diff -Nru secilc-3.0/debian/changelog secilc-3.1/debian/changelog --- secilc-3.0/debian/changelog 2020-01-01 01:46:31.000000000 +0000 +++ secilc-3.1/debian/changelog 2020-07-15 07:07:36.000000000 +0000 @@ -1,8 +1,13 @@ -secilc (3.0-1build1) focal; urgency=medium +secilc (3.1-1) unstable; urgency=medium - * No-change rebuild to restore i386 binaries + * New upstream release + - Bump libsepol1-dev build-dependency to >= 3.1 to match the release + * debian/control: Set Rules-Requires-Root: no + * debian/control: Add checkpolicy to the BD, this is required for the tests + * debian/control: Bump Standards-Version to 4.5.0 (no further changes) + * Add debian/gitlab-ci.yml file - -- Steve Langasek Tue, 31 Dec 2019 17:46:31 -0800 + -- Laurent Bigonville Wed, 15 Jul 2020 09:07:36 +0200 secilc (3.0-1) unstable; urgency=medium diff -Nru secilc-3.0/debian/control secilc-3.1/debian/control --- secilc-3.0/debian/control 2019-12-11 15:37:15.000000000 +0000 +++ secilc-3.1/debian/control 2020-07-15 07:07:36.000000000 +0000 @@ -5,14 +5,18 @@ Section: utils Maintainer: Debian SELinux maintainers Uploaders: Laurent Bigonville -Standards-Version: 4.4.1 -Build-Depends: debhelper (>= 12), libsepol1-dev (>= 3.0), xmlto +Standards-Version: 4.5.0 +Build-Depends: checkpolicy (>= 3.1) , + debhelper (>= 12), + libsepol1-dev (>= 3.1), + xmlto Build-Depends-Indep: lmodern , pandoc , texlive-fonts-recommended , texlive-latex-extra , texlive-latex-recommended Homepage: https://github.com/SELinuxProject/selinux/wiki +Rules-Requires-Root: no Package: secilc Architecture: linux-any diff -Nru secilc-3.0/debian/gitlab-ci.yml secilc-3.1/debian/gitlab-ci.yml --- secilc-3.0/debian/gitlab-ci.yml 1970-01-01 00:00:00.000000000 +0000 +++ secilc-3.1/debian/gitlab-ci.yml 2020-07-15 07:07:36.000000000 +0000 @@ -0,0 +1,4 @@ +--- +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml diff -Nru secilc-3.0/docs/Makefile secilc-3.1/docs/Makefile --- secilc-3.0/docs/Makefile 2019-11-28 12:46:48.000000000 +0000 +++ secilc-3.1/docs/Makefile 2020-07-10 15:17:15.000000000 +0000 @@ -1,8 +1,8 @@ -CWD ?= $(shell pwd) -HTMLDIR ?= $(CWD)/html -PDFDIR ?= $(CWD)/pdf -TMPDIR ?= $(CWD)/tmp -TESTDIR ?= $(CWD)/../test +CWD = $(shell pwd) +HTMLDIR = $(CWD)/html +PDFDIR = $(CWD)/pdf +TMPDIR = $(CWD)/tmp +TESTDIR = $(CWD)/../test # All the markdown files that make up the guide: FILE_LIST ?= cil_introduction.md \ diff -Nru secilc-3.0/.gitignore secilc-3.1/.gitignore --- secilc-3.0/.gitignore 2019-11-28 12:46:48.000000000 +0000 +++ secilc-3.1/.gitignore 2020-07-10 15:17:15.000000000 +0000 @@ -7,3 +7,5 @@ docs/html docs/pdf docs/tmp +opt-actual.bin +opt-actual.cil diff -Nru secilc-3.0/Makefile secilc-3.1/Makefile --- secilc-3.0/Makefile 2019-11-28 12:46:48.000000000 +0000 +++ secilc-3.1/Makefile 2020-07-10 15:17:15.000000000 +0000 @@ -13,6 +13,10 @@ SECILC_MANPAGE = secilc.8 SECIL2CONF_MANPAGE = secil2conf.8 XMLTO = xmlto +DIFF = diff + +CHECKPOLICY = checkpolicy +POL_VERS = $(shell $(CHECKPOLICY) -V | cut -f 1 -d ' ') CFLAGS ?= -Wall -Wshadow -Wextra -Wundef -Wmissing-format-attribute -Wcast-align -Wstrict-prototypes -Wpointer-arith -Wunused @@ -26,6 +30,9 @@ test: $(SECILC) ./$(SECILC) test/policy.cil + ./$(SECILC) -c $(POL_VERS) -O -M 1 -f /dev/null -o opt-actual.bin test/opt-input.cil + $(CHECKPOLICY) -b -C -M -o opt-actual.cil opt-actual.bin >/dev/null + $(DIFF) test/opt-expected.cil opt-actual.cil $(SECIL2CONF): $(SECIL2CONF_OBJS) $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LDLIBS) @@ -58,6 +65,8 @@ rm -f file_contexts rm -f $(SECILC_MANPAGE) rm -f $(SECIL2CONF_MANPAGE) + rm -f opt-actual.cil + rm -f opt-actual.bin $(MAKE) -C docs clean relabel: diff -Nru secilc-3.0/test/opt-expected.cil secilc-3.1/test/opt-expected.cil --- secilc-3.0/test/opt-expected.cil 