libselinux-python-2.5-12.fc24$>R 90B [|q>:K>?K.d  G )X^h     2Pp,(h8t9 :dGFHFIGXGYG$\G<]GT^GbGdHeHfHlHtIuI vI8wJxJyJK$K(Clibselinux-python2.512.fc24SELinux python bindings for libselinuxThe libselinux-python package contains the python bindings for developing SELinux applications.X4arm04-builder19.arm.fedoraproject.orgTFedora ProjectFedora ProjectPublic DomainFedora ProjectDevelopment/Librarieshttps://github.com/SELinuxProject/selinux/wikilinuxarmv7hl=<A큤X4X4X4X4X4X4a402f4df33b653acfeeb714eee90d0ad5df2689b424fe2652cf5e574e917e700eadcc2351c54e3db3c0239e5ed502581fd46bd299081e9b21cf98a783e21be1e457b9ecbb8ec445e156df3233ab51c37d295b16fe3d40c6f96a0ed7508b3abcb457b9ecbb8ec445e156df3233ab51c37d295b16fe3d40c6f96a0ed7508b3abcbbebdeb929e8bccf2b281339ea94816712dbbfd903d35cb97cda1d6dab99fe2a2rootrootrootrootrootrootrootrootrootrootrootrootlibselinux-2.5-12.fc24.src.rpmlibselinux-pythonlibselinux-python(armv7hl-32)@@@@@@@@     @ld-linux-armhf.so.3ld-linux-armhf.so.3(GLIBC_2.4)libc.so.6libc.so.6(GLIBC_2.4)libgcc_s.so.1libgcc_s.so.1(GCC_3.5)libselinux(armv7hl-32)libselinux.so.1python(abi)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.5-12.fc242.73.0.4-14.6.0-14.0.4-14.0-15.2-14.13.0-rc1WH@W9W@Wq@Wm Wk@W,@W'A@W#LW@VяVIVɦV=@VVii@V@V UU@U4@Ua@UQ@U8U6;UTS@S@SSShShSXS 4@S@R@RUR&RʚRkR%R@RMUM@M@M@M@MlMQ0@MGM5ML@L-@L@L*@LLq@LN@LF@L$@KKKrK@KKqK}+KTM@KA@K@JJJJG@JG@JG@JjJS8JS8JB@J@JMIܑI@IԨIbI̿I@IV@III@I@I2I@IcGIcGIcGIG@IG@IBR@I1.I!\I!\I-HHHe@He@He@He@H@HHH@Ht@HsVHgy@H^>H^>H-w@H!H @H@G@GG#GF@G@GGƢ@GƢ@G­G@GGD@G@G@G@G,@G,@G@GG@GZ@GZ@GeGeG|@G|@GO@GO@G<4G<4G0W@G'@FF@FIFFFFF&@FF@FvFFS@FF@FF]F@FtFFzh@Fw@Fm9@F` @F; @F-@F,F@F@FF*FF @F @FoE@EE@E4@EE?Eɿ@EEEEElEx@E&E=E=E@Ex@EvEnEYEK/@E>@E4EE EgEgEDfDDDDq@D@DB@DB@DB@DB@D{DDX@D4D4D4DD@D@D~D~D|3DvDu@Dr@Dr@DlaDk@DiD`@D_2D_2DX@DWID?D;@D'Dj@C@CCC-Cǖ@Cǖ@C[CCC8@C@CC @CCqC @CCCC@CBC@C@C|pC|pC{@CyCp@Cp@CoACkM@CiCf@C_oC_oC^@C^@CX@CWCS@COCFc@CFc@CECECBnCA@C;@C:C*C&@C&@C%mCC@CC C a@C a@C&B=BۙB@B@Br!Br!Br!Bn-@BgB] B] BZfBS@BQ,@BIC@BAZ@B9q@B9q@B06B-B$Y@B#BB@B@B LB LBBAA)@A@A@AA@A@A@AyAҜ@AJA@A`A`AA@AA@Ak@AAA@AvA@AAoA]FA]FAQi@AN@AI@AF@AF@AA@A>@A>@A7 @A7 @A5A4h@A3A3A/"@A-A+-A(A$@A!@A A A@A@@@q@7@@@@6@@@A@)@@@@@@@@@~y@@~y@@~y@@}'@s@@s@@s@@l@@ia@@b@b@b@O@@O@@Dw@@9@@,@@ @/@@???E@?E@?٭???q@??@?@?@?}d?z?a@?M?D@>S@Petr Lautrbach 2.5-12Petr Lautrbach 2.5-11Fedora Release Engineering - 2.5-10Petr Lautrbach - 2.5-9Petr Lautrbach - 2.5-8Petr Lautrbach - 2.5-7Petr Lautrbach - 2.5-6Petr Lautrbach - 2.5-5Petr Lautrbach - 2.5-4Petr Lautrbach - 2.5-3Petr Lautrbach 2.5-2Petr Lautrbach 2.5-1Petr Lautrbach 2.5-0.1.rc1Fedora Release Engineering - 2.4-8Vít Ondruch - 2.4-7Petr Lautrbach - 2.4-6Robert Kuska - 2.4-5Petr Lautrbach 2.4-4Petr Lautrbach 2.4-3Adam Jackson 2.4-2Petr Lautrbach 2.4-1.1Fedora Release Engineering - 2.3-11Petr Lautrbach 2.3-10Petr Lautrbach 2.3-9Petr Lautrbach 2.3-8Than Ngo - 2.3-7Vít Ondruch - 2.3-6Miroslav Grepl - 2.3-5Fedora Release Engineering - 2.3-4Fedora Release Engineering - 2.3-3Kalev Lember - 2.3-2Dan Walsh - 2.3-1Miroslav Grepl - 2.2.2-8Vít Ondruch - 2.2.2-7Dan Walsh - 2.2.2-6Dan Walsh - 2.2.2-5Dan Walsh - 2.2.2-4Dan Walsh - 2.2.2-3Dan Walsh - 2.2.2-2Dan Walsh - 2.2.2-1Adam Williamson - 2.2.1-6Dan Walsh - 2.2.1-5Dan Walsh - 2.2.1-4Dan Walsh - 2.2.1-3Dan Walsh - 2.2.1-2Dan Walsh - 2.2.1-1Dan Walsh - 2.2-1Dan Walsh - 2.1.13-21Dan Walsh - 2.1.13-20Dan Walsh - 2.1.13-19Dan Walsh - 2.1.13-17Fedora Release Engineering - 2.1.13-17Dan Walsh - 2.1.13-16Dan Walsh - 2.1.13-15Dan Walsh - 2.1.13-14Dan Walsh - 2.1.13-13Dan Walsh - 2.1.13-12Dan Walsh - 2.1.13-11Dan Walsh - 2.1.13-10Dan Walsh - 2.1.13-9Dan Walsh - 2.1.13-8Dan Walsh - 2.1.13-7Dan Walsh - 2.1.13-6Dan Walsh - 2.1.13-5Dan Walsh - 2.1.13-4Dan Walsh - 2.1.13-3Dan Walsh - 2.1.13-2Dan Walsh - 2.1.13-1Dan Walsh - 2.1.12-20Dan Walsh - 2.1.12-19Dan Walsh - 2.1.12-18Dan Walsh - 2.1.12-17Dan Walsh - 2.1.12-16Dan Walsh - 2.1.12-15Dan Walsh - 2.1.12-14Dan Walsh - 2.1.12-13Dan Walsh - 2.1.12-12Dan Walsh - 2.1.12-11Dan Walsh - 2.1.12-10Dan Walsh - 2.1.12-9Dan Walsh - 2.1.12-8Dan Walsh - 2.1.12-7Dan Walsh - 2.1.12-6Dan Walsh - 2.1.12-5Dan Walsh - 2.1.12-4Dan Walsh - 2.1.12-3Dan Walsh - 2.1.12-2Dan Walsh - 2.1.12-1David Malcolm - 2.1.11-6David Malcolm - 2.1.11-5Fedora Release Engineering - 2.1.11-4Dan Walsh - 2.1.11-3Dan Walsh - 2.1.11-2Dan Walsh - 2.1.11-1Dan Walsh - 2.1.10-5Dan Walsh - 2.1.10-4Dan Walsh - 2.1.10-3Dan Walsh - 2.1.10-2Dan Walsh - 2.1.10-1Dan Walsh - 2.1.9-9Dan Walsh - 2.1.9-8Dan Walsh - 2.1.9-7Kay Sievers - 2.1.9-6Dan Walsh - 2.1.9-5Harald Hoyer 2.1.9-4Dan Walsh - 2.1.9-3Dan Walsh - 2.1.9-2Dan Walsh - 2.1.9-1Dan Walsh - 2.1.8-5Dan Walsh - 2.1.8-4Dan Walsh - 2.1.8-2Dan Walsh - 2.1.8-1Dan Walsh - 2.1.7-2Dan Walsh - 2.1.7-1Dan Walsh - 2.1.6-4Dan Walsh - 2.1.6-3Dan Walsh - 2.1.6-2Dan Walsh - 2.1.6-1Dan Walsh - 2.1.5-5Ville Skyttä - 2.1.5-4Dan Walsh - 2.1.5-3Dan Walsh - 2.1.5-2Dan Walsh - 2.1.5-1Dan Walsh - 2.1.4-2Dan Walsh - 2.1.4-1Dan Walsh - 2.1.0-1Dan Walsh - 2.0.102-6Dan Walsh - 2.0.102-5Dan Walsh - 2.0.102-4Dan Walsh - 2.0.102-3Dan Walsh - 2.0.102-2Dan Walsh - 2.0.102-1Dan Walsh - 2.0.101-1Dan Walsh - 2.0.99-5Dan Walsh - 2.0.99-4Dan Walsh - 2.0.99-3Dan Walsh - 2.0.99-2Dan Walsh - 2.0.99-1Fedora Release Engineering Dan Walsh - 2.0.98-3Dan Walsh - 2.0.98-2Dan Walsh - 2.0.98-1Dan Walsh - 2.0.97-1Dan Walsh - 2.0.96-9Dan Walsh - 2.0.96-8jkeating - 2.0.96-7Adam Tkac - 2.0.96-6Dan Walsh - 2.0.96-5Dan Walsh - 2.0.96-4David Malcolm - 2.0.96-3Dan Walsh - 2.0.96-2Dan Walsh - 2.0.96-1Dan Walsh - 2.0.94-1Dan Walsh - 2.0.93-1Dan Walsh - 2.0.92-1Dan Walsh - 2.0.91-1Dan Walsh - 2.0.90-5Dan Walsh - 2.0.90-4Dan Walsh - 2.0.90-3Dan Walsh - 2.0.90-2Dan Walsh - 2.0.90-1Dan Walsh - 2.0.89-2Dan Walsh - 2.0.89-1Dan Walsh - 2.0.88-1Dan Walsh - 2.0.87-1Dan Walsh - 2.0.86-2Dan Walsh - 2.0.86-1Fedora Release Engineering - 2.0.85-2Dan Walsh - 2.0.85-1Dan Walsh - 2.0.84-1Dan Walsh - 2.0.82-2Dan Walsh - 2.0.82-1Dan Walsh - 2.0.81-1Dan Walsh - 2.0.80-1Dan Walsh - 2.0.79-6Dan Walsh - 2.0.79-5Dan Walsh - 2.0.79-4Dan Walsh - 2.0.79-3Dan Walsh - 2.0.79-1Dan Walsh - 2.0.78-5Dan Walsh - 2.0.78-4Dan Walsh - 2.0.78-3Dan Walsh - 2.0.78-2Dan Walsh - 2.0.78-1Fedora Release Engineering - 2.0.77-6Dan Walsh - 2.0.77-5Dan Walsh - 2.0.77-3Dan Walsh - 2.0.77-2Dan Walsh - 2.0.77-1Dan Walsh - 2.0.76-6Dan Walsh l - 2.0.76-5Dan Walsh - 2.0.76-4Ignacio Vazquez-Abrams - 2.0.76-2Dan Walsh - 2.0.76-1Dan Walsh - 2.0.75-2Dan Walsh - 2.0.75-1Dan Walsh - 2.0.73-1Dan Walsh - 2.0.71-6Dan Walsh - 2.0.71-5Dan Walsh - 2.0.71-4Dan Walsh - 2.0.71-3Dan Walsh - 2.0.71-2Dan Walsh - 2.0.71-1Dan Walsh - 2.0.70-1Dan Walsh - 2.0.69-2Dan Walsh - 2.0.69-1Dan Walsh - 2.0.67-4Dan Walsh - 2.0.67-3Dan Walsh - 2.0.67-2Dan Walsh - 2.0.67-1Dan Walsh - 2.0.65-1Dan Walsh - 2.0.64-3Dan Walsh - 2.0.64-2Dan Walsh - 2.0.64-1Dan Walsh - 2.0.61-4Dan Walsh - 2.0.61-3Dan Walsh - 2.0.61-2Dan Walsh - 2.0.61-1Dan Walsh - 2.0.60-1Dan Walsh - 2.0.59-2Dan Walsh - 2.0.59-1Dan Walsh - 2.0.58-1Dan Walsh - 2.0.57-2Dan Walsh - 2.0.57-1Dan Walsh - 2.0.56-1Dan Walsh - 2.0.55-1Dan Walsh - 2.0.53-1Dan Walsh - 2.0.52-1Dan Walsh - 2.0.50-1Dan Walsh - 2.0.49-2Dan Walsh - 2.0.49-1Dan Walsh - 2.0.48-1Dan Walsh - 2.0.47-4Adel Gadllah - 2.0.47-3Dan Walsh - 2.0.47-2Dan Walsh - 2.0.47-1Dan Walsh - 2.0.46-6Dan Walsh - 2.0.46-5Dan Walsh - 2.0.46-4Dan Walsh - 2.0.46-3Dan Walsh - 2.0.46-2Dan Walsh - 2.0.46-1Dan Walsh - 2.0.45-1Dan Walsh - 2.0.43-1Dan Walsh - 2.0.42-1Dan Walsh - 2.0.40-1Dan Walsh - 2.0.37-1Dan Walsh - 2.0.36-1Dan Walsh - 2.0.35-2Dan Walsh - 2.0.35-1Dan Walsh - 2.0.34-3Dan Walsh - 2.0.34-2Dan Walsh - 2.0.34-1Dan Walsh - 2.0.33-2Dan Walsh - 2.0.33-1Dan Walsh - 2.0.31-4Dan Walsh - 2.0.31-3Dan Walsh - 2.0.31-2Dan Walsh - 2.0.30-2Dan Walsh - 2.0.30-1Dan Walsh - 2.0.29-1Dan Walsh - 2.0.24-3Dan Walsh - 2.0.24-2Dan Walsh - 2.0.24-1Dan Walsh - 2.0.23-3Dan Walsh - 2.0.23-2Dan Walsh - 2.0.23-1Dan Walsh - 2.0.22-1Dan Walsh - 2.0.21-2Dan Walsh - 2.0.21-1Dan Walsh - 2.0.18-1Dan Walsh - 2.0.16-1Dan Walsh - 2.0.14-1Dan Walsh - 2.0.13-2Dan Walsh - 2.0.13-1Dan Walsh - 2.0.12-2Dan Walsh - 2.0.12-1Dan Walsh - 2.0.11-1Dan Walsh - 2.0.9-2Dan Walsh - 2.0.9-1Dan Walsh - 2.0.8-1Dan Walsh - 2.0.7-2Dan Walsh - 2.0.7-1Dan Walsh - 2.0.5-2Dan Walsh - 2.0.5-1Dan Walsh - 2.0.4-1Dan Walsh - 2.0.2-1Dan Walsh - 2.0.1-1Dan Walsh - 2.0.0-1Dan Walsh - 1.34.0-2Dan Walsh - 1.34.0-1Dan Walsh - 1.33.6-1Dan Walsh - 1.33.5-1Dan Walsh - 1.33.4-3Dan Walsh - 1.33.4-2Dan Walsh - 1.33.4-1Dan Walsh - 1.33.3-3Dan Walsh - 1.33.3-2Dan Walsh - 1.33.3-1Jeremy Katz - 1.33.2-4Dan Walsh - 1.33.2-3Dan Walsh - 1.33.2-2Dan Walsh - 1.33.2-1Dan Walsh - 1.33.1-2Dan Walsh - 1.33.1-1Dan Walsh - 1.32-1Jesse Keating - 1.30.29-2Dan Walsh - 1.30.29-1Jeremy Katz - 1.30.28-3Dan Walsh - 1.30.28-2Dan Walsh - 1.30.28-1Jeremy Katz - 1.30.27-2Dan Walsh - 1.30.27-1Jesse Keating - 1.20.26-2Dan Walsh - 1.30.25-1Dan Walsh - 1.30.24-1Dan Walsh - 1.30.22-2Dan Walsh - 1.30.22-1Dan Walsh - 1.30.20-1Jeremy Katz - 1.30.19-5Jeremy Katz - 1.30.19-4Dan Walsh 1.30.19-3Dan Walsh 1.30.19-2Dan Walsh 1.30.19-1Dan Walsh 1.30.15-5Dan Walsh 1.30.15-4Dan Walsh 1.30.15-3Dan Walsh 1.30.15-2Dan Walsh 1.30.15-1Dan Walsh 1.30.12-2Dan Walsh 1.30.12-1Dan Walsh 1.30.11-2Dan Walsh 1.30.11-1Dan Walsh 1.30.10-4Dan Walsh 1.30.10-3Dan Walsh 1.30.10-2Dan Walsh 1.30.10-1Dan Walsh 1.30.8-1Dan Walsh 1.30.7-2Dan Walsh 1.30.7-1Dan Walsh 1.30.6-2Dan Walsh 1.30.6-1Dan Walsh 1.30.5-1Dan Walsh 1.30.3-3Dan Walsh 1.30.3-2Dan Walsh 1.30.3-1Dan Walsh 1.30.1-2Dan Walsh 1.30.1-1Dan Walsh 1.30-1Jesse Keating - 1.29.7-1.2Jesse Keating - 1.29.7-1.1Dan Walsh 1.29.7-1Dan Walsh 1.29.6-1Dan Walsh 1.29.5-2Dan Walsh 