From: Chris PeBenito <pebenito@ieee.org>
To: selinux@vger.kernel.org, selinux-refpolicy@vger.kernel.org
Subject: ANN: SETools 4.2.0
Date: Sat, 10 Nov 2018 09:27:55 -0500 [thread overview]
Message-ID: <69d8bb67-67aa-bf50-c659-1528a420500f@ieee.org> (raw)
An SETools 4.2.0 release is now available:
https://github.com/SELinuxProject/setools/releases/tag/4.2.0
This release focused on improving performance and reducing memory usage.
A Cython-based policy representation replaced the
Python/SWIG/static-linked-libsepol implemention. SETools no longer
statically links to libsepol, though it is strongly suggested that users
rebuild SETools after updating libsepol, in case the policy structure
changes.
Building on the policy representation change, refinements in sediff
yielded as much as a 90% reduction in memory use, depending on the policies.
This release of SETools has different dependencies than previous
versions. See README.md for more details.
Support for Python 2.7 was dropped because all current
SELinux-supporting distributions provide Python 3.
Other smaller changes included:
* Added support for SCTP portcons
* Updated permission maps
* Policy symbol names are now available as the name attribute (e.g.
Boolean.name, Type.name, etc.)
* Revised some apol layouts to increase the size of text entry fields.
* Revised package structure to make policyrep a module of the setools
package.
* Moved constraint expression to its own class
* Made Conditional.evaluate() more useful and added BaseTERule.enabled()
method to determine if a rule is enabled
Changes since v4.2.0-rc:
* Restored missing statement() methods in some policyrep classes
* Fixed NULL pointer dereference when iterating over type attributes
when the policy has none
* Added xdp_socket permission mapping
--
Chris PeBenito
reply other threads:[~2018-11-10 14:27 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=69d8bb67-67aa-bf50-c659-1528a420500f@ieee.org \
--to=pebenito@ieee.org \
--cc=selinux-refpolicy@vger.kernel.org \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).