libselinux-ruby-2.9-8.el8 > 6 6_6 3!pQp)Tξ7]mtZ`c\9 ]mtZ`S0d@E8-G&-s gBىW7A%L|X CVӪu~5gnj=n:vFcVvRhx_ @/+fT^kn<Ԇ~i)F^{a&x7BCIyĖ`gm2J]%Tc9 bD1yzY<Ț$>-n߸%IlڟakK6bs#r'"讐*^cVON-ov w՛יճF6u,LB3mtp Ƹ[iR1Ytb=4eZ7B ]:BTu]Aу@R'IP81cG=MT``b)xs:% HLeʤTl 5ф4s3/꣭WE4%. /zėyݻ'a䦕v̮**-'d8 8f1f54ee8dc978104c310bfa5d968a227acc3110373e54b69ec878ed99edb16b702970600aba86bf05ea53627e5f396608118fe143!pQp)Tξ7]mtZ`c\9 ]mtZ`{4ܷ(8XPUZFZք`%-/y 6 /`2ˊVCTswmКDߗ{SA5FXoB;Vj]u kkd9^aWgKU g&lp &p ?mG`OB::!@PR%zclu':ݽ+tLɔW!HQe^eDuǷ{#tDiAU_Qݨ'哕+8,ʴE(u}յ5ٲWl7$\ר)M%dj D ܞv#^!1gfg٘$dGT2dYO'"%_+K}k P(qNR#u?)PKf7aMkfش:%, Jv:qi |6ɶx42+wmFZ:b)K+{-t::h>p<^8?^(d  A JPXh p x   $8Xh   (8N9 HN:lNGZTHZdIZtXZxYZ\Z]Z^Zb[;d\e\f\l\t\u\v\w]x]y]]]]^$Clibselinux-ruby2.98.el8SELinux ruby bindings for libselinuxThe libselinux-ruby package contains the ruby bindings for developing SELinux applications.c"ord1-prod-x86build002.svc.aws.rockylinux.org7pKojiRockyPublic Domaininfrastructure@rockylinux.orgUnspecifiedhttps://github.com/SELinuxProject/selinux/wikilinuxi686/7pAAc"c"c"c"e978ad60b6e489e9b47673c4769a4e27893a0175c2dedbed72b8fd41aef6dbf5../../../../usr/lib/ruby/vendor_ruby/selinux.sorootrootrootrootrootrootrootrootlibselinux-2.9-8.el8.src.rpmlibselinux-rubylibselinux-ruby(x86-32)ruby(selinux)@@@@@@@    @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libruby.so.2.5libselinux(x86-32)libselinux.so.1rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.9-8.el83.0.4-14.6.0-14.0-15.2-14.14.3c@c.b_@_l@]X]@\@[@[ā@[ @[,[@[Zz@ZK@ZZZI@Z@Z}@Zz@Zu@ZTZOhZfY@Y˒Y(@YJYV@Y@Y|xY{'@Yx@Y.X-Xg@X@X @XN@X@XXx@Xv@XJX43@WH@W9W@Wq@Wm Wk@W,@W'A@W#LW@VяVIVɦV=@VVii@V@V UU@U4@Ua@UQ@U8U6;UTS@S@SSShShSXS 4@S@R@RUR&RʚRkR%R@RMUM@M@M@M@MlMQ0@MGM5ML@L-@L@L*@LLq@LN@LF@L$@KKKrK@KKqK}+KTM@KA@K@JJJJG@JG@JG@JjJS8JS8JB@J@JMIܑI@IԨIbI̿I@IV@III@I@I2I@IcGIcGIcGIG@IG@IBR@I1.I!\I!\I-HHHe@He@He@He@H@HHH@Ht@HsVHgy@H^>H^>H-w@H!H @H@G@GG#GF@G@GGƢ@GƢ@G­G@GGD@G@G@G@G,@G,@G@GG@GZ@GZ@GeGeG|@G|@GO@GO@G<4G<4G0W@G'@FF@FIFFFFF&@FF@FvFFS@FF@FF]F@FtFFzh@Fw@Fm9@F` @F; @F-@F,F@F@FF*FF @F @FoE@EE@E4@EE?Eɿ@EEEEElEx@E&E=E=E@Ex@EvEnEYEK/@E>@E4EE EgEgEDfDDDDq@D@DB@DB@DB@DB@D{DDX@D4D4D4DD@D@D~D~D|3DvDu@Dr@Dr@DlaDk@DiD`@D_2D_2DX@DWID?D;@D'Dj@C@CCC-Cǖ@Cǖ@C[CCC8@C@CC @CCqC @CCCC@CBC@C@C|pC|pC{@CyCp@Cp@CoACkM@CiCf@C_oC_oC^@C^@CX@CWCS@COCFc@CFc@CECECBnCA@C;@C:C*C&@C&@C%mCC@CC C a@C a@C&B=BۙB@B@Br!Br!Br!Bn-@BgB] B] BZfBS@BQ,@BIC@BAZ@B9q@B9q@B06B-B$Y@B#BB@B@B LB LBBAA)@A@A@AA@A@A@AyAҜ@AJA@A`A`AA@AA@Ak@AAA@AvA@AAoA]FA]FAQi@AN@AI@AF@AF@AA@A>@A>@A7 @A7 @A5A4h@A3A3A/"@A-A+-A(A$@A!@A A A@A@@@q@7@@@@6@@@A@)@@@@@@@@@~y@@~y@@~y@@}'@s@@s@@s@@l@@ia@@b@b@b@O@@O@@Dw@@9@@,@@ @/@@???E@?E@?٭???q@??@?@?@?}d?z?a@?M?D@>S@Vit Mojzis - 2.9-8Vit Mojzis - 2.9-7Vit Mojzis - 2.9-6Vit Mojzis - 2.9-5Vit Mojzis - 2.9-4Vit Mojzis - 2.9-3Petr Lautrbach - 2.9-2.1Petr Lautrbach - 2.9-1Petr Lautrbach - 2.8-6Petr Lautrbach - 2.8-5Petr Lautrbach - 2.8-4Petr Lautrbach - 2.8-3Petr Lautrbach - 2.8-2Petr Lautrbach - 2.8-1Petr Lautrbach - 2.8-0.rc3.1Petr Lautrbach - 2.8-0.rc2.1Petr Lautrbach - 2.8-0.rc1.1Petr Lautrbach - 2.7-14Petr Lautrbach - 2.7-13Petr Lautrbach - 2.7-12Igor Gnatenko - 2.7-11Fedora Release Engineering - 2.7-10Igor Gnatenko - 2.7-9Iryna Shcherbina - 2.7-8Mamoru TASAKA - 2.7-7Petr Lautrbach - 2.7-6Petr Lautrbach - 2.7-5Petr Šabata - 2.7-4Zbigniew Jędrzejewski-Szmek - 2.7-3Zbigniew Jędrzejewski-Szmek - 2.7-2Petr Lautrbach - 2.7-1Fedora Release Engineering - 2.6-10Florian Weimer - 2.6-9Petr Lautrbach - 2.6-8Fedora Release Engineering - 2.6-7Petr Lautrbach - 2.6-6Petr Lautrbach - 2.6-5Petr Lautrbach - 2.6-4Petr Lautrbach - 2.6-3Petr Lautrbach - 2.6-2Petr Lautrbach - 2.6-1Fedora Release Engineering - 2.5-18Stephen Gallagher - 2.5-17Vít Ondruch - 2.5-16Petr Lautrbach - 2.5-15Charalampos Stratakis - 2.5-14Petr Lautrbach - 2.5-13Petr Lautrbach 2.5-12Petr Lautrbach 2.5-11Fedora Release Engineering - 2.5-10Petr Lautrbach - 2.5-9Petr Lautrbach - 2.5-8Petr Lautrbach - 2.5-7Petr Lautrbach - 2.5-6Petr Lautrbach - 2.5-5Petr Lautrbach - 2.5-4Petr Lautrbach - 2.5-3Petr Lautrbach 2.5-2Petr Lautrbach 2.5-1Petr Lautrbach 2.5-0.1.rc1Fedora Release Engineering - 2.4-8Vít Ondruch - 2.4-7Petr Lautrbach - 2.4-6Robert Kuska - 2.4-5Petr Lautrbach 2.4-4Petr Lautrbach 2.4-3Adam Jackson 2.4-2Petr Lautrbach 2.4-1.1Fedora Release Engineering - 2.3-11Petr Lautrbach 2.3-10Petr Lautrbach 2.3-9Petr Lautrbach 2.3-8Than Ngo - 2.3-7Vít Ondruch - 2.3-6Miroslav Grepl - 2.3-5Fedora Release Engineering - 2.3-4Fedora Release Engineering - 2.3-3Kalev Lember - 2.3-2Dan Walsh - 2.3-1Miroslav Grepl - 2.2.2-8Vít Ondruch - 2.2.2-7Dan Walsh - 2.2.2-6Dan Walsh - 2.2.2-5Dan Walsh - 2.2.2-4Dan Walsh - 2.2.2-3Dan Walsh - 2.2.2-2Dan Walsh - 2.2.2-1Adam Williamson - 2.2.1-6Dan Walsh - 2.2.1-5Dan Walsh - 2.2.1-4Dan Walsh - 2.2.1-3Dan Walsh - 2.2.1-2Dan Walsh - 2.2.1-1Dan Walsh - 2.2-1Dan Walsh - 2.1.13-21Dan Walsh - 2.1.13-20Dan Walsh - 2.1.13-19Dan Walsh - 2.1.13-17Fedora Release Engineering - 2.1.13-17Dan Walsh - 2.1.13-16Dan Walsh - 2.1.13-15Dan Walsh - 2.1.13-14Dan Walsh - 2.1.13-13Dan Walsh - 2.1.13-12Dan Walsh - 2.1.13-11Dan Walsh - 2.1.13-10Dan Walsh - 2.1.13-9Dan Walsh - 2.1.13-8Dan Walsh - 2.1.13-7Dan Walsh - 2.1.13-6Dan Walsh - 2.1.13-5Dan Walsh - 2.1.13-4Dan Walsh - 2.1.13-3Dan Walsh - 2.1.13-2Dan Walsh - 2.1.13-1Dan Walsh - 2.1.12-20Dan Walsh - 2.1.12-19Dan Walsh - 2.1.12-18Dan Walsh - 2.1.12-17Dan Walsh - 2.1.12-16Dan Walsh - 2.1.12-15Dan Walsh - 2.1.12-14Dan Walsh - 2.1.12-13Dan Walsh - 2.1.12-12Dan Walsh - 2.1.12-11Dan Walsh - 2.1.12-10Dan Walsh - 2.1.12-9Dan Walsh - 2.1.12-8Dan Walsh - 2.1.12-7Dan Walsh - 2.1.12-6Dan Walsh - 2.1.12-5Dan Walsh - 2.1.12-4Dan Walsh - 2.1.12-3Dan Walsh - 2.1.12-2Dan Walsh - 2.1.12-1David Malcolm - 2.1.11-6David Malcolm - 2.1.11-5Fedora Release Engineering - 2.1.11-4Dan Walsh - 2.1.11-3Dan Walsh - 2.1.11-2Dan Walsh - 2.1.11-1Dan Walsh - 2.1.10-5Dan Walsh - 2.1.10-4Dan Walsh - 2.1.10-3Dan Walsh - 2.1.10-2Dan Walsh - 2.1.10-1Dan Walsh - 2.1.9-9Dan Walsh - 2.1.9-8Dan Walsh - 2.1.9-7Kay Sievers - 2.1.9-6Dan Walsh - 2.1.9-5Harald Hoyer 2.1.9-4Dan Walsh - 2.1.9-3Dan Walsh - 2.1.9-2Dan Walsh - 2.1.9-1Dan Walsh - 2.1.8-5Dan Walsh - 2.1.8-4Dan Walsh - 2.1.8-2Dan Walsh - 2.1.8-1Dan Walsh - 2.1.7-2Dan Walsh - 2.1.7-1Dan Walsh - 2.1.6-4Dan Walsh - 2.1.6-3Dan Walsh - 2.1.6-2Dan Walsh - 2.1.6-1Dan Walsh - 2.1.5-5Ville Skyttä - 2.1.5-4Dan Walsh - 2.1.5-3Dan Walsh - 2.1.5-2Dan Walsh - 2.1.5-1Dan Walsh - 2.1.4-2Dan Walsh - 2.1.4-1Dan Walsh - 2.1.0-1Dan Walsh - 2.0.102-6Dan Walsh - 2.0.102-5Dan Walsh - 2.0.102-4Dan Walsh - 2.0.102-3Dan Walsh - 2.0.102-2Dan Walsh - 2.0.102-1Dan Walsh - 2.0.101-1Dan Walsh - 2.0.99-5Dan Walsh - 2.0.99-4Dan Walsh - 2.0.99-3Dan Walsh - 2.0.99-2Dan Walsh - 2.0.99-1Fedora Release Engineering Dan Walsh - 2.0.98-3Dan Walsh - 2.0.98-2Dan Walsh - 2.0.98-1Dan Walsh - 2.0.97-1Dan Walsh - 2.0.96-9Dan Walsh - 2.0.96-8jkeating - 2.0.96-7Adam Tkac - 2.0.96-6Dan Walsh - 2.0.96-5Dan Walsh - 2.0.96-4David Malcolm - 2.0.96-3Dan Walsh - 2.0.96-2Dan Walsh - 2.0.96-1Dan Walsh - 2.0.94-1Dan Walsh - 2.0.93-1Dan Walsh - 2.0.92-1Dan Walsh - 2.0.91-1Dan Walsh - 2.0.90-5Dan Walsh - 2.0.90-4Dan Walsh - 2.0.90-3Dan Walsh - 2.0.90-2Dan Walsh - 2.0.90-1Dan Walsh - 2.0.89-2Dan Walsh - 2.0.89-1Dan Walsh - 2.0.88-1Dan Walsh - 2.0.87-1Dan Walsh - 2.0.86-2Dan Walsh - 2.0.86-1Fedora Release Engineering - 2.0.85-2Dan Walsh - 2.0.85-1Dan Walsh - 2.0.84-1Dan Walsh - 2.0.82-2Dan Walsh - 2.0.82-1Dan Walsh - 2.0.81-1Dan Walsh - 2.0.80-1Dan Walsh - 2.0.79-6Dan Walsh - 2.0.79-5Dan Walsh - 2.0.79-4Dan Walsh - 2.0.79-3Dan Walsh - 2.0.79-1Dan Walsh - 2.0.78-5Dan Walsh - 2.0.78-4Dan Walsh - 2.0.78-3Dan Walsh - 2.0.78-2Dan Walsh - 2.0.78-1Fedora Release Engineering - 2.0.77-6Dan Walsh - 2.0.77-5Dan Walsh - 2.0.77-3Dan Walsh - 2.0.77-2Dan Walsh - 2.0.77-1Dan Walsh - 2.0.76-6Dan Walsh l - 2.0.76-5Dan Walsh - 2.0.76-4Ignacio Vazquez-Abrams - 2.0.76-2Dan Walsh - 2.0.76-1Dan Walsh - 2.0.75-2Dan Walsh - 2.0.75-1Dan Walsh - 2.0.73-1Dan Walsh - 2.0.71-6Dan Walsh - 2.0.71-5Dan Walsh - 2.0.71-4Dan Walsh - 2.0.71-3Dan Walsh - 2.0.71-2Dan Walsh - 2.0.71-1Dan Walsh - 2.0.70-1Dan Walsh - 2.0.69-2Dan Walsh - 2.0.69-1Dan Walsh - 2.0.67-4Dan Walsh - 2.0.67-3Dan Walsh - 2.0.67-2Dan Walsh - 2.0.67-1Dan Walsh - 2.0.65-1Dan Walsh - 2.0.64-3Dan Walsh - 2.0.64-2Dan Walsh - 2.0.64-1Dan Walsh - 2.0.61-4Dan Walsh - 2.0.61-3Dan Walsh - 2.0.61-2Dan Walsh - 2.0.61-1Dan Walsh - 2.0.60-1Dan Walsh - 2.0.59-2Dan Walsh - 2.0.59-1Dan Walsh - 2.0.58-1Dan Walsh - 2.0.57-2Dan Walsh - 2.0.57-1Dan Walsh - 2.0.56-1Dan Walsh - 2.0.55-1Dan Walsh - 2.0.53-1Dan Walsh - 2.0.52-1Dan Walsh - 2.0.50-1Dan Walsh - 2.0.49-2Dan Walsh - 2.0.49-1Dan Walsh - 2.0.48-1Dan Walsh - 2.0.47-4Adel Gadllah - 2.0.47-3Dan Walsh - 2.0.47-2Dan Walsh - 2.0.47-1Dan Walsh - 2.0.46-6Dan Walsh - 2.0.46-5Dan Walsh - 2.0.46-4Dan Walsh - 2.0.46-3Dan Walsh - 2.0.46-2Dan Walsh - 2.0.46-1Dan Walsh - 2.0.45-1Dan Walsh - 2.0.43-1Dan Walsh - 2.0.42-1Dan Walsh - 2.0.40-1Dan Walsh - 2.0.37-1Dan Walsh - 2.0.36-1Dan Walsh - 2.0.35-2Dan Walsh - 2.0.35-1Dan Walsh - 2.0.34-3Dan Walsh - 2.0.34-2Dan Walsh - 2.0.34-1Dan Walsh - 2.0.33-2Dan Walsh - 2.0.33-1Dan Walsh - 2.0.31-4Dan Walsh - 2.0.31-3Dan Walsh - 2.0.31-2Dan Walsh - 2.0.30-2Dan Walsh - 2.0.30-1Dan Walsh - 2.0.29-1Dan Walsh - 2.0.24-3Dan Walsh - 2.0.24-2Dan Walsh - 2.0.24-1Dan Walsh - 2.0.23-3Dan Walsh - 2.0.23-2Dan Walsh - 2.0.23-1Dan Walsh - 2.0.22-1Dan Walsh - 2.0.21-2Dan Walsh - 2.0.21-1Dan Walsh - 2.0.18-1Dan Walsh - 2.0.16-1Dan Walsh - 2.0.14-1Dan Walsh - 2.0.13-2Dan Walsh - 2.0.13-1Dan Walsh - 2.0.12-2Dan Walsh - 2.0.12-1Dan Walsh - 2.0.11-1Dan Walsh - 2.0.9-2Dan Walsh - 2.0.9-1Dan Walsh - 2.0.8-1Dan Walsh - 2.0.7-2Dan Walsh - 2.0.7-1Dan Walsh - 2.0.5-2Dan Walsh - 2.0.5-1Dan Walsh - 2.0.4-1Dan Walsh - 2.0.2-1Dan Walsh - 2.0.1-1Dan Walsh - 2.0.0-1Dan Walsh - 1.34.0-2Dan Walsh - 1.34.0-1Dan Walsh - 1.33.6-1Dan Walsh - 1.33.5-1Dan Walsh - 1.33.4-3Dan Walsh - 1.33.4-2Dan Walsh - 1.33.4-1Dan Walsh - 1.33.3-3Dan Walsh - 1.33.3-2Dan Walsh - 1.33.3-1Jeremy Katz - 1.33.2-4Dan Walsh - 1.33.2-3Dan Walsh - 1.33.2-2Dan Walsh - 1.33.2-1Dan Walsh - 1.33.1-2Dan Walsh - 1.33.1-1Dan Walsh - 1.32-1Jesse Keating - 1.30.29-2Dan Walsh - 1.30.29-1Jeremy Katz - 1.30.28-3Dan Walsh - 1.30.28-2Dan Walsh - 1.30.28-1Jeremy Katz - 1.30.27-2Dan Walsh - 1.30.27-1Jesse Keating - 1.20.26-2Dan Walsh - 1.30.25-1Dan Walsh - 1.30.24-1Dan Walsh - 1.30.22-2Dan Walsh - 1.30.22-1Dan Walsh - 1.30.20-1Jeremy Katz - 1.30.19-5Jeremy Katz - 1.30.19-4Dan Walsh 1.30.19-3Dan Walsh 1.30.19-2Dan Walsh 1.30.19-1Dan Walsh 1.30.15-5Dan Walsh 1.30.15-4Dan Walsh 