1.29.5-1Dan Walsh 1.29.4-1Dan Walsh 1.29.3-2Dan Walsh 1.29.3-1Dan Walsh 1.29.2-4Dan Walsh 1.29.2-3Dan Walsh 1.29.2-2Dan Walsh 1.29.2-1Dan Walsh 1.29.1-3Jesse Keating Dan Walsh 1.29.1-1Dan Walsh 1.28-1Dan Walsh 1.27.28-2Dan Walsh 1.27.28-1Dan Walsh 1.27.26-1Dan Walsh 1.27.25-1Dan Walsh 1.27.23-1Dan Walsh 1.27.22-4Dan Walsh 1.27.22-3Dan Walsh 1.27.22-2Dan Walsh 1.27.22-1Dan Walsh 1.27.21-2Dan Walsh 1.27.21-1Dan Walsh 1.27.20-1Dan Walsh 1.27.19-1Dan Walsh 1.27.18-1Dan Walsh 1.27.17-4Dan Walsh 1.27.17-2Dan Walsh 1.27.17-1Dan Walsh 1.27.14-3Dan Walsh 1.27.14-2Dan Walsh 1.27.14-1Dan Walsh 1.27.13-2Dan Walsh 1.27.13-1Dan Walsh 1.27.12-1Dan Walsh 1.27.9-2Dan Walsh 1.27.9-1Dan Walsh 1.27.7-1Dan Walsh 1.27.6-1Dan Walsh 1.27.4-1Dan Walsh 1.27.3-1Dan Walsh 1.27.2-1Dan Walsh 1.27.1-3Dan Walsh 1.27.1-2Dan Walsh 1.26-6Dan Walsh 1.26-5Dan Walsh 1.26-3Dan Walsh 1.26-2Dan Walsh 1.25.7-1Dan Walsh 1.25.6-1Dan Walsh 1.25.5-1Dan Walsh 1.25.4-1Dan Walsh 1.25.3-2Dan Walsh 1.25.3-1Dan Walsh 1.25.2-2Dan Walsh 1.25.2-1Dan Walsh 1.24.2-1Dan Walsh 1.24.1-1Dan Walsh 1.23.11-1Dan Walsh 1.23.10-3Dan Walsh 1.23.10-2Dan Walsh 1.23.10-1Dan Walsh 1.23.8-1Dan Walsh 1.23.7-3Dan Walsh 1.23.7-2Dan Walsh 1.23.7-1Dan Walsh 1.23.6-1Dan Walsh 1.23.5-1Dan Walsh 1.23.4-1Dan Walsh 1.23.2-3Dan Walsh 1.23.2-2Dan Walsh 1.23.2-1Dan Walsh 1.23.1-1Dan Walsh 1.22-1Dan Walsh 1.21.13-1Dan Walsh 1.21.12-1Dan Walsh 1.21.11-2Dan Walsh 1.21.11-1Dan Walsh 1.21.10-3Dan Walsh 1.21.10-1Dan Walsh 1.21.9-2Dan Walsh 1.21.9-1Dan Walsh 1.21.8-1Dan Walsh 1.21.7-1Dan Walsh 1.21.5-1Dan Walsh 1.21.4-1Dan Walsh 1.21.2-1Dan Walsh 1.21.1-3Dan Walsh 1.21.1-2Dan Walsh 1.21.1-1Dan Walsh 1.20.1-3Dan Walsh 1.20.1-2Dan Walsh 1.20.1-1Dan Walsh 1.19.4-1Dan Walsh 1.19.3-3Dan Walsh 1.19.3-2Dan Walsh 1.19.3-1Dan Walsh 1.19.2-1Dan Walsh 1.19.1-6Dan Walsh 1.19.1-4Dan Walsh 1.19.1-2Dan Walsh 1.19.1-1Steve Grubb 1.18.1-5Dan Walsh 1.18.1-4Dan Walsh 1.18.1-3Steve Grubb 1.18.1-2Dan Walsh 1.18.1-1Steve Grubb 1.17.15-2Steve Grubb 1.17.15-2Dan Walsh 1.17.15-1Dan Walsh 1.17.14-1Dan Walsh 1.17.13-3Dan Walsh 1.17.13-2Dan Walsh 1.17.13-1Dan Walsh 1.17.12-2Dan Walsh 1.17.12-1Dan Walsh 1.17.11-1Dan Walsh 1.17.10-1Dan Walsh 1.17.9-2Dan Walsh 1.17.9-1Dan Walsh 1.17.8-2Dan Walsh 1.17.8-1Dan Walsh 1.17.7-1Dan Walsh 1.17.6-1Dan Walsh 1.17.5-1Dan Walsh 1.17.4-1Dan Walsh 1.17.3-1Dan Walsh 1.17.2-1Dan Walsh 1.17.1-1Dan Walsh 1.16.1-1Colin Walters 1.16-1Dan Walsh 1.15.7-1Dan Walsh 1.15.6-1Dan Walsh 1.15.5-1Dan Walsh 1.15.4-1Dan Walsh 1.15.3-2Dan Walsh 1.15.3-1Dan Walsh 1.15.2-1Dan Walsh 1.15.1-3Dan Walsh 1.15.1-2Dan Walsh 1.15.1-1Dan Walsh 1.14.1-1Dan Walsh 1.13.4-1Elliot Lee Dan Walsh 1.13.3-2Dan Walsh 1.13.2-1Dan Walsh 1.13.1-1Dan Walsh 1.12-2Dan Walsh 1.12-1Dan Walsh 1.11.4-1Dan Walsh 1.11.3-1Dan Walsh 1.11.2-1Dan Walsh 1.11-4Dan Walsh 1.11-3Dan Walsh 1.11-2Dan Walsh 1.11-1Dan Walsh 1.10-2Dan Walsh 1.10-1Dan Walsh 1.9-1Dan Walsh 1.8-1Dan Walsh 1.6-6Dan Walsh 1.6-5Dan Walsh 1.6-4Dan Walsh 1.6-3Dan Walsh 1.6-2Elliot Lee Dan Walsh 1.4-11Elliot Lee Dan Walsh 1.4-9Dan Walsh 1.4-8Dan Walsh 1.4-7Dan Walsh 1.4-6Dan Walsh 1.4-5Dan Walsh 1.4-4Dan Walsh 1.4-3Dan Walsh 1.4-2Dan Walsh 1.4-1Dan Walsh 1.3-2Dan Walsh 1.3-1Dan Walsh 1.2-9Dan Walsh 1.2-8Dan Walsh 1.2-7Dan Walsh 1.2-6Dan Walsh 1.2-5Dan Walsh 1.2-4Dan Walsh 1.2-3Dan Walsh 1.2-2Dan Walsh 1.2-1Dan Walsh 1.0-1- Fix -Wsign-compare warnings - Drop unused stdio_ext.h header file - Kill logging check for selinux_enabled() - Drop usage of _D_ALLOC_NAMLEN - Add openrc_contexts functions - Fix redefinition of XATTR_NAME_SELINUX - Correct error path to always try text - Clean up process_file() - Handle NULL pcre study data - Fix in tree compilation of utils that depend on libsepol- Rebuilt with libsepol-2.5-9- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- Clarify is_selinux_mls_enabled() description - Explain how to free policy type from selinux_getpolicytype() - Compare absolute pathname in matchpathcon -V - Add selinux_snapperd_contexts_path()- Move _selinux.so to /usr/lib64/python*/site-packages- Modify audit2why analyze function to use loaded policy - Sort object files for deterministic linking order - Respect CC and PKG_CONFIG environment variable - Avoid mounting /proc outside of selinux_init_load_policy()- Fix multiple spelling errors- Rebuilt with libsepol-2.5-5- Fix typo in sefcontext_compile.8- Fix location of selinuxfs mount point - Only mount /proc if necessary - procattr: return einval for <= 0 pid args - procattr: return error on invalid pid_t input- Use fully versioned arch-specific requires- Update to upstream release 2016-02-23- Update to upstream rc1 release 2016-01-07- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.3- Build libselinux without rpm_execcon() (#1284019)- Rebuilt for Python3.5 rebuild- Flush the class/perm string mapping cache on policy reload (#1264051) - Fix restorecon when path has no context- Simplify procattr cache (#1257157,#1232371)- Export ldflags into the build so hardening works- Update to 2.4 release- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- is_selinux_enabled: Add /etc/selinux/config test (#1219045) - matchpathcon/selabel_file: Fix man pages (#1219718)- revert support for policy compressed with xv (#1185266)- selinux.py - use os.walk() instead of os.path.walk() (#1195004) - is_selinux_enabled(): drop no-policy-loaded test (#1195074) - fix -Wformat errors and remove deprecated mudflap option- bump release and rebuild so that koji-shadow can rebuild it against new gcc on secondary arch- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.2- Compiled file context files and the original should have the same permissions from dwalsh@redhat.com - Add selinux_openssh_contexts_path() to get a path to /contexts/openssh_contexts- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4- Update to upstream * Get rid of security_context_t and fix const declarations. * Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.- Add selinux_openssh_contexts_path()- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.1- Fix spelling mistake in man page- More go bindings - restorecon, getpidcon, setexeccon- Add additional go bindings for get*con calls - Add go bindings test command - Modify man pages of set*con calls to mention that they are thread specific- Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go - Add Int_to_mcs function to generate MCS labels from integers.- Add ghost flag for /var/run/setrans- Update to upstream * Fix userspace AVC handling of per-domain permissive mode. - Verify context is not null when passed into *setfilecon_raw- revert unexplained change to rhat.patch which broke SELinux disablement- Verify context is not null when passed into lsetfilecon_raw- Mv selinux.go to /usr/share/gocode/src/selinux- Add golang support to selinux.- Remove togglesebool man page- Update to upstream * Remove -lpthread from pkg-config file; it is not required. - Add support for policy compressed with xv- Update to upstream * Fix avc_has_perm() returns -1 even when SELinux is in permissive mode. * Support overriding Makefile RANLIB from Sven Vermeulen. * Update pkgconfig definition from Sven Vermeulen. * Mount sysfs before trying to mount selinuxfs from Sven Vermeulen. * Fix man pages from Laurent Bigonville. * Support overriding PATH and LIBBASE in Makefiles from Laurent Bigonville. * Fix LDFLAGS usage from Laurent Bigonville * Avoid shadowing stat in load_mmap from Joe MacDonald. * Support building on older PCRE libraries from Joe MacDonald. * Fix handling of temporary file in sefcontext_compile from Dan Walsh. * Fix procattr cache from Dan Walsh. * Define python constants for getenforce result from Dan Walsh. * Fix label substitution handling of / from Dan Walsh. * Add selinux_current_policy_path from Dan Walsh. * Change get_context_list to only return good matches from Dan Walsh. * Support udev-197 and higher from Sven Vermeulen and Dan Walsh. * Add support for local substitutions from Dan Walsh. * Change setfilecon to not return ENOSUP if context is already correct from Dan Walsh. * Python wrapper leak fixes from Dan Walsh. * Export SELINUX_TRANS_DIR definition in selinux.h from Dan Walsh. * Add selinux_systemd_contexts_path from Dan Walsh. * Add selinux_set_policy_root from Dan Walsh. * Add man page for sefcontext_compile from Dan Walsh.- Add systemd_contexts support - Do substitutions on a local sub followed by a dist sub- Eliminate requirement on pthread library, by applying patch for Jakub Jelinek Resolves #1013801- Fix handling of libselinux getconlist with only one entry- Add Python constants for SELinux enforcing modes- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Add sefcontext_compile.8 man page - Add Russell Coker patch to fix man pages - Add patches from Laurent Bigonville to fix Makefiles for debian. - modify spec file to use /usr/lib- Fix patch that Handles substitutions for /- Handle substitutions for / - semanage fcontext -a -e / /opt/rh/devtoolset-2/root- Add Eric Paris patch to fix procattr calls after a fork.- Move secolor.conf.5 into mcstrans package and out of libselinux- Fix python bindings for selinux_check_access- Fix reseting the policy root in matchpathcon- Cleanup setfcontext_compile atomic patch - Add matchpathcon -P /etc/selinux/mls support by allowing users to set alternate root - Make sure we set exit codes from selinux_label calls to ENOENT or SUCCESS- Make setfcontext_compile atomic- Fix memory leak in set*con calls.- Move matchpathcon to -utils package - Remove togglesebool- Fix selinux man page to reflect what current selinux policy is.