From Fedora Project Wiki
(initial version) |
No edit summary |
||
| Line 103: | Line 103: | ||
== Scope == | == Scope == | ||
* Proposal owners: | * Proposal owners: | ||
** Update SELinux userspace packages - libsepol, libselinux, libsemanage, policycoreutils, checkpolicy, secilc | |||
** Update setools to setools4 | |||
<!-- What work do the feature owners have to accomplish to complete the feature in time for release? Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?--> | <!-- What work do the feature owners have to accomplish to complete the feature in time for release? Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?--> | ||
| Line 140: | Line 142: | ||
3. What are the expected results of those actions? | 3. What are the expected results of those actions? | ||
--> | --> | ||
1. https://fedoraproject.org/wiki/Category:Package_policycoreutils_test_cases | |||
2. seinfo, sestatus, sesearch tools | |||
<!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | ||
| Line 164: | Line 170: | ||
* Blocks release? N/A (not a System Wide Change), Yes/No <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | * Blocks release? N/A (not a System Wide Change), Yes/No <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | ||
* Blocks product? product <!-- Applicable for Changes that blocks specific product release/Fedora.next --> | * Blocks product? product <!-- Applicable for Changes that blocks specific product release/Fedora.next --> | ||
Revert shipped changes. | |||
== Documentation == | == Documentation == | ||
<!-- Is there upstream documentation on this change, or notes you have written yourself? Link to that material here so other interested developers can get involved. --> | <!-- Is there upstream documentation on this change, or notes you have written yourself? Link to that material here so other interested developers can get involved. --> | ||
* https://marc.info/?l=selinux&m=147646050027049&w=4 | |||
* https://github.com/TresysTechnology/setools/wiki/Changes-Since-SETools-v3 | |||
<!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | ||
| Line 177: | Line 188: | ||
Release Notes are not required for initial draft of the Change Proposal but has to be completed by the Change Freeze. | Release Notes are not required for initial draft of the Change Proposal but has to be completed by the Change Freeze. | ||
--> | --> | ||
SELinux userspace was updated to 2.6 release. SETools was updated to 4.0.1 release. | |||
[[Category:ChangePageIncomplete]] | [[Category:ChangePageIncomplete]] | ||
Latest revision as of 15:05, 5 January 2017
SELinux userspace release 2.6 and setools4
Summary
The new SELinux userspace 2.6 release and setools4 with several improvements and changes are available.
Owner
- Name: Petr Lautrbach
- Email: plautrba@redhat.com
- Name: Vít Mojžíš
- Email: vmojzis@redhat.com
- Release notes owner:
Current status
- Targeted release: Fedora 26
- Last updated: 2017-01-05
- Tracker bug: <will be assigned by the Wrangler>
Detailed Description
SELinux userspace release 2.6
SELinux userspace release 2.6 provides lot of fixes several improvements
- sepolicy was converted to use setools4. setools3 is no longer being developed. setools will be updated to setools4 together with this change.
- genhomedircon enhancements
- supports generating home directory contexts for login mappings using the %group syntax
- new templates %{USERID} and %{USERNAME} were added
SETools 4.0.1
SETools has been reimplemented in Python. The following tools were reimplemented:
- apol
- sediff
- seinfo
- sesearch
The following tools were added:
- sedta (command line domain transition analysis)
- seinfoflow (command line information flow analysis)
For an overview of the user interface changes since SETools 3.x, see the related wiki page https://github.com/TresysTechnology/setools/wiki/Changes-Since-SETools-v3
Benefit to Fedora
It's always beneficial to have latest software in Fedora.
Scope
- Proposal owners:
- Update SELinux userspace packages - libsepol, libselinux, libsemanage, policycoreutils, checkpolicy, secilc
- Update setools to setools4
- Other developers: N/A (not a System Wide Change)
- Release engineering: N/A (not a System Wide Change)
- List of deliverables: N/A (not a System Wide Change)
- Policies and guidelines: N/A (not a System Wide Change)
- Trademark approval: N/A (not needed for this Change)
Upgrade/compatibility impact
N/A (not a System Wide Change)
How To Test
1. https://fedoraproject.org/wiki/Category:Package_policycoreutils_test_cases 2. seinfo, sestatus, sesearch tools
N/A (not a System Wide Change)
User Experience
N/A (not a System Wide Change)
Dependencies
N/A (not a System Wide Change)
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
- Blocks product? product
Revert shipped changes.
Documentation
- https://marc.info/?l=selinux&m=147646050027049&w=4
- https://github.com/TresysTechnology/setools/wiki/Changes-Since-SETools-v3
N/A (not a System Wide Change)
Release Notes
SELinux userspace was updated to 2.6 release. SETools was updated to 4.0.1 release.