1.30.15-3Dan Walsh 1.30.15-2Dan Walsh 1.30.15-1Dan Walsh 1.30.12-2Dan Walsh 1.30.12-1Dan Walsh 1.30.11-2Dan Walsh 1.30.11-1Dan Walsh 1.30.10-4Dan Walsh 1.30.10-3Dan Walsh 1.30.10-2Dan Walsh 1.30.10-1Dan Walsh 1.30.8-1Dan Walsh 1.30.7-2Dan Walsh 1.30.7-1Dan Walsh 1.30.6-2Dan Walsh 1.30.6-1Dan Walsh 1.30.5-1Dan Walsh 1.30.3-3Dan Walsh 1.30.3-2Dan Walsh 1.30.3-1Dan Walsh 1.30.1-2Dan Walsh 1.30.1-1Dan Walsh 1.30-1Jesse Keating - 1.29.7-1.2Jesse Keating - 1.29.7-1.1Dan Walsh 1.29.7-1Dan Walsh 1.29.6-1Dan Walsh 1.29.5-2Dan Walsh 1.29.5-1Dan Walsh 1.29.4-1Dan Walsh 1.29.3-2Dan Walsh 1.29.3-1Dan Walsh 1.29.2-4Dan Walsh 1.29.2-3Dan Walsh 1.29.2-2Dan Walsh 1.29.2-1Dan Walsh 1.29.1-3Jesse Keating Dan Walsh 1.29.1-1Dan Walsh 1.28-1Dan Walsh 1.27.28-2Dan Walsh 1.27.28-1Dan Walsh 1.27.26-1Dan Walsh 1.27.25-1Dan Walsh 1.27.23-1Dan Walsh 1.27.22-4Dan Walsh 1.27.22-3Dan Walsh 1.27.22-2Dan Walsh 1.27.22-1Dan Walsh 1.27.21-2Dan Walsh 1.27.21-1Dan Walsh 1.27.20-1Dan Walsh 1.27.19-1Dan Walsh 1.27.18-1Dan Walsh 1.27.17-4Dan Walsh 1.27.17-2Dan Walsh 1.27.17-1Dan Walsh 1.27.14-3Dan Walsh 1.27.14-2Dan Walsh 1.27.14-1Dan Walsh 1.27.13-2Dan Walsh 1.27.13-1Dan Walsh 1.27.12-1Dan Walsh 1.27.9-2Dan Walsh 1.27.9-1Dan Walsh 1.27.7-1Dan Walsh 1.27.6-1Dan Walsh 1.27.4-1Dan Walsh 1.27.3-1Dan Walsh 1.27.2-1Dan Walsh 1.27.1-3Dan Walsh 1.27.1-2Dan Walsh 1.26-6Dan Walsh 1.26-5Dan Walsh 1.26-3Dan Walsh 1.26-2Dan Walsh 1.25.7-1Dan Walsh 1.25.6-1Dan Walsh 1.25.5-1Dan Walsh 1.25.4-1Dan Walsh 1.25.3-2Dan Walsh 1.25.3-1Dan Walsh 1.25.2-2Dan Walsh 1.25.2-1Dan Walsh 1.24.2-1Dan Walsh 1.24.1-1Dan Walsh 1.23.11-1Dan Walsh 1.23.10-3Dan Walsh 1.23.10-2Dan Walsh 1.23.10-1Dan Walsh 1.23.8-1Dan Walsh 1.23.7-3Dan Walsh 1.23.7-2Dan Walsh 1.23.7-1Dan Walsh 1.23.6-1Dan Walsh 1.23.5-1Dan Walsh 1.23.4-1Dan Walsh 1.23.2-3Dan Walsh 1.23.2-2Dan Walsh 1.23.2-1Dan Walsh 1.23.1-1Dan Walsh 1.22-1Dan Walsh 1.21.13-1Dan Walsh 1.21.12-1Dan Walsh 1.21.11-2Dan Walsh 1.21.11-1Dan Walsh 1.21.10-3Dan Walsh 1.21.10-1Dan Walsh 1.21.9-2Dan Walsh 1.21.9-1Dan Walsh 1.21.8-1Dan Walsh 1.21.7-1Dan Walsh 1.21.5-1Dan Walsh 1.21.4-1Dan Walsh 1.21.2-1Dan Walsh 1.21.1-3Dan Walsh 1.21.1-2Dan Walsh 1.21.1-1Dan Walsh 1.20.1-3Dan Walsh 1.20.1-2Dan Walsh 1.20.1-1Dan Walsh 1.19.4-1Dan Walsh 1.19.3-3Dan Walsh 1.19.3-2Dan Walsh 1.19.3-1Dan Walsh 1.19.2-1Dan Walsh 1.19.1-6Dan Walsh 1.19.1-4Dan Walsh 1.19.1-2Dan Walsh 1.19.1-1Steve Grubb 1.18.1-5Dan Walsh 1.18.1-4Dan Walsh 1.18.1-3Steve Grubb 1.18.1-2Dan Walsh 1.18.1-1Steve Grubb 1.17.15-2Steve Grubb 1.17.15-2Dan Walsh 1.17.15-1Dan Walsh 1.17.14-1Dan Walsh 1.17.13-3Dan Walsh 1.17.13-2Dan Walsh 1.17.13-1Dan Walsh 1.17.12-2Dan Walsh 1.17.12-1Dan Walsh 1.17.11-1Dan Walsh 1.17.10-1Dan Walsh 1.17.9-2Dan Walsh 1.17.9-1Dan Walsh 1.17.8-2Dan Walsh 1.17.8-1Dan Walsh 1.17.7-1Dan Walsh 1.17.6-1Dan Walsh 1.17.5-1Dan Walsh 1.17.4-1Dan Walsh 1.17.3-1Dan Walsh 1.17.2-1Dan Walsh 1.17.1-1Dan Walsh 1.16.1-1Colin Walters 1.16-1Dan Walsh 1.15.7-1Dan Walsh 1.15.6-1Dan Walsh 1.15.5-1Dan Walsh 1.15.4-1Dan Walsh 1.15.3-2Dan Walsh 1.15.3-1Dan Walsh 1.15.2-1Dan Walsh 1.15.1-3Dan Walsh 1.15.1-2Dan Walsh 1.15.1-1Dan Walsh 1.14.1-1Dan Walsh 1.13.4-1Elliot Lee Dan Walsh 1.13.3-2Dan Walsh 1.13.2-1Dan Walsh 1.13.1-1Dan Walsh 1.12-2Dan Walsh 1.12-1Dan Walsh 1.11.4-1Dan Walsh 1.11.3-1Dan Walsh 1.11.2-1Dan Walsh 1.11-4Dan Walsh 1.11-3Dan Walsh 1.11-2Dan Walsh 1.11-1Dan Walsh 1.10-2Dan Walsh 1.10-1Dan Walsh 1.9-1Dan Walsh 1.8-1Dan Walsh 1.6-6Dan Walsh 1.6-5Dan Walsh 1.6-4Dan Walsh 1.6-3Dan Walsh 1.6-2Elliot Lee Dan Walsh 1.4-11Elliot Lee Dan Walsh 1.4-9Dan Walsh 1.4-8Dan Walsh 1.4-7Dan Walsh 1.4-6Dan Walsh 1.4-5Dan Walsh 1.4-4Dan Walsh 1.4-3Dan Walsh 1.4-2Dan Walsh 1.4-1Dan Walsh 1.3-2Dan Walsh 1.3-1Dan Walsh 1.2-9Dan Walsh 1.2-8Dan Walsh 1.2-7Dan Walsh 1.2-6Dan Walsh 1.2-5Dan Walsh 1.2-4Dan Walsh 1.2-3Dan Walsh 1.2-2Dan Walsh 1.2-1Dan Walsh 1.0-1- restorecon: Fix memory leak - xattr_value (#2137965)- Restorecon: Ignore missing directories when -i is used (#2137965)- Describe fcontext regular expressions (#1904059) - Strip spaces before values in config (#2012145)- Deprecate security_compute_user(), update man pages (#1879368)- Eliminate use of security_compute_user() (#1879368)- Fix mcstrans secolor examples in secolor.conf man page (#1770270)- Use Python distutils to install SELinux python bindings (#1719771) - Move sefcontext_compile to -utils package (#1612518)- SELinux userspace 2.9 release- Fix RESOURCE_LEAK coverity scan defects- selinux_restorecon: Skip customized files also without -v - man pages fixes- Build libselinux-python when %with_python2 macro is set to non-zero value- Build libselinux-ruby (#1581322)- Don't build the Python 2 subpackage (#1567358)- SELinux userspace 2.8 release- SELinux userspace 2.8-rc3 release candidate- SELinux userspace 2.8-rc2 release candidate- SELinux userspace 2.8-rc1 release candidate- Do not build libselinux-ruby- build: Replace PYSITEDIR with PYTHONLIBDIR- Correct manpages regarding removable_context - build: follow standard semantics for DESTDIR and PREFIX- Escape macros in %changelog- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Switch to %ldconfig_scriptlets- Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)- F-28: rebuild for ruby25- Rebuild with libsepol-2.7-3- Drop golang bindings - Add support for pcre2 to pkgconfig definition- Enable the python3 subpackages on EL- Also add Provides for the old name without %_isa- Python 2 binary package renamed to python2-libselinux See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 - Python 3 binary package renamed to python3-libselinux- Update to upstream release 2017-08-04- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuild with binutils fix for ppc64le (#1475636)- Always unmount selinuxfs for SELINUX=disabled- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Don't finalize mount state in selinux_set_policy_root() - Follow upstream and rename _selinux.so to _selinux.cpython-36m-x86_64-linux-gnu.so- Fix setfiles progress indicator- Fix segfault in selinux_restorecon_sb() (#1433577) - Change matchpathcon usage to match with matchpathcon manpage - Fix a corner case getsebool return value- Fix 'semanage boolean -m' to modify active value- Fix FTBFS - fatal error (#1427902)- Update to upstream release 2016-10-14- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- Add missing %license macro- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.4- Rewrite restorecon() python method- Rebuild for Python 3.6- Fix pointer handling in realpath_not_final (#1376598)- Fix -Wsign-compare warnings - Drop unused stdio_ext.h header file - Kill logging check for selinux_enabled() - Drop usage of _D_ALLOC_NAMLEN - Add openrc_contexts functions - Fix redefinition of XATTR_NAME_SELINUX - Correct error path to always try text - Clean up process_file() - Handle NULL pcre study data - Fix in tree compilation of utils that depend on libsepol- Rebuilt with libsepol-2.5-9- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- Clarify is_selinux_mls_enabled() description - Explain how to free policy type from selinux_getpolicytype() - Compare absolute pathname in matchpathcon -V - Add selinux_snapperd_contexts_path()- Move _selinux.so to /usr/lib64/python*/site-packages- Modify audit2why analyze function to use loaded policy - Sort object files for deterministic linking order - Respect CC and PKG_CONFIG environment variable - Avoid mounting /proc outside of selinux_init_load_policy()- Fix multiple spelling errors- Rebuilt with libsepol-2.5-5- Fix typo in sefcontext_compile.8- Fix location of selinuxfs mount point - Only mount /proc if necessary - procattr: return einval for <= 0 pid args - procattr: return error on invalid pid_t input- Use fully versioned arch-specific requires- Update to upstream release 2016-02-23- Update to upstream rc1 release 2016-01-07- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.3- Build libselinux without rpm_execcon() (#1284019)- Rebuilt for Python3.5 rebuild- Flush the class/perm string mapping cache on policy reload (#1264051) - Fix restorecon when path has no context- Simplify procattr cache (#1257157,#1232371)- Export ldflags into the build so hardening works- Update to 2.4 release- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- is_selinux_enabled: Add /etc/selinux/config test (#1219045) - matchpathcon/selabel_file: Fix man pages (#1219718)- revert support for policy compressed with xv (#1185266)- selinux.py - use os.walk() instead of os.path.walk() (#1195004) - is_selinux_enabled(): drop no-policy-loaded test (#1195074) - fix -Wformat errors and remove deprecated mudflap option- bump release and rebuild so that koji-shadow can rebuild it against new gcc on secondary arch- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.2- Compiled file context files and the original should have the same permissions from dwalsh@redhat.com - Add selinux_openssh_contexts_path() to get a path to /contexts/openssh_contexts- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4- Update to upstream * Get rid of security_context_t and fix const declarations. * Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.- Add selinux_openssh_contexts_path()- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.1- Fix spelling mistake in man page- More go bindings - restorecon, getpidcon, setexeccon- Add additional go bindings for get*con calls - Add go bindings test command - Modify man pages of set*con calls to mention that they are thread specific- Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go - Add Int_to_mcs function to generate MCS labels from integers.- Add ghost flag for /var/run/setrans- Update to upstream * Fix userspace AVC handling of per-domain permissive mode. - Verify context is not null when passed into *setfilecon_raw- revert unexplained change to rhat.patch which broke SELinux disablement- Verify context is not null when passed into lsetfilecon_raw- Mv selinux.go to /usr/share/gocode/src/selinux- Add golang support to selinux.