policycoreutils-sandbox-2.6-5.3.8 4>$  Ap\p9|L"|j_B8%XuºYz-S8J 4ASP>yDKIы7fSMJSMgfnbb|jB{iB}d4mQ//vܗ+*ve*WOqbց6lfVC5H_v+!"_ Mcݨ0z11X':!ޗ/Y:Lm/\S')yMh:]ǺV.j=H2A N75d74e76e8688f655670001959a86234acfce9f8b3d94d6f2c56018098f6807c9482b2c485bfb61ace69244c93a864c8df8c7f55M\p9|e5H-l pVbo3$dtkuOs$s1n< Q6CO7p>%@?%0d $ > 9?H` l x   0Tlb(89:F HG \H tI X Y \ ] ^! b!jc"d"e"f"l"u"v"w$xx$y$ z$$$$%,Cpolicycoreutils-sandbox2.65.3.8SELinux sandbox utilitiesThe sandbox package contains the scripts to create graphical sandboxes.\@sheep62bwSUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/Productivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxx86_64ZU큤A\9\4\4\4\4\46dffefdf13d7960bcfa3e362b529d8947cae934bec349283ab11d2b4ee1b826df876fde286ac4e87b1ac7030de42180d60ecca1f08d1a62d0d529b70f13703bf729cb2a09fc5caf38d1b5e5f4160f6aa87965b365e75bfe9725b2230a9fdb663848c661eb93adfb914b2001bee730cb3e8b7858c654c2dfce4557001f659b57df28875cd3f94441ae8b7a40acc8385c7f029bb082df70253a7b308088ef5d0e4rootrootrootrootrootrootrootrootrootrootrootrootpolicycoreutils-2.6-5.3.8.src.rpmpolicycoreutils-sandboxpolicycoreutils-sandbox(x86-64)@@@@@@@@@@    /bin/bash/usr/bin/pythonlibc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.8)(64bit)libcap-ng.so.0()(64bit)libselinux.so.1()(64bit)policycoreutils-pythonrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)xorg-x11-server-extra2.63.0.4-14.6.0-14.0-15.2-14.14.1\e\|Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@jsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.com- Add a Requires for policycoreutils-python to policycoreutils, so that the expected binaries are present (bsc#1130097) - Add Requires for python2-setools, python-enum34, python2-setuptools and python2-selinux to policycoreutils-python to ensure that it has all dependencies met- Add Requires: for policycoreutils-python. policycoreutils-python contains binaries necessary for SELinux administration. Packaging is suboptimal here, it's already changed in newer versions. For now we we just require it to ensure users have the binaries they expect (bsc#1130097)- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)sheep62 15591404162.6-5.3.82.6-5.3.8seunsharesysconfig.sandboxseunshare.8.gzsandboxsandboxX.shstart/usr/sbin//usr/share/fillup-templates//usr/share/man/man8//usr/share//usr/share/sandbox/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:10737/SUSE_SLE-15_Update/a7bd6360a95fbfcc13edb80f599b0691-policycoreutils.SUSE_SLE-15_Updatecpioxz5x86_64-suse-linuxsetuid ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.2.0, BuildID[sha1]=4e27a10fba66a0a87c026287801e97b60cf98f7f, strippedASCII texttroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)directoryBourne-Again shell script, ASCII text executablea /usr/bin/python -Es script, ASCII text executable RRRRRR RRRRv'{GUu,$Eutf-895494c166ba92d587076a09c3ada79fab389f9026f098393c090f4728114708a? 7zXZ !t/fO#] crv9ubwv,6Qӭ.MjtQ^{ReQK7_-7K}%2v T5*O~_{9ZNWCNhL;F@RCH0 "CBna2b`G`i˗nS&Nj #Ɔ`7?CoK #W|[5;.L2> 3vCilc<וi4μq=DEo@p<>f A"hVj$PF؞Q"xÅ^NPdV bX|5<,޺JA7KQ T 6PpC&*& `a_'W~[eC忞06]DW o#J9TTr}-噢o W8:؈@5F|a$͠w9s;9OaG!