selinux-refpolicy.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Chris PeBenito <pebenito@ieee.org>
To: selinux@vger.kernel.org, selinux-refpolicy@vger.kernel.org
Subject: ANN: SETools 4.2.0
Date: Sat, 10 Nov 2018 09:27:55 -0500	[thread overview]
Message-ID: <69d8bb67-67aa-bf50-c659-1528a420500f@ieee.org> (raw)

An SETools 4.2.0 release is now available:

https://github.com/SELinuxProject/setools/releases/tag/4.2.0

This release focused on improving performance and reducing memory usage.

A Cython-based policy representation replaced the 
Python/SWIG/static-linked-libsepol implemention. SETools no longer 
statically links to libsepol, though it is strongly suggested that users 
rebuild SETools after updating libsepol, in case the policy structure 
changes.

Building on the policy representation change, refinements in sediff 
yielded as much as a 90% reduction in memory use, depending on the policies.

This release of SETools has different dependencies than previous 
versions. See README.md for more details.

Support for Python 2.7 was dropped because all current 
SELinux-supporting distributions provide Python 3.

Other smaller changes included:

* Added support for SCTP portcons

* Updated permission maps

* Policy symbol names are now available as the name attribute (e.g. 
Boolean.name, Type.name, etc.)

* Revised some apol layouts to increase the size of text entry fields.

* Revised package structure to make policyrep a module of the setools 
package.

* Moved constraint expression to its own class

* Made Conditional.evaluate() more useful and added BaseTERule.enabled() 
method to determine if a rule is enabled


Changes since v4.2.0-rc:

* Restored missing statement() methods in some policyrep classes

* Fixed NULL pointer dereference when iterating over type attributes
when the policy has none

* Added xdp_socket permission mapping


-- 
Chris PeBenito

                 reply	other threads:[~2018-11-10 14:27 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=69d8bb67-67aa-bf50-c659-1528a420500f@ieee.org \
    --to=pebenito@ieee.org \
    --cc=selinux-refpolicy@vger.kernel.org \
    --cc=selinux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).