policycoreutils-sandbox-2.5-5.2>t  DH`pY`J͸/=„DpR ꓎K%Onܹ?@ɿ=laU'}B w\0_iǻm$ "|ho^RM7^XxTjYAf!C}9Sυvu /CzH<1Cxwvުe-+bRI`zSm+8RFp $Nc2Tzӯkvk!> S)6(>`:cbb64bfb7377440ad26bca9f32e78be9a00b63d8_͉Y`J͸/=„DD/=r;7r6ul:dC`I_Rx&gjB"pHÝ ~[YZBh L~wø4++M#0 ܷVO#iJJZq6)ϬlVsLFW/ѲDm`1t. (rx'Nѱu="18GxNbo<} s/ٶmg+Y Q.W=yt{^DP{d?g4>:8?8d " <  8 D P h  ,Jh(89:F4G4H4I4X4Y4\4]5 ^5Qb5c65d6e6f6l6u6v6w8lx8y8 z8Cpolicycoreutils-sandbox2.55.2SELinux sandbox utilitiesThe sandbox package contains the scripts to create graphical sandboxesY`Jbuild83cbopenSUSE Leap 42.3openSUSEGPL-2.0+http://bugs.opensuse.orgProductivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxx86_64[U큤A큤Y`JY`JY`JY`JY`JY`Jb23377520771b40bd750bc210bd5ab4a95c20b5643e4944161ef72ad89d33a780171e5621d7050003d36db4f73d2460e891060cdf738c3ae67660965e2de0f90ce5694474bb049f0bf47bf364a5220e9rootrootrootrootrootrootrootrootrootrootrootrootpolicycoreutils-2.5-5.2.src.rpmpolicycoreutils-sandboxpolicycoreutils-sandbox(x86-64)@@@@@@@@@@   /bin/bash/usr/bin/pythonlibc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.8)(64bit)libcap-ng.so.0()(64bit)libselinux.so.1()(64bit)policycoreutils-pythonrpmlib(CompressedFileNames)rpmlib(PayloadFilesHavePrefix)xorg-x11-server-extrarpmlib(PayloadIsLzma)2.53.0.4-14.0-14.4.6-14.11.2YGXWW~TZ@T @SxRRRrF@Q)@Q\QU@Q @P @P7@P|@P!@O:LO8@M~@MK@LKK[Kf@J]J;}J+@jsegitz@suse.comjsegitz@novell.comjsegitz@novell.comjsegitz@novell.comjsegitz@suse.comcrrodriguez@opensuse.orgvcizek@suse.comvcizek@suse.comp.drouand@gmail.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comaj@suse.demeissner@suse.commvyskocil@suse.czcoolo@suse.comprusnak@opensuse.orgtoddrme2178@gmail.comprusnak@opensuse.orgmeissner@suse.deprusnak@suse.czprusnak@suse.czprusnak@suse.czprusnak@suse.czprusnak@suse.cz- Added policycoreutils-version-numbers.patch by Petr Lautrbach to show version numbers of modules where they are available (bsc#1043237).- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)- removed execute permission from systemd unit file- Version 2.3 sepolgen: Add back attributes flag to fix exception crash from Dan Walsh. (drop policycoreutils-sepolgen_missing_attributes.patch) * Add -P semodule option to man page from Dan Walsh. * selinux_current_policy_path will return none on a disabled SELinux system * Add new icons for sepolicy gui from Dan Walsh. * Only return writeable files that are enabled from Dan Walsh. * Add domain to short list of domains, when -t and -d from Dan Walsh. * Fix up desktop files to match current standards from Dan Walsh. * Add support to return sensitivities and categories for python from Dan Walsh. * Cleanup whitespace from Dan Walsh. * Add message to tell user to install sandbox policy from Dan Walsh. * Add systemd unit file for mcstrans from Laurent Bigonville. * Improve restorecond systemd unit file from Laurent Bigonville. * Minor man pages improvements from Laurent Bigonville. * Ignore selevel/serange if MLS is disabled from Sven Vermeulen. * Revert automatic setting of serange and seuser in seobject; was breaking non-MLS systems. * Apply polkit check on all dbus interfaces and restrict to active user from Dan Walsh. * Fix typo in sepolicy gui dbus.relabel_on_boot call from Dan Walsh. * Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh. * Make yum/extract_rpms optional for sepolicy generate from Dan Walsh. * Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.