Skip to content

SELinux userspace release 3.8

Latest
Latest
Compare
Choose a tag to compare
@bachradsusi bachradsusi released this 29 Jan 19:16
3.8
71aec30
This commit was signed with the committer’s verified signature.
bachradsusi Petr Lautrbach
GPG key ID: CDCAE8C927C6BE31
Verified
Learn about vigilant mode.

RELEASE 3.8

Important change:

The internal representation of file_contexts.*.bin files is completely
rewritten and new format stores all multi-byte data in network
byte-order, so that such compiled files can be cross-compiled,
e.g. for embedded devices with read-only filesystems.

User-visible changes

  • libsemanage: Preserve file context and ownership in policy store

  • libselinux: deprecate security_disable(3)

  • libsepol: Support nlmsg extended permissions

  • libsepol: Add policy capability netlink_xperm

  • libsemanage: Optionally allow duplicate declarations

  • policycoreutils: introduce unsetfiles

  • libselinux/utils: introduce selabel_compare

  • improved selabel_lookup performance

  • libselinux: support parallel usage of selabel_lookup(3)

  • libsepol: add support for xperms in conditional policies

  • Improved man pages

  • Code improvements and bug fixes

  • Always build for LFS mode on 32-bit archs.

  • libsemanage: Mute error messages from selinux_restorecon introduced in 3.8-rc1

  • Regex spec ordering is restored to pre 3.8-rc1

  • Binary fcontext files format changed, files using old format are ignored

  • Code improvements and bug fixes

Assets 33
Loading