libselinux-python-2.5-12.fc24$>J[Zj3MF)>:Kn?K^d  G %TZ`x      *HhN(89:dGGHG IG8XG@YGH\G`]Gx^GbH dI eIfIlItI0uIHvI`wJxJyJKTKXClibselinux-python2.512.fc24SELinux python bindings for libselinuxThe libselinux-python package contains the python bindings for developing SELinux applications.X4buildvm-20.phx2.fedoraproject.org &Fedora ProjectFedora ProjectPublic DomainFedora ProjectDevelopment/Librarieshttps://github.com/SELinuxProject/selinux/wikilinuxi6868A큤X4X4X4X4X4X47da32c5fac0f2a4e5f72e6e586b6fb9657e3259c8f99daf9ddd113add1385e39eadcc2351c54e3db3c0239e5ed502581fd46bd299081e9b21cf98a783e21be1e6750c9204d700aeefd571a5a868583d3ca16432fd7262286492f694ca223cc8b6750c9204d700aeefd571a5a868583d3ca16432fd7262286492f694ca223cc8b92fa2e36256f74512beb02af45e7dcc3f4c35bd3a98615159bd3b1b9d17ded72rootrootrootrootrootrootrootrootrootrootrootrootlibselinux-2.5-12.fc24.src.rpmlibselinux-pythonlibselinux-python(x86-32)@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libselinux(x86-32)libselinux.so.1python(abi)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.5-12.fc242.73.0.4-14.6.0-14.0.4-14.0-15.2-14.13.0-rc1WH@W9W@Wq@Wm Wk@W,@W'A@W#LW@VяVIVɦV=@VVii@V@V UU@U4@Ua@UQ@U8U6;UTS@S@SSShShSXS 4@S@R@RUR&RʚRkR%R@RMUM@M@M@M@MlMQ0@MGM5ML@L-@L@L*@LLq@LN@LF@L$@KKKrK@KKqK}+KTM@KA@K@JJJJG@JG@JG@JjJS8JS8JB@J@JMIܑI@IԨIbI̿I@IV@III@I@I2I@IcGIcGIcGIG@IG@IBR@I1.I!\I!\I-HHHe@He@He@He@H@HHH@Ht@HsVHgy@H^>H^>H-w@H!H @H@G@GG#GF@G@GGƢ@GƢ@G­G@GGD@G@G@G@G,@G,@G@GG@GZ@GZ@GeGeG|@G|@GO@GO@G<4G<4G0W@G'@FF@FIFFFFF&@FF@FvFFS@FF@FF]F@FtFFzh@Fw@Fm9@F` @F; @F-@F,F@F@FF*FF @F @FoE@EE@E4@EE?Eɿ@EEEEElEx@E&E=E=E@Ex@EvEnEYEK/@E>@E4EE EgEgEDfDDDDq@D@DB@DB@DB@DB@D{DDX@D4D4D4DD@D@D~D~D|3DvDu@Dr@Dr@DlaDk@DiD`@D_2D_2DX@DWID?D;@D'Dj@C@CCC-Cǖ@Cǖ@C[CCC8@C@CC @CCqC @CCCC@CBC@C@C|pC|pC{@CyCp@Cp@CoACkM@CiCf@C_oC_oC^@C^@CX@CWCS@COCFc@CFc@CECECBnCA@C;@C:C*C&@C&@C%mCC@CC C a@C a@C&B=BۙB@B@Br!Br!Br!Bn-@BgB] B] BZfBS@BQ,@BIC@BAZ@B9q@B9q@B06B-B$Y@B#BB@B@B LB LBBAA)@A@A@AA@A@A@AyAҜ@AJA@A`A`AA@AA@Ak@AAA@AvA@AAoA]FA]FAQi@AN@AI@AF@AF@AA@A>@A>@A7 @A7 @A5A4h@A3A3A/"@A-A+-A(A$@A!@A A A@A@@@q@7@@@@6@@@A@)@@@@@@@@@~y@@~y@@~y@@}'@s@@s@@s@@l@@ia@@b@b@b@O@@O@@Dw@@9@@,@@ @/@@???E@?E@?٭???q@??@?@?@?}d?z?a@?M?D@>S@Petr Lautrbach 2.5-12Petr Lautrbach 2.5-11Fedora Release Engineering - 2.5-10Petr Lautrbach - 2.5-9Petr Lautrbach - 2.5-8Petr Lautrbach - 2.5-7Petr Lautrbach - 2.5-6Petr Lautrbach - 2.5-5Petr Lautrbach - 2.5-4Petr Lautrbach - 2.5-3Petr Lautrbach 2.5-2Petr Lautrbach 2.5-1Petr Lautrbach 2.5-0.1.rc1Fedora Release Engineering - 2.4-8Vít Ondruch - 2.4-7Petr Lautrbach - 2.4-6Robert Kuska - 2.4-5Petr Lautrbach 2.4-4Petr Lautrbach 2.4-3Adam Jackson 2.4-2Petr Lautrbach 2.4-1.1Fedora Release Engineering - 2.3-11Petr Lautrbach 2.3-10Petr Lautrbach 2.3-9Petr Lautrbach 2.3-8Than Ngo - 2.3-7Vít Ondruch - 2.3-6Miroslav Grepl - 2.3-5Fedora Release Engineering - 2.3-4Fedora Release Engineering - 2.3-3Kalev Lember - 2.3-2Dan Walsh - 2.3-1Miroslav Grepl - 2.2.2-8Vít Ondruch - 2.2.2-7Dan Walsh - 2.2.2-6Dan Walsh - 2.2.2-5Dan Walsh - 2.2.2-4Dan Walsh - 2.2.2-3Dan Walsh - 2.2.2-2Dan Walsh - 2.2.2-1Adam Williamson - 2.2.1-6Dan Walsh - 2.2.1-5Dan Walsh - 2.2.1-4Dan Walsh - 2.2.1-3Dan Walsh - 2.2.1-2Dan Walsh - 2.2.1-1Dan Walsh - 2.2-1Dan Walsh - 2.1.13-21Dan Walsh - 2.1.13-20Dan Walsh - 2.1.13-19Dan Walsh - 2.1.13-17Fedora Release Engineering - 2.1.13-17Dan Walsh - 2.1.13-16Dan Walsh - 2.1.13-15Dan Walsh - 2.1.13-14Dan Walsh - 2.1.13-13Dan Walsh - 2.1.13-12Dan Walsh - 2.1.13-11Dan Walsh - 2.1.13-10Dan Walsh - 2.1.13-9Dan Walsh - 2.1.13-8Dan Walsh - 2.1.13-7Dan Walsh - 2.1.13-6Dan Walsh - 2.1.13-5Dan Walsh - 2.1.13-4Dan Walsh - 2.1.13-3Dan Walsh - 2.1.13-2Dan Walsh - 2.1.13-1Dan Walsh - 2.1.12-20Dan Walsh - 2.1.12-19Dan Walsh - 2.1.12-18Dan Walsh - 2.1.12-17Dan Walsh - 2.1.12-16Dan Walsh - 2.1.12-15Dan Walsh - 2.1.12-14Dan Walsh - 2.1.12-13Dan Walsh - 2.1.12-12Dan Walsh - 2.1.12-11Dan Walsh - 2.1.12-10Dan Walsh - 2.1.12-9Dan Walsh - 2.1.12-8Dan Walsh - 2.1.12-7Dan Walsh - 2.1.12-6Dan Walsh - 2.1.12-5Dan Walsh - 2.1.12-4Dan Walsh - 2.1.12-3Dan Walsh - 2.1.12-2Dan Walsh - 2.1.12-1David Malcolm - 2.1.11-6David Malcolm - 2.1.11-5Fedora Release Engineering - 2.1.11-4Dan Walsh - 2.1.11-3Dan Walsh - 2.1.11-2Dan Walsh - 2.1.11-1Dan Walsh - 2.1.10-5Dan Walsh - 2.1.10-4Dan Walsh - 2.1.10-3Dan Walsh - 2.1.10-2Dan Walsh - 2.1.10-1Dan Walsh - 2.1.9-9Dan Walsh - 2.1.9-8Dan Walsh - 2.1.9-7Kay Sievers - 2.1.9-6Dan Walsh - 2.1.9-5Harald Hoyer 2.1.9-4Dan Walsh - 2.1.9-3Dan Walsh - 2.1.9-2Dan Walsh - 2.1.9-1Dan Walsh - 2.1.8-5Dan Walsh - 2.1.8-4Dan Walsh - 2.1.8-2Dan Walsh - 2.1.8-1Dan Walsh - 2.1.7-2Dan Walsh - 2.1.7-1Dan Walsh - 2.1.6-4Dan Walsh - 2.1.6-3Dan Walsh - 2.1.6-2Dan Walsh - 2.1.6-1Dan Walsh - 2.1.5-5Ville Skyttä - 2.1.5-4Dan Walsh - 2.1.5-3Dan Walsh - 2.1.5-2Dan Walsh - 2.1.5-1Dan Walsh - 2.1.4-2Dan Walsh - 2.1.4-1Dan Walsh - 2.1.0-1Dan Walsh - 2.0.102-6Dan Walsh - 2.0.102-5Dan Walsh - 2.0.102-4Dan Walsh - 2.0.102-3Dan Walsh - 2.0.102-2Dan Walsh - 2.0.102-1Dan Walsh - 2.0.101-1Dan Walsh - 2.0.99-5Dan Walsh - 2.0.99-4Dan Walsh - 2.0.99-3Dan Walsh - 2.0.99-2Dan Walsh - 2.0.99-1Fedora Release Engineering Dan Walsh - 2.0.98-3Dan Walsh - 2.0.98-2Dan Walsh - 2.0.98-1Dan Walsh - 2.0.97-1Dan Walsh - 2.0.96-9Dan Walsh - 2.0.96-8jkeating - 2.0.96-7Adam Tkac - 2.0.96-6Dan Walsh - 2.0.96-5Dan Walsh - 2.0.96-4David Malcolm - 2.0.96-3Dan Walsh - 2.0.96-2Dan Walsh - 2.0.96-1Dan Walsh - 2.0.94-1Dan Walsh - 2.0.93-1Dan Walsh - 2.0.92-1Dan Walsh - 2.0.91-1Dan Walsh - 2.0.90-5Dan Walsh - 2.0.90-4Dan Walsh - 2.0.90-3Dan Walsh - 2.0.90-2Dan Walsh - 2.0.90-1Dan Walsh - 2.0.89-2Dan Walsh - 2.0.89-1Dan Walsh - 2.0.88-1Dan Walsh - 2.0.87-1Dan Walsh - 2.0.86-2Dan Walsh - 2.0.86-1Fedora Release Engineering - 2.0.85-2Dan Walsh - 2.0.85-1Dan Walsh - 2.0.84-1Dan Walsh - 2.0.82-2Dan Walsh - 2.0.82-1Dan Walsh - 2.0.81-1Dan Walsh - 2.0.80-1Dan Walsh - 2.0.79-6Dan Walsh - 2.0.79-5Dan Walsh - 2.0.79-4Dan Walsh - 2.0.79-3Dan Walsh - 2.0.79-1Dan Walsh - 2.0.78-5Dan Walsh - 2.0.78-4Dan Walsh - 2.0.78-3Dan Walsh - 2.0.78-2Dan Walsh - 2.0.78-1Fedora Release Engineering - 2.0.77-6Dan Walsh - 2.0.77-5Dan Walsh - 2.0.77-3Dan Walsh - 2.0.77-2Dan Walsh - 2.0.77-1Dan Walsh - 2.0.76-6Dan Walsh l - 2.0.76-5Dan Walsh - 2.0.76-4Ignacio Vazquez-Abrams - 2.0.76-2Dan Walsh - 2.0.76-1Dan Walsh - 2.0.75-2Dan Walsh - 2.0.75-1Dan Walsh - 2.0.73-1Dan Walsh - 2.0.71-6Dan Walsh - 2.0.71-5Dan Walsh - 2.0.71-4Dan Walsh - 2.0.71-3Dan Walsh - 2.0.71-2Dan Walsh - 2.0.71-1Dan Walsh - 2.0.70-1Dan Walsh - 2.0.69-2Dan Walsh - 2.0.69-1Dan Walsh - 2.0.67-4Dan Walsh - 2.0.67-3Dan Walsh - 2.0.67-2Dan Walsh - 2.0.67-1Dan Walsh - 2.0.65-1Dan Walsh - 2.0.64-3Dan Walsh - 2.0.64-2Dan Walsh - 2.0.64-1Dan Walsh - 2.0.61-4Dan Walsh - 2.0.61-3Dan Walsh - 2.0.61-2Dan Walsh - 2.0.61-1Dan Walsh - 2.0.60-1Dan Walsh - 2.0.59-2Dan Walsh - 2.0.59-1Dan Walsh - 2.0.58-1Dan Walsh - 2.0.57-2Dan Walsh - 2.0.57-1Dan Walsh - 2.0.56-1Dan Walsh - 2.0.55-1Dan