User-visible changes since 20200518 / 3.1-rc1:

• New restorecon -x option - prevent restorecon from crossing file system
  boundaries.

• Handle semanage module in semanage bash completion

• Added section about CFLAGS to README.md, see Packaging-relevant changes

• Improved man pages

• Add Travis CI job to run SELinux kernel testsuite on latest Fedora cloud image

• sepolgen-ifgen parses a gen_tunable statement as bool

Packaging-relevant changes:

• Setting CFLAGS during the make process will cause the omission of many defaults. While the project strives
  to provide a reasonable set of default flags, custom CFLAGS could break the build, or have other undesired
  changes on the build output. Thus, be very careful when setting CFLAGS. CFLAGS that are encouraged to be
  set when overriding are:

  • -fno-semantic-interposition for gcc or compilers that do not do this. clang does this by default. clang-10 and up
    will support passing this flag, but ignore it. Previous clang versions fail.

Issues fixed:

• #248
• #208

RELEASE 20200518 (3.1-rc1)

User-visible changes:

• selinux/flask.h and selinux/av_permissions.h were removed

  The flask.h and av_permissions.h header files were deprecated and
  all selinux userspace references to them were removed in
  commit 76913d8 ("Deprecate use of flask.h and av_permissions.h.")
  back in 2014 and included in the 20150202 / 2.4 release.
  All userspace object managers should have been updated
  to use the dynamic class/perm mapping support since that time.
  Remove these headers finally to ensure that no users remain and
  that no future uses are ever introduced.

  Use string_to_security_class(3) and string_to_av_perm(3) to map the class and
  permission names to their policy values, or selinux_set_mapping(3) to create a
  mapping from class and permission index values used by the application to the
  policy values.

• Support for new polcap genfs_seclabel_symlinks

• New setfiles -E option - treat conflicting specifications as errors, such
  as where two hardlinks for the same inode have different contexts.

• restorecond_user.service - new systemd user service which runs restorecond -u

• setsebool -V reports errors from commit phase

• Improved man pages

• semanage uses ipaddress Python module instead of IPy

• matchpathcon related interfaces are deprecated

• selinuxfs is mounted with noexec and nosuid

• Improved README which was renamed to README.md and converted to markdown.

• setup.py builds can be customized using PYTHON_SETUP_ARGS, e.g. to for
  Debian Python layout use: make PYTHON_SETUP_ARGS=--install-layout=deb ...

• the dso wrappers for internal calls were removed and it is now strongly recommended to CFLAGS with
  -fno-semantic-interposition

• security_compute_user() was deprecated - usage of /sys/fs/selinux/user { security:compute_user } might be revisited

• checkpolicy treats invalid characters as an error - it might break (but intentional) rare use cases

Issues fixed:

• #239
• #237
• #225
• #217
• #204
• #187
• #179
• #164
• #70
• #28

RELEASE 20191204 (3.0)

User-visible changes:

• Optional support for kernel policy optimization (enable with
  optimize-policy=true in /etc/selinux/semanage.conf for modular policy or -O
  option to checkpolicy/secilc for monolithic policy); this is optional because it
  provides relatively small savings with non-trivial policy compile-time overhead
  for some policies e.g. Android.

• New digest scheme for setfiles/restorecon -D; instead of a single hash of the
  entire file contexts configuration stored in a security.restorecon_last xattr on
  only the top-level directory, use a hash of all partial matches from file
  contexts stored in a security.sehash xattr on each directory,

• Support for default_range glblub in source policy (.te/policy.conf and CIL)
  and kernel policy version 32,

• New libselinux APIs for querying validatetrans rules,

• Unknown permissions are now handled as errors in CIL,

• security_av_string() no longer returns immediately upon encountering an
  unknown permission and will log all known permissions,

• checkmodule -c support for specifying module policy version,

• mcstransd reverted to original color range matching based on dominance,

• Support for 'dccp' and 'sctp' protocols in semanage port command,

• 'checkpolicy -o -' writes policy to standard output,

• 'semodule -v' sets also cil's log level

• Python 2 code is not be supported in this project anymore and new Python code
  should be written only for Python 3.

• Messages about the statement failing to resolve and the optional block being
  disabled are displayed at the highest verbosity level.

• Fixed redundant console log output error in restorecond

Issues fixed:

• #61
• #137
• #138
• #167
• #169
• #170
• #176

RELEASE 20191122 (3.0-rc2)

User-visible changes:

• Python 2 code is not be supported in this project anymore and new Python code
  should be written only for Python 3.

• Messages about the statement failing to resolve and the optional block being
  disabled are displayed at the highest verbosity level.

• Fixed redundant console log output error in restorecond

Issues fixed:

• #170

RELEASE 20191031 (3.0-rc1)

User-visible changes:

• Optional support for kernel policy optimization (enable with
  optimize-policy=true in /etc/selinux/semanage.conf for modular policy or -O
  option to checkpolicy/secilc for monolithic policy); this is optional because it
  provides relatively small savings with non-trivial policy compile-time overhead
  for some policies e.g. Android.

• New digest scheme for setfiles/restorecon -D; instead of a single hash of the
  entire file contexts configuration stored in a security.restorecon_last xattr on
  only the top-level directory, use a hash of all partial matches from file
  contexts stored in a security.sehash xattr on each directory,

• Support for default_range glblub in source policy (.te/policy.conf and CIL)
  and kernel policy version 32,

• New libselinux APIs for querying validatetrans rules,

• Unknown permissions are now handled as errors in CIL,

• security_av_string() no longer returns immediately upon encountering an
  unknown permission and will log all known permissions,

• checkmodule -c support for specifying module policy version,

• mcstransd reverted to original color range matching based on dominance,

• Support for 'dccp' and 'sctp' protocols in semanage port command,

• 'checkpolicy -o -' writes policy to standard output,

• 'semodule -v' sets also cil's log level

Issues fixed:

• #61
• #137
• #138
• #167
• #169
• #176

RELEASE 20190315 (2.9)

User-visible changes:

• Spelling errors were fixed in libselinux man pages

• audit2allow supports xperms now. There are new '-x'/'--xperms' options which
  turn on generating of extended permisssion AV rules.