1970-01-01 00:00:00.000000000 +0000 +++ secilc-3.1/test/opt-expected.cil 2020-07-10 15:17:15.000000000 +0000 @@ -0,0 +1,60 @@ +(handleunknown deny) +(class cl01 (p01a p01b p11a p11b)) +(classorder (cl01)) +(sid kernel) +(sidorder (kernel)) +(mls true) +(sensitivity s01) +(sensitivityorder (s01)) +(category c01) +(categoryorder (c01)) +(sensitivitycategory s01 (c01)) +(typeattribute at01) +(typeattribute at02) +(boolean b01 false) +(type tp01) +(type tp02) +(type tp04) +(type tpr1) +(type tpr2) +(type tpr3) +(type tpr4) +(type tpr5) +(typeattributeset at01 (tp01)) +(typeattributeset at02 (tp01 tp02)) +(allow at02 tpr1 (cl01 (p01a p01b p11a))) +(allow at02 tpr3 (cl01 (p01a p01b p11a))) +(allow tp01 at01 (cl01 (p11b))) +(allow tp01 self (cl01 (p01a p01b p11a))) +(allow tp01 tpr1 (cl01 (p11b))) +(dontaudit at02 tpr2 (cl01 (p01a p01b p11a))) +(dontaudit at02 tpr4 (cl01 (p01a p01b p11a))) +(dontaudit tp01 tpr2 (cl01 (p11b))) +(booleanif b01 + (true + (allow tp01 tpr3 (cl01 (p11b))) + (allow tp01 tpr5 (cl01 (p01a p01b p11a p11b))) + (allow tp02 tpr5 (cl01 (p01a p11a))) + (dontaudit tp01 tpr4 (cl01 (p11b))) + ) + (false + (allow at02 tpr5 (cl01 (p01a p01b p11a))) + ) +) +(role object_r) +(role rl01) +(roletype rl01 tp01) +(roletype object_r tp01) +(roletype object_r tp02) +(roletype object_r tp04) +(roletype object_r tpr1) +(roletype object_r tpr2) +(roletype object_r tpr3) +(roletype object_r tpr4) +(roletype object_r tpr5) +(user us01) +(userrole us01 object_r) +(userrole us01 rl01) +(userlevel us01 (s01)) +(userrange us01 ((s01) (s01))) +(sidcontext kernel (us01 rl01 tp01 ((s01) (s01)))) diff -Nru secilc-3.0/test/opt-input.cil secilc-3.1/test/opt-input.cil --- secilc-3.0/test/opt-input.cil 1970-01-01 00:00:00.000000000 +0000 +++ secilc-3.1/test/opt-input.cil 2020-07-10 15:17:15.000000000 +0000 @@ -0,0 +1,65 @@ +(handleunknown deny) +(class cl01 (p01a p01b p11a p11b)) +(classorder (cl01)) +(sid kernel) +(sidorder (kernel)) +(mls true) +(sensitivity s01) +(sensitivityorder (s01)) +(category c01) +(categoryorder (c01)) +(sensitivitycategory s01 (c01)) +(typeattribute at01) +(typeattribute at02) +(boolean b01 false) +(type tp01) +(type tp02) +(type tp04) +(type tpr1) +(type tpr2) +(type tpr3) +(type tpr4) +(type tpr5) +(typeattributeset at01 (tp01)) +(typeattributeset at02 (tp01 tp02)) +(allow at02 tpr1 (cl01 (p11a p01a p01b))) +(allow at02 tpr3 (cl01 (p11a p01a p01b))) +(allow tp01 at01 (cl01 (p11b))) +(allow tp01 self (cl01 (p11a p01a))) +(allow tp01 tp01 (cl01 (p01b))) +(allow tp01 tpr1 (cl01 (p11a p11b p01a p01b))) +(allow tp02 tpr1 (cl01 (p11a p01a))) +(dontaudit at02 tpr2 (cl01 (p11a p01a p01b))) +(dontaudit at02 tpr4 (cl01 (p11a p01a p01b))) +(dontaudit tp01 tpr2 (cl01 (p11a p11b p01a p01b))) +(dontaudit tp02 tpr2 (cl01 (p11a p01a))) +(booleanif (b01) + (true + (allow tp01 tpr3 (cl01 (p11a p11b p01a p01b))) + (allow tp01 tpr5 (cl01 (p11a p11b p01a p01b))) + (allow tp02 tpr3 (cl01 (p11a p01a))) + (allow tp02 tpr5 (cl01 (p11a p01a))) + (dontaudit tp01 tpr4 (cl01 (p11a p11b p01a p01b))) + (dontaudit tp02 tpr4 (cl01 (p11a p01a))) + ) + (false + (allow at02 tpr5 (cl01 (p11a p01a p01b))) + ) +) +(role object_r) +(role rl01) +(roletype rl01 tp01) +(roletype object_r tp01) +(roletype object_r tp02) +(roletype object_r tp04) +(roletype object_r tpr1) +(roletype object_r tpr2) +(roletype object_r tpr3) +(roletype object_r tpr4) +(roletype object_r tpr5) +(user us01) +(userrole us01 object_r) +(userrole us01 rl01) +(userlevel us01 (s01)) +(userrange us01 ((s01) (s01))) +(sidcontext kernel (us01 rl01 tp01 ((s01) (s01)))) diff -Nru secilc-3.0/VERSION secilc-3.1/VERSION --- secilc-3.0/VERSION 2019-11-28 12:46:48.000000000 +0000 +++ secilc-3.1/VERSION 2020-07-10 15:17:15.000000000 +0000 @@ -1 +1 @@ -3.0 +3.1