- sepolgen: add back attributes * fixes build of selinux-policy * policycoreutils-sepolgen_missing_attributes.patch- fix issues which prevented accepting to Factory * mention the dropped patches (merged upstream): - policycoreutils-rhat.patch - policycoreutils-sepolgen.patch- update to version 2.2 * Properly build the swig exception file * Fix man pages * Support overriding PATH and INITDIR in Makefile * Fix LDFLAGS usage * Fix init_policy warning * Fix semanage logging * Open newrole stdin as read/write * Fix sepolicy transition * Support overriding CFLAGS * Create correct man directory for run_init * restorecon GLOB_BRACE change * Extend audit2why to report additional constraint information. * Catch IOError errors within audit2allow * semanage export/import fixes * Improve setfiles progress reporting * Document setfiles -o option in usage * Change setfiles to always return -1 on failure * Improve setsebool error r eporting * Major overhaul of gui * Fix sepolicy handling of non-MLS policy * Support returning type aliases * Add sepolicy tests * Add org.selinux.config.policy * Improve range and user input checking by semanage * Prevent source or target arguments that end with / for substitutions * Allow use of <> for semanage fcontext * Report customized user levels * Support deleteall for restoring disabled modules * Improve semanage error reporting * Only list disabled modules for module locallist * Fix logging * Define new constants for file type character codes * Improve bash completions * Convert semanage to argparse * Add semanage tests * Split semanage man pages * Move bash completion scripts * Replace genhomedircon script with a link to semodule * Fix fixfiles * Add support for systemd service for restorecon * Spelling corrections * Improve sandbox support for home dir symlinks and file caps * Switch sandbox to openbox window manager * Coalesce audit2why and audit2allow * Change audit2allow to append to output file * Update translations * Change audit2why to use selinux_current_policy_path - Update sepolgen to version 1.2 * Return additional constraint information. * Fix bug in calls to attributes * Add support for filename transitions * Fix sepolgen tests - Remove restorecond.service; use upstream service file - Don't provide support for sysvinit and systemd on a same system Use either one or the other- change the source url to the official release tarballs- fixed source url - removed old tarball- update to 2.1.14 * setfiles: estimate percent progress * load_policy: make link at the destination directory * Rebuild polgen.glade with glade-3 * sepolicy: new command to unite small utilities * sepolicy: Update Makefiles and po files * sandbox: use sepolicy to look for sandbox_t * gui: switch to use sepolicy * gui: sepolgen: use sepolicy to generate * semanage: use sepolicy for boolean dictionary * add po file configuration information * po: stop running update-po on all * semanage: seobject verify policy types before allowing you to assign them. * gui: Start using Popen, instead of os.spawnl * sandbox: Copy /var/tmp to /tmp as they are the same inside * qualifier to shred content * semanage: Fix handling of boolean_sub names when using the -F flag * semanage: man: roles instead of role * gui: system-config-selinux: Catch no DISPLAY= error * setfiles: print error if no default label found * semanage: list logins file entries in semanage login -l * semanage: good error message is sepolgen python module missing * gui: system-config-selinux: do not use lokkit * secon: add support for setrans color information in prompt output * restorecond: remove /etc/mtab from default list * gui: If you are not able to read enforcemode set it to False * genhomedircon: regenerate genhomedircon more often * restorecond: Add /etc/udpatedb.conf to restorecond.conf * genhomedircon generation to allow spec file to pass in SEMODULE_PATH * fixfiles: relabel only after specific date * po: update translations * sandbox: seunshare: do not reassign realloc value * seunshare: do checking on setfsuid * sestatus: rewrite to shut up coverity - removed policycoreutils-glibc217.patch (upstream fix) - added patches: * policycoreutils-rhat.patch * policycoreutils-sepolgen.patch * loadpolicy_path.patch- update to 2.1.13 - drop policycoreutils-po.patch.bz2 (updated upstream) - drop policycoreutils-gui.patch.bz2 (added to upstream) - drop sandbox init scripts (shouldn't be needed anymore) - numerous other changes- added service unit for restorecond- semanage needs python-xml and python-ipy to run- Fix compilation with glibc 2.17 (add patch policycoreutils-glibc217.patch extracted from Fedora)- updated policycoreutils to 2.1.10 - adapated patches - updated sepolgen to 1.1.5- fix seceral rpmlint errors and warnings * use /var/adm/fillup-template for sandbox * don't use /var/lock/subsys in any of init script * use set_permissions macro and add correct Requires(pre) * fix the languages to new -lang package * fix policycoreutils-sandbox Group * remove runlevel 4 from inint scripts- patch license to follow spdx.org standard- updated to 2.0.85 * changes too numerous to list- fix a typo in the package group- remove usermode-gtk from Requires of -gui subpackage- remove incorrect and unnecessary rpmlintrc.- fix build by moving _GNU_SOURCE define (gnusource.patch), thx darix- updated to 2.0.79 * changes too numerous to list- disable Requires usermode-gtk- added libsepol-static-devel to BuildRequires- updated to 2.0.62 * Add btrfs to fixfiles from Dan Walsh. * Remove restorecond error for matching globs with multiple hard links and fix some error messages from Dan Walsh. * Make removing a non-existant module a warning rather than an error from Dan Walsh. * Man page fixes from Dan Walsh.build83 