- Add new constant SETRANS_DIR which points to the directory where mstransd can find the socket and libvirt can write its translations files.- Bring back selinux_current_policy_path- Revert some changes which are causing the wrong policy version file to be created- Update to upstream * audit2why: make sure path is nul terminated * utils: new file context regex compiler * label_file: use precompiled filecontext when possible * do not leak mmapfd * sefcontontext_compile: Add error handling to help debug problems in libsemanage. * man: make selinux.8 mention service man pages * audit2why: Fix segfault if finish() called twice * audit2why: do not leak on multiple init() calls * mode_to_security_class: interface to translate a mode_t in to a security class * audit2why: Cleanup audit2why analysys function * man: Fix program synopsis and function prototypes in man pages * man: Fix man pages formatting * man: Fix typo in man page * man: Add references and man page links to _raw function variants * Use ENOTSUP instead of EOPNOTSUPP for getfilecon functions * man: context_new(3): fix the return value description * selinux_status_open: handle error from sysconf * selinux_status_open: do not leak statusfd on exec * Fix errors found by coverity * Change boooleans.subs to booleans.subs_dist. * optimize set*con functions * pkg-config do not specifc ruby version * unmap file contexts on selabel_close() * do not leak file contexts with mmap'd backend * sefcontext_compile: do not leak fd on error * matchmediacon: do not leak fd * src/label_android_property: do not leak fd on error- Update to latest patches from eparis/Upstream- Update to latest patches from eparis/Upstream- Try procatt speedup patch again- Roll back procattr speedups since it seems to be screwing up systemd labeling.- Fix tid handling for setfscreatecon, old patch still broken in libvirt- Fix tid handling for setfscreatecon, old patch still broken in libvirt- setfscreatecon after fork was broken by the Set*con patch. - We needed to reset the thread variables after a fork.- Fix setfscreatecon call to handle failure mode, which was breaking udev- Ondrej Oprala patch to optimize set*con functions - Set*con now caches the security context and only re-sets it if it changes.- Rebuild against latest libsepol- Update to latest patches from eparis/Upstream - Fix errors found by coverity - set the sepol_compute_av_reason_buffer flag to 0. This means calculate denials only? - audit2why: remove a useless policy vers variable - audit2why: use the new constraint information- Rebuild with latest libsepol- Return EPERM if login program can not reach default label for user - Attempt to return container info from audit2why- Apply patch from eparis to fix leaked file descriptor in new labeling code- Add new function mode_to_security_class which takes mode instead of a string. - Possibly will be used with coreutils.- Add back selinuxconlist and selinuxdefcon man pages- Fix segfault from calling audit2why.finish() multiple times- Fix up selinux man page to reference service man pages- Rebuild with fixed libsepol- Update to upstream * Add support for lxc_contexts_path * utils: add service to getdefaultcon * libsemanage: do not set soname needlessly * libsemanage: remove PYTHONLIBDIR and ruby equivalent * boolean name equivalency * getsebool: support boolean name substitution * Add man page for new selinux_boolean_sub function. * expose selinux_boolean_sub * matchpathcon: add -m option to force file type check * utils: avcstat: clear sa_mask set * seusers: Check for strchr failure * booleans: initialize pointer to silence coveriety * stop messages when SELinux disabled * label_file: use PCRE instead of glibc regex functions * label_file: remove all typedefs * label_file: move definitions to include file * label_file: do string to mode_t conversion in a helper function * label_file: move error reporting back into caller * label_file: move stem/spec handling to header * label_file: drop useless ncomp field from label_file data * label_file: move spec_hasMetaChars to header * label_file: fix potential read past buffer in spec_hasMetaChars * label_file: move regex sorting to the header * label_file: add accessors for the pcre extra data * label_file: only run regex files one time * label_file: new process_file function * label_file: break up find_stem_from_spec * label_file: struct reorg * label_file: only run array once when sorting * Ensure that we only close the selinux netlink socket once. * improve the file_contexts.5 manual page- rebuild for https://fedoraproject.org/wiki/Features/Python_3.3- make with_python3 be conditional on fedora- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d- Revert Eric Paris Patch for selinux_binary_policy_path- Update to upstream * Fortify source now requires all code to be compiled with -O flag * asprintf return code must be checked * avc_netlink_recieve handle EINTR * audit2why: silence -Wmissing-prototypes warning * libsemanage: remove build warning when build swig c files * matchpathcon: bad handling of symlinks in / * seusers: remove unused lineno * seusers: getseuser: gracefully handle NULL service * New Android property labeling backend * label_android_property whitespace cleanups * additional makefile support for rubywrap- Fix booleans.subs name, change function name to selinux_boolean_sub, add man page, minor fixes to the function- Fix to compile with Fortify source * Add -O compiler flag * Check return code from asprintf - Fix handling of symbolic links in / by realpath_not_final- Add support for lxc contexts file- Add support fot boolean subs file- Update to upstream * Fix dead links to www.nsa.gov/selinux * Remove jump over variable declaration * Fix old style function definitions * Fix const-correctness * Remove unused flush_class_cache method * Add prototype decl for destructor * Add more printf format annotations * Add printf format attribute annotation to die() method * Fix const-ness of parameters & make usage() methods static * Enable many more gcc warnings for libselinux/src/ builds * utils: Enable many more gcc warnings for libselinux/utils builds * Change annotation on include/selinux/avc.h to avoid upsetting SWIG * Ensure there is a prototype for 'matchpathcon_lib_destructor' * Update Makefiles to handle /usrmove * utils: Stop separating out matchpathcon as something special * pkg-config to figure out where ruby include files are located * build with either ruby 1.9 or ruby 1.8 * assert if avc_init() not called * take security_deny_unknown into account * security_compute_create_name(3) * Do not link against python library, this is considered * bad practice in debian * Hide unnecessarily-exported library destructors- Add selinux_current_policy_path to return /sys/fs/selinux/policy if it exists - Otherwise search for policy on disk- Change selinux_binary_policy_path to return /sys/fs/selinux/policy - Add selinux_installed_policy_path to return what selinux_binary_policy_path used to return - avc_has_perm will now return yes if the machine is in permissive mode - Make work with ruby-1.9- avc_netlink_recieve should continue to poll if it receinves an EINTR rather- use /sbin/ldconfig, glibc does not provide /usr/sbin/ldconfig in the RPM database for now- Rebuild with cleaned up upstream to work in /usr- install everything in /usr https://fedoraproject.org/wiki/Features/UsrMove- Add Dan Berrange code cleanup patches.- Fix selabal_open man page to refer to proper selinux_opt structure-Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page- Add patch from Richard Haines When selabel_lookup found an invalid context with validation enabled, it always stated it was 'file_contexts' whether media, x, db or file. The fix is to store the spec file name in the selabel_lookup_rec on selabel_open and use this as output for logs. Also a minor fix if key is NULL to stop seg faults. - Fix setenforce manage page.- Rebuild with new libsepol- Fix setenforce man page, from Miroslav Grepl- Upgrade to upstream * selinuxswig_python.i: don't make syscall if it won't change anything * Remove assert in security_get_boolean_names(3) * Mapped compute functions now obey deny_unknown flag * get_default_type now sets EINVAL if no entry. * return EINVAL if invalid role selected * Updated selabel_file(5) man page * Updated selabel_db(5) man page * Updated selabel_media(5) man page * Updated selabel_x(5) man page * Add man/man5 man pages * Add man/man5 man pages * Add man/man5 man pages * use -W and -Werror in utils- Change python binding for restorecon to check if the context matches. - If it does do not reset- Upgrade to upstream * Makefiles: syntax, convert all ${VAR} to $(VAR) * load_policy: handle selinux=0 and /sys/fs/selinux not exist * regenerate .pc on VERSION change * label: cosmetic cleanups * simple interface for access checks * Don't reinitialize avc_init if it has been called previously * seusers: fix to handle large sets of groups * audit2why: close fd on enomem * rename and export symlink_realpath * label_file: style changes to make Eric happy.- Apply libselinux patch to handle large groups in seusers.- Add selinux_check_access function. Needed for passwd, chfn, chsh- Handle situation where selinux=0 passed to the kernel and both /selinux and-Update to upstream * utils: matchpathcon: remove duplicate declaration * src: matchpathcon: use myprintf not fprintf * src: matchpathcon: make sure resolved path starts * put libselinux.so.1 in /lib not /usr/lib * tree: default make target to all not- Switch to use ":" as prefix separator rather then ";"- Avoid unnecessary shell invocation in %post.