U)LN8?yrǝgg+Ȝ%9Hc 7cWg41yǐK3I C;3o4Yq+$h9h?lk]~}J@OW%VFXhzSpw?]yP% }=oBIQvԆv;j ݜU?gU;rk/-uHkEz@k9hMN[:cָY|\jdP :C~@)NL(Yꎫ`3c.C~Dsִ*ݭн ?a=v/ÎE-eqWvDJ6`~* +]#$H݃^%5{Dޘ*BvCO:D 6̋W=!}6 k[9jj[wX=pGn= ĸ2PDIp>DŽyq{1F{ִsx#I,I6#:!MƸ&xjLEq2<,WX6%I-vzס{lnȝ$1fmѮ;QG3i%SDVsgapՕ "e])t*clCg#ݟkfG2sM[Q&.Qe}G5-BV\&0v: t r+hhh 8HX%1'UYD;u NHn[?$A˾!% /}tj"{z&Ӑ7Lm@ypkhn tY[аMΨL@(DV#?!Cg K\nNh&ӑ!u^Mu(q'#a>L#}8oxP{z1zoIzt)q5=C}frh c<#(z\ (л-"0óT12YEuL4[##CjǍ[ }RkdֳǯBkObJE<E0c3_4^E9j",zD%y8f jF7~;o^>>" Q.4П `ڤ\8jHA[_dsjdRȧPW" }2 #gaKmcW3hn#NjN;"]o{YD \5%n=FKD2o'&>yaN xW6Э?"[(|.CoC>p'< @v.(%J]fׁN8sh0;!(>]"" T8L?4 l۳$jfC 㕤m/u%=s l&0GBSXPOMnmX[N0AKI$Q8&XθH~O#(+{I]"+(->& i; 9+Mld?Iы04K dΛ$D& I YtJhf r_W>V6]!,+ 鼦ް;⎖9iCFs;,)jsa3&pF#3[><7ͅBG\8n0 ﮕ+Sg?@vLϹ&O&6ObP:My5Ђ,|Il:vhS(f{UJf*u**JʵЉE>n"_FN%Eo]9 I}1x?KռqPʇxԤNލ 3+XkJ(V ;˯ߩagv)o9xEжxQV}fFUL9%R{ Z?I\`X\ =ݛ7oPD~hSdއ좵^%S&h|ڎLMx<(e/qӠ^@a4mm,"1/~Ȩ𝦉zZ^+&dXS s C'оS6[YR-&dfb&S|h+BsՕHzyw+= I2atL/p: 7% (Ā)|1}tnlQJ0 2אA|iز;ח,qPJM3LpOt sKd(V͍%M{k6ldyu pR qeĊ` ;}}T3Ciaq[sO׀@{N0IOUݸH)w4Obmqf"TGtL4 "1dPL/nNJԶ +[+T%鲗#ha[OM 2t`g*GA6ʍ f%Đ&"\AS>7;fTOC>+iẜ AFwZOJH'q!.l SY?LC=?½>w⧤`/ퟂJNKku-V4ZElG´*\Fο|ڜѪ,l`cOs=uc" A ? #hW9ze=&}Kof l \{zeхP/;m}eX:T~dG9-*$I&BWwtXذ鞅Z6C: u$)&6ρhBeЌaLwѶGθe]b͜\ۉ] vN9 w3Br%ML6=:B} G(6XΚN#CR&%|~:G+.Rd=AAA|R!s2;sn4 cd̻! %TߞEj 6ݢ#qB^Q|RŝB䴑v[ Yoe`ά;NLoYQ٫"V.F4582M(݇} åŧrJΰ.H\lFP Scy-C OOPi]:>b"υK9-ޱOU/p'bp,[6CJhNX?Pn to*һ'YD*]VOa~1tiݨ ij,}^PPWK?yq('uS`1kz!6Cns!Ftl::Y=1P8|LLu~XZvTvS{knNG w˱"rGF>N54:+x﯍%oE:TܱPaè81kIF2"Gi3I%F/iPDMy]8dhm;b/