Walsh - 2.0.53-1Dan Walsh - 2.0.52-1Dan Walsh - 2.0.50-1Dan Walsh - 2.0.49-2Dan Walsh - 2.0.49-1Dan Walsh - 2.0.48-1Dan Walsh - 2.0.47-4Adel Gadllah - 2.0.47-3Dan Walsh - 2.0.47-2Dan Walsh - 2.0.47-1Dan Walsh - 2.0.46-6Dan Walsh - 2.0.46-5Dan Walsh - 2.0.46-4Dan Walsh - 2.0.46-3Dan Walsh - 2.0.46-2Dan Walsh - 2.0.46-1Dan Walsh - 2.0.45-1Dan Walsh - 2.0.43-1Dan Walsh - 2.0.42-1Dan Walsh - 2.0.40-1Dan Walsh - 2.0.37-1Dan Walsh - 2.0.36-1Dan Walsh - 2.0.35-2Dan Walsh - 2.0.35-1Dan Walsh - 2.0.34-3Dan Walsh - 2.0.34-2Dan Walsh - 2.0.34-1Dan Walsh - 2.0.33-2Dan Walsh - 2.0.33-1Dan Walsh - 2.0.31-4Dan Walsh - 2.0.31-3Dan Walsh - 2.0.31-2Dan Walsh - 2.0.30-2Dan Walsh - 2.0.30-1Dan Walsh - 2.0.29-1Dan Walsh - 2.0.24-3Dan Walsh - 2.0.24-2Dan Walsh - 2.0.24-1Dan Walsh - 2.0.23-3Dan Walsh - 2.0.23-2Dan Walsh - 2.0.23-1Dan Walsh - 2.0.22-1Dan Walsh - 2.0.21-2Dan Walsh - 2.0.21-1Dan Walsh - 2.0.18-1Dan Walsh - 2.0.16-1Dan Walsh - 2.0.14-1Dan Walsh - 2.0.13-2Dan Walsh - 2.0.13-1Dan Walsh - 2.0.12-2Dan Walsh - 2.0.12-1Dan Walsh - 2.0.11-1Dan Walsh - 2.0.9-2Dan Walsh - 2.0.9-1Dan Walsh - 2.0.8-1Dan Walsh - 2.0.7-2Dan Walsh - 2.0.7-1Dan Walsh - 2.0.5-2Dan Walsh - 2.0.5-1Dan Walsh - 2.0.4-1Dan Walsh - 2.0.2-1Dan Walsh - 2.0.1-1Dan Walsh - 2.0.0-1Dan Walsh - 1.34.0-2Dan Walsh - 1.34.0-1Dan Walsh - 1.33.6-1Dan Walsh - 1.33.5-1Dan Walsh - 1.33.4-3Dan Walsh - 1.33.4-2Dan Walsh - 1.33.4-1Dan Walsh - 1.33.3-3Dan Walsh - 1.33.3-2Dan Walsh - 1.33.3-1Jeremy Katz - 1.33.2-4Dan Walsh - 1.33.2-3Dan Walsh - 1.33.2-2Dan Walsh - 1.33.2-1Dan Walsh - 1.33.1-2Dan Walsh - 1.33.1-1Dan Walsh - 1.32-1Jesse Keating - 1.30.29-2Dan Walsh - 1.30.29-1Jeremy Katz - 1.30.28-3Dan Walsh - 1.30.28-2Dan Walsh - 1.30.28-1Jeremy Katz - 1.30.27-2Dan Walsh - 1.30.27-1Jesse Keating - 1.20.26-2Dan Walsh - 1.30.25-1Dan Walsh - 1.30.24-1Dan Walsh - 1.30.22-2Dan Walsh - 1.30.22-1Dan Walsh - 1.30.20-1Jeremy Katz - 1.30.19-5Jeremy Katz - 1.30.19-4Dan Walsh 1.30.19-3Dan Walsh 1.30.19-2Dan Walsh 1.30.19-1Dan Walsh 1.30.15-5Dan Walsh 1.30.15-4Dan Walsh 1.30.15-3Dan Walsh 1.30.15-2Dan Walsh 1.30.15-1Dan Walsh 1.30.12-2Dan Walsh 1.30.12-1Dan Walsh 1.30.11-2Dan Walsh 1.30.11-1Dan Walsh 1.30.10-4Dan Walsh 1.30.10-3Dan Walsh 1.30.10-2Dan Walsh 1.30.10-1Dan Walsh 1.30.8-1Dan Walsh 1.30.7-2Dan Walsh 1.30.7-1Dan Walsh 1.30.6-2Dan Walsh 1.30.6-1Dan Walsh 1.30.5-1Dan Walsh 1.30.3-3Dan Walsh 1.30.3-2Dan Walsh 1.30.3-1Dan Walsh 1.30.1-2Dan Walsh 1.30.1-1Dan Walsh 1.30-1Jesse Keating - 1.29.7-1.2Jesse Keating - 1.29.7-1.1Dan Walsh 1.29.7-1Dan Walsh 1.29.6-1Dan Walsh 1.29.5-2Dan Walsh 1.29.5-1Dan Walsh 1.29.4-1Dan Walsh 1.29.3-2Dan Walsh 1.29.3-1Dan Walsh 1.29.2-4Dan Walsh 1.29.2-3Dan Walsh 1.29.2-2Dan Walsh 1.29.2-1Dan Walsh 1.29.1-3Jesse Keating Dan Walsh 1.29.1-1Dan Walsh 1.28-1Dan Walsh 1.27.28-2Dan Walsh 1.27.28-1Dan Walsh 1.27.26-1Dan Walsh 1.27.25-1Dan Walsh 1.27.23-1Dan Walsh 1.27.22-4Dan Walsh 1.27.22-3Dan Walsh 1.27.22-2Dan Walsh 1.27.22-1Dan Walsh 1.27.21-2Dan Walsh 1.27.21-1Dan Walsh 1.27.20-1Dan Walsh 1.27.19-1Dan Walsh 1.27.18-1Dan Walsh 1.27.17-4Dan Walsh 1.27.17-2Dan Walsh 1.27.17-1Dan Walsh 1.27.14-3Dan Walsh 1.27.14-2Dan Walsh 1.27.14-1Dan Walsh 1.27.13-2Dan Walsh 1.27.13-1Dan Walsh 1.27.12-1Dan Walsh 1.27.9-2Dan Walsh 1.27.9-1Dan Walsh 1.27.7-1Dan Walsh 1.27.6-1Dan Walsh 1.27.4-1Dan Walsh 1.27.3-1Dan Walsh 1.27.2-1Dan Walsh 1.27.1-3Dan Walsh 1.27.1-2Dan Walsh 1.26-6Dan Walsh 1.26-5Dan Walsh 1.26-3Dan Walsh 1.26-2Dan Walsh 1.25.7-1Dan Walsh 1.25.6-1Dan Walsh 1.25.5-1Dan Walsh 1.25.4-1Dan Walsh 1.25.3-2Dan Walsh 1.25.3-1Dan Walsh 1.25.2-2Dan Walsh 1.25.2-1Dan Walsh 1.24.2-1Dan Walsh 1.24.1-1Dan Walsh 1.23.11-1Dan Walsh 1.23.10-3Dan Walsh 1.23.10-2Dan Walsh 1.23.10-1Dan Walsh 1.23.8-1Dan Walsh 1.23.7-3Dan Walsh 1.23.7-2Dan Walsh 1.23.7-1Dan Walsh 1.23.6-1Dan Walsh 1.23.5-1Dan Walsh 1.23.4-1Dan Walsh 1.23.2-3Dan Walsh 1.23.2-2Dan Walsh 1.23.2-1Dan Walsh 1.23.1-1Dan Walsh 1.22-1Dan Walsh 1.21.13-1Dan Walsh 1.21.12-1Dan Walsh 1.21.11-2Dan Walsh 1.21.11-1Dan Walsh 1.21.10-3Dan Walsh 1.21.10-1Dan Walsh 1.21.9-2Dan Walsh 1.21.9-1Dan Walsh 1.21.8-1Dan Walsh 1.21.7-1Dan Walsh 1.21.5-1Dan Walsh 1.21.4-1Dan Walsh 1.21.2-1Dan Walsh 1.21.1-3Dan Walsh 1.21.1-2Dan Walsh 1.21.1-1Dan Walsh 1.20.1-3Dan Walsh 1.20.1-2Dan Walsh 1.20.1-1Dan Walsh 1.19.4-1Dan Walsh 1.19.3-3Dan Walsh 1.19.3-2Dan Walsh 1.19.3-1Dan Walsh 1.19.2-1Dan Walsh 1.19.1-6Dan Walsh 1.19.1-4Dan Walsh 1.19.1-2Dan Walsh 1.19.1-1Steve Grubb 1.18.1-5Dan Walsh 1.18.1-4Dan Walsh 1.18.1-3Steve Grubb 1.18.1-2Dan Walsh 1.18.1-1Steve Grubb 1.17.15-2Steve Grubb 1.17.15-2Dan Walsh 1.17.15-1Dan Walsh 1.17.14-1Dan Walsh 1.17.13-3Dan Walsh 1.17.13-2Dan Walsh 1.17.13-1Dan Walsh 1.17.12-2Dan Walsh 1.17.12-1Dan Walsh 1.17.11-1Dan Walsh 1.17.10-1Dan Walsh 1.17.9-2Dan Walsh 1.17.9-1Dan Walsh 1.17.8-2Dan Walsh 1.17.8-1Dan Walsh 1.17.7-1Dan Walsh 1.17.6-1Dan Walsh 1.17.5-1Dan Walsh 1.17.4-1Dan Walsh 1.17.3-1Dan Walsh 1.17.2-1Dan Walsh 1.17.1-1Dan Walsh 1.16.1-1Colin Walters 1.16-1Dan Walsh 1.15.7-1Dan Walsh 1.15.6-1Dan Walsh 1.15.5-1Dan Walsh 1.15.4-1Dan Walsh 1.15.3-2Dan Walsh 1.15.3-1Dan Walsh 1.15.2-1Dan Walsh 1.15.1-3Dan Walsh 1.15.1-2Dan Walsh 1.15.1-1Dan Walsh 1.14.1-1Dan Walsh 1.13.4-1Elliot Lee Dan Walsh 1.13.3-2Dan Walsh 1.13.2-1Dan Walsh 1.13.1-1Dan Walsh 1.12-2Dan Walsh 1.12-1Dan Walsh 1.11.4-1Dan Walsh 1.11.3-1Dan Walsh 1.11.2-1Dan Walsh 1.11-4Dan Walsh 1.11-3Dan Walsh 1.11-2Dan Walsh 1.11-1Dan Walsh 1.10-2Dan Walsh 1.10-1Dan Walsh 1.9-1Dan Walsh 1.8-1Dan Walsh 1.6-6Dan Walsh 1.6-5Dan Walsh 1.6-4Dan Walsh 1.6-3Dan Walsh 1.6-2Elliot Lee Dan Walsh 1.4-11Elliot Lee Dan Walsh 1.4-9Dan Walsh 1.4-8Dan Walsh 1.4-7Dan Walsh 1.4-6Dan Walsh 1.4-5Dan Walsh 1.4-4Dan Walsh 1.4-3Dan Walsh 1.4-2Dan Walsh 1.4-1Dan Walsh 1.3-2Dan Walsh 1.3-1Dan Walsh 1.2-9Dan Walsh 1.2-8Dan Walsh 1.2-7Dan Walsh 1.2-6Dan Walsh 1.2-5Dan Walsh 1.2-4Dan Walsh 1.2-3Dan Walsh 1.2-2Dan Walsh 1.2-1Dan Walsh 1.0-1- Fix -Wsign-compare warnings - Drop unused stdio_ext.h header file - Kill logging check for selinux_enabled() - Drop usage of _D_ALLOC_NAMLEN - Add openrc_contexts functions - Fix redefinition of XATTR_NAME_SELINUX - Correct error path to always try text - Clean up process_file() - Handle NULL pcre study data - Fix in tree compilation of utils that depend on libsepol- Rebuilt with libsepol-2.5-9- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- Clarify is_selinux_mls_enabled() description - Explain how to free policy type from selinux_getpolicytype() - Compare absolute pathname in matchpathcon -V - Add selinux_snapperd_contexts_path()- Move _selinux.so to /usr/lib64/python*/site-packages- Modify audit2why analyze function to use loaded policy - Sort object files for deterministic linking order - Respect CC and PKG_CONFIG environment variable - Avoid mounting /proc outside of selinux_init_load_policy()- Fix multiple spelling errors- Rebuilt with libsepol-2.5-5- Fix typo in sefcontext_compile.8- Fix