- Remove togglesebool man page- Update to upstream * Remove -lpthread from pkg-config file; it is not required. - Add support for policy compressed with xv- Update to upstream * Fix avc_has_perm() returns -1 even when SELinux is in permissive mode. * Support overriding Makefile RANLIB from Sven Vermeulen. * Update pkgconfig definition from Sven Vermeulen. * Mount sysfs before trying to mount selinuxfs from Sven Vermeulen. * Fix man pages from Laurent Bigonville. * Support overriding PATH and LIBBASE in Makefiles from Laurent Bigonville. * Fix LDFLAGS usage from Laurent Bigonville * Avoid shadowing stat in load_mmap from Joe MacDonald. * Support building on older PCRE libraries from Joe MacDonald. * Fix handling of temporary file in sefcontext_compile from Dan Walsh. * Fix procattr cache from Dan Walsh. * Define python constants for getenforce result from Dan Walsh. * Fix label substitution handling of / from Dan Walsh. * Add selinux_current_policy_path from Dan Walsh. * Change get_context_list to only return good matches from Dan Walsh. * Support udev-197 and higher from Sven Vermeulen and Dan Walsh. * Add support for local substitutions from Dan Walsh. * Change setfilecon to not return ENOSUP if context is already correct from Dan Walsh. * Python wrapper leak fixes from Dan Walsh. * Export SELINUX_TRANS_DIR definition in selinux.h from Dan Walsh. * Add selinux_systemd_contexts_path from Dan Walsh. * Add selinux_set_policy_root from Dan Walsh. * Add man page for sefcontext_compile from Dan Walsh.- Add systemd_contexts support - Do substitutions on a local sub followed by a dist sub- Eliminate requirement on pthread library, by applying patch for Jakub Jelinek Resolves #1013801- Fix handling of libselinux getconlist with only one entry- Add Python constants for SELinux enforcing modes- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Add sefcontext_compile.8 man page - Add Russell Coker patch to fix man pages - Add patches from Laurent Bigonville to fix Makefiles for debian. - modify spec file to use %{_prefix}/lib- Fix patch that Handles substitutions for /- Handle substitutions for / - semanage fcontext -a -e / /opt/rh/devtoolset-2/root- Add Eric Paris patch to fix procattr calls after a fork.- Move secolor.conf.5 into mcstrans package and out of libselinux- Fix python bindings for selinux_check_access- Fix reseting the policy root in matchpathcon- Cleanup setfcontext_compile atomic patch - Add matchpathcon -P /etc/selinux/mls support by allowing users to set alternate root - Make sure we set exit codes from selinux_label calls to ENOENT or SUCCESS- Make setfcontext_compile atomic- Fix memory leak in set*con calls.- Move matchpathcon to -utils package - Remove togglesebool- Fix selinux man page to reflect what current selinux policy is.- Add new constant SETRANS_DIR which points to the directory where mstransd can find the socket and libvirt can write its translations files.- Bring back selinux_current_policy_path- Revert some changes which are causing the wrong policy version file to be created- Update to upstream * audit2why: make sure path is nul terminated * utils: new file context regex compiler * label_file: use precompiled filecontext when possible * do not leak mmapfd * sefcontontext_compile: Add error handling to help debug problems in libsemanage. * man: make selinux.8 mention service man pages * audit2why: Fix segfault if finish() called twice * audit2why: do not leak on multiple init() calls * mode_to_security_class: interface to translate a mode_t in to a security class * audit2why: Cleanup audit2why analysys function * man: Fix program synopsis and function prototypes in man pages * man: Fix man pages formatting * man: Fix typo in man page * man: Add references and man page links to _raw function variants * Use ENOTSUP instead of EOPNOTSUPP for getfilecon functions * man: context_new(3): fix the return value description * selinux_status_open: handle error from sysconf * selinux_status_open: do not leak statusfd on exec * Fix errors found by coverity * Change boooleans.subs to booleans.subs_dist. * optimize set*con functions * pkg-config do not specifc ruby version * unmap file contexts on selabel_close() * do not leak file contexts with mmap'd backend * sefcontext_compile: do not leak fd on error * matchmediacon: do not leak fd * src/label_android_property: do not leak fd on error- Update to latest patches from eparis/Upstream- Update to latest patches from eparis/Upstream- Try procatt speedup patch again- Roll back procattr speedups since it seems to be screwing up systemd labeling.- Fix tid handling for setfscreatecon, old patch still broken in libvirt- Fix tid handling for setfscreatecon, old patch still broken in libvirt- setfscreatecon after fork was broken by the Set*con patch. - We needed to reset the thread variables after a fork.- Fix setfscreatecon call to handle failure mode, which was breaking udev- Ondrej Oprala patch to optimize set*con functions - Set*con now caches the security context and only re-sets it if it changes.- Rebuild against latest libsepol- Update to latest patches from eparis/Upstream - Fix errors found by coverity - set the sepol_compute_av_reason_buffer flag to 0. This means calculate denials only? - audit2why: remove a useless policy vers variable - audit2why: use the new constraint information- Rebuild with latest libsepol- Return EPERM if login program can not reach default label for user - Attempt to return container info from audit2why- Apply patch from eparis to fix leaked file descriptor in new labeling code- Add new function mode_to_security_class which takes mode instead of a string. - Possibly will be used with coreutils.- Add back selinuxconlist and selinuxdefcon man pages- Fix segfault from calling audit2why.finish() multiple times- Fix up selinux man page to reference service man pages- Rebuild with fixed libsepol- Update to upstream * Add support for lxc_contexts_path * utils: add service to getdefaultcon * libsemanage: do not set soname needlessly * libsemanage: remove PYTHONLIBDIR and ruby equivalent * boolean name equivalency * getsebool: support boolean name substitution * Add man page for new selinux_boolean_sub function. * expose selinux_boolean_sub * matchpathcon: add -m option to force file type check * utils: avcstat: clear sa_mask set * seusers: Check for strchr failure * booleans: initialize pointer to silence coveriety * stop messages when SELinux disabled * label_file: use PCRE instead of glibc regex functions * label_file: remove all typedefs * label_file: move definitions to include file * label_file: do string to mode_t conversion in a helper function * label_file: move error reporting back into caller * label_file: move stem/spec handling to header * label_file: drop useless ncomp field from label_file data * label_file: move spec_hasMetaChars to header * label_file: fix potential read past buffer in spec_hasMetaChars * label_file: move regex sorting to the header * label_file: add accessors for the pcre extra data * label_file: only run regex files one time * label_file: new process_file function * label_file: break up find_stem_from_spec * label_file: struct reorg * label_file: only run array once when sorting * Ensure that we only close the selinux netlink socket once. * improve the file_contexts.5 manual page- rebuild for https://fedoraproject.org/wiki/Features/Python_3.3- make with_python3 be conditional on fedora- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d- Revert Eric Paris Patch for selinux_binary_policy_path- Update to upstream * Fortify source now requires all code to be compiled with -O flag * asprintf return code must be checked * avc_netlink_recieve handle EINTR * audit2why: silence -Wmissing-prototypes warning * libsemanage: remove build warning when build swig c files * matchpathcon: bad handling of symlinks in / * seusers: remove unused lineno * seusers: getseuser: gracefully handle NULL service * New Android property labeling backend * label_android_property whitespace cleanups * additional makefile support for rubywrap- Fix booleans.subs name, change function name to selinux_boolean_sub, add man page, minor fixes to the function- Fix to compile with Fortify source * Add -O compiler flag * Check return code from asprintf - Fix handling of symbolic links in / by realpath_not_final- Add support for lxc contexts file- Add support fot boolean subs file- Update to upstream * Fix dead links to www.nsa.gov/selinux * Remove jump over variable declaration * Fix old style function definitions * Fix const-correctness * Remove unused flush_class_cache method * Add prototype decl for destructor * Add more printf format annotations * Add printf format attribute annotation to die() method * Fix const-ness of parameters & make usage() methods static * Enable many more gcc warnings for libselinux/src/ builds * utils: Enable many more gcc warnings for libselinux/utils builds * Change annotation on include/selinux/avc.h to avoid upsetting SWIG * Ensure there is a prototype for 'matchpathcon_lib_destructor' * Update Makefiles to handle /usrmove * utils: Stop separating out matchpathcon as something special * pkg-config to figure out where ruby include files are located * build with either ruby 1.9 or ruby 1.8 * assert if avc_init() not called * take security_deny_unknown into account * security_compute_create_name(3) * Do not link against python library, this is considered * bad practice in debian * Hide unnecessarily-exported library destructors- Add selinux_current_policy_path to return /sys/fs/selinux/policy if it exists - Otherwise search for policy on disk- Change selinux_binary_policy_path to return /sys/fs/selinux/policy - Add selinux_installed_policy_path to return what selinux_binary_policy_path used to return - avc_has_perm will now return yes if the machine is in permissive mode - Make work with ruby-1.9- avc_netlink_recieve should continue to poll if it receinves an EINTR rather- use /sbin/ldconfig, glibc does not provide /usr/sbin/ldconfig in the RPM database for now- Rebuild with cleaned up upstream to work in /usr- install everything in /usr https://fedoraproject.org/wiki/Features/UsrMove- Add Dan Berrange code cleanup patches.- Fix selabal_open man page to refer to proper selinux_opt structure-Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page- Add patch from Richard Haines When selabel_lookup found an invalid context with validation enabled, it always stated it was 'file_contexts' whether media, x, db or file. The fix is to store the spec file name in the selabel_lookup_rec on selabel_open and use this as output for logs. Also a minor fix if key is NULL to stop seg faults. - Fix setenforce manage page.