[PATCH] python/sepolgen: Try to translate SELinux contexts to raw

This allows sepolgen to generate policy from AVC messages that contain contexts translated by mcstrans. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1356149 Signed-off-by: Vit Mojzis --- python/sepolgen/src/sepolgen/refpolicy.py | 5 + 1 file changed, 5

Re: [PATCH] python/sepolicy: Fix type for cgi scripts

On 04/06/2018 08:49 AM, Vit Mojzis wrote: > The type generated by apache_content_template macro for cgi scripts > changed from httpd_$1_script_t to $1_script_t. > Update sepolicy accordingly. > > Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1271324 This seems to be a change only present in

[PATCH] selinux-testsuite: convert the README to markdown (README.md)

From: Paul Moore Also better integrate the InfiniBand instructions into the document. Signed-off-by: Paul Moore --- README| 191 - README.md | 220

[PATCH] selinux-testsuite: add some additional comments to the IB configuration files

From: Paul Moore The biosdevname and systemd/udev predictable network interface name efforts have changed how network interfaces appear using the ip/ifconfig tools. Add some additional guidance to the Infiniband configuration files to help make the device/port information

Re: [PATCH] python/sepolgen: Try to translate SELinux contexts to raw

On 04/11/2018 05:26 AM, Vit Mojzis wrote: > This allows sepolgen to generate policy from AVC messages that contain > contexts translated by mcstrans. > > Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1356149 Not friendly to cite a non-public bugzilla. > > Signed-off-by: Vit Mojzis

Re: [PATCH] python/sepolicy: Fix type for cgi scripts

On 04/11/2018 04:26 PM, Stephen Smalley wrote: > On 04/06/2018 08:49 AM, Vit Mojzis wrote: >> The type generated by apache_content_template macro for cgi scripts >> changed from httpd_$1_script_t to $1_script_t. >> Update sepolicy accordingly. >> >> Fixes:

Re: [PATCH ghak47 V1] audit: normalize MAC_POLICY_LOAD record

On Mon, Apr 9, 2018 at 7:36 PM, Richard Guy Briggs wrote: > The audit MAC_POLICY_LOAD record had redundant dangling keywords and was > missing information about which LSM was responsible and its completion > status. While this record is only issued on success, the parser expects

Re: [PATCH ghak46 V1] audit: normalize MAC_STATUS record

On Mon, Apr 9, 2018 at 7:34 PM, Richard Guy Briggs wrote: > There were two formats of the audit MAC_STATUS record, one of which was more > standard than the other. One listed enforcing status changes and the > other listed enabled status changes with a non-standard label. In >