SELinux-Refpolicy Archive on
 help / Atom feed
* ANN: SETools 4.2.0
@ 2018-11-10 14:27 Chris PeBenito
  0 siblings, 0 replies; 1+ messages in thread
From: Chris PeBenito @ 2018-11-10 14:27 UTC (permalink / raw)
  To: selinux, selinux-refpolicy

An SETools 4.2.0 release is now available:

This release focused on improving performance and reducing memory usage.

A Cython-based policy representation replaced the 
Python/SWIG/static-linked-libsepol implemention. SETools no longer 
statically links to libsepol, though it is strongly suggested that users 
rebuild SETools after updating libsepol, in case the policy structure 

Building on the policy representation change, refinements in sediff 
yielded as much as a 90% reduction in memory use, depending on the policies.

This release of SETools has different dependencies than previous 
versions. See for more details.

Support for Python 2.7 was dropped because all current 
SELinux-supporting distributions provide Python 3.

Other smaller changes included:

* Added support for SCTP portcons

* Updated permission maps

* Policy symbol names are now available as the name attribute (e.g.,, etc.)

* Revised some apol layouts to increase the size of text entry fields.

* Revised package structure to make policyrep a module of the setools 

* Moved constraint expression to its own class

* Made Conditional.evaluate() more useful and added BaseTERule.enabled() 
method to determine if a rule is enabled

Changes since v4.2.0-rc:

* Restored missing statement() methods in some policyrep classes

* Fixed NULL pointer dereference when iterating over type attributes
when the policy has none

* Added xdp_socket permission mapping

Chris PeBenito

^ permalink raw reply	[flat|nested] 1+ messages in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-10 14:27 ANN: SETools 4.2.0 Chris PeBenito

SELinux-Refpolicy Archive on

Archives are clonable:
	git clone --mirror selinux-refpolicy/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 selinux-refpolicy selinux-refpolicy/ \
	public-inbox-index selinux-refpolicy

Newsgroup available over NNTP:

AGPL code for this site: git clone public-inbox