SELinux-Refpolicy Archive on lore.kernel.org
 help / Atom feed
* ANN: SETools 4.2.0
@ 2018-11-10 14:27 Chris PeBenito
  0 siblings, 0 replies; 1+ messages in thread
From: Chris PeBenito @ 2018-11-10 14:27 UTC (permalink / raw)
  To: selinux, selinux-refpolicy

An SETools 4.2.0 release is now available:

https://github.com/SELinuxProject/setools/releases/tag/4.2.0

This release focused on improving performance and reducing memory usage.

A Cython-based policy representation replaced the 
Python/SWIG/static-linked-libsepol implemention. SETools no longer 
statically links to libsepol, though it is strongly suggested that users 
rebuild SETools after updating libsepol, in case the policy structure 
changes.

Building on the policy representation change, refinements in sediff 
yielded as much as a 90% reduction in memory use, depending on the policies.

This release of SETools has different dependencies than previous 
versions. See README.md for more details.

Support for Python 2.7 was dropped because all current 
SELinux-supporting distributions provide Python 3.

Other smaller changes included:

* Added support for SCTP portcons

* Updated permission maps

* Policy symbol names are now available as the name attribute (e.g. 
Boolean.name, Type.name, etc.)

* Revised some apol layouts to increase the size of text entry fields.

* Revised package structure to make policyrep a module of the setools 
package.

* Moved constraint expression to its own class

* Made Conditional.evaluate() more useful and added BaseTERule.enabled() 
method to determine if a rule is enabled


Changes since v4.2.0-rc:

* Restored missing statement() methods in some policyrep classes

* Fixed NULL pointer dereference when iterating over type attributes
when the policy has none

* Added xdp_socket permission mapping


-- 
Chris PeBenito

^ permalink raw reply	[flat|nested] 1+ messages in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-10 14:27 ANN: SETools 4.2.0 Chris PeBenito

SELinux-Refpolicy Archive on lore.kernel.org

Archives are clonable: git clone --mirror https://lore.kernel.org/selinux-refpolicy/0 selinux-refpolicy/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 selinux-refpolicy selinux-refpolicy/ https://lore.kernel.org/selinux-refpolicy \
		selinux-refpolicy@vger.kernel.org selinux-refpolicy@archiver.kernel.org
	public-inbox-index selinux-refpolicy


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.selinux-refpolicy


AGPL code for this site: git clone https://public-inbox.org/ public-inbox