location of selinuxfs mount point - Only mount /proc if necessary - procattr: return einval for <= 0 pid args - procattr: return error on invalid pid_t input- Use fully versioned arch-specific requires- Update to upstream release 2016-02-23- Update to upstream rc1 release 2016-01-07- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.3- Build libselinux without rpm_execcon() (#1284019)- Rebuilt for Python3.5 rebuild- Flush the class/perm string mapping cache on policy reload (#1264051) - Fix restorecon when path has no context- Simplify procattr cache (#1257157,#1232371)- Export ldflags into the build so hardening works- Update to 2.4 release- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- is_selinux_enabled: Add /etc/selinux/config test (#1219045) - matchpathcon/selabel_file: Fix man pages (#1219718)- revert support for policy compressed with xv (#1185266)- selinux.py - use os.walk() instead of os.path.walk() (#1195004) - is_selinux_enabled(): drop no-policy-loaded test (#1195074) - fix -Wformat errors and remove deprecated mudflap option- bump release and rebuild so that koji-shadow can rebuild it against new gcc on secondary arch- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.2- Compiled file context files and the original should have the same permissions from dwalsh@redhat.com - Add selinux_openssh_contexts_path() to get a path to /contexts/openssh_contexts- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4- Update to upstream * Get rid of security_context_t and fix const declarations. * Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.- Add selinux_openssh_contexts_path()- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.1- Fix spelling mistake in man page- More go bindings - restorecon, getpidcon, setexeccon- Add additional go bindings for get*con calls - Add go bindings test command - Modify man pages of set*con calls to mention that they are thread specific- Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go - Add Int_to_mcs function to generate MCS labels from integers.- Add ghost flag for /var/run/setrans- Update to upstream * Fix userspace AVC handling of per-domain permissive mode. - Verify context is not null when passed into *setfilecon_raw- revert unexplained change to rhat.patch which broke SELinux disablement- Verify context is not null when passed into lsetfilecon_raw- Mv selinux.go to /usr/share/gocode/src/selinux- Add golang support to selinux.- Remove togglesebool man page- Update to upstream * Remove -lpthread from pkg-config file; it is not required. - Add support for policy compressed with xv- Update to upstream * Fix avc_has_perm() returns -1 even when SELinux is in permissive mode. * Support overriding Makefile RANLIB from Sven Vermeulen. * Update pkgconfig definition from Sven Vermeulen. * Mount sysfs before trying to mount selinuxfs from Sven Vermeulen. * Fix man pages from Laurent Bigonville. * Support overriding PATH and LIBBASE in Makefiles from Laurent Bigonville. * Fix LDFLAGS usage from Laurent Bigonville * Avoid shadowing stat in load_mmap from Joe MacDonald. * Support building on older PCRE libraries from Joe MacDonald. * Fix handling of temporary file in sefcontext_compile from Dan Walsh. * Fix procattr cache from Dan Walsh. * Define python constants for getenforce result from Dan Walsh. * Fix label substitution handling of / from Dan Walsh. * Add selinux_current_policy_path from Dan Walsh. * Change get_context_list to only return good matches from Dan Walsh. * Support udev-197 and higher from Sven Vermeulen and Dan Walsh. * Add support for local substitutions from Dan Walsh. * Change setfilecon to not return ENOSUP if context is already correct from Dan Walsh. * Python wrapper leak fixes from Dan Walsh. * Export SELINUX_TRANS_DIR definition in selinux.h from Dan Walsh. * Add selinux_systemd_contexts_path from Dan Walsh. * Add selinux_set_policy_root from Dan Walsh. * Add man page for sefcontext_compile from Dan Walsh.- Add systemd_contexts support - Do substitutions on a local sub followed by a dist sub- Eliminate requirement on pthread library, by applying patch for Jakub Jelinek Resolves #1013801- Fix handling of libselinux getconlist with only one entry- Add Python constants for SELinux enforcing modes- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Add sefcontext_compile.8 man page - Add Russell Coker patch to fix man pages - Add patches from Laurent Bigonville to fix Makefiles for debian. - modify spec file to use /usr/lib- Fix patch that Handles substitutions for /- Handle substitutions for / - semanage fcontext -a -e / /opt/rh/devtoolset-2/root- Add Eric Paris patch to fix procattr calls after a fork.- Move secolor.conf.5 into mcstrans package and out of libselinux- Fix python bindings for selinux_check_access- Fix reseting the policy root in matchpathcon- Cleanup setfcontext_compile atomic patch - Add matchpathcon -P /etc/selinux/mls support by allowing users to set alternate root - Make sure we set exit codes from selinux_label calls to ENOENT or SUCCESS- Make setfcontext_compile atomic- Fix memory leak in set*con calls.- Move matchpathcon to -utils package - Remove togglesebool- Fix selinux man page to reflect what current selinux policy is.- Add new constant SETRANS_DIR which points to the directory where mstransd can find the socket and libvirt can write its translations files.- Bring back selinux_current_policy_path- Revert some changes which are causing the wrong policy version file to be created- Update to upstream * audit2why: make sure path is nul terminated * utils: new file context regex compiler * label_file: use precompiled filecontext when possible * do not leak mmapfd * sefcontontext_compile: Add error handling to help debug problems in libsemanage. * man: make selinux.8 mention service man pages * audit2why: Fix segfault if finish() called twice * audit2why: do not leak on multiple init() calls * mode_to_security_class: interface to translate a mode_t in to a security class * audit2why: Cleanup audit2why analysys function * man: Fix program synopsis and function prototypes in man pages * man: Fix man pages formatting * man: Fix typo in man page * man: Add references and man page links to _raw function variants * Use ENOTSUP instead of EOPNOTSUPP for getfilecon functions * man: context_new(3): fix the return value description * selinux_status_open: handle error from sysconf * selinux_status_open: do not leak statusfd on exec * Fix errors found by coverity * Change boooleans.subs to booleans.subs_dist. * optimize set*con functions * pkg-config do not specifc ruby version * unmap file contexts on selabel_close() * do not leak file contexts with mmap'd backend * sefcontext_compile: do not leak fd on error * matchmediacon: do not leak fd * src/label_android_property: do not leak fd on error- Update to latest patches from eparis/Upstream- Update to latest patches from eparis/Upstream- Try procatt speedup patch again- Roll back procattr speedups since it seems to be screwing up systemd labeling.