`݊UDC8>Q\F2B1ˈ%W[!8'nR:H~ۀ$ʼ-IxHUkmX7$|8ЋWC$TL}ZoAQ9ZJ=TkF?m6jdGGЈ)B?Ŝrn:[beien-\岤6NlwǝEy#^iVHG#B /L)-r"6f{kE;NTY:]1)V z@wP=K١8jq.sG*#'ȁ3LjR3׎֨Gg i-ղFX[}.6xY;%ho E'fm"UJ!T΂ATVMuU@u*IlCRTޫ\VӴQĦ0RvK{[mZ~h^3-UQ/4[/^YrZ::=JEC:kZYQh$k!1G:ڳUUxFONtLjc=zQqIo֑gHuJ?më9x- ukSt_pa:2){ա^HaIKJ!@-Qh%HrAvee K&70muig֨xw8-4k*VevCzˊ+fXx /u{Ni(g!@UZPVī3xq)Boϓл94W/͍ьvZiL!@> =bboݠ@uNa 2&2oB%wylrǧ |fݞ r;)h엟k:+$C E*6ҮڎY 6JF8דn=-_z?=}K-$Z\O4 +MhcJR<1@ _:HD0H &J89cr] *3iTik" q a6z'&%cEljDs~%SC)kAU*@ CAM>7;TvP9sOd v bJ(WgN n~3uo)TTv8ջi_=5~'χ`QޚڳsDmX8RS3[E#t`Z\xirG.t3$2Ws(a:Qr;jז%0EyE!RFk*]:/X*<'EeNeAn ;U܈ b4@ + A5SdRTfRj >RF'l)EA`WW.(E5RGYGE|t}ν]R+@?0BxZTHlJK҈=3}@2Ʒ9n 2ByH |q, #*Ι}ISEi=[..nQbfYAmތ/FCT[M$ň쳩~qV#9RobxNKW>FA@yi&.HX5b7ErAPǴx)!Hk9wӌgW8X4cOSíչ hς6ytAe jXL},9dixF%U> |z}Z(+ G#nv?bV:su^9MYvv4^NHF2%j+dDGc(~'HjD"F,eauTJ<>tUpvGO #6oOU`oL&Ђq{wvJgsE+YbCآpl/<pS 8ڻ@H.>1r%c`!:)6+Hq+F=Cu|Y[HݼuL<3dLXvڀt>ڊ6e"$gHMڢQ ubؿ-}ѦrbXLF\2u WtK!C7ˇO"|DFIŨ﹈i^l^P2ud ?`lo~cw!]Ił|q$;y%(0OU 됲^_?ٕ@\lM! 㢦hޚ=Y v-+wA[u`5h.%]QY$ږPϏOr稍9{yp j?p.J+#)ãӑU.LQRJҎ _IDyD *J͇END3,\I;B:Zm,"A3Do_T^cBW<|PM]Zy@:QF[ݍou!fQsCh ?zZЃYQ" 1&یIجьۘ,Ű ~ʻrK=zT%` AG׬> V*v;]&0/'7!.MD6 B{bk#D}A)^J{&^c^O$*cEC(.ή;i4\d2yX[jj`5G[5ͽS/>a)!r`J3b~!~ hc + T"OΥ2 :hFVȕ!ل_`8Q"$ Z [txtՐ+gc*("v̩#X]orA#Dx2ѸZ$ʺ#Z5 "ORB[2ǎ=2֯ԑ++{Ԣ9w8IT 9"&^AKrZj1F4t'YjLַC` YSJ\q ˂x}z@U XZf&kQ)gX=o<,'dc'DwD݆&czt"Y0J8,ЃIk|O /d<wŁTP+_ChsN<pG58hIXGEuGX|p 2늿jަLBexzdִ'G)5#FgnV5Z,r,7AgEG檳 ? d(is~q=i.~N1>c#|fbЄyo]/Y9 &bvq>;m gjw]CET*gz ^Nv?0+e<k,.H$hmcwDc7vo-_E۬벞qz c~FPfC9&bt~⟓Үvxf_eD=)E5~B?P lP"׮g'M~I.ʐ#"( ^B0@pWÞĕ8=.qp_%)3tP|䖵T[@W[艧TN?@.u&]ebW-Is"SޱM}>+qsXӀV_vDj?>}~לr'hF+*~*z$m.=_?{RpWB/}\h*5ó*E(ֈU( 8(dFKr{=OcJ߱3шMc^n}YlЬ&IGfPqLW%a0֑lp(;6E4٥MG|dN?SNf9΁rNb9R>G~/hX?$,p6y=M0hSg`ӧ2' s{Ggۄȴ9qNM&y%TAf  k 8ʖ_ι5eO //$+TiC|٩shVձKi]r4 0GrK:$X݃ܜ=w 7=L"B)hJkN Dd.^Ī൒1Yjy :l{)|˗7K"" YDrp_W¤ QuE)vN`XGkAS 6~Id?I%LX^ӟ|08DQ&lg-,j,ݶ8V3:*x91SC8(TI 33wx@wl*f E;BAa*ϱ xMhԷF2{%6*%X˩ڛ"Ct ={mQ;fޅ^fk8 }k;Ou%8D̰8VZ5c}e֒R٢P&QO:],kM%1}3B#<>q>C,O:܋EHسÊ=$BWzmrP\ɽfcɧ225F/1cR}k\`Lϒ #zkY+>̿txd%_#PuW h#­y|3 ԭG:_7@lOv!$jW5|OqkB~@/Rʋ,JkDh\EaIM ` &ڔC)|WedR$nP|A҂<4eQ` qI|zX5V6({_Y`g{{F-M!xlg&:MA<۴p3~|icV$y*z!L@QU{tMz8[L/o{U-H(b77" "fˁER 6 CzgPl'.XX՞zT;9Ցۜ H4d5HkIo9>J1.^Wvߑwcj@2&v7pפAo,kL~`Z[xɈYpy(`#;6#켖4G?&w TdHU</f{c<`H5勖@d:v9 G;6u4ZM^8{yuprI1p]9bi.ѺT'ƈ!s Z.)3:S=.{=4m^Ժw<AQ)0ss(:n9;:'oSCT; vJQ:$]fD zKkvּ/#Dת7qۢ>@!{9_*nlQ% }'!1~ 漸9