- Fix handling of subset labeling that is causing segfault in restorecon- Change matchpathcon_init_prefix and selabel_open to allow multiple initial prefixes. Now you can specify a ";" separated list of prefixes and the labeling system will only load regular expressions that match these prefixes.- Change matchpatcon to use proper myprintf - Fix symlink_realpath to always include "/" - Update to upstream * selinux_file_context_verify function returns wrong value. * move realpath helper to matchpathcon library * python wrapper makefile changes- Move to new Makefile that can build with or without PYTHON being set-Update to upstream 2.1.4 2011-0817 * mapping fix for invalid class/perms after selinux_set_mapping * audit2why: work around python bug not defining * resolv symlinks and dot directories before matching 2.1.2 2011-0803 * audit2allow: do not print statistics * make python bindings for restorecon work on relative path * fix python audit2why binding error * support new python3 functions * do not check fcontext duplicates on use * Patch for python3 for libselinux 2.1.1 2011-08-02 * move .gitignore into utils * new setexecon utility * selabel_open fix processing of substitution files * mountpoint changing patch. * simplify SRCS in Makefile 2.1.1 2011-08-01 * Remove generated files, introduce more .gitignore-Update to upstream * Release, minor version bump * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Only call dups check within selabel/matchpathcon if you are validating the context - This seems to speed the loading of labels by 4 times.- Move /selinux to /sys/fs/selinux - Add selinuxexeccon - Add realpath to matchpathcon to handle matchpathcon * type queries.- Update for latest libsepol- Update for latest libsepol- Fix restorecon python binding to accept relative paths-Update to upstream * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Clean up patch to make handling of constructor cleanup more portable * db_language object class support for selabel_lookup from KaiGai Kohei. * Library destructors for thread local storage keys from Eamon Walsh.- Add distribution subs pathAdd patch from dbhole@redhat.com to initialize thread keys to -1 Errors were being seen in libpthread/libdl that were related to corrupt thread specific keys. Global destructors that are called on dl unload. During destruction delete a thread specific key without checking if it has been initialized. Since the constructor is not called each time (i.e. key is not initialized with pthread_key_create each time), and the default is 0, there is a possibility that key 0 for an active thread gets deleted. This is exactly what is happening in case of OpenJDK. Workaround patch that initializes the key to -1. Thus if the constructor is not called, the destructor tries to delete key -1 which is deemed invalid by pthread_key_delete, and is ignored.- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data- Change mount source options to use "proc" and "selinuxfs"- Update to upstream * Turn off default user handling when computing user contexts by Dan Walsh- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fixup selinux man page- Fix Makefile to use pkg-config --cflags python3 to discover include paths- Update to upstream - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Update to upstream * Thread local storage fixes from Eamon Walsh.- Add /etc/tmpfiles.d support for /var/run/setrans- Ghost /var/run/setrans- Rebuilt for gcc bug 634757- rebuild via updated swig (#624674)- Update for python 3.2a1- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- Turn off messages in audit2why- Update to upstream * Add const qualifiers to public API where appropriate by KaiGai Kohei. 2.0.95 2010-06-10 * Remove duplicate slashes in paths in selabel_lookup from Chad Sellers * Adds a chcon method to the libselinux python bindings from Steve Lawrence - add python3 subpackage from David Malcolm* Set errno=EINVAL for invalid contexts from Dan Walsh.- Update to upstream * Show strerror for security_getenforce() by Colin Waters. * Merged selabel database support by KaiGai Kohei. * Modify netlink socket blocking code by KaiGai Kohei.- Update to upstream * Fix from Eric Paris to fix leak on non-selinux systems. * regenerate swig wrappers * pkgconfig fix to respect LIBDIR from Dan Walsh.- Update to upstream * Change the AVC to only audit the permissions specified by the policy, excluding any permissions specified via dontaudit or not specified via auditallow. * Fix compilation of label_file.c with latest glibc headers.- Fix potential doublefree on init- Fix libselinux.pc- Fix man page for selinuxdefcon- Free memory on disabled selinux boxes- Update to upstream * add/reformat man pages by Guido Trentalancia . * Change exception.sh to be called with bash by Manoj Srivastava - Fix selinuxdefcon man page- Update to upstream * Add pkgconfig file from Eamon Walsh.- Update to upstream * Rename and export selinux_reset_config()- Update to upstream * Add exception handling in libselinux from Dan Walsh. This uses a shell script called exception.sh to generate a swig interface file. * make swigify * Make matchpathcon print <> if path not found in fcontext file.- Eliminate -pthread switch in Makefile- Update to upstream * Removal of reference counting on userspace AVC SID's.- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Update to upstream * Reverted Tomas Mraz's fix for freeing thread local storage to avoid pthread dependency. * Removed fini_context_translations() altogether. * Merged lazy init patch from Stephen Smalley based on original patch by Steve Grubb.- Update to upstream * Add per-service seuser support from Dan Walsh. * Let load_policy gracefully handle selinuxfs being mounted from Stephen Smalley. * Check /proc/filesystems before /proc/mounts for selinuxfs from Eric Paris.- Add provices ruby(selinux)- Update to upstream * Fix improper use of thread local storage from Tomas Mraz . * Label substitution support from Dan Walsh. * Support for labeling virtual machine images from Dan Walsh.- Update to upstream * Trim / from the end of input paths to matchpathcon from Dan Walsh. * Fix leak in process_line in label_file.c from Hiroshi Shinji. * Move matchpathcon to /sbin, add matchpathcon to clean target from Dan Walsh. * getdefaultcon to print just the correct match and add verbose option from Dan Walsh.- Update to upstream * deny_unknown wrapper function from KaiGai Kohei. * security_compute_av_flags API from KaiGai Kohei. * Netlink socket management and callbacks from KaiGai Kohei.- Fix Memory Leak- Fix crash in python- Add back in additional interfaces- Add back in av_decision to python swig- Update to upstream * Netlink socket handoff patch from Adam Jackson. * AVC caching of compute_create results by Eric Paris.- Add patch from ajax to accellerate X SELinux - Update eparis patch- Add eparis patch to accellerate Xwindows performance- Fix URL- Add substitute pattern - matchpathcon output <> on ENOENT- Update to upstream * Fix incorrect conversion in discover_class code.- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- Add - selinux_virtual_domain_context_path - selinux_virtual_image_context_path- Throw exeptions in python swig bindings on failures- Fix restorecon python code- Update to upstream- Strip trailing / for matchpathcon- Fix segfault if seusers file does not work- Add new function getseuser which will take username and service and return - seuser and level. ipa will populate file in future. - Change selinuxdefcon to return just the context by default- Rebuild for Python 2.6- Update to Upstream * Allow shell-style wildcards in x_contexts file.- Eamon Walsh Patch - libselinux: allow shell-style wildcarding in X names - Add Restorecon/Install python functions from Luke Macken- Update to Upstream * Correct message types in AVC log messages. * Make matchpathcon -V pass mode from Dan Walsh. * Add man page for selinux_file_context_cmp from Dan Walsh.- Update to Upstream * New man pages from Dan Walsh. * Update flask headers from refpolicy trunk from Dan Walsh.- Fix matchpathcon -V call- Add flask definitions for open, X and nlmsg_tty_audit- Add missing get/setkeycreatecon man pages- Split out utilities- Add missing man page links for [lf]getfilecon- Update to Upstream * Add group support to seusers using %groupname syntax from Dan Walsh. * Mark setrans socket close-on-exec from Stephen Smalley. * Only apply nodups checking to base file contexts from Stephen Smalley.- Update to Upstream * Merge ruby bindings from Dan Walsh. - Add support for Linux groups to getseuserbyname- Allow group handling in getseuser call- Update to Upstream * Handle duplicate file context regexes as a fatal error from Stephen Smalley. This prevents adding them via semanage. * Fix audit2why shadowed variables from Stephen Smalley. * Note that freecon NULL is legal in man page from Karel Zak.- Add ruby support for puppet- Rebuild for new libsepol- Add Karel Zak patch for freecon man page- Update to Upstream * New and revised AVC, label, and mapping man pages from Eamon Walsh. * Add swig python bindings for avc interfaces from Dan Walsh.- Update to Upstream * Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call matchpathcon_init_prefix if not already initialized. * Add -q qualifier for -V option of matchpathcon and change it to indicate whether verification succeeded or failed via exit status.