- Rebuild with new libsepol- Fix setenforce man page, from Miroslav Grepl- Upgrade to upstream * selinuxswig_python.i: don't make syscall if it won't change anything * Remove assert in security_get_boolean_names(3) * Mapped compute functions now obey deny_unknown flag * get_default_type now sets EINVAL if no entry. * return EINVAL if invalid role selected * Updated selabel_file(5) man page * Updated selabel_db(5) man page * Updated selabel_media(5) man page * Updated selabel_x(5) man page * Add man/man5 man pages * Add man/man5 man pages * Add man/man5 man pages * use -W and -Werror in utils- Change python binding for restorecon to check if the context matches. - If it does do not reset- Upgrade to upstream * Makefiles: syntax, convert all ${VAR} to $(VAR) * load_policy: handle selinux=0 and /sys/fs/selinux not exist * regenerate .pc on VERSION change * label: cosmetic cleanups * simple interface for access checks * Don't reinitialize avc_init if it has been called previously * seusers: fix to handle large sets of groups * audit2why: close fd on enomem * rename and export symlink_realpath * label_file: style changes to make Eric happy.- Apply libselinux patch to handle large groups in seusers.- Add selinux_check_access function. Needed for passwd, chfn, chsh- Handle situation where selinux=0 passed to the kernel and both /selinux and-Update to upstream * utils: matchpathcon: remove duplicate declaration * src: matchpathcon: use myprintf not fprintf * src: matchpathcon: make sure resolved path starts * put libselinux.so.1 in /lib not /usr/lib * tree: default make target to all not- Switch to use ":" as prefix separator rather then ";"- Avoid unnecessary shell invocation in %post.- Fix handling of subset labeling that is causing segfault in restorecon- Change matchpathcon_init_prefix and selabel_open to allow multiple initial prefixes. Now you can specify a ";" separated list of prefixes and the labeling system will only load regular expressions that match these prefixes.- Change matchpatcon to use proper myprintf - Fix symlink_realpath to always include "/" - Update to upstream * selinux_file_context_verify function returns wrong value. * move realpath helper to matchpathcon library * python wrapper makefile changes- Move to new Makefile that can build with or without PYTHON being set-Update to upstream 2.1.4 2011-0817 * mapping fix for invalid class/perms after selinux_set_mapping * audit2why: work around python bug not defining * resolv symlinks and dot directories before matching 2.1.2 2011-0803 * audit2allow: do not print statistics * make python bindings for restorecon work on relative path * fix python audit2why binding error * support new python3 functions * do not check fcontext duplicates on use * Patch for python3 for libselinux 2.1.1 2011-08-02 * move .gitignore into utils * new setexecon utility * selabel_open fix processing of substitution files * mountpoint changing patch. * simplify SRCS in Makefile 2.1.1 2011-08-01 * Remove generated files, introduce more .gitignore-Update to upstream * Release, minor version bump * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Only call dups check within selabel/matchpathcon if you are validating the context - This seems to speed the loading of labels by 4 times.- Move /selinux to /sys/fs/selinux - Add selinuxexeccon - Add realpath to matchpathcon to handle matchpathcon * type queries.- Update for latest libsepol- Update for latest libsepol- Fix restorecon python binding to accept relative paths-Update to upstream * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Clean up patch to make handling of constructor cleanup more portable * db_language object class support for selabel_lookup from KaiGai Kohei. * Library destructors for thread local storage keys from Eamon Walsh.- Add distribution subs pathAdd patch from dbhole@redhat.com to initialize thread keys to -1 Errors were being seen in libpthread/libdl that were related to corrupt thread specific keys. Global destructors that are called on dl unload. During destruction delete a thread specific key without checking if it has been initialized. Since the constructor is not called each time (i.e. key is not initialized with pthread_key_create each time), and the default is 0, there is a possibility that key 0 for an active thread gets deleted. This is exactly what is happening in case of OpenJDK. Workaround patch that initializes the key to -1. Thus if the constructor is not called, the destructor tries to delete key -1 which is deemed invalid by pthread_key_delete, and is ignored.- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data- Change mount source options to use "proc" and "selinuxfs"- Update to upstream * Turn off default user handling when computing user contexts by Dan Walsh- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fixup selinux man page- Fix Makefile to use pkg-config --cflags python3 to discover include paths- Update to upstream - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Update to upstream * Thread local storage fixes from Eamon Walsh.- Add /etc/tmpfiles.d support for /var/run/setrans- Ghost /var/run/setrans- Rebuilt for gcc bug 634757- rebuild via updated swig (#624674)- Update for python 3.2a1- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- Turn off messages in audit2why- Update to upstream * Add const qualifiers to public API where appropriate by KaiGai Kohei. 2.0.95 2010-06-10 * Remove duplicate slashes in paths in selabel_lookup from Chad Sellers * Adds a chcon method to the libselinux python bindings from Steve Lawrence - add python3 subpackage from David Malcolm* Set errno=EINVAL for invalid contexts from Dan Walsh.- Update to upstream * Show strerror for security_getenforce() by Colin Waters. * Merged selabel database support by KaiGai Kohei. * Modify netlink socket blocking code by KaiGai Kohei.- Update to upstream * Fix from Eric Paris to fix leak on non-selinux systems. * regenerate swig wrappers * pkgconfig fix to respect LIBDIR from Dan Walsh.- Update to upstream * Change the AVC to only audit the permissions specified by the policy, excluding any permissions specified via dontaudit or not specified via auditallow. * Fix compilation of label_file.c with latest glibc headers.- Fix potential doublefree on init- Fix libselinux.pc- Fix man page for selinuxdefcon- Free memory on disabled selinux boxes- Update to upstream * add/reformat man pages by Guido Trentalancia . * Change exception.sh to be called with bash by Manoj Srivastava - Fix selinuxdefcon man page- Update to upstream * Add pkgconfig file from Eamon Walsh.- Update to upstream * Rename and export selinux_reset_config()- Update to upstream * Add exception handling in libselinux from Dan Walsh. This uses a shell script called exception.sh to generate a swig interface file. * make swigify * Make matchpathcon print <> if path not found in fcontext file.- Eliminate -pthread switch in Makefile- Update to upstream * Removal of reference counting on userspace AVC SID's.- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Update to upstream * Reverted Tomas Mraz's fix for freeing thread local storage to avoid pthread dependency. * Removed fini_context_translations() altogether. * Merged lazy init patch from Stephen Smalley based on original patch by Steve Grubb.- Update to upstream * Add per-service seuser support from Dan Walsh. * Let load_policy gracefully handle selinuxfs being mounted from Stephen Smalley. * Check /proc/filesystems before /proc/mounts for selinuxfs from Eric Paris.- Add provices ruby(selinux)- Update to upstream * Fix improper use of thread local storage from Tomas Mraz . * Label substitution support from Dan Walsh. * Support for labeling virtual machine images from Dan Walsh.- Update to upstream * Trim / from the end of input paths to matchpathcon from Dan Walsh. * Fix leak in process_line in label_file.c from Hiroshi Shinji. * Move matchpathcon to /sbin, add matchpathcon to clean target from Dan Walsh. * getdefaultcon to print just the correct match and add verbose option from Dan Walsh.- Update to upstream * deny_unknown wrapper function from KaiGai Kohei. * security_compute_av_flags API from KaiGai Kohei. * Netlink socket management and callbacks from KaiGai Kohei.- Fix Memory Leak- Fix crash in python- Add back in additional interfaces- Add back in av_decision to python swig- Update to upstream * Netlink socket handoff patch from Adam Jackson. * AVC caching of compute_create results by Eric Paris.- Add patch from ajax to accellerate X SELinux - Update eparis patch- Add eparis patch to accellerate Xwindows performance- Fix URL- Add substitute pattern - matchpathcon output <> on ENOENT- Update to upstream * Fix incorrect conversion in discover_class code.- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- Add - selinux_virtual_domain_context_path - selinux_virtual_image_context_path- Throw exeptions in python swig bindings on failures- Fix restorecon python code- Update to upstream- Strip trailing / for matchpathcon- Fix segfault if seusers file does not work- Add new function getseuser which will take username and service and return - seuser and level. ipa will populate file in future. - Change selinuxdefcon to return just the context by default- Rebuild for Python 2.6- Update to Upstream * Allow shell-style wildcards in x_contexts file.- Eamon Walsh Patch - libselinux: allow shell-style wildcarding in X names - Add Restorecon/Install python functions from Luke Macken- Update to Upstream * Correct message types in AVC log messages. * Make matchpathcon -V pass mode from Dan Walsh. * Add man page for selinux_file_context_cmp from Dan Walsh.- Update to Upstream * New man pages from Dan Walsh. * Update flask headers from refpolicy trunk from Dan Walsh.- Fix matchpathcon -V call- Add flask definitions for open, X and nlmsg_tty_audit- Add missing get/setkeycreatecon man pages- Split out utilities- Add missing man page links for [lf]getfilecon- Update to Upstream * Add group support to seusers using %groupname syntax from Dan Walsh. * Mark setrans socket close-on-exec from Stephen Smalley. * Only apply nodups checking to base file contexts from Stephen Smalley.- Update to Upstream * Merge ruby bindings from Dan Walsh. - Add support for Linux groups to getseuserbyname- Allow group handling in getseuser call- Update to Upstream * Handle duplicate file context regexes as a fatal error from Stephen Smalley. This prevents adding them via semanage. * Fix audit2why shadowed variables from Stephen Smalley. * Note that freecon NULL is legal in man page from Karel Zak.- Add ruby support for puppet- Rebuild for new libsepol- Add Karel Zak patch for freecon man page- Update to Upstream * New and revised AVC, label, and mapping man pages from Eamon Walsh. * Add swig python bindings for avc interfaces from Dan Walsh.