Skip to content

SELinux userspace release 3.4
Compare
Choose a tag to compare
@bachradsusi bachradsusi released this 18 May 17:20
· 145 commits to master since this release
3.4
0a8c177
This commit was signed with the committer’s verified signature.
bachradsusi Petr Lautrbach
GPG key ID: BE22091E3EF62275
Learn about vigilant mode.

RELEASE 3.4

User-visible changes

  • A new selinux_restorecon_parallel(3) function that allows to run relabeling over multiple threads

  • setfiles/restorecon/fixfiles support parallel relabeling via [ -T ] threads option

  • A new semodule options [ -m | --checksum ] to get SHA256 hashes of modules

  • mcstrans ported to PCRE2

  • libsepol/cil supports IPv4/IPv6 address embedding

  • Add a new semodule option [ --rebuild-if-modules-changed ] to optionally rebuild policy when modules
    are changed externally

  • A lot of static code analyse issues, fuzzer issues and compiler warnings fixed

  • Translations split into sub-packages and updated from
    https://translate.fedoraproject.org/projects/selinux/

  • New policy utilities in libsepol - sepol_check_access,
    sepol_compute_av, sepol_compute_member, sepol_compute_relabel,
    sepol_validate_transition

  • A new setfiles option [-C] for distinguishing file tree walk errors

  • Improved code quality and bug fixes

Development-relevant changes

  • ci: run the tests under ASan/UBsan on GHActions
Assets 33