- libselinux no longer neets to telnet -u in post install- Add sedefaultcon and setconlist commands to dump login context- Update to Upstream * Fixed selinux_set_callback man page. * Try loading the max of the kernel-supported version and the libsepol-supported version when no manipulation of the binary policy is needed from Stephen Smalley. * Fix memory leaks in matchpathcon from Eamon Walsh.- Add Xavior Toth patch for security_id_t in swig- Add avc.h to swig code- Grab the latest policy for the kernel- Update to Upstream * Man page typo fix from Jim Meyering.- Update to Upstream * Changed selinux_init_load_policy() to not warn about a failed mount of selinuxfs if selinux was disabled in the kernel.- Fix matchpathcon memory leak- Update to Upstream * Merged new X label "poly_selection" namespace from Eamon Walsh.- Update to Upstream * Merged reset_selinux_config() for load policy from Dan Walsh.- Reload library on loading of policy to handle chroot- Update to Upstream * Merged avc_has_perm() errno fix from Eamon Walsh.- Update to Upstream * Regenerated Flask headers from refpolicy flask definitions.- Update to Upstream * Merged compute_member AVC function and manpages from Eamon Walsh. * Provide more error reporting on load policy failures from Stephen Smalley.- Update to Upstream * Merged new X label "poly_prop" namespace from Eamon Walsh.- Update to Upstream * Disable setlocaldefs if no local boolean or users files are present from Stephen Smalley. * Skip userspace preservebools processing for Linux >= 2.6.22 from Stephen Smalley.- Update to Upstream * Merged fix for audit2why from Dan Walsh.- Fix audit2why to grab latest policy versus the one selected by the kernel* Merged audit2why python binding from Dan Walsh.* Merged updated swig bindings from Dan Walsh, including typemap for pid_t.- Update to use libsepol-static library- Move libselinux.a to -static package - Spec cleanups- Put back libselinux.a- Fix memory references in audit2why and change to use tuples - Update to Upstream * Fix for the avc: granted null message bug from Stephen Smalley.- Fix __init__.py specification- Add audit2why python bindings- Add pid_t typemap for swig bindings- smp_mflag- Fix spec file caused by spec review- Upgrade to upstream * matchpathcon(8) man page update from Dan Walsh.- Upgrade to upstream * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley. * Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley. * A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.- Upgrade to upstream * Regenerated Flask headers from policy.- Upgrade to upstream * AVC enforcing mode override patch from Eamon Walsh. * Aligned attributes in AVC netlink code from Eamon Walsh. - Move libselinux.so back into devel package, procps has been fixed- Upgrade to upstream * Merged refactored AVC netlink code from Eamon Walsh. * Merged new X label namespaces from Eamon Walsh. * Bux fix and minor refactoring in string representation code.- Upgrade to upstream * Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.- Upgrade to upstream * Fix segfault resulting from missing file_contexts file.- Fix segfault on missing file_context file- Upgrade to upstream * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh. * Pass CFLAGS when using gcc for linking from Dennis Gilmore.- Add sparc patch to from Dennis Gilmore to build on Sparc platform- Remove leaked file descriptor- Upgrade to latest from NSA * Fix selabel option flag setting for 64-bit from Stephen Smalley.- Change matchpatcon to use syslog instead of syserror- Upgrade to latest from NSA * Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley. * Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley. * Fix swig binding for rpm_execcon from James Athey.- Apply James Athway patch to fix rpm_execcon python binding- Move libselinux.so back into main package, breaks procps- Upgrade to upstream * Fix file_contexts.homedirs path from Todd Miller.- Remove requirement on setransd, Moved to selinux-policy-mls- Move libselinux.so into devel package - Upgrade to upstream * Fix segfault resulting from uninitialized print-callback pointer. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh.- Upgrade to upstream * Updated version for stable branch. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh. * Updated av_permissions.h and flask.h to include new nscd permissions from Dan Walsh. * Added swigify to top-level Makefile from Dan Walsh. * Fix for string_to_security_class segfault on x86_64 from Stephen Smalley.- Apply Steven Smalley patch to fix segfault in string_to_security_class- Fix matchpathcon to set default myprintf- Upgrade to upstream * Fix for getfilecon() for zero-length contexts from Stephen Smalley.- Update to match flask/access_vectors in policy- Fix man page markup lanquage for translations- Fix semanage segfault on x86 platform- Upgrade to upstream * Labeling and callback interface patches from Eamon Walsh.- Refactored swig- Upgrade to upstream * Class and permission mapping support patches from Eamon Walsh. * Object class discovery support patches from Chris PeBenito. * Refactoring and errno support in string representation code.- Upgrade to upstream - Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura. This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case. 2.0.17 2007-05-31 * Updated Lindent script and reindented two header files.- Upgrade to upstream * Merged additional swig python bindings from Dan Walsh. * Merged helpful message when selinuxfs mount fails patch from Dax Kelson.- Upgrade to upstream * Merged build fix for avc_internal.c from Joshua Brindle.- Add get_context_list funcitions to swig file- Upgrade to upstream * Merged rpm_execcon python binding fix, matchpathcon man page fix, and getsebool -a handling for EACCES from Dan Walsh.- Add missing interface- Upgrade to upstream * Merged support for getting initial contexts from James Carter.- Upgrade to upstream * Merged userspace AVC patch to follow kernel's behavior for permissive mode in caching previous denials from Eamon Walsh. * Merged sidput(NULL) patch from Eamon Walsh.- Make rpm_exec swig work- Upgrade to upstream * Merged class/av string conversion and avc_compute_create patch from Eamon Walsh.- Upgrade to upstream * Merged fix for avc.h #include's from Eamon Walsh.- Add stdint.h to avc.h- Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb. - Merged patch to drop support for old /etc/sysconfig/selinux and - /etc/security policy file layout from Steve Grubb.- Do not fail on permission denied in getsebool- Upgrade to upstream * Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve Grubb.- Upgrade to upstream * Removed sending of setrans init message. * Merged matchpathcon memory leak fix from Steve Grubb.- Upgrade to upstream * Merged more swig initializers from Dan Walsh.- Upgrade to upstream * Merged patch from Todd Miller to convert int types over to C99 style.- Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of the use of the non-standard format (original patch changed for style). - Merged patch from Todd Miller to fix memory leak in matchpathcon.c.- Add context function to python to split context into 4 parts- Upgrade to upstream * Updated version for stable branch.- Upgrade to upstream * Merged man page updates to make "apropos selinux" work from Dan Walsh.- Upgrade to upstream * Merged getdefaultcon utility from Dan Walsh.- Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli- Add reference to selinux man page in all man pages to make apropos work Resolves: # 217881- Upstream wanted some minor changes, upgrading to keep api the same - Upgrade to upstream * Merged selinux_check_securetty_context() and support from Dan Walsh. Resolves: #200110- Cleanup patch- Add securetty handling Resolves: #200110- Upgrade to upstream * Merged patch for matchpathcon utility to use file mode information when available from Dan Walsh.- rebuild against python 2.5- Fix matchpathcon to lstat files- Update man page- Upgrade to upstream- Add James Antill patch for login verification of MLS Levels - MLS ragnes need to be checked, Eg. login/cron. This patch adds infrastructure.- Upgrade to latest from NSA * Merged updated flask definitions from Darrel Goeddel. This adds the context security class, and also adds the string definitions for setsockcreate and polmatch.- Upgrade to latest from NSA * Updated version for release.- rebuilt for unwind info generation, broken in gcc-4.1.1-21- Upgrade to latest from NSA * Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.- really make -devel depend on libsepol-devel- Add sgrubb patch for polmatch- Upgrade to latest from NSA * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client- have -devel require libsepol-devel- Upgrade to latest from NSA * Merged patch to not log avc stats upon a reset from Steve Grubb. * Applied patch to revert compat_net setting upon policy load. * Merged file context homedir and local path functions from Chris PeBenito.- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc* (#203001)- Upgrade to latest from NSA * Merged file context homedir and local path functions from Chris PeBenito. * Rework functions that access /proc/pid/attr to access the per-thread nodes, and unify the code to simplify maintenance.- Upgrade to latest from NSA * Merged return value fix for *getfilecon() from Dan Walsh. * Merged sockcreate interfaces from Eric Paris.- Fix translation return codes to return size of buffer- Upgrade to latest from NSA * Merged no-tls-direct-seg-refs patch from Jeremy Katz. * Merged netfilter_contexts support patch from Chris PeBenito.