- Update to Upstream * Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call matchpathcon_init_prefix if not already initialized. * Add -q qualifier for -V option of matchpathcon and change it to indicate whether verification succeeded or failed via exit status.- libselinux no longer neets to telnet -u in post install- Add sedefaultcon and setconlist commands to dump login context- Update to Upstream * Fixed selinux_set_callback man page. * Try loading the max of the kernel-supported version and the libsepol-supported version when no manipulation of the binary policy is needed from Stephen Smalley. * Fix memory leaks in matchpathcon from Eamon Walsh.- Add Xavior Toth patch for security_id_t in swig- Add avc.h to swig code- Grab the latest policy for the kernel- Update to Upstream * Man page typo fix from Jim Meyering.- Update to Upstream * Changed selinux_init_load_policy() to not warn about a failed mount of selinuxfs if selinux was disabled in the kernel.- Fix matchpathcon memory leak- Update to Upstream * Merged new X label "poly_selection" namespace from Eamon Walsh.- Update to Upstream * Merged reset_selinux_config() for load policy from Dan Walsh.- Reload library on loading of policy to handle chroot- Update to Upstream * Merged avc_has_perm() errno fix from Eamon Walsh.- Update to Upstream * Regenerated Flask headers from refpolicy flask definitions.- Update to Upstream * Merged compute_member AVC function and manpages from Eamon Walsh. * Provide more error reporting on load policy failures from Stephen Smalley.- Update to Upstream * Merged new X label "poly_prop" namespace from Eamon Walsh.- Update to Upstream * Disable setlocaldefs if no local boolean or users files are present from Stephen Smalley. * Skip userspace preservebools processing for Linux >= 2.6.22 from Stephen Smalley.- Update to Upstream * Merged fix for audit2why from Dan Walsh.- Fix audit2why to grab latest policy versus the one selected by the kernel* Merged audit2why python binding from Dan Walsh.* Merged updated swig bindings from Dan Walsh, including typemap for pid_t.- Update to use libsepol-static library- Move libselinux.a to -static package - Spec cleanups- Put back libselinux.a- Fix memory references in audit2why and change to use tuples - Update to Upstream * Fix for the avc: granted null message bug from Stephen Smalley.- Fix __init__.py specification- Add audit2why python bindings- Add pid_t typemap for swig bindings- smp_mflag- Fix spec file caused by spec review- Upgrade to upstream * matchpathcon(8) man page update from Dan Walsh.- Upgrade to upstream * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley. * Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley. * A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.- Upgrade to upstream * Regenerated Flask headers from policy.- Upgrade to upstream * AVC enforcing mode override patch from Eamon Walsh. * Aligned attributes in AVC netlink code from Eamon Walsh. - Move libselinux.so back into devel package, procps has been fixed- Upgrade to upstream * Merged refactored AVC netlink code from Eamon Walsh. * Merged new X label namespaces from Eamon Walsh. * Bux fix and minor refactoring in string representation code.- Upgrade to upstream * Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.- Upgrade to upstream * Fix segfault resulting from missing file_contexts file.- Fix segfault on missing file_context file- Upgrade to upstream * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh. * Pass CFLAGS when using gcc for linking from Dennis Gilmore.- Add sparc patch to from Dennis Gilmore to build on Sparc platform- Remove leaked file descriptor- Upgrade to latest from NSA * Fix selabel option flag setting for 64-bit from Stephen Smalley.- Change matchpatcon to use syslog instead of syserror- Upgrade to latest from NSA * Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley. * Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley. * Fix swig binding for rpm_execcon from James Athey.- Apply James Athway patch to fix rpm_execcon python binding- Move libselinux.so back into main package, breaks procps- Upgrade to upstream * Fix file_contexts.homedirs path from Todd Miller.- Remove requirement on setransd, Moved to selinux-policy-mls- Move libselinux.so into devel package - Upgrade to upstream * Fix segfault resulting from uninitialized print-callback pointer. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh.- Upgrade to upstream * Updated version for stable branch. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh. * Updated av_permissions.h and flask.h to include new nscd permissions from Dan Walsh. * Added swigify to top-level Makefile from Dan Walsh. * Fix for string_to_security_class segfault on x86_64 from Stephen Smalley.- Apply Steven Smalley patch to fix segfault in string_to_security_class- Fix matchpathcon to set default myprintf- Upgrade to upstream * Fix for getfilecon() for zero-length contexts from Stephen Smalley.- Update to match flask/access_vectors in policy- Fix man page markup lanquage for translations- Fix semanage segfault on x86 platform- Upgrade to upstream * Labeling and callback interface patches from Eamon Walsh.- Refactored swig- Upgrade to upstream * Class and permission mapping support patches from Eamon Walsh. * Object class discovery support patches from Chris PeBenito. * Refactoring and errno support in string representation code.- Upgrade to upstream - Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura. This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case. 2.0.17 2007-05-31 * Updated Lindent script and reindented two header files.- Upgrade to upstream * Merged additional swig python bindings from Dan Walsh. * Merged helpful message when selinuxfs mount fails patch from Dax Kelson.- Upgrade to upstream * Merged build fix for avc_internal.c from Joshua Brindle.- Add get_context_list funcitions to swig file- Upgrade to upstream * Merged rpm_execcon python binding fix, matchpathcon man page fix, and getsebool -a handling for EACCES from Dan Walsh.- Add missing interface- Upgrade to upstream * Merged support for getting initial contexts from James Carter.- Upgrade to upstream * Merged userspace AVC patch to follow kernel's behavior for permissive mode in caching previous denials from Eamon Walsh. * Merged sidput(NULL) patch from Eamon Walsh.- Make rpm_exec swig work- Upgrade to upstream * Merged class/av string conversion and avc_compute_create patch from Eamon Walsh.- Upgrade to upstream * Merged fix for avc.h #include's from Eamon Walsh.- Add stdint.h to avc.h- Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb. - Merged patch to drop support for old /etc/sysconfig/selinux and - /etc/security policy file layout from Steve Grubb.- Do not fail on permission denied in getsebool- Upgrade to upstream * Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve Grubb.- Upgrade to upstream * Removed sending of setrans init message. * Merged matchpathcon memory leak fix from Steve Grubb.- Upgrade to upstream * Merged more swig initializers from Dan Walsh.- Upgrade to upstream * Merged patch from Todd Miller to convert int types over to C99 style.- Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of the use of the non-standard format (original patch changed for style). - Merged patch from Todd Miller to fix memory leak in matchpathcon.c.- Add context function to python to split context into 4 parts- Upgrade to upstream * Updated version for stable branch.- Upgrade to upstream * Merged man page updates to make "apropos selinux" work from Dan Walsh.- Upgrade to upstream * Merged getdefaultcon utility from Dan Walsh.- Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli- Add reference to selinux man page in all man pages to make apropos work Resolves: # 217881- Upstream wanted some minor changes, upgrading to keep api the same - Upgrade to upstream * Merged selinux_check_securetty_context() and support from Dan Walsh. Resolves: #200110- Cleanup patch- Add securetty handling Resolves: #200110- Upgrade to upstream * Merged patch for matchpathcon utility to use file mode information when available from Dan Walsh.- rebuild against python 2.5- Fix matchpathcon to lstat files- Update man page- Upgrade to upstream- Add James Antill patch for login verification of MLS Levels - MLS ragnes need to be checked, Eg. login/cron. This patch adds infrastructure.- Upgrade to latest from NSA * Merged updated flask definitions from Darrel Goeddel. This adds the context security class, and also adds the string definitions for setsockcreate and polmatch.- Upgrade to latest from NSA * Updated version for release.- rebuilt for unwind info generation, broken in gcc-4.1.1-21- Upgrade to latest from NSA * Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.- really make -devel depend on libsepol-devel- Add sgrubb patch for polmatch- Upgrade to latest from NSA * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client- have -devel require libsepol-devel- Upgrade to latest from NSA * Merged patch to not log avc stats upon a reset from Steve Grubb. * Applied patch to revert compat_net setting upon policy load. * Merged file context homedir and local path functions from Chris PeBenito.- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc* (#203001)- Upgrade to latest from NSA * Merged file context homedir and local path functions from Chris PeBenito. * Rework functions that access /proc/pid/attr to access the per-thread nodes, and unify the code to simplify maintenance.- Upgrade to latest from NSA * Merged return value fix for *getfilecon() from Dan Walsh. * Merged sockcreate interfaces from Eric Paris.- Fix translation return codes to return size of buffer- Upgrade to latest from NSA * Merged no-tls-direct-seg-refs patch from Jeremy Katz. * Merged netfilter_contexts support patch from Chris PeBenito.- Upgrade to latest from NSA * Merged context_*_set errno patch from Jim Meyering.- only build non-fpic objects with -mno-tls-direct-seg-refs- build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults with xen (#200783)- Rebuild for new gcc- Fix libselinux to not telinit during installs- Upgrade to latest from NSA * Lindent. * Merged {get,set}procattrcon patch set from Eric Paris. * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. * Regenerated Flask headers from refpolicy. * Merged patch from Dan Walsh with: - Added selinux_file_context_{cmp,verify}. - Added selinux_lsetfilecon_default. - Delay translation of contexts in matchpathcon.