- Fix tid handling for setfscreatecon, old patch still broken in libvirt- Fix tid handling for setfscreatecon, old patch still broken in libvirt- setfscreatecon after fork was broken by the Set*con patch. - We needed to reset the thread variables after a fork.- Fix setfscreatecon call to handle failure mode, which was breaking udev- Ondrej Oprala patch to optimize set*con functions - Set*con now caches the security context and only re-sets it if it changes.- Rebuild against latest libsepol- Update to latest patches from eparis/Upstream - Fix errors found by coverity - set the sepol_compute_av_reason_buffer flag to 0. This means calculate denials only? - audit2why: remove a useless policy vers variable - audit2why: use the new constraint information- Rebuild with latest libsepol- Return EPERM if login program can not reach default label for user - Attempt to return container info from audit2why- Apply patch from eparis to fix leaked file descriptor in new labeling code- Add new function mode_to_security_class which takes mode instead of a string. - Possibly will be used with coreutils.- Add back selinuxconlist and selinuxdefcon man pages- Fix segfault from calling audit2why.finish() multiple times- Fix up selinux man page to reference service man pages- Rebuild with fixed libsepol- Update to upstream * Add support for lxc_contexts_path * utils: add service to getdefaultcon * libsemanage: do not set soname needlessly * libsemanage: remove PYTHONLIBDIR and ruby equivalent * boolean name equivalency * getsebool: support boolean name substitution * Add man page for new selinux_boolean_sub function. * expose selinux_boolean_sub * matchpathcon: add -m option to force file type check * utils: avcstat: clear sa_mask set * seusers: Check for strchr failure * booleans: initialize pointer to silence coveriety * stop messages when SELinux disabled * label_file: use PCRE instead of glibc regex functions * label_file: remove all typedefs * label_file: move definitions to include file * label_file: do string to mode_t conversion in a helper function * label_file: move error reporting back into caller * label_file: move stem/spec handling to header * label_file: drop useless ncomp field from label_file data * label_file: move spec_hasMetaChars to header * label_file: fix potential read past buffer in spec_hasMetaChars * label_file: move regex sorting to the header * label_file: add accessors for the pcre extra data * label_file: only run regex files one time * label_file: new process_file function * label_file: break up find_stem_from_spec * label_file: struct reorg * label_file: only run array once when sorting * Ensure that we only close the selinux netlink socket once. * improve the file_contexts.5 manual page- rebuild for https://fedoraproject.org/wiki/Features/Python_3.3- make with_python3 be conditional on fedora- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d- Revert Eric Paris Patch for selinux_binary_policy_path- Update to upstream * Fortify source now requires all code to be compiled with -O flag * asprintf return code must be checked * avc_netlink_recieve handle EINTR * audit2why: silence -Wmissing-prototypes warning * libsemanage: remove build warning when build swig c files * matchpathcon: bad handling of symlinks in / * seusers: remove unused lineno * seusers: getseuser: gracefully handle NULL service * New Android property labeling backend * label_android_property whitespace cleanups * additional makefile support for rubywrap- Fix booleans.subs name, change function name to selinux_boolean_sub, add man page, minor fixes to the function- Fix to compile with Fortify source * Add -O compiler flag * Check return code from asprintf - Fix handling of symbolic links in / by realpath_not_final- Add support for lxc contexts file- Add support fot boolean subs file- Update to upstream * Fix dead links to www.nsa.gov/selinux * Remove jump over variable declaration * Fix old style function definitions * Fix const-correctness * Remove unused flush_class_cache method * Add prototype decl for destructor * Add more printf format annotations * Add printf format attribute annotation to die() method * Fix const-ness of parameters & make usage() methods static * Enable many more gcc warnings for libselinux/src/ builds * utils: Enable many more gcc warnings for libselinux/utils builds * Change annotation on include/selinux/avc.h to avoid upsetting SWIG * Ensure there is a prototype for 'matchpathcon_lib_destructor' * Update Makefiles to handle /usrmove * utils: Stop separating out matchpathcon as something special * pkg-config to figure out where ruby include files are located * build with either ruby 1.9 or ruby 1.8 * assert if avc_init() not called * take security_deny_unknown into account * security_compute_create_name(3) * Do not link against python library, this is considered * bad practice in debian * Hide unnecessarily-exported library destructors- Add selinux_current_policy_path to return /sys/fs/selinux/policy if it exists - Otherwise search for policy on disk- Change selinux_binary_policy_path to return /sys/fs/selinux/policy - Add selinux_installed_policy_path to return what selinux_binary_policy_path used to return - avc_has_perm will now return yes if the machine is in permissive mode - Make work with ruby-1.9- avc_netlink_recieve should continue to poll if it receinves an EINTR rather- use /sbin/ldconfig, glibc does not provide /usr/sbin/ldconfig in the RPM database for now- Rebuild with cleaned up upstream to work in /usr- install everything in /usr https://fedoraproject.org/wiki/Features/UsrMove- Add Dan Berrange code cleanup patches.- Fix selabal_open man page to refer to proper selinux_opt structure-Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page- Add patch from Richard Haines When selabel_lookup found an invalid context with validation enabled, it always stated it was 'file_contexts' whether media, x, db or file. The fix is to store the spec file name in the selabel_lookup_rec on selabel_open and use this as output for logs. Also a minor fix if key is NULL to stop seg faults. - Fix setenforce manage page.- Rebuild with new libsepol- Fix setenforce man page, from Miroslav Grepl- Upgrade to upstream * selinuxswig_python.i: don't make syscall if it won't change anything * Remove assert in security_get_boolean_names(3) * Mapped compute functions now obey deny_unknown flag * get_default_type now sets EINVAL if no entry. * return EINVAL if invalid role selected * Updated selabel_file(5) man page * Updated selabel_db(5) man page * Updated selabel_media(5) man page * Updated selabel_x(5) man page * Add man/man5 man pages * Add man/man5 man pages * Add man/man5 man pages * use -W and -Werror in utils- Change python binding for restorecon to check if the context matches. - If it does do not reset- Upgrade to upstream * Makefiles: syntax, convert all ${VAR} to $(VAR) * load_policy: handle selinux=0 and /sys/fs/selinux not exist * regenerate .pc on VERSION change * label: cosmetic cleanups * simple interface for access checks * Don't reinitialize avc_init if it has been called previously * seusers: fix to handle large sets of groups * audit2why: close fd on enomem * rename and export symlink_realpath * label_file: style changes to make Eric happy.