• semanage login is fixed in order not to log two audit events which one of them
  was correct.

• libsemanage resets umask before creating directories so that file permissions
  should not change after a change is committed.

• Correct user name is used in ROLE_REMOVE audit events

• The noise produced by checkpolicy command line tool is reduced now.

• A new option '-S' or '--sort' is added to checkpolicy to sort the ocontexts
  before writing out the binary policy.

• sepolicy and semanage accept aliases now.

• Deprecated at_console statement was removed from dbus configuration.

• semanage export output includes ibpkey and ibendport now.

• audit2why can be run as non-root user now.

• Added russian translations for man pages

• setfiles can once again be used on SELinux-disabled hosts to label files,

• setfiles and restorecon once again correctly ignore files with customizable
  types,

• semanage login no longer fails if used with a group that has many members,

• semanage boolean no longer fails if listing for a policy store other than the
  active one.

• By default, /usr/bin/python3 is used by Python scripts and for building modules
  with python bindings.

Packaging-relevant changes:

• Usage of DESTDIR in restorecond is consistent with other directories now

• By default, /usr/bin/python3 is used by Python scripts and for building modules
  with python bindings. It's possible to switch to Python 2 using the following commands:

$ pathfix.py -i/usr/bin/python `git grep -l -E '^#!.*/usr/bin/python'`
$ make PYTHON=/usr/bin/python` ...

Issues fixed:

• #81
• #97
• #108
• #109
• #119
• #121
• #123

RELEASE 20190301 (2.9-rc2)

User-visible changes:

• Added russian translations for man pages

• setfiles can once again be used on SELinux-disabled hosts to label files,

• setfiles and restorecon once again correctly ignore files with customizable
  types,

• semanage login no longer fails if used with a group that has many members,

• semanage boolean no longer fails if listing for a policy store other than the
  active one.

• By default, /usr/bin/python3 is used by Python scripts and for building modules
  with python bindings.

Packaging-relevant changes:

• By default, /usr/bin/python3 is used by Python scripts and for building modules
  with python bindings. It's possible to switch to Python 2 using the following commands:

$ pathfix.py -i/usr/bin/python `git grep -l -E '^#!.*/usr/bin/python'`
$ make PYTHON=/usr/bin/python ...

RELEASE 20190124 (2.9-rc1)

User-visible changes:

• Spelling errors were fixed in libselinux man pages

• audit2allow supports xperms now. There are new '-x'/'--xperms' options which
  turn on generating of extended permisssion AV rules.

• semanage login is fixed in order not to log two audit events which one of them
  was correct.

• libsemanage resets umask before creating directories so that file permissions
  should not change after a change is committed.

• Correct user name is used in ROLE_REMOVE audit events

• The noise produced by checkpolicy command line tool is reduced now.

• A new option '-S' or '--sort' is added to checkpolicy to sort the ocontexts
  before writing out the binary policy.

• sepolicy and semanage accept aliases now.

• Deprecated at_console statement was removed from dbus configuration.

• semanage export output includes ibpkey and ibendport now.

• audit2why can be run as non-root user now.

Packaging-relevant changes:

• Usage of DESTDIR in restorecond is consistent with other directories now

Issues fixed:

• #81
• #97
• #108
• #109
• #119
• #121
• #123

RELEASE 20180524 (2.8)

User-visible changes:

• semanage fcontext -l now also lists home directory entries from
  file_contexts.homedirs.

• semodule can now enable or disable multiple modules in the same
  operation by specifying a list of modules after -e or -d, making them
  consistent with the -i/u/r/E options.

• CIL now supports multiple declarations of types, attributes, and
  (non-conflicting) object contexts (e.g. genfscon), enabled via the -m
  or --multiple-decls option to secilc.

• libsemanage no longer deletes the tmp directory if there is an error
  while committing the policy transaction, so that any temporary files
  can be further inspected for debugging purposes (e.g. to examine a
  particular line of the generated CIL module). The tmp directory will
  be deleted upon the next transaction, so no manual removal is needed.

• Support was added for SCTP portcon statements. The corresponding
  kernel support was introduced in Linux 4.17, and is only active if the
  extended_socket_class policy capability is enabled in the policy. This
  support is required to build the refpolicy master branch (and thus future
  refpolicy releases).

• sepol_polcap_getnum/name() were exported as part of the shared libsepol
  interface, initially for use by setools4.

• semodule_deps was removed since it has long been broken and is not useful
  for CIL modules.

Packaging-relevant changes:

• When overriding PREFIX, BINDIR, SBINDIR, SHLIBDIR, LIBEXECDIR, etc.,
  DESTDIR has to be removed from the definition. For example on Arch
  Linux, SBINDIR="${pkgdir}/usr/bin" was changed to SBINDIR="/usr/bin".

• Defining variable LIBSEPOLA (to /usr/lib/libsepol.a, for example) is
  no longer mandatory (thanks to the switch to "-l:libsepol.a" in
  Makefiles).

• PYSITEDIR has been renamed PYTHONLIBDIR (and its definition changed).

• selinux-gui (i.e. system-config-selinux GUI application) is now
  compatible with Python 3. Doing this required migrating away from
  PyGTK to the supported PyGI library. This means that selinux-gui now
  depends on python-gobject, Gtk+ 3 and selinux-python. It no longer
  requires PyGtk or Python 2.