- Yet another change to matchpathcon- Turn off error printing in library. Need to compile with DEBUG to get it back- Fix error reporting of matchpathcon- Add function to compare file context on disk versus contexts in file_contexts file.- Upgrade to latest from NSA * Merged patch from Dan Walsh with: * Added selinux_getpolicytype() function. * Modified setrans code to skip processing if !mls_enabled. * Set errno in the !selinux_mnt case. * Allocate large buffers from the heap, not on stack. Affects is_context_customizable, selinux_init_load_policy, and selinux_getenforcemode.- Add selinux_getpolicytype()- Upgrade to latest from NSA * Merged !selinux_mnt checks from Ian Kent.- Check for selinux_mnt == NULL- Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn.- Remove getseuser- Bump requires to grab latest libsepol- Add BuildRequires for swig- Upgrade to latest from NSA * Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. * Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.- More fixes for translation cache - Upgrade to latest from NSA * Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().- Add simple cache to improve translation speed- Upgrade to latest from NSA * Merged setrans client cleanup patch from Steve Grubb.- Add Russell's AVC patch to handle large numbers- Upgrade to latest from NSA * Merged getfscreatecon man page fix from Dan Walsh. * Updated booleans(8) man page to drop references to the old booleans file and to note that setsebool can be used to set the boot-time defaults via -P.- Upgrade to latest from NSA * Merged fix warnings patch from Karl MacMillan. * Merged setrans client support from Dan Walsh. This removes use of libsetrans. * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. * Merged swig typemap fixes from Glauber de Oliveira Costa.- Change the way translations work, Use setransd/remove libsetrans- Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)- Upgrade to latest from NSA * Added distclean target to Makefile. * Regenerated swig files. * Changed matchpathcon_init to verify that the spec file is a regular file. * Merged python binding t_output_helper removal patch from Dan Walsh.- Fix python bindings for matchpathcon - Fix booleans man page- Merged Makefile PYLIBVER definition patch from Dan Walsh.- Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA * Updated version for release. * Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- Upgrade to latest from NSA * Merged install-pywrap Makefile patch from Joshua Brindle.- Upgrade to latest from NSA * Merged pywrap Makefile patch from Dan Walsh.- Split out pywrap in Makefile- Upgrade to latest from NSA * Added getseuser test program.- Upgrade to latest from NSA * Added format attribute to myprintf in matchpathcon.c and removed obsoleted rootlen variable in init_selinux_config().- Build with new libsepol- Upgrade to latest from NSA * Merged several fixes and improvements from Ulrich Drepper (Red Hat), including: - corrected use of getline - further calls to __fsetlocking for local files - use of strdupa and asprintf - proper handling of dirent in booleans code - use of -z relro - several other optimizations * Merged getpidcon python wrapper from Dan Walsh (Red Hat).- Add build requires line for libsepol-devel- Fix swig call for getpidcon- Move libselinux.so to base package- Upgrade to latest from NSA * Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.- update to latest libsetrans - Fix potential memory leak- rebuilt- Update to never version * Merged patch for swig interfaces from Dan Walsh.- Update to never version- Fix some of the python swig objects- Update to latest from NSA * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified matchpathcon implementation to make context validation/ canonicalization optional at matchpathcon_init time, deferring it to a successful matchpathcon by default unless the new flag is set by the caller. * Added matchpathcon_init_prefix() interface, and reworked matchpathcon implementation to support selective loading of file contexts entries based on prefix matching between the pathname regex stems and the specified path prefix (stem must be a prefix of the specified path prefix).- Update to latest from NSA * Change getsebool to return on/off instead of active/inactive- Update to latest from NSA * Added -f file_contexts option to matchpathcon util. Fixed warning message in matchpathcon_init(). * Merged Makefile python definitions patch from Dan Walsh.- Update to latest from NSA * Merged swigify patch from Dan Walsh.- Separate out libselinux-python bindings into separate rpm- Read libsetrans requirement- Add python bindings- Update to latest from NSA * Merged make failure in rpm_execcon non-fatal in permissive mode patch from Ivan Gyurdiev.- Remove requirement for libsetrans- Update to latest from NSA * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.- Update to latest from NSA * Added security_canonicalize_context() interface and set_matchpathcon_canoncon() interface for obtaining canonical contexts. Changed matchpathcon internals to obtain canonical contexts by default. Provided fallback for kernels that lack extended selinuxfs context interface. - Patch to not translate mls when calling setfiles- Update to latest from NSA * Merged seusers parser changes from Ivan Gyurdiev. * Merged setsebool to libsemanage patch from Ivan Gyurdiev. * Changed seusers parser to reject empty fields.- Update to latest from NSA * Merged seusers empty level handling patch from Jonathan Kim (TCS).- Rebuild for latest libsepol- Rebuild for latest libsepol- Change default to __default__- Change default to __default__- Add selinux_translations_path- Update to latest from NSA * Merged selinux_path() and selinux_homedir_context_path() functions from Joshua Brindle.- Need to check for /sbin/telinit- Update to latest from NSA * Merged fixes for make DESTDIR= builds from Joshua Brindle.- Update to latest from NSA * Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red Hat). * Updated call to sepol_policydb_to_image for sepol changes. * Changed getseuserbyname to ignore empty lines and to handle no matching entry in the same manner as no seusers file.- Tell init to reexec itself in post script- Update to latest from NSA * Changed selinux_mkload_policy to try downgrading the latest policy version available to the kernel-supported version. * Changed selinux_mkload_policy to fall back to the maximum policy version supported by libsepol if the kernel policy version falls outside of the supported range.- Update to latest from NSA * Changed getseuserbyname to fall back to the Linux username and NULL level if seusers config file doesn't exist unless REQUIRESEUSERS=1 is set in /etc/selinux/config. * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.- Update to latest from NSA * Added selinux_init_load_policy() function as an even higher level interface for the initial policy load by /sbin/init. This obsoletes the load_policy() function in the sysvinit-selinux.patch. * Added selinux_mkload_policy() function as a higher level interface for loading policy than the security_load_policy() interface.- Update to latest from NSA * Merged fix for matchpathcon (regcomp error checking) from Johan Fischer. Also added use of regerror to obtain the error string for inclusion in the error message.- Update to latest from NSA * Changed getseuserbyname to not require (and ignore if present) the MLS level in seusers.conf if MLS is disabled, setting *level to NULL in this case.- Update to latest from NSA * Merged getseuserbyname patch from Dan Walsh.- Fix patch to satisfy upstream- Update to latest from NSA - Add getseuserbyname- Fix patch call- Fix strip_con call- Go back to original libsetrans code- Eliminate forth param from mls context when mls is not enabled.- Update from NSA * Merged modified form of patch to avoid dlopen/dlclose by the static libselinux from Dan Walsh. Users of the static libselinux will not have any context translation by default.- Update from NSA * Added public functions to export context translation to users of libselinux (selinux_trans_to_raw_context, selinux_raw_to_trans_context).- Update from NSA * Remove special definition for context_range_set; use common code.- Update from NSA * Hid translation-related symbols entirely and ensured that raw functions have hidden definitions for internal use. * Allowed setting NULL via context_set* functions. * Allowed whitespace in MLS component of context. * Changed rpm_execcon to use translated functions to workaround lack of MLS level on upgraded systems.- Allow set_comp on unset ranges- Merged context translation patch, originally by TCS, with modifications by Dan Walsh (Red Hat).- Apply translation patch- Update from NSA * Merged several fixes for error handling paths in the AVC sidtab, matchpathcon, booleans, context, and get_context_list code from Serge Hallyn (IBM). Bugs found by Coverity. * Removed setupns; migrated to pam. * Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original symbol is temporarily retained for compatibility until all callers are updated.- Update makefiles- Update from NSA * Merged security_setupns() from Chad Sellers. - fix selinuxenabled man page- Update from NSA * Merged avcstat and selinux man page from Dan Walsh. * Changed security_load_booleans to process booleans.local even if booleans file doesn't exist.- Fix avcstat to clear totals- Add info to man page- Update from NSA * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat). * Rewrote get_ordered_context_list and helpers, including changing logic to allow variable MLS fields.- Update from NSA- Add backin matchpathcon- Fix selinux_policy_root man page- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;- Update from NSA * Fixed bug in matchpathcon_filespec_destroy.- Update from NSA * Fixed bug in rpm_execcon error handling path.- Update from NSA * Merged fix for set_matchpathcon* functions from Andreas Steinmetz. * Merged fix for getconlist utility from Andreas Steinmetz.- Update from NSA- Better handling of booleans- Update from NSA * Merged destructors patch from Tomas Mraz.- Update from NSA * Added set_matchpathcon_flags() function for setting flags controlling operation of matchpathcon. MATCHPATHCON_BASEONLY means only process the base file_contexts file, not file_contexts.homedirs or file_contexts.local, and is for use by setfiles -c. * Updated matchpathcon.3 man page.