- Upgrade to latest from NSA * Merged context_*_set errno patch from Jim Meyering.- only build non-fpic objects with -mno-tls-direct-seg-refs- build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults with xen (#200783)- Rebuild for new gcc- Fix libselinux to not telinit during installs- Upgrade to latest from NSA * Lindent. * Merged {get,set}procattrcon patch set from Eric Paris. * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. * Regenerated Flask headers from refpolicy. * Merged patch from Dan Walsh with: - Added selinux_file_context_{cmp,verify}. - Added selinux_lsetfilecon_default. - Delay translation of contexts in matchpathcon.- Yet another change to matchpathcon- Turn off error printing in library. Need to compile with DEBUG to get it back- Fix error reporting of matchpathcon- Add function to compare file context on disk versus contexts in file_contexts file.- Upgrade to latest from NSA * Merged patch from Dan Walsh with: * Added selinux_getpolicytype() function. * Modified setrans code to skip processing if !mls_enabled. * Set errno in the !selinux_mnt case. * Allocate large buffers from the heap, not on stack. Affects is_context_customizable, selinux_init_load_policy, and selinux_getenforcemode.- Add selinux_getpolicytype()- Upgrade to latest from NSA * Merged !selinux_mnt checks from Ian Kent.- Check for selinux_mnt == NULL- Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn.- Remove getseuser- Bump requires to grab latest libsepol- Add BuildRequires for swig- Upgrade to latest from NSA * Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. * Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.- More fixes for translation cache - Upgrade to latest from NSA * Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().- Add simple cache to improve translation speed- Upgrade to latest from NSA * Merged setrans client cleanup patch from Steve Grubb.- Add Russell's AVC patch to handle large numbers- Upgrade to latest from NSA * Merged getfscreatecon man page fix from Dan Walsh. * Updated booleans(8) man page to drop references to the old booleans file and to note that setsebool can be used to set the boot-time defaults via -P.- Upgrade to latest from NSA * Merged fix warnings patch from Karl MacMillan. * Merged setrans client support from Dan Walsh. This removes use of libsetrans. * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. * Merged swig typemap fixes from Glauber de Oliveira Costa.- Change the way translations work, Use setransd/remove libsetrans- Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)- Upgrade to latest from NSA * Added distclean target to Makefile. * Regenerated swig files. * Changed matchpathcon_init to verify that the spec file is a regular file. * Merged python binding t_output_helper removal patch from Dan Walsh.- Fix python bindings for matchpathcon - Fix booleans man page- Merged Makefile PYLIBVER definition patch from Dan Walsh.- Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA * Updated version for release. * Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- Upgrade to latest from NSA * Merged install-pywrap Makefile patch from Joshua Brindle.- Upgrade to latest from NSA * Merged pywrap Makefile patch from Dan Walsh.- Split out pywrap in Makefile- Upgrade to latest from NSA * Added getseuser test program.- Upgrade to latest from NSA * Added format attribute to myprintf in matchpathcon.c and removed obsoleted rootlen variable in init_selinux_config().- Build with new libsepol- Upgrade to latest from NSA * Merged several fixes and improvements from Ulrich Drepper (Red Hat), including: - corrected use of getline - further calls to __fsetlocking for local files - use of strdupa and asprintf - proper handling of dirent in booleans code - use of -z relro - several other optimizations * Merged getpidcon python wrapper from Dan Walsh (Red Hat).- Add build requires line for libsepol-devel- Fix swig call for getpidcon- Move libselinux.so to base package- Upgrade to latest from NSA * Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.- update to latest libsetrans - Fix potential memory leak- rebuilt- Update to never version * Merged patch for swig interfaces from Dan Walsh.- Update to never version- Fix some of the python swig objects- Update to latest from NSA * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified matchpathcon implementation to make context validation/ canonicalization optional at matchpathcon_init time, deferring it to a successful matchpathcon by default unless the new flag is set by the caller. * Added matchpathcon_init_prefix() interface, and reworked matchpathcon implementation to support selective loading of file contexts entries based on prefix matching between the pathname regex stems and the specified path prefix (stem must be a prefix of the specified path prefix).- Update to latest from NSA * Change getsebool to return on/off instead of active/inactive- Update to latest from NSA * Added -f file_contexts option to matchpathcon util. Fixed warning message in matchpathcon_init(). * Merged Makefile python definitions patch from Dan Walsh.- Update to latest from NSA * Merged swigify patch from Dan Walsh.- Separate out libselinux-python bindings into separate rpm- Read libsetrans requirement- Add python bindings- Update to latest from NSA * Merged make failure in rpm_execcon non-fatal in permissive mode patch from Ivan Gyurdiev.- Remove requirement for libsetrans- Update to latest from NSA * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.- Update to latest from NSA * Added security_canonicalize_context() interface and set_matchpathcon_canoncon() interface for obtaining canonical contexts. Changed matchpathcon internals to obtain canonical contexts by default. Provided fallback for kernels that lack extended selinuxfs context interface. - Patch to not translate mls when calling setfiles- Update to latest from NSA * Merged seusers parser changes from Ivan Gyurdiev. * Merged setsebool to libsemanage patch from Ivan Gyurdiev. * Changed seusers parser to reject empty fields.- Update to latest from NSA * Merged seusers empty level handling patch from Jonathan Kim (TCS).- Rebuild for latest libsepol- Rebuild for latest libsepol- Change default to __default__- Change default to __default__- Add selinux_translations_path- Update to latest from NSA * Merged selinux_path() and selinux_homedir_context_path() functions from Joshua Brindle.- Need to check for /sbin/telinit- Update to latest from NSA * Merged fixes for make DESTDIR= builds from Joshua Brindle.- Update to latest from NSA * Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red Hat). * Updated call to sepol_policydb_to_image for sepol changes. * Changed getseuserbyname to ignore empty lines and to handle no matching entry in the same manner as no seusers file.- Tell init to reexec itself in post script- Update to latest from NSA * Changed selinux_mkload_policy to try downgrading the latest policy version available to the kernel-supported version. * Changed selinux_mkload_policy to fall back to the maximum policy version supported by libsepol if the kernel policy version falls outside of the supported range.- Update to latest from NSA * Changed getseuserbyname to fall back to the Linux username and NULL level if seusers config file doesn't exist unless REQUIRESEUSERS=1 is set in /etc/selinux/config. * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.- Update to latest from NSA * Added selinux_init_load_policy() function as an even higher level interface for the initial policy load by /sbin/init. This obsoletes the load_policy() function in the sysvinit-selinux.patch. * Added selinux_mkload_policy() function as a higher level interface for loading policy than the security_load_policy() interface.- Update to latest from NSA * Merged fix for matchpathcon (regcomp error checking) from Johan Fischer. Also added use of regerror to obtain the error string for inclusion in the error message.- Update to latest from NSA * Changed getseuserbyname to not require (and ignore if present) the MLS level in seusers.conf if MLS is disabled, setting *level to NULL in this case.- Update to latest from NSA * Merged getseuserbyname patch from Dan Walsh.- Fix patch to satisfy upstream- Update to latest from NSA - Add getseuserbyname- Fix patch call- Fix strip_con call- Go back to original libsetrans code- Eliminate forth param from mls context when mls is not enabled.- Update from NSA * Merged modified form of patch to avoid dlopen/dlclose by the static libselinux from Dan Walsh. Users of the static libselinux will not have any context translation by default.- Update from NSA * Added public functions to export context translation to users of libselinux (selinux_trans_to_raw_context, selinux_raw_to_trans_context).- Update from NSA * Remove special definition for context_range_set; use common code.- Update from NSA * Hid translation-related symbols entirely and ensured that raw functions have hidden definitions for internal use. * Allowed setting NULL via context_set* functions. * Allowed whitespace in MLS component of context. * Changed rpm_execcon to use translated functions to workaround lack of MLS level on upgraded systems.- Allow set_comp on unset ranges- Merged context translation patch, originally by TCS, with modifications by Dan Walsh (Red Hat).