- Apply libselinux patch to handle large groups in seusers.- Add selinux_check_access function. Needed for passwd, chfn, chsh- Handle situation where selinux=0 passed to the kernel and both /selinux and-Update to upstream * utils: matchpathcon: remove duplicate declaration * src: matchpathcon: use myprintf not fprintf * src: matchpathcon: make sure resolved path starts * put libselinux.so.1 in /lib not /usr/lib * tree: default make target to all not- Switch to use ":" as prefix separator rather then ";"- Avoid unnecessary shell invocation in %post.- Fix handling of subset labeling that is causing segfault in restorecon- Change matchpathcon_init_prefix and selabel_open to allow multiple initial prefixes. Now you can specify a ";" separated list of prefixes and the labeling system will only load regular expressions that match these prefixes.- Change matchpatcon to use proper myprintf - Fix symlink_realpath to always include "/" - Update to upstream * selinux_file_context_verify function returns wrong value. * move realpath helper to matchpathcon library * python wrapper makefile changes- Move to new Makefile that can build with or without PYTHON being set-Update to upstream 2.1.4 2011-0817 * mapping fix for invalid class/perms after selinux_set_mapping * audit2why: work around python bug not defining * resolv symlinks and dot directories before matching 2.1.2 2011-0803 * audit2allow: do not print statistics * make python bindings for restorecon work on relative path * fix python audit2why binding error * support new python3 functions * do not check fcontext duplicates on use * Patch for python3 for libselinux 2.1.1 2011-08-02 * move .gitignore into utils * new setexecon utility * selabel_open fix processing of substitution files * mountpoint changing patch. * simplify SRCS in Makefile 2.1.1 2011-08-01 * Remove generated files, introduce more .gitignore-Update to upstream * Release, minor version bump * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Only call dups check within selabel/matchpathcon if you are validating the context - This seems to speed the loading of labels by 4 times.- Move /selinux to /sys/fs/selinux - Add selinuxexeccon - Add realpath to matchpathcon to handle matchpathcon * type queries.- Update for latest libsepol- Update for latest libsepol- Fix restorecon python binding to accept relative paths-Update to upstream * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Clean up patch to make handling of constructor cleanup more portable * db_language object class support for selabel_lookup from KaiGai Kohei. * Library destructors for thread local storage keys from Eamon Walsh.- Add distribution subs pathAdd patch from dbhole@redhat.com to initialize thread keys to -1 Errors were being seen in libpthread/libdl that were related to corrupt thread specific keys. Global destructors that are called on dl unload. During destruction delete a thread specific key without checking if it has been initialized. Since the constructor is not called each time (i.e. key is not initialized with pthread_key_create each time), and the default is 0, there is a possibility that key 0 for an active thread gets deleted. This is exactly what is happening in case of OpenJDK. Workaround patch that initializes the key to -1. Thus if the constructor is not called, the destructor tries to delete key -1 which is deemed invalid by pthread_key_delete, and is ignored.- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data- Change mount source options to use "proc" and "selinuxfs"- Update to upstream * Turn off default user handling when computing user contexts by Dan Walsh- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fixup selinux man page- Fix Makefile to use pkg-config --cflags python3 to discover include paths- Update to upstream - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Update to upstream * Thread local storage fixes from Eamon Walsh.- Add /etc/tmpfiles.d support for /var/run/setrans- Ghost /var/run/setrans- Rebuilt for gcc bug 634757- rebuild via updated swig (#624674)- Update for python 3.2a1- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- Turn off messages in audit2why- Update to upstream * Add const qualifiers to public API where appropriate by KaiGai Kohei. 2.0.95 2010-06-10 * Remove duplicate slashes in paths in selabel_lookup from Chad Sellers * Adds a chcon method to the libselinux python bindings from Steve Lawrence - add python3 subpackage from David Malcolm* Set errno=EINVAL for invalid contexts from Dan Walsh.- Update to upstream * Show strerror for security_getenforce() by Colin Waters. * Merged selabel database support by KaiGai Kohei. * Modify netlink socket blocking code by KaiGai Kohei.- Update to upstream * Fix from Eric Paris to fix leak on non-selinux systems. * regenerate swig wrappers * pkgconfig fix to respect LIBDIR from Dan Walsh.- Update to upstream * Change the AVC to only audit the permissions specified by the policy, excluding any permissions specified via dontaudit or not specified via auditallow. * Fix compilation of label_file.c with latest glibc headers.- Fix potential doublefree on init- Fix libselinux.pc- Fix man page for selinuxdefcon- Free memory on disabled selinux boxes- Update to upstream * add/reformat man pages by Guido Trentalancia . * Change exception.sh to be called with bash by Manoj Srivastava - Fix selinuxdefcon man page- Update to upstream * Add pkgconfig file from Eamon Walsh.- Update to upstream * Rename and export selinux_reset_config()- Update to upstream * Add exception handling in libselinux from Dan Walsh. This uses a shell script called exception.sh to generate a swig interface file. * make swigify * Make matchpathcon print <> if path not found in fcontext file.- Eliminate -pthread switch in Makefile- Update to upstream * Removal of reference counting on userspace AVC SID's.- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Update to upstream * Reverted Tomas Mraz's fix for freeing thread local storage to avoid pthread dependency. * Removed fini_context_translations() altogether. * Merged lazy init patch from Stephen Smalley based on original patch by Steve Grubb.- Update to upstream * Add per-service seuser support from Dan Walsh. * Let load_policy gracefully handle selinuxfs being mounted from Stephen Smalley. * Check /proc/filesystems before /proc/mounts for selinuxfs from Eric Paris.