- Update from NSA- Update from NSA * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.- Update from NSA * Changed matchpathcon_common to ignore any non-format bits in the mode.- Default matchpathcon to regular files if the user specifies a mode- Update from NSA * Merged several fixes from Ulrich Drepper.- Fix matchpathcon on eof.- Update from NSA * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh. * Added selinux_users_path() for path to directory containing system.users and local.users.- Process file_context.homedir- Update from NSA * Changed relabel Makefile target to use restorecon.- Update from NSA * Regenerated av_permissions.h.- Update from NSA * Modified avc_dump_av to explicitly check for any permissions that cannot be mapped to string names and display them as a hex value. * Regenerated av_permissions.h.- Update from NSA * Generalized matchpathcon internals, exported more interfaces, and moved additional code from setfiles into libselinux so that setfiles can directly use matchpathcon.- Update from NSA * Prevent overflow of spec array in matchpathcon. * Fixed several uses of internal functions to avoid relocations. * Changed rpm_execcon to check is_selinux_enabled() and fallback to a regular execve if not enabled (or unable to determine due to a lack of /proc, e.g. chroot'd environment).- Update from NSA * Merged minor fix for avcstat from Dan Walsh.- rpmexeccon should not fail in permissive mode.- fix printf in avcstat- Update from NSA- Modify matchpathcon to also process file_contexts.local if it exists- Add is_customizable_types function call- Update to latest from upstream * Just changing version number to match upstream- Update to latest from upstream * Changed matchpathcon to return -1 with errno ENOENT for <> entries, and also for an empty file_contexts configuration.- Fix link devel libraries- Fix unitialized variable in avcstat.c- Upgrade to upstream * Removed some trivial utils that were not useful or redundant. * Changed BINDIR default to /usr/sbin to match change in Fedora. * Added security_compute_member. * Added man page for setcon.- Upgrade to upstream- Add avcstat program- Add lots of missing man pages- Fix output of getsebool.- Update from upstream, fix setsebool -P segfault- Add a patch from upstream. Fixes signed/unsigned issues, and incomplete structure copy.- More fixes from sgrubb, better syslog- Have setsebool and togglesebool log changes to syslog- Add patch to make setsebool update bool on disk - Make togglesebool have a rollback capability in case it blows up inflight- Upgrade to latest from NSA- Changed the location of the utilities to /usr/sbin since normal users can't use them anyways.- Updated various utilities, removed utilities that are for testing, added man pages.- Add -g flag to make - Upgrade to latest from NSA * Added rpm_execcon.- Upgrade to latest from NSA * Merged setenforce and removable context patch from Dan Walsh. * Merged build fix for alpha from Ulrich Drepper. * Removed copyright/license from selinux_netlink.h - definitions only.- Change setenforce to accept Enforcing and Permissive- Add alpha patch- Upgrade to latest from NSA- Add selinux_removable_context_path- Update from NSA * Add matchmediacon- Update from NSA * Merged in matchmediacon changes.- Update from NSA * Regenerated headers for new nscd permissions.- Add matchmediacon- Update from NSA * Added get_default_context_with_role.- Clean up spec file * Patch from Matthias Saou- Update from NSA * Added set_matchpathcon_printf.- Update from NSA * Reworked av_inherit.h to allow easier re-use by kernel.- Add strcasecmp in selinux_config - Update from NSA * Changed avc_has_perm_noaudit to not fail on netlink errors. * Changed avc netlink code to check pid based on patch by Steve Grubb. * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA - Add optflags- Update from NSA- Add matchpathcon man page - Latest from NSA * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA- New upstream version- Latest from Upstream- Fix man pages- Latest from Upstream- Latest from Upstream- Add man page for boolean functions and SELinux- Latest from NSA- Latest from NSA- uppercase getenforce returns, to make them match system-config-securitylevel- Remove old path patch- Update to latest from NSA - Add fix to only get old path if file_context file exists in old location- Update to latest from NSA- add nlclass patch - Update to latest from NSA- rebuilt- Fix selinux_config to break once it finds SELINUXTYPE.-Update with latest from NSA- Change to use new policy mechanism- add man patch- Update with latest from NSA- Update with latest from NSA- Add changes for relaxed policy - Update to match NSA- Add relaxed policy changes- Sync with NSA- Remove requires glibc>2.3.4- Fix selinuxenabled man page.- Upgrade to 1.11- Add memleaks patch- Upgrade to latest from NSA and add more man pages- Update to match NSA - Cleanup some man pages- Upgrade to latest from NSA- Add Russell's Man pages- Change getenforce to also check is_selinux_enabled- Add ownership to /usr/include/selinux- fix location of file_contexts file.- Fix matchpathcon to use BUFSIZ- rebuilt- add matchpathcon- rebuilt- Add rootok patch- Updated getpeernam patch- Add getpeernam patch- Add getpeercon patch- Put mntpoint patch, because found fix for SysVinit- Add remove mntpoint patch, because it breaks SysVinit- Add mntpoint patch for SysVinit- Add -r -u -t to getcon- Upgrade to latest from NSA- Fix x86_64 build- Latest tarball from NSA.- Update with latest changes from NSA- Change location of .so file- Break out into development library- Move location of libselinux.so to /lib- Add selinuxenabled patch- Update with final NSA 1.2 sources.- Update with latest from NSA.- Fix to build on x86_64- update for version 1.2- Initial version2.9-8.el82.9-8.el8.build-idb5e000eae0ccf670c603d30530e521f7e28f8e38selinux.so/usr/lib//usr/lib/.build-id//usr/lib/.build-id/b5//usr/lib/ruby/vendor_ruby/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b5e000eae0ccf670c603d30530e521f7e28f8e38, strippedRRRRRRRR utf-8f67140ba041e80e4e1d075246f8228991788a984163bf1328c19604823ae5d9b?@7zXZ !#,:gJ] b2u jӫ`(y.U}d 4";R[Ӌ,l& Yy4T?֤jWDK؅qenkH/I֚+IJix 9|(v^9 TIi(Ǎֿy]t89CKivS( C\($sqv>+;RςhN8崌(}8握'#\!I })њH2(<7q,6D>\İyJqn0L{k6iМR{w]lV xw)/ 41'ŋO q3<" -4'_dpz{+/+SBW“2b X95V$H׉;\}+vl}D{L5Gbl1AIA%^NKi7) YAYFj[^c_𑹨[Htxliq| .@8"{SW=P-yWC& R>7}Vw*ҹXT:"9I-dN; %`Yoqf> 3TEQeu:_V Y&ɳ՝ P bH[N7ڒmy|TV8AksHeԙ< ?vQ{]!TK^)4g3x#-V@%L[~c)=7 &PPH q@< R,"ucv9ϼ(1*%x@G؟+1u ,JR=Oi˩ϯ$1p,۞RDs>r&N.=1c[y(+=II ym֩m5 &ӷ%~hx2֣AdS!r)4v O9M2;z>8`]였[(}(9\uL{LAy͢L)8uկy?b'z!\eԏD'r`ѢIlRa}w ];Gj]9X5]ȥǐK( 4(ܙ{:س0-b<;JqQjD+ub(GI5Pv'9HwL7;< sH!:w({k#^NO8&M[[V6# b ȶ&W_HM1Gl~N` h >qwT`Lѻm6cjn^]xy^ʄR`$б2+oGr/_Xb(LMVZ9:5!is`9B9 qib:z,'D86[N4ocARLVܥdslN PP!b@J:_nے)TЖ;9w/ǴYJCVڴ]((ZGwQy< U# 'Ϭ ;Jq!qp0L_sJQ$5Lu /16mN;dhuD\ĺM#\-Et.s,Ҟ 櫧D_;+W"Qϻ逖.k>p;QܼUi"9“JXGE}iv=جϔ2QGNꌬ`x5D"Vo`;'[K:4|S~g4X9nKbj¶>HY=cJ2ETiWvMΡ=-`rp`7 ^Efs"ω=[,^N_*+Q |'Bp2$0 O>DYck6 ,t=\Ec7X!DӼՏCշ!3.kإ3O8g{1j޼+\/rb5~>̻@[Q{[1zzIOǺ̪!䍥/MV=:Ufq=|6At\de"v77Kc?Z; "%壐WR>]q(3U6-Ѯ1H.rzs g:&$- nbBS'ph6fr5˺Vc>Š P!/ʵ*@hDm@y<9)@FLidvdf1<+-<ԋguFOplXX`i-& %v,nf{ G.wrg[Df-XD3=t@A>%;j[i2nA+y,>5HWу 3V3v WVl"yA-_F;Isv(˄˥^d"'lcf5NHt_HCJTbS`Zwϥ& H q j?SLkU iUlmF;Ʌc2-&ܒX*ЪE** +ɠM[nAJY%6N-tyW$x/9VTP&Υ8Lvl9t 8_3*,*[]@k8$n~ECd`bq"; S)VS G-ʏX~\ߞɸ.V硱@g-"P"@2l1Vr/£*,C'7g;2?hq s#\R{1CBmKg;ߗ,ʇS\1 R,>S"+ʵɋd UA -ɜ螌@`%>rJ6>X.&bB?5U!`hvT<7T>?}:o:a_&\ӭ/8*H>/ 6<ٗhJ>6(˟8jVs?M5-F\w!y Ⱇ;镤3ĽxNDxG{PBD.-`wf5-6ӣMǬL06kٸiŎ,]Ĺ[ ̢UꂫVif #Y*γDn}{>[!{WCʾ$jSٗ诃CNGc@|MH 9,4!Lfal =cc!$ !kY/&**P)+,fUu(2nbZ$|r{Yjb_[/ ܌Q +>[л.5cCh*"sKF).Kc{S Bd ڜbWqT3iě&L+ޕ_@ N$S}R,jIx@yڪ5=Lj)1dѿNj!{iSu[:4WAXY}yp> G@$4|ok75@k~TZ x!Ue(cnKS`T\tvP 3?ѷ<<[|(: AgkY.J#3֥BOoTzA#{Vvc k\ⰱ;s't/ϓyعڊ4fSJf#/~Q0i` NH-+A# m&>y d[t $C1=CLs^B7u{!7Vp2Oa{3-KG1£"O,SGjp\3c/lH^Կ]7"գ6q{1UՌ7j0,+x60FMp)\tc7V aAНDI[%.ytr )lWOƳ9 by!2l1Xȋ?[1VWE÷ZNW^aKp`#aUݚ4yZ EpS9>o˝p[Bc:b&ZkLzߗVqW}j86Qm6yݸ_bclISDc<`Kb+x>h'>JG׎͑{t: k6G~8$cG];b:UPg?G]:#EtQL'')bHuhP<n`x7FV~7KfOSh{4f/EJ%Mw7BX&Gkqu ƃ`y5IPIC4F;TZM)AE`'Vά6 OVSɋqR9;p">;=s3qf(\kGh*Bz([*ޝӉMt0ڒ`̂&s'Ɍpd6ev{6E]6Hcj'\oU#)WOc5uWx.Sxt%3&OU B0+/?Y-5C9숺xob$BAF"D Վ`ʹ}h{|0XXXzCHN`S(ĽW>HA7ّ4y(XS8.1abX<.NGqT'8"+!ז0 f3U˦r/s-ׂEzNh:'נ};j"+4D#jpà歽(i6 #Rr.UUroxi :ٔ[7g޺r" eȮrHdim;s]1i#ZppRk"1$LNH,7t~_BC|6kV6m;OҲe(nf"ۊ_ZlƸ<8@ fk_b ]Ŕ0$NUu*uA!dA] HXXeWH[/:2t^SDcAoB=RQ ssNSjfWg߰(U"Y G#A ԔBaײ n\J]ˆPI $Э! e"Nq ~fEIiiDA֛>@Zg^,Tț.' )z'Zd9,ʡ>vw?Z.Ba!R)~E.j?u3&rnS_daF'BM<ϮW7'x>`J}ܣ%eK=UTA 2<Mm'6mU{]|TzoW}S, (ym^"?LruyPa;ZQ6?fN3Bo>Gà%ի,v̮J LڀW.H)̥l3>OFTޓ5\']߻y9,yzH9\5P3pAeM>1Vr7Є2˝%cql-мT$9*[#J>zW`ܛY"s$EJՐq^4dZ=D )E&>2 chiQOPcXrCTynnYFE(}^|Z@o%=i` @} ѥx24_M] -qpZw̘V/0E7yCxǭj*TqK2hh`4bo*JPhڃ0kc֥ȃ^NN\U2] ̽@c\7$*5zׁҳ˴z}ޣ63?;!ɓc(z vfHc7xYo$ox;h%3,<:÷ g[Y = .=6aBv!/i:1٪,(~˜OZSDB#ʭw61>z\)QJfWfoŤYҭnjZRA`j,MZ"2R?d"]c3X-G*iA9}dl\ RhUM4Hqp9Ô?0IG5e 2uSF\$u6OM" 5N[;9Rɵ4VXt?v  F‡ʞBvZ~ ([ i_IVM}p3T#nyN}UYEmSӠB&'1ԲdPfO )MOf$c7Yq9Lv[!X]T E/Ty@Mu.. K6$\trP4Rw[,n3y44,I+pY +cNNOsABÇ-V6fG8,Sؠ]wZJAOQnh'4O(^%24XVK?k }Hp vcq@ɬEx0*5^Oir1|RA]T-5`ĚU?̶ ǗSH~䥴c=AT`b3PmRgUR1Gs{02|)gDgL7$(N`g7Ti7Tja($Q0Hk}%-YRBM2Ro,j5Xr5O'ͥ~ wzK7GK+L pSf2m#Fg[x>:;V`EBRÇ2sPCK/m6 tϕq =8õM}zR w>bPtVWƬXM˺ls(\ y_-P7WHJ41i)AIX?74?}-,'/a%^g|C q`js|ޚNR)1kdOL@-DX$k%24$Vήm+x9qu<[cގ7Ah1w¬!l('ctN8`[g~ZO>Ŵ4jF)D#!KiD{ -t{OCH480W* #CKĬXL4寭̉ vj6FB{gF9# y՞ĹޒjoS]6{ާ"a8,IH:禍^nφ; w/=뚔Ȓ塍xY;[qq_+h kN˝f:(9R9JBU,a&>8bQ:GdUf@ip G3D_Wm2rjm\FQI+HS9Yٱ;F;q5psv`)̈́kW#GFYZ3*oхF25v#;F!O̬~sw>y]Q20W_2wSJ.]zP8cȦ4tzbTy2-mJx|А[(gCvDvP0V o:hl#Ӡ(ut-}.tqW4ۑ,gߔ|^"rH{PVr{Å %5܈|)4JF{c&:-{]ك#^<,7v1` Fu!\7-(qJҝkS?׏&$eҔG}[O̲: 厢e0`oaaR@)jY(odt`* x3 /M%Gp ? .3HbD3t䟏5 |; '}CO2 d@\i]e j3,tSEyyVQT4;*ąX)F`֊Wpz1ӀYQS D(o@?V c"h)ARK5ER>t1r'JG Eg`Fr:c6,;ϵheBϋ1bk@-^0rK7FB&\*1%Go~\MY( EgZD"rfý](=)9!iOBsEdAFRR#lNԤ4t 7mp".C;zǰ/CSUzVz]'Crf[=We8SR-GLFs~ugWg(ɇW4}vEMsFdXuOAbyB&`:؊U'j+ \"cc; ,&+?$$lѫ$n4G?%; NTW`w,LS߭Ҥ8crV )3-\c}Yٻx'+bN ^FPnfֈL°`؅a xfUɤx ޶ 5{u̟gJ%-#/@};jIc}{4q&9~cNL~ \=t-7'Ou;=g#ftuec# Y',Nզ !xb*<2Y c^_ bTF\BlʒjQ!Pf85X_9e{;45E WPA X,8/EѐnyhbfPQ)m#ؼMhs{V {JUl3ݝVIr(q 3gL<,='K2 p,B~ $K"gV2'qߩM9'tmݷF_V8iݭ3KڧT2)()>q)ۼY@e|U5L;U;ysj<9C =FQH˄`Sű=(%$Ue~e㬌*/u"`lA Ѩg4pE suT|7AtELnLp+S) 1|F9pAplb%>ETUaqv[ޟXM6[/HU%ְ/ڲr+LRlzDqRdêZtI:Q"dwjZATY?OSk\c46!sFMn;]fb᣶Ίq[>ؚa]YSkrK:]`\/m3 Phl}ƥFӻu [iRhk?Z/ ESJf;V^uVWO9?=U֕uBIJRȴ^l{ֿĜE=CPjȁ~Ck#ħƻx@EX- Q20xmq-E7/Ï,=mג?8a7Rvhe/KsIjGF@ySB `#h|jNqZ]Ckyt .k lϟ[Ea'Ì))ǖ-pSmKfNTJ!}}{W1)%tO2XX? 3wLkQ-큧8%}zCM(yP)ep 9|rjvƶhwbY,P D^ ۄJ(4ƨ ]ᓡNy@@j֛؎088iYB|il+!,>įvhuI>{zN4% -lB6V_Lu[{ٞ{dJӧu:/ѳd#52m•[T &}ɔ𾚢d;_\_څSfӰ WaeJ/ 7y䓳:9-ҠΎfG1ʷ$dP<9p&j|",7ŶԆ'>0ۗU* ڱ،aM_С7F.