- Apply translation patch- Update from NSA * Merged several fixes for error handling paths in the AVC sidtab, matchpathcon, booleans, context, and get_context_list code from Serge Hallyn (IBM). Bugs found by Coverity. * Removed setupns; migrated to pam. * Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original symbol is temporarily retained for compatibility until all callers are updated.- Update makefiles- Update from NSA * Merged security_setupns() from Chad Sellers. - fix selinuxenabled man page- Update from NSA * Merged avcstat and selinux man page from Dan Walsh. * Changed security_load_booleans to process booleans.local even if booleans file doesn't exist.- Fix avcstat to clear totals- Add info to man page- Update from NSA * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat). * Rewrote get_ordered_context_list and helpers, including changing logic to allow variable MLS fields.- Update from NSA- Add backin matchpathcon- Fix selinux_policy_root man page- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;- Update from NSA * Fixed bug in matchpathcon_filespec_destroy.- Update from NSA * Fixed bug in rpm_execcon error handling path.- Update from NSA * Merged fix for set_matchpathcon* functions from Andreas Steinmetz. * Merged fix for getconlist utility from Andreas Steinmetz.- Update from NSA- Better handling of booleans- Update from NSA * Merged destructors patch from Tomas Mraz.- Update from NSA * Added set_matchpathcon_flags() function for setting flags controlling operation of matchpathcon. MATCHPATHCON_BASEONLY means only process the base file_contexts file, not file_contexts.homedirs or file_contexts.local, and is for use by setfiles -c. * Updated matchpathcon.3 man page.- Update from NSA- Update from NSA * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.- Update from NSA * Changed matchpathcon_common to ignore any non-format bits in the mode.- Default matchpathcon to regular files if the user specifies a mode- Update from NSA * Merged several fixes from Ulrich Drepper.- Fix matchpathcon on eof.- Update from NSA * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh. * Added selinux_users_path() for path to directory containing system.users and local.users.- Process file_context.homedir- Update from NSA * Changed relabel Makefile target to use restorecon.- Update from NSA * Regenerated av_permissions.h.- Update from NSA * Modified avc_dump_av to explicitly check for any permissions that cannot be mapped to string names and display them as a hex value. * Regenerated av_permissions.h.- Update from NSA * Generalized matchpathcon internals, exported more interfaces, and moved additional code from setfiles into libselinux so that setfiles can directly use matchpathcon.- Update from NSA * Prevent overflow of spec array in matchpathcon. * Fixed several uses of internal functions to avoid relocations. * Changed rpm_execcon to check is_selinux_enabled() and fallback to a regular execve if not enabled (or unable to determine due to a lack of /proc, e.g. chroot'd environment).- Update from NSA * Merged minor fix for avcstat from Dan Walsh.- rpmexeccon should not fail in permissive mode.- fix printf in avcstat- Update from NSA- Modify matchpathcon to also process file_contexts.local if it exists- Add is_customizable_types function call- Update to latest from upstream * Just changing version number to match upstream- Update to latest from upstream * Changed matchpathcon to return -1 with errno ENOENT for <> entries, and also for an empty file_contexts configuration.- Fix link devel libraries- Fix unitialized variable in avcstat.c- Upgrade to upstream * Removed some trivial utils that were not useful or redundant. * Changed BINDIR default to /usr/sbin to match change in Fedora. * Added security_compute_member. * Added man page for setcon.- Upgrade to upstream- Add avcstat program- Add lots of missing man pages- Fix output of getsebool.- Update from upstream, fix setsebool -P segfault- Add a patch from upstream. Fixes signed/unsigned issues, and incomplete structure copy.- More fixes from sgrubb, better syslog- Have setsebool and togglesebool log changes to syslog- Add patch to make setsebool update bool on disk - Make togglesebool have a rollback capability in case it blows up inflight- Upgrade to latest from NSA- Changed the location of the utilities to /usr/sbin since normal users can't use them anyways.- Updated various utilities, removed utilities that are for testing, added man pages.- Add -g flag to make - Upgrade to latest from NSA * Added rpm_execcon.- Upgrade to latest from NSA * Merged setenforce and removable context patch from Dan Walsh. * Merged build fix for alpha from Ulrich Drepper. * Removed copyright/license from selinux_netlink.h - definitions only.- Change setenforce to accept Enforcing and Permissive- Add alpha patch- Upgrade to latest from NSA- Add selinux_removable_context_path- Update from NSA * Add matchmediacon- Update from NSA * Merged in matchmediacon changes.- Update from NSA * Regenerated headers for new nscd permissions.- Add matchmediacon- Update from NSA * Added get_default_context_with_role.- Clean up spec file * Patch from Matthias Saou- Update from NSA * Added set_matchpathcon_printf.- Update from NSA * Reworked av_inherit.h to allow easier re-use by kernel.- Add strcasecmp in selinux_config - Update from NSA * Changed avc_has_perm_noaudit to not fail on netlink errors. * Changed avc netlink code to check pid based on patch by Steve Grubb. * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA - Add optflags- Update from NSA- Add matchpathcon man page - Latest from NSA * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA- New upstream version- Latest from Upstream- Fix man pages- Latest from Upstream- Latest from Upstream- Add man page for boolean functions and SELinux- Latest from NSA- Latest from NSA- uppercase getenforce returns, to make them match system-config-securitylevel- Remove old path patch- Update to latest from NSA - Add fix to only get old path if file_context file exists in old location- Update to latest from NSA- add nlclass patch - Update to latest from NSA- rebuilt- Fix selinux_config to break once it finds SELINUXTYPE.-Update with latest from NSA- Change to use new policy mechanism- add man patch- Update with latest from NSA- Update with latest from NSA- Add changes for relaxed policy - Update to match NSA- Add relaxed policy changes- Sync with NSA- Remove requires glibc>2.3.4- Fix selinuxenabled man page.- Upgrade to 1.11- Add memleaks patch- Upgrade to latest from NSA and add more man pages- Update to match NSA - Cleanup some man pages- Upgrade to latest from NSA- Add Russell's Man pages- Change getenforce to also check is_selinux_enabled- Add ownership to /usr/include/selinux- fix location of file_contexts file.- Fix matchpathcon to use BUFSIZ- rebuilt- add matchpathcon- rebuilt- Add rootok patch- Updated getpeernam patch- Add getpeernam patch- Add getpeercon patch- Put mntpoint patch, because found fix for SysVinit- Add remove mntpoint patch, because it breaks SysVinit- Add mntpoint patch for SysVinit- Add -r -u -t to getcon- Upgrade to latest from NSA- Fix x86_64 build- Latest tarball from NSA.- Update with latest changes from NSA- Change location of .so file- Break out into development library- Move location of libselinux.so to /lib- Add selinuxenabled patch- Update with final NSA 1.2 sources.- Update with latest from NSA.- Fix to build on x86_64- update for version 1.2- Initial version2.5-12.fc242.5-12.fc24_selinux.soselinux__init__.py__init__.pyc__init__.pyoaudit2why.so/usr/lib/python2.7/site-packages//usr/lib/python2.7/site-packages/selinux/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=harddrpmxz2armv7hl-redhat-linux-gnueabiELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=cb42a85bddd4a4a60037a11d45deb047d51576c1, strippeddirectoryPython script, ASCII text executablepython 2.7 byte-compiledELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=33a888883fdfa1d62523a24b2514293525858d5e, stripped  RRRRRRRR RRRRRRRRRRRR Rutf-8?`7zXZ !#, ]"k%dh-; cl%cˉ> fj8^Jz:|Y.ew-x Gp]N0ӆpLFw-))Eх 7p 9J)#^HSys!~. ~oO>zbg!3_E'p(Gb0{3=֌ꓓT777"%Zu.[2E4vy.D21;@ZD!NjJOĴ7 [bJi'IkLB&rN4|狔ߢzsx!3? ٸ aL+g :+xηhY޺Hc:&\놿\V :ҁ@e0נ~?y'7LLfJSk;O!09ӌ\>-=5! S\jc$+$Q\>͊UY٠l2xz2@^c1n[Q,q' ~f0)7$.c>@ϐ*iZAe<?@ ӡZ.^rB(UP5ks+@EPP zUMGQ.NS?C#;Qui*f}=oK~4'? ~c jQx3=>K6}aK,tԧu@QUɾ;׎׮ >8BU¦Z3(Y <_>8pK̵bzpK &\bk3#R(IZ,N-o&+Cst_ ŭK'YslvX 8%Dii=rZDxjg1šG_O-L-p#XYW -\=1Ĭb0 }Ӷ|P1FZi *dV^隢wcFQp6Aohu˴:RcetsZ1]~Jm 䵤WM*v&TGZ~/*၄ ϞE;]ȕbJJO&>86^f|)}CEXǗ'gj",9kũ*wHDvе.yp 'g ;?"`Ib !ocψԹWn yG3b|tpBxj{I/fy@,"IfI Ic8%*/rIhr_:e٬{\qlh~v| ?sYmĿ&͗v^ ;Ķtqyg3D8kRqwKf׳2W&רĴBԒi1q02)FϟU]*jKv7#_L]$2Vq.uM3ןQl*B9)J1N1C~Q- Ȩ?E G@=:XG`skW<$%RK8׆=ꍾh=Px|6B חlXtd|˩ d+s|36)C%!)|ӂ͜jJӹKVVA7%FVz^!.YAipr6gw|_j4OE<5iTtc&~ p|]/%]20}JjE"ws+I.AdPA"&U~!U,v65@%'A5X}+AEhBA`x4`E&v)=&eU=̊&&ouoR.AI5BcBuʱycgxNZA%Iȭ j̯FX]*o[",D/$pfJ$P0A\ ĐzZ[`+ݜ:P&ca⢧]~AܖLuWN7[ԗ[:[Zv8o߰ k_{vBA` XKdBEnen}  b/rQnnfظ7pLBDrt53)x;[zUa]½3Hh&ssӟƑI?beY  > t :xgn#mN ]efls G~-I@'}Rb%f~ ""hVz|Ugͨ,& Hj#n%hfIJpPP/ La9J}I$vqZ$8|q 9aDm<'AoMK0SRۥP#].\*۩qdU `QC,ᅇ%4NC>X_!2nD:\ :}P"w࠴A?(֎lq7UYD1l,i2/*ľ^`O7 vI E;el $J[һ8_*'E$fqW+N?3jjIKǣf9MLs ;3E55T3jb|\~ٌe?Umk?(Q@fmt "zU{8]a VVT muT Q7bn<s┳cO.&{b lߛ+;X6m"ep|\oc@~jx< q*"&>ItH/ýE+z 5htxz45f)>-MXo>]uU֐={nͼ<6Uj3u0EFyzrJg:߇CD?jXiU̜Sq-@ ֞>7FB "Iaw\pq*SK,5pLW<`uxvN-#}VGo]l`pBX KH b_x#d.\9qsj!Kf%3&F!@{Fw@A|KɢV0Dso&XFdb:H{INW k81_({;x?6Na!ߏn ߟLi!bpaғ#by .Aicmf˛<> th|IWӨ0KEnb:Eo> 0t*0нV쯪J ȊzkKͺ5auLXP{Im NbtJƠLIݩrjҙ= !nğh'N2FU@b^?> )r%]ĄX|"kB;P pP=Z f,V q?)Ŗ^좚}Y˂AP&2Km"R56ˠbvHbo Wҭ&-ۛ duPyg"h" XU# &̪8>K7փY:,rZa10jsW يl#t@(QРdp\ל#&$.i"%f[A?3BUs`g-~éO؇g'GI$!