- Add provices ruby(selinux)- Update to upstream * Fix improper use of thread local storage from Tomas Mraz . * Label substitution support from Dan Walsh. * Support for labeling virtual machine images from Dan Walsh.- Update to upstream * Trim / from the end of input paths to matchpathcon from Dan Walsh. * Fix leak in process_line in label_file.c from Hiroshi Shinji. * Move matchpathcon to /sbin, add matchpathcon to clean target from Dan Walsh. * getdefaultcon to print just the correct match and add verbose option from Dan Walsh.- Update to upstream * deny_unknown wrapper function from KaiGai Kohei. * security_compute_av_flags API from KaiGai Kohei. * Netlink socket management and callbacks from KaiGai Kohei.- Fix Memory Leak- Fix crash in python- Add back in additional interfaces- Add back in av_decision to python swig- Update to upstream * Netlink socket handoff patch from Adam Jackson. * AVC caching of compute_create results by Eric Paris.- Add patch from ajax to accellerate X SELinux - Update eparis patch- Add eparis patch to accellerate Xwindows performance- Fix URL- Add substitute pattern - matchpathcon output <> on ENOENT- Update to upstream * Fix incorrect conversion in discover_class code.- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- Add - selinux_virtual_domain_context_path - selinux_virtual_image_context_path- Throw exeptions in python swig bindings on failures- Fix restorecon python code- Update to upstream- Strip trailing / for matchpathcon- Fix segfault if seusers file does not work- Add new function getseuser which will take username and service and return - seuser and level. ipa will populate file in future. - Change selinuxdefcon to return just the context by default- Rebuild for Python 2.6- Update to Upstream * Allow shell-style wildcards in x_contexts file.- Eamon Walsh Patch - libselinux: allow shell-style wildcarding in X names - Add Restorecon/Install python functions from Luke Macken- Update to Upstream * Correct message types in AVC log messages. * Make matchpathcon -V pass mode from Dan Walsh. * Add man page for selinux_file_context_cmp from Dan Walsh.- Update to Upstream * New man pages from Dan Walsh. * Update flask headers from refpolicy trunk from Dan Walsh.- Fix matchpathcon -V call- Add flask definitions for open, X and nlmsg_tty_audit- Add missing get/setkeycreatecon man pages- Split out utilities- Add missing man page links for [lf]getfilecon- Update to Upstream * Add group support to seusers using %groupname syntax from Dan Walsh. * Mark setrans socket close-on-exec from Stephen Smalley. * Only apply nodups checking to base file contexts from Stephen Smalley.- Update to Upstream * Merge ruby bindings from Dan Walsh. - Add support for Linux groups to getseuserbyname- Allow group handling in getseuser call- Update to Upstream * Handle duplicate file context regexes as a fatal error from Stephen Smalley. This prevents adding them via semanage. * Fix audit2why shadowed variables from Stephen Smalley. * Note that freecon NULL is legal in man page from Karel Zak.- Add ruby support for puppet- Rebuild for new libsepol- Add Karel Zak patch for freecon man page- Update to Upstream * New and revised AVC, label, and mapping man pages from Eamon Walsh. * Add swig python bindings for avc interfaces from Dan Walsh.- Update to Upstream * Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call matchpathcon_init_prefix if not already initialized. * Add -q qualifier for -V option of matchpathcon and change it to indicate whether verification succeeded or failed via exit status.- libselinux no longer neets to telnet -u in post install- Add sedefaultcon and setconlist commands to dump login context- Update to Upstream * Fixed selinux_set_callback man page. * Try loading the max of the kernel-supported version and the libsepol-supported version when no manipulation of the binary policy is needed from Stephen Smalley. * Fix memory leaks in matchpathcon from Eamon Walsh.- Add Xavior Toth patch for security_id_t in swig- Add avc.h to swig code- Grab the latest policy for the kernel- Update to Upstream * Man page typo fix from Jim Meyering.- Update to Upstream * Changed selinux_init_load_policy() to not warn about a failed mount of selinuxfs if selinux was disabled in the kernel.- Fix matchpathcon memory leak- Update to Upstream * Merged new X label "poly_selection" namespace from Eamon Walsh.- Update to Upstream * Merged reset_selinux_config() for load policy from Dan Walsh.- Reload library on loading of policy to handle chroot- Update to Upstream * Merged avc_has_perm() errno fix from Eamon Walsh.- Update to Upstream * Regenerated Flask headers from refpolicy flask definitions.- Update to Upstream * Merged compute_member AVC function and manpages from Eamon Walsh. * Provide more error reporting on load policy failures from Stephen Smalley.- Update to Upstream * Merged new X label "poly_prop" namespace from Eamon Walsh.- Update to Upstream * Disable setlocaldefs if no local boolean or users files are present from Stephen Smalley. * Skip userspace preservebools processing for Linux >= 2.6.22 from Stephen Smalley.- Update to Upstream * Merged fix for audit2why from Dan Walsh.- Fix audit2why to grab latest policy versus the one selected by the kernel* Merged audit2why python binding from Dan Walsh.* Merged updated swig bindings from Dan Walsh, including typemap for pid_t.- Update to use libsepol-static library- Move libselinux.a to -static package - Spec cleanups- Put back libselinux.a- Fix memory references in audit2why and change to use tuples - Update to Upstream * Fix for the avc: granted null message bug from Stephen Smalley.- Fix __init__.py specification- Add audit2why python bindings- Add pid_t typemap for swig bindings- smp_mflag- Fix spec file caused by spec review- Upgrade to upstream * matchpathcon(8) man page update from Dan Walsh.- Upgrade to upstream * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley. * Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley. * A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.- Upgrade to upstream * Regenerated Flask headers from policy.- Upgrade to upstream * AVC enforcing mode override patch from Eamon Walsh. * Aligned attributes in AVC netlink code from Eamon Walsh. - Move libselinux.so back into devel package, procps has been fixed- Upgrade to upstream * Merged refactored AVC netlink code from Eamon Walsh. * Merged new X label namespaces from Eamon Walsh. * Bux fix and minor refactoring in string representation code.- Upgrade to upstream * Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.- Upgrade to upstream * Fix segfault resulting from missing file_contexts file.- Fix segfault on missing file_context file- Upgrade to upstream * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh. * Pass CFLAGS when using gcc for linking from Dennis Gilmore.