{ ๐YT묘wwz[8C-$Z0D4Q]EݤhNIJ;0 "%0(& s%dX @/`e\?,/gssڦcX0sq,auD*g=rh5Ǚ Č,+~ OzpZ3yJ*^V/uD$I 5U 'zdVȦEl5.?ob4nU_~^ ˍ؃Hk Qw_f҄bjm(Nf 0+B d)c}ĘT_F죵2F8:rE)do>Y1JE?ǖogZ2M䨊G$ep;وJz5?*D!UKpBz%X]2SS*⇼QK7 ZK ˊ[Bt0?v"la )ti1 E~rHO~17ۿ[Q7>f.MuK{incj$*2 uYK%@ ;~\z0P~p*5+b~=2'*spԪRESR՞ef(@ip}K`E~q7,*z5h)75\~ E C@283! v ؍% L0F?;s< ^-Ljro~k{yhArw DkTdTFZ}2;djs*^Mէ;ޛ] WZ";[,)f"Tw·a` I4+GXz0ϙyrkGc!ҳܻPDk~U`QHlN,%5uYQ rG6hqUmxǦf:s#FvK©0tut\o#bq~ ᦜ] JSD`vM5j} *ǵshyO̴lHGy؝Gi05~1GJZg$t{ۅӈ (jpL(!2te&hn\5VL`5O7wWЊj8,l1:PGAp"Nc-, 6$4O!*IJʮBd]v|w~5$ĐXi]6ŸV 9[G7q!:5$^,YUAmYCsUs8bnoX4}vVFE®CF]?D0B`BWE㨽PiI乧pZ#N_AW}EoHBA{WvIc 8R?{wVu^wiqTԙs/"1Wyq!/Kj״Ve8Ec~3;LK}ƭ$>UQyIQr1<\(g1L#Cw_l|Py=zĞUVPUj'54/A뜲*f96Qb*cdĢCEj$FI'1e3lAr6{BmQnWĎEyL&ÿlNɬK@Q~" ZMgu;i)nZb<p7>wԸVa@6θR0q\Lތ8OT j+_h?baD+'Dzx&xG 8e6,H5ŜIM;A➪Y6ۢ-hr6Nu?8*$. 1|&%R`(AEB^o@Xpkyxpս9 Փw_7|yP&Q>j|BӇt'ʮhG n|niS|yY滢&}t`f-8#xX[fv܆S'?jo|K&L*mX W!ƶ`wSAw%fbx _v,pS4KH:ๅ*mGr<ִByPi#@fRJ^1 t n&u*D=TxS KML>ڻ^V݊ԣLBIc!k;H^"0u4rd3)` քcp%:9lx8m7{$UeNd4̱`u7B( m{SXr&0CN8{5[ޤ rҒ89\}Lt10NQqwF4.ρc@@/TvAɨ?ތkg|l6M%U:jXrXrXO7{xs-.A3l?A#qyeD[%H 07-р$SY{y2wYkg,맒+psZX/eJWd}Mބ1+>P1ӏ]W,ғ (J4^T`g$:ڛQBb#>Ni=O*wn}|A! $4~ Gb) +;Щga%Dеtlo |*P<[plN-aW=xMR??zS0?2SqR7^ɷX7-Q>ӃE[=f;)5o-j2JžFEh\=y$C`zG%I%rЫmW#!,ͩЇe gKq=~ F ̐^QOy]w1ԫn y5k}4$+Dw] xcu#ziՆ1 Z7hVhZ%旾u`EٸE7+BoxGycI['qw LǠ^ Sy {gx)vPr1:3qΜfaC#Oa0_5#fՁ&w5>FgqynspKg%^C Cm]?#xc.V[۠Xp6U ?OU &By06_`}и>Θ&WM# `=kD8( G}COm '/QZ]^ 8ˍMn!,q咯QHfsu1%f`.zr UE`}dD 3Ts:`P[bi!MvQ^OH! Ls`r4V \F0W;M 3v2ApquΖJP_DAܚklGYl) @To޳E:!B_"[ŦQx!^ ZU44C=:nz7(b ޡ=d+ؾ )5 ˺#INzMiˡ@١cr*_,ftTRi͐u(*G+^\9*Lup um.'a}ʼ ൻ|⼐ԫg t=4i4ߡkl`%l(hU7l8_gWjrqZC'',pg,ÉJ](Y@v$ <t~AL^@z we`l!]e`z/6#ålPjed}VB?RX1#ڠN*רy<`h\ u]iq8-B^?TU0%, +^y|բPcUCo9~sGI̶P8 H5}g?e*Vn]@_Vϱv$ىH7بGDyn5nR寨931nj8S&%LI*@lF`_6=#$*PAyi)} _h-eKZ?v†0eSg&h(o:h誣Th%rH!pSuWuCF?Oh#M=Ģǵ ۰~\Y>W8܂Y{D98ɪyeR.1UK'P_tM:[*Qnb͡0S fK̔UWY g:+ 刌l`knX+!ofZm#QTRET?:_["V!n Ż][И|iϣFп\h|-i #PvU;HfTs8-d%eg$9Hs7;SF:&d *B`p1 ~}; z7٤ /~`j`O:Fl4~Bܻ+kXaq8ط?Zgz9<ԜbչP,T$rAQ]fJ풇 @xؔRLF ;q׮}lIKG˕?0 Xz %&ঌ9Qo>zfP}"%;O5GlH8`$5d"0pRR^51J|΃,M.V^ V=&dҢbP^mΛT[[Vᚳ]~4-IQТLZ]BIV]Ws2xMgt6I nL ,R!M֋kѓs?sjHDݠˑk]Vn>gRocr5JFef6*=5LDScufl72@')Q82~7AAPh"@j+\Fusɍ$[UIyPF{"|^tGZ a%dL)Kx۷%Y+I'A*(Voclq]LTs6lFJyE3jT2a u~~Fھ2P%k%U|rKBx h&6-Cq1?u~ƐpWbHϦ&PΖw@j&WEJ-%J{$}X썝\&3^ K7^5g6RTQ$ 5"?N"42٠´se%#VxOK?2wȠ$\Vhs!XmAR#<[l8OJ O-$n4Xtn9Ӌ3T,@`Ew~9Ϙ}x7"sFnV.иM3GqgZޤt#q;L %&ҳ[Tho ES=>`p6Q^/X*'9?9b(4p; !3%i-B{n}Tq4z'Ab(k$*M!:Zgr߮> 6Pzsc@[Q};_o^Nb%L*)+r>!3d5g% $bxWõbDrUۘF$O~4r`Pi >í#.硂"j.'7겸A. ]D* ˯Y\$\@!y/8)M41vflD, UJ1E]pR³gΒqyWU1{Ib#W{$3x6Ŧ'ީhA`%x1=&()iWtv#(GF*D9!c})\-cmtP1 @p)Xc&~xXr/]*Zt7)6za#vNGIz3#29 Zѱ4TkCk X>2DH?xC"(Jf.wf$Bv ȻB'VV gOnb}lGN2%&NeNzJ+I:m3hb#9ڤ<մ@!l3J.˜wXe`T_ry=q-")!7L'7e>*Ljj^P"ٌns;Y\{]˗ k-fɘYeJ{A(7PyHSCyT/LǍ$X(Yֆ%a2nS8Smx<eflǞ {jH%#=%n(v ZH^ b!$OCmacWQ>B BRiaWY Dj8-3{\a,x[.SR ܙ9)jpv;CRWރb ۣZ&wJirX$*#bIEL{o*߳ 4m(ZJpO$ȟ'`wchW+fdĎ4\t-;M//{cyyfBC/&=?5,S7%ozh.u"P.yRkfg0B=<.pqBv̴hw\h$! 96%<6nDW C02%@qĶ%C(smTGɸ@{^lt7>S'h2rfA߶@=YKM9 -V#$j|Q~ՎjUf'T@ޔ /=YaCU.%-ٌϕ| GྣJa s*[(d3O\| ɋF̞R٬R8DA\b瘮@,hIҸt]F RYi7(,ZFUu/-!D8yZeGrhɸLpQB%ɐ1Fi|XxN48drYF~kP&{yi Bg/@-Pm :LH,;CˑaN6 G|Ut:$ ~ h>P8?(AbGi,Th$i&YkzYM| ewUDծKLWkD/P"zU=hCʂzK/Y.2WWTڬnNi6k8"ˊ" V,!/Hd`a&wLvv,>Ӫu>>*NdVt&K[B`jDz,uA.&+0lqLpU F/1M1i?.J*@CK=9,v*Dְ\;V";%ZШ]|;j/ +QDWvOtGd*KsD/t)a,Qkbsj+o@ǦuR;7:<0A4 0+v)ĒY!Of' ,% e*<[j!80KfJg1gTb hdn;Ei% R2KS %\XKy-U'{areN䰝52:׋| cCv]Ģ^-NZe}%`Hdblk8acDo騉]ϩz<Ħ 36pdll2|$\Spfg86<+M *=^9TS5![|eoY97KRؾ>m(- 06/&/?$?ZgX hFrϳ`tU>vcJI$#ȶWTY(5'.jnoϔ{T;KY412x ~Dun`ky?83 KVhH"Ȑ7eӘ&=a(E4V/"XAef‚hZ?k<]Zj{9:W=E|n]xl-*@팴AZ`aU"v0=[}sEQ]DEM0 q_}l,a:BA%sc]Y6 \Q<<0<-Hrd7 sd"{ub<~X'%k\({jnv2Mj` ca+pb=̰I^=٥e%揝ɳF4`> BCvu2/vηZ}l:Ţ.}oyxm$2*}lA@0%1=ФkAK>!_ ɸYZcύB] ؞ ۢl3*0a*˨ٺle1І< /PhW< y-D9/z4<ڧWT=l U<ً^ػ2\#@ɻR2zv|I(6R>Eg]tϫ,m=Lqews5vkLsA,Le =5D5K yBeQҼkFhWqg1G˾ic}K\js}Fad+r/*w2dH- b(X@2qx] F~0EEU8c͐Qr=>A.'H:&(o*\bl[!SHPqHQe³iKg u'TDe|!ٳdf9wP ~KYIgo7 X늀B xnPhxȩ f&^xؽDvQnE111EG}'i5 祐jbs% FBh-0e\xY$}]BJs r}5srD)qu4Y,sy3_[u+ܡ&f-^JfsIXԘ0üJT)طoMU|/FVpDF;Gsr2eXM F*_)A-G題^3lQoCB6MNl#A;&sE3,Г{[.VU;Mbza[ jsQliݶ@XYyHty8䌍cC}XҔ.֠ou4t`-MpHyKGK^?qMx.DU" ^&vdA{BhəGP4ML\ EŎ!F ϟY]<.GY#>/E dV]";O\H))opcIM 轨drֶ `مSNЋ;gW9ʆ=^əO3cگb.XVz؛%"}kh.vaIB @Kb}%67ߛV*1fsRYizD-D97t-?j쬋]t ϬAxS|> N%z}8Ch = x AH g$i%tp9]e"k DƏUr}m%~KayUǑni@1v/A7"n Z-ܳ__ݙ4 m@`2qec"tn F@*ӌ#pd$~#+=LXٮxvUMYK۪NGKM^aC-dҸFr*FЮ*, -1MܺyÏ979oHL,3>( ׺ߨX~U ژ`u 6HRlLfQDL<쪎aMOSSzfW7=0Y⍩ O~E,>O̤ƨ5Q}S!_ 쵘C 0`ngJj2-nX,x\ǩk9qb* Wn6vbK"yNuxw,*<+0n )ﵩPL7Ί/g#P6`+߾;LI?~JKkAA;ёCé5 z5 ][sXgݙڰ9}upe"tܢVGk AL y56:">?0aʪ͝5ޮjI-"wLZvfz$؞W0cD f˪e@DH{ɲp=o|>1ҿk7kd]..YŪY<KK?W<Y "1X2%?|.QX|8Vsb؃īg l&frJbYsygXc'eF.yS6UfS;c!e ͒KO&t< AS7pZd}!btJMu!ް[Q]a뒮䉌YI y& (Z\W%=ƾ _L_);1o?)WAB8cB@>kRoX8P`圖d'f0[/LsM :jq?}&Sݒ pϊݓ3P˰Ҫ_B3HVt"Vtƺ91l?Gp^ C8vfLkC(ii6qh![-R)cQ}Yv\c^8#6 EA|~DE4$Y"xB[HgdNUsvyc[F< e(r.=KZsm]D!FW=R—owկ?GgԹ/R ݂P)U"+7%QhG!e ih00o(,XߥY^J-0Fz"P<99hcAdPKǠ'IvSnH^8>nzx9ziK-00|/Г=,AV>;KG A9JLdʦKt2Wc?(̅f55}\5 Cf(À|[(M<Qu7D >b U{#xCmU\)P1_Nq3ANՒTW{kQLjbFKgSQ_f*d4XI\wviЮ *_mC#Ɗwbd4(O&~ftlv.e #d$ɕD=H uPR 0Q ]ͫÛFx8&j{ 7g3uB>筙U],S4[ `j Qqy S( rTI9پip3ڕ88ZzV3 :d=9r˖ĻνiVo~|ĿN|sr.(Cdd綾ʩ$i Sꀼ!w$!ڮI:ɐisU".=lgm ڊ90TۦWjgCu*J:xZ*#ݻW>t$#?#oY $Z7b^eo6핚O }L? .0clp/s{7fYâ8LD }BnWnk+*>Ąq(bKk&^zi-e|!^ٺhb4RF'=g #V1_yMۥ (>ձ' 5]_Gl^ ǔu|(Pei+=3Kp[Wlѩ4"-hd}\,A?3mFj[cH_겪'`~SRzp(6K%5,b)jrEiNG˸yy7G¹dRDdϘ 5db.Hf;O*[Q7&HOr lr|u0 <&t/h"?(9aYoLJ/'6P(+|ڌ-µ}anà͸;^SF=؟ | lb W& oZe27$T+$)G-lwhm/ #4Aw[ /=n*kx) A>%wZz/YFA=^O|QGj'Da57枣?n uc7hMN!aa{*3soM\Sr¥ZfhG\5[ph׿|Jke2cu z/ 3-׆KP?|vroʏ Arx K"H1BW\Qtl]R=З]~y4l'7vi3~?8b#R2sz৘M#RhεLA0')l [j) w9f67}zYweb @kM<X%걖ѹٸo˓ciCg[)=Vs4 ܵV5{:8_RkvմF'\vN=(bg6Tz;[W:q"Fcd'$rŗ)wrw^na*fzpcٻ$~8Ājo]e@y絅8Y5/&reg` )Nw7'ԍxD3PJul2.%VYsXQClM^e<}̛ h $_G~geW. >5@4n% lJ*yZgBLVeM} pm61l9WF#wD!e},alrsC`jOٮid (k|;Z[CC$[䀡H/`i*Mq *TZ~z$=ƣ/D)6> 6WKIgsJ/-+H ]@m)Enb6Z83 FҝT,)iRi!9fdmh4uAÙEl).|\8̏8Cjd |Ǡ&Vu+ˈsбU8rJ|Y/,hveǕOrЏ&ۗA,uУH#Q ƮJc jȚ7Z62si@\9g~v-U7{?-k)رRٷD8Nzw.~N~W ]( #NyoFp^~h*j\֑sdtBo#k;잂9]>U)\嗇xeCKlF5&&XcO4+=<d2 ,ZUBcsʾ~w)k7BqH) <gKN%Orn6 5rqƨ_Tqb 3gu>!.jbZa0PXGrXE^%ù8..Vt-7^^"`ݶ5 F 9=Tw7 uR:IĐSj\XFeՕ5DY]Amu~fb{&LWVS|vE9Vpx$ح#ڵF哧<@8>blr~k=?<:`sp}l~G-bwsĵOkpvAwu7** <`Sy !G6R͈=EM99:S# T&kک>hW)؟Z!^dMpG׶`luuΏJ랹;va;WȷS~aTd$)NʪcLkȿV&wml_u<8+b;CހFnlCyEWT2B u7*$Ă@q7zh}AX5>?,ȕģo) ŋRh)멛xXmn䃥KgfgUE7uL - /gX%L<ҕdS"$.{'L)h7G(hhuH[F%]ˡr{0_uB3f:A?QD!Lآ}Tk&e,X{rl#.;y ACZ>q#WI6xi|n&c'Y7f]/ E]|'_q4Ʈ#mi6L$QsZq΢-r q,dރ1Bn`k$86b)Hٲ,ɇJUI8:MPdh_pŪe06sdJ)ǘ07ʅXz* 'a^t0@aq [32HSWP3 `ٱ-좛''}qEe+.k>/T [.'̷~J $a UӧOծ7n A#̾F@8#|@$F>޽OEr&k#:Cr6m'٠ȝ8 猙57¾BQX`(>eFc#Ŏ7@xw }p1՟fXr 4f (9CU VX~ָ0(<y:@1a  Mt[]&qHTUh{~%,B{)a~˂$U\GN?֡#Qsp 6鍅)wfd/)'Exi{%A6 Uݔ4;,6p΂7݌$j`ADn{7iMTo|(af)sZ ǧ.Q*wC=uR;I%_\~o_J*FKnBG'Gwqmf'Ġl &+;ɐZl%{*ɿGx\q~|X-[qARYi -9.,[dHVfS=E\gyPFU]!ppdZNp7{h>L @焝$%QbMx^~i]YUJ 05/qvM5J{^Y?{{68*[Y_BsЬfhfz3;9;0HAFC|f.ȱNʸ;5C.f/G}!y8ع0A>c>ܜB6IJ'}A5o-W4Z@#•=j`z3EoM OX3쳎Q}2 QUִ`he:h43DpZ0v׌MGQP> !bhBaA.zM?Hq!./'hgr}`YZ+AGnr#lJN[]"iwK@>C cee.^z>qHqN}NDj za;|]<厐j8!ӤY g3` asq-C[qG8{Ԩ)lV1xoq~z|(\ː#"\ ǪLsns ̒XEf"WYE7+Vfu~ȉUW3G"@w/f P+!v)J  u2Lg&NaKIm.t@PԻu1aPii.?@#; I"tCizQMYDPExaNyQ=ݞɲrĬm;ql+w?8 \Y3h7(MowjLf;Aߚ6YBS^ P!&V") "JiD7PͼZP)췦`=.bn d& 9}tfw\)ȝev«Dݦ1RҾP?7Y~e]~6{#])ńNj ܛ=O-rwф)qK!6OCF22Uc]1Jh7Pja ԃ| F"BܖNLr&ε/ZSeZ-R5HQ^HLmz'FO?z]Ԧ?}- I\$; USA3-#cBu?Gǿ"T&JzC>JKegM-aj֖4v̫T8El6h~F31GMVrxEgʗt[0 Us̖*xt$]KL{L`0*oN 4@bϖh 81ؼm刅POH529$X"<$} w%}\9ܞB2uw`G`C,vxiѝFQYW$bב;7 ,#]f|푶D/=ǝqT耐t#UpGf@X.oA&d뜌.~=R˽lZpgtvAaQ^`Z}([.T7J {[p}+DR=6QFd۩<}쀕p\}1[h9eMS'r`1g͙"mVa#70&:!ۏ%Dv'VJ]^{@ {U鋼dFS63gug.=(4 \T$o΢إ.DM+2H,rݯOKI튿| 8OO[uvB"kg6j3R Vo qj_lc<{ࠒpkX oWIΐT݄|TBJ^?Vאo< g;[ף c`}gĖ-ZE-h~/wŐh6hsyh(Xm2:{ ÓQG):zO[-Hbb%BBO[vO6RV<5uw(sF?#R{" ra4c~LX&4f=C“ې.+nltca>DCqGk蚡_d@ Y 吴Wo]tfMQ` ?YI5׿ >EZ4qi*4jVdz\7d F?C&\ ޼ {+8̩WfA:V\k8tM.C1 ޼s_PAT9P/cM)ijizǨ\ ˇnvMx);'.N=2\dxBi&/n &g$m$Hճ[A&}~SӪDOEbҏ"L:BO NXT#C' !M3]g&sp9ͰzSC舶.7CHeN},Dܤ]0}o1:Cx@~xE_MZ31u(p64x2;@ќp"S{A,Yz*4Dm!C-yPG0 Ũ_܈[lw㎰ZD״;O*T'ʩtD?Ob}^C0mP)D&ԶYKNL^rʆ$#:bK?1 5< ;jIZ@Bb h% 8Y'ٱsƦvtN!T.`ETbXg:JDIޘJBɪ[] PW𶉘|$=Hj]bqfg/Of{E>&w<ѧN0;RC߮QA?hVn(Q0z?җh0*7&?5F#-ΛM$2~ݏmyffVJ! otLuF %;@ 0K:p.s1_|-j \*[42PKl%%[ F1"l;(dau (W`+O09e!oU$Ոpȡ'Ea. DvW#\̎;fdѐԴ.5L%M㐵{Uw5g5@W*&,P10 fYU^ LQΫPJ49]Mx)[@bwssC:9]F ~9ڎFӮϮݓ C[1͞+alZCuLV1;aa0U/G<?Xp`߭xsnkcX[7#޸qa Ѿhc5#$[ Y1Oqx.Ksajkqm;̺ -]+ }q^0+ɢ-K0OR Mi:b1*Ʒ?Fm^a s-"3n犡F^X;Hۖu! ^MG}^WT0); m.2Z{*+XdF/!:' >ahceBڲݮ(!tʬtB̊9(pg hIdP:q$y& <0#,Iڲ *ݡqȜB|@bbP@ JI| -U; kG;9j/_Qs+#8X8q4ZU0B <{Ȼ̜xKӯ(  "2Z9VVwO&~=Zçnr|I}cCM[I;{5`5˽e,,?D f= XᲛDi!"5tRYue?rT gدB QNgbbw>=JJ+})؊TW|'(/rq-*( H׿/L~=íUt^[\\dXr<5߼Jf:PS}x15~~ŊS[5[-6lȲhdDk)垥 !:Bp[@@)vױeJrkjÆa|3 ?c.,~3yi(yLP=ZK`gx׶ v JxϸQY |34ޓ]sΧ:ϨQ|{cX݋VYKG\6Ӡ@k #M;r)TfoY2BֈMns6e֐*,EBd;>p]˖8h6N<ݧW* :W@q9aX0TN;5%E<`*VX.Ua=58ڑexX2A|6' h*m(mnhۣl5ԭ쭔|]fXRFxGADr$`($xmp!O.6ON@n(Pb=rzيh3)c},n(kϗ)R}ӎ.{o)R\ 6]c(YGYyAt;xn(SJ-,$sc/z x6sӠ0z k*;b(hh<߻ cR/j0=kSRgoZxL=wb0 sf]1mD t6`eH-k}\/v[#nʚ]B.9Sqj93[z}͎)rq*"Aȓ[339.GNֆ+(n{7GZph&ɩp~.QMJi\?AOy8H*ˆ,B29{S2%\P8s))ZfU#*;ؼ'S]R7FxqN1ϣWKVa֐g5 A/'KaH3SJr'ņz$?y'蜢u 1pB.ffB{6Wj7.ONՄR Bd:'j1!.0zn>k\Bm~, MXdO'm.jE%y=sbcӗPkA%< mXioXυpC:;A:fum&#t|4>mr]R/2pծPdB)qޮů*|]n` (|!\^15&ˑ[/eg XZrr`3FAکEĴ h [%c)-(9X ޫbz$I@訡a~@J,i:d@>E OyWK&Z`?yk~Фub 2PL@^ʝ"cQ^آY@nK٭y>OX̸9$A_c{P_LZB{ b>M{̰=@@M=~'&5VBӻH-2-wE@y*gk_IT^'K2C)2 J =GML))#;8jx5{٥7tW򦍏@=eHX iB_L[<i14)gՑӂMڠ&+sm' &` /z1@ QCb/1 Da|jg2&Zll z~cL?[vsPД %L0F V"0Ud ݹaYx@IR˚g!qp%܋tr_vӗ,׾?c+B`ks3CnΜpՌ-9 `C` 4$qENHᄛ"-kpܤ`?<5ӹD]Son=2Jd.!6Vv)케q̪- ?ԘK,);`Ҵ`&5O/T\I,8O8f6$u /um/ b#b;7ے)VY  M"oޫ0 ~uyf$3D>U[9 o=,G;Ƚ*Aq-Z bQ8h,:7/7!LŸx=- Kх] z/"&Y]IPvNBZc/m%zXՕ_b 9_PX}I vR?Z[kS㌙q^'ǐޅ6cp`Z;ޗ _K`_Hw8 k_x{%7t[, l׎i[mꉶ B#17{a P -1OPGkH(֭S?Ya,v{:CT\Dv-1x:y4 u vnHbC!͖i^V N mxsob0ĩ}uyL,6(MQqcͽК+*ew€)Mz^/>IO^=Z C nC{*(Lt:S! "X>NQ2Ng"KSiӚEkԙQ) Wv6<$EF} Y6sh<$&ٔil-{{9 j 'xk$`)ޤ7oxiVm xhv K{igoJ>Naȶ$!ɢ'`KlBYi%Llae4dwugQL/{}-qy\"u5KhngSW(d-Fa!ݺJL-y{3Y_Rj:k0L18<}Tnt8>!F?H&y_ПiNq/^TBrC:v`0rHSeio7&Wb/-7J`PƟa`=ȑc,j1s :7[WImIJzD9: WFgej# Y8͞QdBpHHýܗ3/hQBRwP[zE0O;fɋ"ߘX#eokStjWb3-#B@nV/ɡ9m=CU l [씧sy d_[s}:؃\3lOtqYױ1xo7AH} k=#D<-i##(ҶMJ\rِC0d2fJp"XZw'mBϢ4;,8B Y3MpJwiÇm\_uvem*c3-WEfP1QgXV.;~$WK9퍞ߗPH !h)EQ ӫgd`{Xެ樖1[ܡ@8L|qds,G*-e|EI;v;DJ7HiGks"Μ#btKW%sލ΅<ӸoDbsN:!LV6ua,SvXS8ǭP7 ٶjⶒ`sP N \ւLx4EܬA[~ʒ^ eJ$'CǠbo9LWl_z2,v)n5=ts{a;;4/ >4Ħ8DzK=}}щE̲WYӌuMǞmM֌y=Ab)˫F)۰,NO%(ADpm9 Z!lULtb1l$_Eo}ƚPGF֪XV'㬮)S&6 % X8Ew)UEpmhhfhd6k[PUq$N~&^Eѭmsrmf$<7j,:O]u]fXVLRL@!uj ʳqM1Frj6[XxZt??}qtj啯K%Ñ\f+687- 븆tDUg\ZG_IJK#5OmC1l URR  >UtIXˑY#҆cs",1|d@X4I.d3h`LZ}b\ $Y<ÑL԰|gzإ6Cfߘa3ps@p't|I3n9j({B\#- ONJ@ilI龤̰JdQ%ohbyH d|7 d`՞8BVNF՝]"%. nٿDhʲj~3qrnZ~S4VQQO:!dTgNlawĥԚ݋dpc?[KyytS3/ k^/$$EGGe Rb ڎU8gb58_|$V, x-Y?>`aVtL4{FG8OPr,M*5EcU,Qr28L4WT&85AnU[K:lzq!^Z~Awp|ppagZT]{tblclp;Ql|29m(2(7|˫ExAvr0F#UŠ׽,ggÕ>,BW!yDVdڦՓ0, &V =,HB$D"3&46B^]6uyk,U0HX{3;ǠבA#}DZ#-C_sjyUcH&J'pR = F<@]&bxh9*`+|m`Ea/`1tcdej-H"+5EjFyvc@YmMO8!7߿ANٳ_П-T "RAC-$~CvX[ypiỊXz t=-f~(zԻ۲ýKiF#p"r9oƙMw4?OC9hŋ}`(=:613}ӁJej.zT6{neC"i)' oX1XT1` &/a+2Bb|eTL ՛8uɏI YZ