=!3^7@UEg2(fg5 Y>N^~Q~e/bÌ#s7ʩA @#B.DV"iMcXTx1X*R&oFԳ T9:&yiCl\X*ja{j3nA] o#P_k%HbF<&=z^籿)AEH/u'\w9$]gUh+5"ɶUQ/9Ӎ7!7^yl[@zzIK}wl[ +I`<Х+OMi\>jH;vO]_ c>JWYh638"חZ!6dT3 E3vl:< iʷ 7d  ^Lh=J>C@,g4,D86LTQF( $qʑb8 '&a_*4(%壸a8Q [:M }e9[/|ˡ>A;gXmbD7iF+d'wd>eo'm*hu<ō.@0/=.O;1 ^;t WG(P=\@leO~\حن7رMT@~kpݥfI9R$Ð]Ag-6t`ǎNGqUw[q LU5QYZs r1>?ԍBʧ%%O:%VR`]JȸrC)nYE YU 1 7u/!#~Gb43nb)|޵#S^Lu:BcyNxWh䶭&fY߉L1z;Ы:=Q57 hPsY=s&PWL$1V"!09 5 `I(ߦa: I[?Q3Q}6ɺEc X2$6ahBig50BJ 5mqx'Q;: z>l,O{&1+Nu$?st:!K?%`D4vk5jJ+R"\63W^9X֝I^"xYx,xCbAL:d/DpPZOs8=*˼gwNWu~m̬v],uFeoIb 0H$ !!zL͸}{%,Fc"cme^)p(9+.?^<>Km +/z`i̍nyU9/uF_JaKo?\oFM>16ÐP@sU{'j1a:6[RN2wjdcj,JP_(4njiV }ZIt-/ vIJ:n5Vy{9%7#Jֲś} }ͥK$9WO"2-jˎ#Zr-o&TMv o*BB6RylPC|JRXfqxh].W##_TD䓳Pe`k+ ~% K*gJv|`0jp.cNL nL_z&]B!σOZۤ3M,y%1X,qvOnyX@d4ywY*'sÑc% /{ST)O&Չ'@pujL |w%­8\m8 @ZSz.oZoW~@ 6L8%)˚dILءtz(9>1'+`bE܁A}AM]s{"Dwla,(aCksty\J<.J/̟$3F\$$xȞlw<ЅIx>|Ehd;@mW>6*2ſh)X/#_"n})Iw ícB:~s:-D(`D1rwO~'"#AЌO27,R#׶֛mO#W^!M1i Sl?'\ M3Vɉ.r4lMd^nHJ~.|*_p_х zԪŜz[2PT_̎6hȺQ mJ rzS;ln>8^8NPdrNieg7}^$Q4U1ݙve7ɔz7=qyz?oG}r3don{dU )\&I[^wa7N qw=aٻ~Ll*81UB) Fp0L:se#;Q-" Ux4+1OodzngT8=Ce{deJƹTpB!ﱔ}146N3BWZH$T @aq/AɆSl2ՈNSF hр/ '+'^4>4KK|9pj0PcS`ck,skSai(2;eVұ{sQƸ6ה0dɞeHIO&.F(dА2Y{Tmȅ+]qݛd5eY=Wp*}vdX[ yw9pTúag9倝B2ޟ ʻv3P!aM'C,%ꢹЕ6Zg02 U&4H.1 !`b˪ErqVu,^!dL&D>y҂/suR% 7iDXƟGkӤF-jkݒGQ}JQrEp2!"}vsv\rh ̧ ԋWPb;i0J,@,<|sp3րNPhT>nj3PXzi,$aõB=͏ !OCzbMP)=C FM .{%ʹ1Jo&:+6,Cĸj"ðV%]ci/"ؔuGtDa?[_)vp9$4\OoVSF2ޱ%s"T-ADhJR]ԮI] N #!L oo]0083Qp؏R9"#$ Ͽz{jioom;D%mU=oe1m+]f;.Ro{-^rfQuie)8sӴp2-ȎtJ`^Ź mrZ>?8< thxynYQ/4ՐKĿ6y<{#!R gpqR&Sb8I)3tJSd?0t_낻{ .V9?P'_ _W*DU 龰=$ŃP]wz1ՎVЪf=SL}XDs:ɭ5Q 1Mb{)19UeuojJ7r⫎`Jw;؜\X -x0i/hFչUgNج6ۺ%#R耄4Ơy8~ ]RU0͎BLQ 0^aHL+~w Sh3Ǚ) aW 'T޺B{;ll*p:p:nz Ce#= '.ȿ4R0ౖ0n}~ a[ JЖE{3;Z TH`_tSbDp׿%;NTY kbx)VS_S~'U*h:.vM ψS"q$}uI^.S=ͅjЌQAeya (흼ff|9yBjZ␌" F &3 Bk"Ϣ)kbvHZAy28GiGiſ W~y gw{oHI%l^Kk*;u&T:.E AԜxYFo-X#]liX̗X  09Ht%5YAG(l1$N) xܽgN}y)t|(p`E{u^l }K=z|M(p'h D ;2!yF~p&?#ΐ;>YF]3j+›ÇPr$wBEdc AZD{uf% & û`ntZYOvѦ%< .er u~K⧌P$z 9tAGNHF-{c{dK5 /#Aqq1ɧs-Ytƅ%g:5q!\ -@wᾮ|zAL$|rx[C9,f=aE i" KϤ(| :\g}HLSHi0F'.uXãhVcI(!)L Pݻdm%Q*)၆m~^8Cc`Cj-a!df}7is`7kΨϨ\4/:8iyߙnw3EUj/ lBwvu.A0a ]]g[%0lcoEA) A7V;PH';As٥5?zBQL2.RL `ƊW@5e? Az2̍LU%#RGhDo诣;ήMd>e/m܃ShT%֯|dՃs<7`Tj*X!38mXgaz)8j -0; ]_.XY/\1츤Oi&-NhL~Lсsur`A&&py-@`^^,aH+k>;τHI :0hbZt p#UWkr50z;qޚ䀽Jw5&^>2Nԡ\ |g89vֿwp&[#I EE_Zz'S Sbf-$eISB- v}۸gI+pғk~pq߸t;Q(CVQM`szO$p['G¿Y=hH%%4Nׁ҃Gm s+bӼnL>WS64;;}!BT^\XF(] y*5Dn%5^unTjsuC2AVYO`_ق wqy؄ >є 1DB&`I ނE ٕ kG%&P㝎Xa,=.+}6FHdY<Uo؆NϘ%U$>v[$M_-c*)w;]pNpvܰD~L~ŝՖ^K96\?Qo:JZu=l?33È`M:TX'Zpn5jb R/zot-5JO+6K5aE^w*VR#2hL VSw.k.J1c7Tpn)YYi D5z"9!|x7)~gHT:2/չRpw*yޙY|[I:n2Fn'a,ߠko];k]11+!:DG=_d CT·r2mdfy}pwX D^"N l)TJu4#EM7EG:wTAUS}c|-v,T[abF`JMXա]w!װ5ecqN>uʯ{I0i}2h>JgHU>MM& "}3il*Y(A$dJ{r~/ڣޏm(ʙ1`FCrHcM7VA=b BH`>1v 䵆Egan>V  ?_O߯u;="M/"螌 J$c!r/t?ق+uK _X7S5T8MO!P]#ܠ - -?tՐ%<"LHKqL[H؛IG5rYv^8-6)5_ t)a̛"(H厩1+f$jʌ[PUh!o4"Ty?GyNt~OJ ޔ++?ם9xN!2TsBE֫y"nA{tŚaY>-UiuQC71T{@%{W#~cwY$nc_a未pn7ay/ؚ8;$'Ne-Dhw1'?Nl@`Ogiu> "ژǏ9k׺̥tμ3+$^}>5nb9XV ʉ"Ag`N78YO%3V]h|7EDpkjk`6Y\L>CѝG!8A X*&EurseC&+*J3i!7*`*bX*$rhҀB I^"nɜ+7(O#1&t#zM-Ƀ,hCpHVZ/ƪR)\GI`Բ?SP}ǜО9Μi&pl=P*ޏTW'L^ya&ѯ9Lw^tL%|J퉵t&˩z&xNWíC(N*idžo*Jh+ ?,sQM{R|]i cbAWP~)O93|+~?A^sH]g;G@+wWup |.Nm['%5DFYX0kl^8jo^P5gz'etx|C_= v{U U.;]?nl8 [)'`V׏^X ?uF"px&.wfa$"Oi=ɛUZ:Kt/a`x6{G3 K T+\A貘YI&)4O Rq35eL5$rI $#hw7QO}B>cwa;|TEm:(Kd+J^A!nP oi!9 Rp`9@ kV2.E##J<,bdDpl79q;\=b6͹Wk6Q]C#T~:'Ut 1ȑ  gWn["w=d]`H5ߚJax;K~TWBlf1F~fB2U+sm՗*bhΎN2Xq8UÝV>͍'oU1iɄ!WuN\S+8 |_= U^W%H{ ZIΰg=zBB,Q, *"| b=0i̱N# t(g,@%l7^QIˌQknP<^n $1ly~cˏ/(&/G\__=[ƔiSLH^mVWΕ&jK~cȘ/Q#s5bC< ʅ~\hIwG ɒjxno3U3|*4ZapZ@AĘ`,?X\ҟZ3at,jOQAusK_OyJYXa3I4FD?,Ah$sXѰ}]<>\yrZvӿsȺ$^TM]gt뗁dӵ,Մz ͱ ̅ߛ؟Y7Ë 5"oQzdM,RI.#,ع33D"z6^ Ę+)s&mcdd+U ?b~2.=[ FWCKFrMPܠih2?Hξm䬖uQKX ܮE^AK0Ō8%(Us˹0ڟmy9. PƝ,P}!Bɓ E8ԦY;Ш"*2Z/]SJwNrk1%Kbȣ}G=$e^M,rVƸ_6ɕX1 k-OL'!K]!5:}Ɍ=#?:ȌLgoIFa4gJ]mF'SDR9L *7A:$ =y՗Jt*J:a" hjRv6rF= 8b{W,phBĘuWLoAaBnfcy:bCzծRL#!3q۪gӊ$-\ͭƸ+o IՃB"HѬ(,㽏BCFq{7[RJ9~HeLUgj;$1gE{}]i Gf7#;oܲ+#PCR[+@B- ߠ m!qW }3([Fֹ,չ!؈\D7{*^(H=eJ<=ܕ-.iDb} F$F,GA:" -I7Y {2(7_ U JHfNttp!z_!``1ޞmZN[̍XL(^_) d`zmz!?'.t(6A&+#L SڞpN;%OLoX6WR~*#ENP (-:y5j/ay 1mZ;e%-({Z ?.Hqhjhe-S`({Xn ,8  R]"2>Dx !G|3Ed^M0=L=qt /xY' 6sxtV. ]~Zٞy Ĭ]ɩ~Wg--fj_<(R((Z?t$!Qf"(/üj޻Qb 47%CRƮǣø/q85kaۡĸi]-Rm=/ߺf4fv_V#(V)zN{nǍdq3b MFwșv(2K0DS)\?3ߞ kcVN&si9ox!6icyk'QIױ@9z+()bT#oAT,,ț+1'._1.7J"Y%?74 oI gumdO$KPJh$l#y4$CYY(P&jobwz`AmtV0s]}1ѩE  7E &dL$~K]VqL9UD)E1mCS2\m>"muM66 ;ؠG 6O+xNBXd݃2I)>Nun$b\:3# -_ܸ޹+ZɜrL).  nAc&; vizm ɬ2aZ:,)Eolc"d:þ{Ȼn#F{&>'1fu Z6҃4Z;eXpAo"νoL~[sZ]HeIB0ńQq|g7< <7oI_S6}~Eb'~0Jh{Vn Hrsq4фŽ MҽLx -q{?ze&j=D5-@ӵH@FWl ꐍW7,K}_?XF"Sfl<[k8%h{ >U(mnJ%Ftped^{Jc`eCcO- ȣEy|RB4Թ YX*Wj8x m#6΂ GLwkK IeagwV^~*2X.P9['Hfƌ;/$FɎ8TGagPq`ܫ iwEq-PD4>DEy]>8%< WEJ(E^YXke '!kz-{ξZ/pE^t-&z4G 99CW\tyvW:ɫiW"e&‘GWkz_(#DeEu~ :3Ҕ 'U$ tj_e0O2ȓ^cZ[X9Ĩ.V1`1^5s&^Gb7aqi/p37yt&ߦ7zM ‘͠ O L_Z恓n{~qÅy%dfH} Ž. ^g^jI7mWvY: (X~A%X X1FV{F٦w>7R#^*6IS;֢K~8pbƉxj3\aaH%MB" y4ՕǶfR(LcjC&#D ;uM%-b@yb4 ~p}K9ԙ/vFW f 42l_+N0:]G˻׺ w|/`L#24fKɷy4"c6m12'Ou㩝7抑ARh'>[sk<⊀YKZTB6Lo'H kO4 6?Tʽ-{ڧ4FJ $ݛg|lyc(?cCˣ=K+9Sxz?lRIfojQq*|sMΑf>hv'%$fSoM^&Bd;2ܝSa-C*rKL>#MyN~qڑ=nԝ{E"<$r:8o|Rս@(d;ė)JБ 9XKyh3v~BBd,0' fONSAŎ4ۖHI+M2:m6ήYv 3WKΙmwiX*ܻ̺g' 8[-tpJNWV6~6]B%Rk!rtLJ&Elom'k)w53Õ?6M6=}C]COskULr׶%a3涂XA}V K$pQAS#>So;=+w# gh\I`" '-`{qM>%spV m-_ {m=n2Um">h@v>ƃV|BTPNT\f1\{H(Y* fv؁=H?PB6s\BvA'ߝ'k$-etPHm+v}Yu!l,`Dos ]meERtFyg.GZF6Ipeo[Fਨ6:q)7RPnOl2W[;^`~+-6-6kz!:/;MU+r)ܐ6$n5>EP'cwG,ٿ)˕ "a3{/9<8x,r.Et#\F?T!':;!J'"ߵ?9DˊLg^'/RK[jLSKj{wH-؛ x!K>t4hJ>v¶q3vN\n]P1+in&c%ٯ[I_A'/rU" 1Yw/++QNDB.VH}BCO]/0vfu6(,eMED -LlGm@xblS|r&1%.ekEeA\m-3VyM:f{_O"@$ww|ߙM.q._)B|kIVM9P^ 5 tZp.%ӝe1AۛAd ǂ6>cK jOBsZWq+{~X`,5p7ө9ն> WZK 7[GJ]-yd%$ >>o1,};{8Tl0-vʱ[kx+{8_z izm$I\/[ܨxB*Օ ao&dfn'sDI+ ytq~gbsGUm~{ XXˑ WOg *Y0ˠ})RO亹}c'b-DvӈBb4pͧlT,`30Ƹ!э`* bZS$H-/u=L&HJbr\x,IVh]Zۼ4Gr, ElD<wv-=kԒCk4?P'nmJU ŬCB#RPmh1:Xk\[<`]1g>| byN `Γ+E&yXaC1hTa)f9yd2:PFrA`w6JԀR4*7C&C_4Kty8T`Ѱ";1,iϩ#gHԧFAJK~49i sTPFS(O }0 $Ra ݬH@;)LNܕ*~!ڨ؍I&&7$PpsG.uT8qt?~Kn3YhZk5ۼR}6GLT}<{,bJĉ'Rcrjװc]&ncwMe:$!BROx'YJAykP}'؆Lѝ Pb3xg"@O1+| '-իq(W be9p'6 ΈI:砤yDPQ&&WR_n]zd[7\¿PvJOu5:W`(_ls PYt1r1yC A0+%_ DA j6J I_0:YcxO>X#s9G#qɧAo百'2\TYi7ك6aJ8ܲk|䙑'CKm}`1Z^:*/L(: bN}'zNHOJ䞋KNʷ:`@8pQp!?(Vi9"Vq{8%T8\ɗQ5MZsQz@dX p7?8%Mڭr R&/HbIy6vn l]7,;1]{rgr#%Yqa$=Io㣤;6p<7g:>[e~ _/s@C #4k$ă_eA:h;%Zi0~&vΉ=IOD2 AWW(׺/3 GOB^>BE|X2jEyݰXyrU7K7FĩHzt[{)Ft*" w_E[`q51Ԧ̽Ix1Vz[8 * FirX/^xz@.ݑ/EJBa~-\E#^X1p UE)͎WtYg1gv[x-ӟW(/C+LXn05^f*,@zޥV$odEJJA`Xo ?s4"Kq [rHW$jČF"Y&!\EXM,X]bjePZQϜU`[hP1:aRn}8OAz̾p9iqL2J2:"yp[Ad(jkO=ݼ/_Mm`aSX$5$cE(@8βcR 5ɖ7 AƶE:X9n9byhꪵ*n7m[fo0F[TB:ܴxTxU4dG5R|jwq# B,ԛ Q<{䅓r=l|IT ƨ\;&<1p>@dQ hz*Ő@ i?fXzgeJ(oNo6k%z 0'=tCmG*Sm\<Ҳ%h{{<  Q9k. 7c87_sޘdE@Sg>KI$U ?'f$I xغ-:E5fUJ4Zɏ(O5` 'Ck1w5M@@BK@#$X=p$(e@,oK[.%>.bQII"#(:K P^l=$P(d2 CңSJ7e#3]*=vBr>!wl⑲b"72/>$!eY@Y}g-SՔ eJ3+꽜ulO> }bbH;< )h>B{-CL=B.K9!P(ti&"Sy^X& ara2u Wy. HE"7q4V43v. Dpb@\J6GŒ9t[&:.3|T "?:a 5űm64oHR9qZ[a¶H4 ;, L.L7βڐYbSJ!'uW!r)mG]B l-1 u A{XmM@HA\ nhGT~Dop)gc [TQ6phz̷ٓi[v768';|daLɚ_`tt8NC/o-Nz,H(`;*'Np[Fp?@@LFz2ÁY* Ʈa|12! AT.жIx}^0~Iw{*3I8ɣ6eVnΜdw02rwCZQM@^W>:٠v<ꌙvۅnxI飰yOؗI*;C0gw]U/3XOjEu!؏[6Vj3wAPǩôETx46 jY%OES+uTDXLUYaU\'|HLk"UszH+ꖘQܿͨ,݌ 3kWo0m+8o _' ouõ2D=5)6"?)lSkȸY< LLiPuS6[86f(W?>6:8y"-̅C3"[C+JF-; h==|-1M7Kgexn(Ġw$B@w92"hܙ /תFpxrCtSﭢyG3]51{_U2e y!*p`U_k1c6/8yo љ,L&+2}ŸD:b̯at,v˴.YpST_x G"VHkomq̕yu X(,p'?>$aCarQ(XntF2{Z0;TGV @B8 QC ?euLlƆ$c4{a0sIydDwğ6jǔfk8L;C#:1zl[Vp}. |Ɠi=.@ ߍdEhTXŖwcwPk<Rϻ:H<_F1j=$v4v .Wb*K6UT؝@6Uwf>cS'S£Q^0_>[3PpB#ΧeGZo=K?X?bHiňpN)̅55d[&ɼC!)~=.rK@URL1Zg)@Ny ( |tAe0wt-NQDuHɻH w+1WS%P,V tTGa>&/2I x<͢d^ipׇJI_/'ƿρm!ʼ]#-5**SrVGSlNbY;FJr?wuxRPfTu i0 l',JPK¤_ ȧ+BOf)b[F^%I_ p93^rfI=G2W5}X]׿z1O% RcW0ESNJg}c_[豇&=\|l<=I<7=RW!(p>ms>Ěj-vjxx ʲ7ԟUߨ5+.%νpq Ż;nD-;&|)ϣD(j"`8IngD:&..UhB'Abwd.(oK!wmޱ0jJJD8]#ۙ=rFd7*R0X 4LC@OgJ!KǨ #;'kC&8FFQ$[~'aZJu򃫺<.|XӗUJ:F#lP#S!GA;O´7e Ĉ#Ph&?/Tk<2*UC:fDڄۥͳǏsa2r.Q]Ya᜖(K=5OQ`c" _7kYyQSmTƅ&jF)Ĉaj5LaWoMI7k9LF}_VtpaXtA䤜d5}? {0f>QB =#H4ˈ59ũ~dO?x d%-@JГF?Z 4[patvB/G]"T =T `~ X=|ID`ݠXhKw~V0L%g!0R-۟,/H+}=GQ7zq̬3|S=,g t`ܥ`..wT[EFd5<4J_i\S(_(uD3/_˭tb!Ǻ3Hck$܃ A ѩf5 J"7c:|8!1 @;k٦PļF!]"9㼤L0hIZ&ϻ>z{VYd//XA@T*5d/_L!8ߎgrNjArD$MǬJ"7}I;߮=b> 40׼I8Zg^!}Zgb3lxwA vz}*cN p}jc*Iz,|;OqƐx?ȳ"W"$ԧӼ3gд8L#<(mA6KJ볺[%ÊZcmZ\ϵy"ۈ[_Ɂ@@i& T}%yλٜGhv%Wy4> xw}o)lۣ~ݣf*ϑbj>Ģ>`Ci1 X)E`=_b*|B-yŻƈV@# K(.I33郝Uz=w0ABM:Y@>@x:?9VxNBb5Kxmj~ierbR~o涛 8C|2Ja?gܣE-XyhQƞrv d ڀ'[5mzp4]23EHEIDO/e% #v5yS$[r7q qfӛGHhILEf6H-5N7FkW 8ћ#+ߠ"cdߗϮL,L݇K3 | 'م>r|Ϟ·>gPnvV >m=W 1+ n(Y<B>o<8I kpbY{٢ˌJ?&zqg)vF nBToT>ܐQt5EFBe_p~Taa4"_Sx/BtF2iTd;,!K*/[tRH/ ^ I6ӲdDJJ2rY7]U0 i!NQd3WmY~-NnUQlsM'aV7Vvw <3Fs5*Kώ04-s(vkp]/-'ȬmXxygoD/Nʉp9Úw)=DbL-ϼ`i0ܯ)2`!%qRpr-d)@d\N3̭jTAkT##O4͚JUz!Qg->8viO?K:kW|J<,2'#iaxZ7^&迢ٛ/Ä_+__0VX'ǂ!Z.XllmP+zoϷn3~-hkAWB*}5.Yl9#УJ@E`g ׌yn+cb4#%dWib5qOTXC)AC? q:~!]b -. L\g O#_(`5ĥʠfZyVO/iQ\y3JB\ Y5PbD f[10Ŭk?(ЋGarGaĪɏC!.^MD`u'qv}_oRk o6@ pʍZX9^CVް=)cSJ,zJj?"_P #^ҳn@UZL; .Uc8NP5*\_խ (S3hmS n/R$Ϳ*%6ڢėQzpPlu-F6H{4§?V >!F:x1[Փ&wtjNDt7mאx1SYu>_3|?-/!# DLxQ/U=cPGM7 cSXO4+YB4,ZOʶTe.l , {x&^bёsk5W;9ѤL<,FQaIgLnDkoRs1מׅx =]J- Hg6uAh uc"#+weOD\%[ȳ_묛5웄мOYoO<>py@ig2y0,(?7t&^'N82l2yfH;67= \ 4c.3-3yr T(ԮO5@j % %|[F=6ASqISa /~noek_$bƢt+8 ioڥMR9His\AV#`LBfOG 29+RԞ\Gv}15"^*#nbuH7"7mOy7?O @yuCY!7EGATTO6XeзKs7E&پa6\ۚG%?S}k!*0J?!%Vs` 파iفpQ~plt2ύҖ&c˖!%_.Gۭ?[?w*bx61W2smg$+Pֿuܵ{l޹Y߸`:~"k#}H[Nl6^Å濫D DVw0_JӇNO} ǚKoB4LDHuh[i8DμӀWF#-年\K^Qγvw[uZ*^Cz_Es-'jɛ;¡bE.=F(n 'P2}i_E_FL u7όp鈹ug7P hK q'z ?=,vuUtF++$.#`YR К]?,9l0ݢI&.E0CF(m0GN$Q-XYu##WgTmpfmUzBF}%ݸX&B'Ak: BgkOes}a6I*ev?qu&U G#zt~tg-MkWW=n("Fk \5[Cv!5F_t/C~ S D`|& A,Ua㹇On}-6@B\pw89kB2eȓ# ϶®\f:.ۗtDfJ4k.kZ92TJP2B0ѭo'R+2ZkmCSgCJO W8ÄA!'h{IO0e2g]"9skm&cwGh<>D.g5SP%0 hzr4pms)’vQAS>}rvLC/g,V&x>0U/>˔ËG'c@FUbEU#w /Swh ;211EC8l꫌A;mGIX"'[W8EucCc7V"ݼ%ɷ2ĔrKdOÿ(:hADy{o*dߒ1Y'P 2I5,iYo:d[80&e4 x)#]{]f?5ƯWm!9 >l5#(a mkr{Qhᦘ*8%6~(,it PzhoCZs0Oh;7oGzX}_ʌB FeeBd*hת]DgC"@wbba+  e]BkEJCJ3Ywz+ ^t=u|4}4" 4Yo YZ