debian/0000755000000000000000000000000012234763340007172 5ustar debian/changelog0000644000000000000000000002200612234763340011044 0ustar sepolgen (1.2.1-1) unstable; urgency=low * Team upload. * New upstream release * debian/control: - Bump Standards-Version to 3.9.4 (no further changes) - Use canonical URL for VCS-Git field * Drop d/p/0001-sepolgen-Properly-set-the-user-local-before-calculat.patch: Proper fix has been applied in policycoreutils 2.2 -- Laurent Bigonville Fri, 01 Nov 2013 18:37:26 +0100 sepolgen (1.1.9-2) unstable; urgency=low * Team upload. * d/p/0001-sepolgen-Properly-set-the-user-local-before-calculat.patch: Properly set the locale when calculating the bootdate (Closes: #677829) -- Laurent Bigonville Thu, 09 May 2013 22:07:17 +0200 sepolgen (1.1.9-1) unstable; urgency=low * Team upload. * New upstream release * debian/control: Add Homepage field -- Laurent Bigonville Thu, 09 May 2013 20:30:18 +0200 sepolgen (1.1.8-1) experimental; urgency=low * Team upload. * New upstream release - Drop d/p/0001-fix-detection-of-policy-loads.patch, applied upstream * debian/gbp.conf: Change default git-buildpackage build-directory and the debian-branch to "debian" instead of "upstream" * debian/watch: Fix watch file URL -- Laurent Bigonville Wed, 26 Sep 2012 18:24:21 +0200 sepolgen (1.1.5-3) unstable; urgency=low * Team upload. * Bump python-setools dependency to >= 3.3.7-2 -- Laurent Bigonville Tue, 20 Mar 2012 19:39:48 +0100 sepolgen (1.1.5-2) unstable; urgency=low * Team upload. * Move to dh sequence and dh_python2 * debian/control: - Bump Standards-Version to 3.9.3 (no further change) - Restructure long description and remove leading article of short description to please lintian - Drop C/P/R for sepolgen binary package, it's gone for a long time - Add python-selinux and python-setools as build-dependency - Add python-selinux and python-setools as dependency (Closes: #662600) - Update Vcs-* fields - Put the package under Debian SELinux team maintenance * Switch to dpkg-source 3.0 (quilt) format * Add debian/gbp.conf file -- Laurent Bigonville Wed, 14 Mar 2012 23:07:45 +0100 sepolgen (1.1.5-1) unstable; urgency=low * New upstream version, adds support for filename trans and some small fixes. -- Russell Coker Tue, 28 Feb 2012 16:48:11 +1100 sepolgen (1.1.0-1) unstable; urgency=low * New upstream release for version bump -- Russell Coker Tue, 30 Aug 2011 15:28:37 +1000 sepolgen (1.0.23-1) unstable; urgency=low * New upstream release + Fix unit tests from Dan Walsh. + improve parser error recovery from Karl MacMillan. + Add since-last-boot option to audit2allow from Dan Walsh. + Fix sepolgen output to match what Chris expects for upstream refpolicy from Dan Walsh. + Add dontaudit flag to audit2allow from Dan Walsh. + fix sepolgen to read a "type 1403" msg as a policy load by Stephen Smalley -- Manoj Srivastava Sun, 28 Mar 2010 10:31:28 -0700 sepolgen (1.0.18-1) unstable; urgency=low * New upstream point release. Add support for Xen ocontexts from Paul Nuzzi. -- Manoj Srivastava Thu, 15 Oct 2009 23:28:53 -0500 sepolgen (1.0.17-3) unstable; urgency=low * [a1816e2]: [topic--audit-msg-fix]: fix detection of policy loads Originally audit2allow used the avc: allowed message generated by auditallow statement for load_policy to identify policy reloads. Later it was switched to use the MAC_POLICY_LOAD events generated by the audit framework. Those events should still get logged via printk if auditd is not running, but it appears that the code (audit_printk_skb) will then log the type= field as an integer rather than a string, and audit2allow/sepolgen only looks for the string MAC_POLICY_LOAD. So I suspect that this would be resolved by modifying sepolgen/audit.py to also match on type=1403 for load messages. Bug fix: "audit2allow -l doesn't work", thanks to Russell Coker (Closes: #503252). -- Manoj Srivastava Wed, 14 Oct 2009 02:42:59 -0500 sepolgen (1.0.17-2) unstable; urgency=low * [8ed32c1]:policycoreutils, sepolgen (sepolgen-ifgen) issues I am running into an issue with sepolgen. Debian ships more than one version of the refpolicy, a default one, and a MLS enabled one. So, the include files live in either /usr/share/selinux/{default,mls}/include sepolgen (in src/sepolgen/defaults.py) sets refpolicy_devel() to a single location -- and thus, only one version of the security policy may be supported. So, sepolgen-ifgen from policycoreutils can only work with one policy, which may not be the one installed on the target machine. Could this be made configurable, somehow? As far as I can see, sepolgen's python library does not offer any way to set the value. This change fixes that. Now you may set the path to look for development headers in /etc/selinux/sepolgen.conf, in the variable SELINUX_DEVEL_PATH. The builtin default will have it work on Debian and fedora machines out of the box. Bug fix: "sepolgen-ifgen fails", thanks to Martin Godisch (Closes: #534305). -- Manoj Srivastava Sun, 23 Aug 2009 12:57:50 -0500 sepolgen (1.0.17-1) unstable; urgency=low * New upstream point release + Fix typo in RoleTypeSet from Marshall Miller. -- Manoj Srivastava Sat, 20 Jun 2009 18:04:02 -0500 sepolgen (1.0.16-1) unstable; urgency=low * New upstream release + Convert sepolgen to using hashlib instead of the deprecated md5 module from Dan Walsh. + fix to return length of role dict for len(roles) from Dan Walsh. Bug fix: "python2.6 and python-sepolgen", thanks to Kees Cook Patch incorporated upstream. (Closes: #525197). + fix multiple gen_requires block generation from Dan Walsh. * [e171cfe]: Updated standards version. no changes. -- Manoj Srivastava Mon, 15 Jun 2009 14:30:39 -0500 sepolgen (1.0.13-1) unstable; urgency=low * New upstream release + Only append s0 suffix if MLS is enabled from Karl MacMillan. + Fix generation of role-type and role allow rules from Karl MacMillan. -- Manoj Srivastava Mon, 09 Feb 2009 23:31:58 -0600 sepolgen (1.0.11-5) unstable; urgency=low * Bug fix: "Python errors during upgrade", thanks to Frans Pop This is a serious bug. (Closes: #499087). * Bug fix: "typo in package description", thanks to Andreas Juch This is a documentation bug with a one character fix. (Closes: #495595). -- Manoj Srivastava Tue, 16 Sep 2008 01:53:54 -0500 sepolgen (1.0.11-4) unstable; urgency=high * Include patch from Jan Hülsbergen to fix module naming. Closes: #487212 * This patch is necessary for full SE Linux functionality in Lenny. -- Russell Coker Wed, 30 Jul 2008 08:03:00 +1000 sepolgen (1.0.11-3) unstable; urgency=low * Record the fact that this package has moved to a new git repository. * Move to the new, make -j friendly targets in debian/rules. -- Manoj Srivastava Mon, 02 Jun 2008 09:53:56 -0500 sepolgen (1.0.11-2) unstable; urgency=low * Change the name of the binary package, since this is a pure python library package, and that is the nascent python convention. Also, Ubuntu has named it python-sepolgen, so here goes for cross distribution cooperation. -- Manoj Srivastava Thu, 03 Apr 2008 01:25:45 -0500 sepolgen (1.0.11-1) unstable; urgency=low * New upstream release * Merged sepolgen fixes from Dan Walsh. -- Manoj Srivastava Tue, 18 Mar 2008 02:01:32 -0500 sepolgen (1.0.10-1) unstable; urgency=low * New upstream release * Expand the sepolgen parser to parse all current refpolicy modules from Karl MacMillan. * Suppress generation of rules for non-denials from Karl MacMillan (take 3). -- Manoj Srivastava Wed, 06 Feb 2008 14:11:08 -0600 sepolgen (1.0.8-1) unstable; urgency=low * New upstream SVN HEAD. + Merged patch to discard self from types when generating requires from Karl MacMillan. + Merged updates to sepolgen parser and tools from Karl MacMillan. This