- Add sparc patch to from Dennis Gilmore to build on Sparc platform- Remove leaked file descriptor- Upgrade to latest from NSA * Fix selabel option flag setting for 64-bit from Stephen Smalley.- Change matchpatcon to use syslog instead of syserror- Upgrade to latest from NSA * Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley. * Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley. * Fix swig binding for rpm_execcon from James Athey.- Apply James Athway patch to fix rpm_execcon python binding- Move libselinux.so back into main package, breaks procps- Upgrade to upstream * Fix file_contexts.homedirs path from Todd Miller.- Remove requirement on setransd, Moved to selinux-policy-mls- Move libselinux.so into devel package - Upgrade to upstream * Fix segfault resulting from uninitialized print-callback pointer. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh.- Upgrade to upstream * Updated version for stable branch. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh. * Updated av_permissions.h and flask.h to include new nscd permissions from Dan Walsh. * Added swigify to top-level Makefile from Dan Walsh. * Fix for string_to_security_class segfault on x86_64 from Stephen Smalley.- Apply Steven Smalley patch to fix segfault in string_to_security_class- Fix matchpathcon to set default myprintf- Upgrade to upstream * Fix for getfilecon() for zero-length contexts from Stephen Smalley.- Update to match flask/access_vectors in policy- Fix man page markup lanquage for translations- Fix semanage segfault on x86 platform- Upgrade to upstream * Labeling and callback interface patches from Eamon Walsh.- Refactored swig- Upgrade to upstream * Class and permission mapping support patches from Eamon Walsh. * Object class discovery support patches from Chris PeBenito. * Refactoring and errno support in string representation code.- Upgrade to upstream - Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura. This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case. 2.0.17 2007-05-31 * Updated Lindent script and reindented two header files.- Upgrade to upstream * Merged additional swig python bindings from Dan Walsh. * Merged helpful message when selinuxfs mount fails patch from Dax Kelson.- Upgrade to upstream * Merged build fix for avc_internal.c from Joshua Brindle.- Add get_context_list funcitions to swig file- Upgrade to upstream * Merged rpm_execcon python binding fix, matchpathcon man page fix, and getsebool -a handling for EACCES from Dan Walsh.- Add missing interface- Upgrade to upstream * Merged support for getting initial contexts from James Carter.- Upgrade to upstream * Merged userspace AVC patch to follow kernel's behavior for permissive mode in caching previous denials from Eamon Walsh. * Merged sidput(NULL) patch from Eamon Walsh.- Make rpm_exec swig work- Upgrade to upstream * Merged class/av string conversion and avc_compute_create patch from Eamon Walsh.- Upgrade to upstream * Merged fix for avc.h #include's from Eamon Walsh.- Add stdint.h to avc.h- Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb. - Merged patch to drop support for old /etc/sysconfig/selinux and - /etc/security policy file layout from Steve Grubb.- Do not fail on permission denied in getsebool- Upgrade to upstream * Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve Grubb.- Upgrade to upstream * Removed sending of setrans init message. * Merged matchpathcon memory leak fix from Steve Grubb.- Upgrade to upstream * Merged more swig initializers from Dan Walsh.- Upgrade to upstream * Merged patch from Todd Miller to convert int types over to C99 style.- Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of the use of the non-standard format (original patch changed for style). - Merged patch from Todd Miller to fix memory leak in matchpathcon.c.- Add context function to python to split context into 4 parts- Upgrade to upstream * Updated version for stable branch.- Upgrade to upstream * Merged man page updates to make "apropos selinux" work from Dan Walsh.- Upgrade to upstream * Merged getdefaultcon utility from Dan Walsh.- Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli- Add reference to selinux man page in all man pages to make apropos work Resolves: # 217881- Upstream wanted some minor changes, upgrading to keep api the same - Upgrade to upstream * Merged selinux_check_securetty_context() and support from Dan Walsh. Resolves: #200110- Cleanup patch- Add securetty handling Resolves: #200110- Upgrade to upstream * Merged patch for matchpathcon utility to use file mode information when available from Dan Walsh.- rebuild against python 2.5- Fix matchpathcon to lstat files- Update man page- Upgrade to upstream- Add James Antill patch for login verification of MLS Levels - MLS ragnes need to be checked, Eg. login/cron. This patch adds infrastructure.- Upgrade to latest from NSA * Merged updated flask definitions from Darrel Goeddel. This adds the context security class, and also adds the string definitions for setsockcreate and polmatch.- Upgrade to latest from NSA * Updated version for release.- rebuilt for unwind info generation, broken in gcc-4.1.1-21- Upgrade to latest from NSA * Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.- really make -devel depend on libsepol-devel- Add sgrubb patch for polmatch- Upgrade to latest from NSA * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client- have -devel require libsepol-devel- Upgrade to latest from NSA * Merged patch to not log avc stats upon a reset from Steve Grubb. * Applied patch to revert compat_net setting upon policy load. * Merged file context homedir and local path functions from Chris PeBenito.- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc* (#203001)- Upgrade to latest from NSA * Merged file context homedir and local path functions from Chris PeBenito. * Rework functions that access /proc/pid/attr to access the per-thread nodes, and unify the code to simplify maintenance.- Upgrade to latest from NSA * Merged return value fix for *getfilecon() from Dan Walsh. * Merged sockcreate interfaces from Eric Paris.- Fix translation return codes to return size of buffer- Upgrade to latest from NSA * Merged no-tls-direct-seg-refs patch from Jeremy Katz. * Merged netfilter_contexts support patch from Chris PeBenito.- Upgrade to latest from NSA * Merged context_*_set errno patch from Jim Meyering.- only build non-fpic objects with -mno-tls-direct-seg-refs- build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults with xen (#200783)- Rebuild for new gcc- Fix libselinux to not telinit during installs- Upgrade to latest from NSA * Lindent. * Merged {get,set}procattrcon patch set from Eric Paris. * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. * Regenerated Flask headers from refpolicy. * Merged patch from Dan Walsh with: - Added selinux_file_context_{cmp,verify}. - Added selinux_lsetfilecon_default. - Delay translation of contexts in matchpathcon.