14994828082.5-5.22.5-5.2seunshareseunshare.8.gzsandboxsandboxX.shstartsysconfig.sandbox/usr/sbin//usr/share/man/man8//usr/share//usr/share/sandbox//var/adm/fillup-templates/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:Leap:42.3/standard/157e80fe3e2edd947dccf43f7c8f2c2c-policycoreutilscpiolzma5x86_64-suse-linuxsetuid ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 3.0.0, BuildID[sha1]=bad3780864612e8fc8ed63dade6b532f8f650c25, strippedtroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)directoryBourne-Again shell script, ASCII text executablePython script, ASCII text executableASCII text RRRRRR RRRRr4hg?`] crv9uhЉGfqDa5#Ox|$-)5XM̴kfQgEuG2v; 1f@.zm! ܩ7 {xxCYwG@~~l!Ւ7F#쌇1wX 5|&#Kc_,M]a%M`Cg (RFR#AI+ַ)T@'Hjy!Ub?mssfhCOϚ\h&9BTYAj_"5'UI;INPڲ_[&Kד JS#`k \ۿ}ڤl&t7u<w#~fN*'?cJϛsf:ˠZxl@fm%A*Br@^luYklw|˦2gZA'c+Tyʳ.p\ek) +oצ[ޟqA4` a,8;+ ]x@n"F-]w[-,ƭM  4TVDžmP5G?q;7e~l8tl= wH=h;ScGX*pf4jcQo=@jdt&'Mhq_EDSp}Ygm6]6 D[Fx\#\O'Tqښ `W hw=Ξ5\o8y iF B3{zR($$7,Rf@IDݽ[VKe5g3ݗYorT%(:.b,D6ƭ[:D?sJ_goS~2.Rpr'8UfACw.@o+]@UuXrɚ|җ& <_.z4WyT*is߯Dr! 3NÑ]鶗*r9p`?u]89{$0W=o|\hYV~/bɠGI]D.E-݇24'!Hz^N5 ym,ͫ+_ҁ'JU#A:I;O+I5m#J䏞kG[QAm*8|4"<5E71}a $w%YmEѺ8:PѼ5W[ü%`uYA%T<$d&r! |*[~D iSl#-G6vŗR}RЉ\,.aFSDj"܏2't = s9"aFQ?@pC"a%Mt@؊Ś<7iv-Mvs2Ϟfr8~ x'2WTy`}]zC):>tW٨7 ՃNnmrٔ(wmrxqZ_n; q,4ԝRG32`| #M!wT}1u>S*!G{8k/UT"f|ӂ,aw{ Mo2VL<9;p~C3NfToDo_?8! 8ℼIJs|?Debd4>S|$W^]t pB r#>L1X1XuhVTK PoXgJLRvce:4ֈ}Lt }3FSSh?+Φ}[r5r1ESr4 |d;TpC=5/e,7pcy?vySoX% ksxpY*|'+VaTy$T~|! 0Ó@H=3ȷu5j(JpYd\}([TBޗz[oA4ieuM{Mel-S@[Р=Dm¶y(KۃK<{# m fpl҇`j t^^1}7b8۰<>s7S MLWr9lA+s29)A(eae/ G%73t(| r8Vj] gX6̸_9#NTL*ќ)TPiufB/*ŊL{"q =m,E}P׀`YS2j%lyV80"c%}iSɠ^gBzgc4><=ɁOlӷγLzyƅdIfmC|F&u ild Y(YN@:;Z_Qpc = hnFmtJור4XSac ;L_F_5qWsgrpvk"i21>U@ҴF&v}" nbo08h#FY%~VJ[YjƂU7gDJC%&-M r3>Gn"^p%$aۜŪ|MGBo0HwqJ~ddQTڽ*&AsvF} cn1w/ogs2qɂ ĩLѻu{]Z&d0 ',8bjXw;e,v֠pU>{,]' > ?XPml3ZEpbp KL4v9BG:V 2'7;4wuI'fB0 iǡz,Eev1Eu@ꁸ>>CwS&5J"OYR[ȝA,οpUUY!) :nˏ(18K`R XTN߿UiiLIDxgO! & cCR;>$T#٬DanN2աB83$GfBjn2ޟExȌ $qٱ;y[ZY`˾~gVCh%hGCmbN5+Y[.YvgS Ztˢ*YqD C+Tϩ~nq9须!A:oG޿ "xLdZeo򨻾yUFxwX9'ry>Rv݂( _s8 ^t+_ $HSO_q愞2*63H.9p0kn ){EE`:Pv"lpsH|~qjɛfn֪Ċ!%(A U=!2/Ucm[ޖϤEz*R@=s-̎ DDC[R=PD>4YoP jOf[j(vMq:DtqxX4:U}2eXt tیꏈfc%썹&jLZf}B փ]y^@@%˜i:2ްoߎ^;Wp,w{JDQͅ=J=+`l*6~ $F]IknA}hͥ ^̥wBj޺ljM7rͰSVvgP@sl^Ҭd?팑égI Ȕ츦 K@A^@&wQ脹qp t2Z7:i=oұ݆yfEXv0O#2Y](LJ7S9<kp7^:'%ܕ-s{~'Sʳ7ޕߘ%Q0!&g!xE;\>p2 S&),0ltU m]vW.cZ7xlܬ8>'(N OSz,ɢm> R>whs |"DqYTPJ9 ޭ ) . LYwOsyYX"_}tV/+=\}ϛj5醤OTlzsѢ4L${L59)9%[ ^CJ0Pޠcp,aʾpGF$v.3U ΟUG1T 0HXj9ZۯUoR!}#+C~ĈGOyCFZHRKkѣ MQ2F iɉp .w1sqϔ/j?HC^溯ʹc PE.;Մ0I"6Pg@PL sI@"\]T^J'ƴT%Gfm^M~qf2a"+`:e-s*zt ,+1@` XJw?VMbY1J㱚&XfSD$Xa$foIB'~I> ybAgէ_ %q{2}{Hy": ^:I:vYyR2jE"i o%Ȣ(L{\um4,uPSKHC %0o[D(W*5ab;[ng]뒂WB΍bJ1ҥa`ثL |3,y ]w~T=%}\[cOXzH/%1~G5tO]tRRibɣ'aE`b={Z]o%Ku|U _e1O*ccq!![諠S-p<Ų='Qx0,][(0A gQ9QDp7NU _zMܪI!zjj;hJIb@ƚPR[NW0Y5R:=$dA@  WM|(<c"{BV6d|3xyg?ãDڭͮ>X5ϥ Z_uЯ5nUu]CGvC-T`>liXWiPN`Qj%";HA=ccA7;~D֨ѠlNARj\QFvZ)|h=]^[k(2@A<eb}?.@7/Kl qXv oڽT?ml/T K jpmbfZ0lEHҵ|xESeg4VXKń$ޏd)w!$㩤zw:]:ԁcg=ŏJMlܹ#bL<Zwr?VCsjl %΀Ymd]갺ш4A%`:Wr4khp5QGcv)< Q+ǶuN Ips[i %5)ʖoÝd@7ٴ.[ jBjHbZW)jU:R7B< _aD!$c {2peeؿ5eyBA9+{OUMuyD(VO>3l %u(l?z Nw_Ӳ|(ăe HeZbK"A*+s}":&>!~ى@g̮i6ˆ4-xM=SԥqoGVPkU; m;\A|&tf< v;0FxƯ.Bm