includes improved debugging support, handling of interface calls with list parameters, support for role transition rules, updated range transition rule support, and looser matching. -- Manoj Srivastava Sun, 6 May 2007 17:49:44 -0500 sepolgen (1.0.6-1) unstable; urgency=low * Initial upload of python libraries for SELinux policy parsing and generation. -- Manoj Srivastava Fri, 20 Apr 2007 08:44:22 -0500 debian/compat0000644000000000000000000000000212234763340010370 0ustar 9 debian/control0000644000000000000000000000264412234763340010603 0ustar Source: sepolgen VCS-Git: git://anonscm.debian.org/selinux/sepolgen.git VCS-Browser: http://anonscm.debian.org/gitweb/?p=selinux/sepolgen.git;a=summary Priority: optional Section: python Maintainer: Debian SELinux maintainers Uploaders: Manoj Srivastava , Russell Coker Standards-Version: 3.9.4 Build-Depends: debhelper (>= 9), python (>= 2.6.6-3~), python-selinux, python-setools X-Python-Version: >= 2.5 Homepage: http://userspace.selinuxproject.org/ Package: python-sepolgen Architecture: all Depends: ${python:Depends}, ${misc:Depends}, python-selinux, python-setools (>= 3.3.7-2) Description: Python module used in SELinux policy generation This package contains a Python module that forms the core of the modern audit2allow (which is a part of the package policycoreutils). . The sepolgen library is structured to give flexibility to the application using it. The library contains: Reference Policy Representation, which are Objects for representing policies and the reference policy interfaces. Secondly, it has objects and algorithms for representing access and sets of access in an abstract way and searching that access. It also has a parser for reference policy "headers". It contains infrastructure for parsing SELinux related messages as produced by the audit system. It has facilities for generating policy based on required access. debian/rules0000755000000000000000000000016012234763340010247 0ustar #!/usr/bin/make -f #export DH_VERBOSE=1 %: dh $@ --with python2 override_dh_auto_test: $(MAKE) test || true debian/watch0000644000000000000000000000012512234763340010221 0ustar version=3 http://userspace.selinuxproject.org/releases/(\d+)/sepolgen-(.*)\.tar\.gz debian/gbp.conf0000644000000000000000000000023312234763340010607 0ustar [DEFAULT] debian-branch = debian upstream-branch = upstream pristine-tar = True [git-buildpackage] tarball-dir = ../tarballs/ export-dir = ../build-area/ debian/source/0000755000000000000000000000000012234763340010472 5ustar debian/source/format0000644000000000000000000000001412234763340011700 0ustar 3.0 (quilt) debian/copyright0000644000000000000000000000373112234763340011131 0ustar This is the Debian package for sepolgen, and it is built from sources obtained from: http://www.nsa.gov/selinux/ This package is maintained by Manoj Srivastava . The debian specific changes are Copyright © 2007-2009 Manoj Srivastava, and distributed under the terms of the GNU General Public License, Version 2. sepolgen is Copyright © 2006, 2007 Red Hat. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 dated June, 1991. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-2'. A copy of the GNU General Public License is also available at . You may also obtain it by writing to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. sepolgen also contains parts which are Copyright © 2001-2006, David M. Beazley, and are distributed under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. On Debian GNU/Linux systems, the complete text of the GNU Lesser General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'. A copy of the GNU Lesser General Public License is also available at . You may also obtain it by writing to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Manoj Srivastava arch-tag: d4250e44-a0e0-4ee0-adb9-2bd74f6eeb27