- Yet another change to matchpathcon- Turn off error printing in library. Need to compile with DEBUG to get it back- Fix error reporting of matchpathcon- Add function to compare file context on disk versus contexts in file_contexts file.- Upgrade to latest from NSA * Merged patch from Dan Walsh with: * Added selinux_getpolicytype() function. * Modified setrans code to skip processing if !mls_enabled. * Set errno in the !selinux_mnt case. * Allocate large buffers from the heap, not on stack. Affects is_context_customizable, selinux_init_load_policy, and selinux_getenforcemode.- Add selinux_getpolicytype()- Upgrade to latest from NSA * Merged !selinux_mnt checks from Ian Kent.- Check for selinux_mnt == NULL- Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn.- Remove getseuser- Bump requires to grab latest libsepol- Add BuildRequires for swig- Upgrade to latest from NSA * Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. * Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.- More fixes for translation cache - Upgrade to latest from NSA * Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().- Add simple cache to improve translation speed- Upgrade to latest from NSA * Merged setrans client cleanup patch from Steve Grubb.- Add Russell's AVC patch to handle large numbers- Upgrade to latest from NSA * Merged getfscreatecon man page fix from Dan Walsh. * Updated booleans(8) man page to drop references to the old booleans file and to note that setsebool can be used to set the boot-time defaults via -P.- Upgrade to latest from NSA * Merged fix warnings patch from Karl MacMillan. * Merged setrans client support from Dan Walsh. This removes use of libsetrans. * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. * Merged swig typemap fixes from Glauber de Oliveira Costa.- Change the way translations work, Use setransd/remove libsetrans- Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)- Upgrade to latest from NSA * Added distclean target to Makefile. * Regenerated swig files. * Changed matchpathcon_init to verify that the spec file is a regular file. * Merged python binding t_output_helper removal patch from Dan Walsh.- Fix python bindings for matchpathcon - Fix booleans man page- Merged Makefile PYLIBVER definition patch from Dan Walsh.- Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA * Updated version for release. * Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- Upgrade to latest from NSA * Merged install-pywrap Makefile patch from Joshua Brindle.- Upgrade to latest from NSA * Merged pywrap Makefile patch from Dan Walsh.- Split out pywrap in Makefile- Upgrade to latest from NSA * Added getseuser test program.- Upgrade to latest from NSA * Added format attribute to myprintf in matchpathcon.c and removed obsoleted rootlen variable in init_selinux_config().- Build with new libsepol- Upgrade to latest from NSA * Merged several fixes and improvements from Ulrich Drepper (Red Hat), including: - corrected use of getline - further calls to __fsetlocking for local files - use of strdupa and asprintf - proper handling of dirent in booleans code - use of -z relro - several other optimizations * Merged getpidcon python wrapper from Dan Walsh (Red Hat).- Add build requires line for libsepol-devel- Fix swig call for getpidcon- Move libselinux.so to base package- Upgrade to latest from NSA * Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.- update to latest libsetrans - Fix potential memory leak- rebuilt- Update to never version * Merged patch for swig interfaces from Dan Walsh.- Update to never version- Fix some of the python swig objects- Update to latest from NSA * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified matchpathcon implementation to make context validation/ canonicalization optional at matchpathcon_init time, deferring it to a successful matchpathcon by default unless the new flag is set by the caller. * Added matchpathcon_init_prefix() interface, and reworked matchpathcon implementation to support selective loading of file contexts entries based on prefix matching between the pathname regex stems and the specified path prefix (stem must be a prefix of the specified path prefix).- Update to latest from NSA * Change getsebool to return on/off instead of active/inactive- Update to latest from NSA * Added -f file_contexts option to matchpathcon util. Fixed warning message in matchpathcon_init(). * Merged Makefile python definitions patch from Dan Walsh.- Update to latest from NSA * Merged swigify patch from Dan Walsh.- Separate out libselinux-python bindings into separate rpm- Read libsetrans requirement- Add python bindings- Update to latest from NSA * Merged make failure in rpm_execcon non-fatal in permissive mode patch from Ivan Gyurdiev.- Remove requirement for libsetrans- Update to latest from NSA * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.- Update to latest from NSA * Added security_canonicalize_context() interface and set_matchpathcon_canoncon() interface for obtaining canonical contexts. Changed matchpathcon internals to obtain canonical contexts by default. Provided fallback for kernels that lack extended selinuxfs context interface. - Patch to not translate mls when calling setfiles- Update to latest from NSA * Merged seusers parser changes from Ivan Gyurdiev. * Merged setsebool to libsemanage patch from Ivan Gyurdiev. * Changed seusers parser to reject empty fields.- Update to latest from NSA * Merged seusers empty level handling patch from Jonathan Kim (TCS).- Rebuild for latest libsepol- Rebuild for latest libsepol- Change default to __default__- Change default to __default__- Add selinux_translations_path- Update to latest from NSA * Merged selinux_path() and selinux_homedir_context_path() functions from Joshua Brindle.- Need to check for /sbin/telinit- Update to latest from NSA * Merged fixes for make DESTDIR= builds from Joshua Brindle.- Update to latest from NSA * Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red Hat). * Updated call to sepol_policydb_to_image for sepol changes. * Changed getseuserbyname to ignore empty lines and to handle no matching entry in the same manner as no seusers file.- Tell init to reexec itself in post script- Update to latest from NSA * Changed selinux_mkload_policy to try downgrading the latest policy version available to the kernel-supported version. * Changed selinux_mkload_policy to fall back to the maximum policy version supported by libsepol if the kernel policy version falls outside of the supported range.- Update to latest from NSA * Changed getseuserbyname to fall back to the Linux username and NULL level if seusers config file doesn't exist unless REQUIRESEUSERS=1 is set in /etc/selinux/config. * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.- Update to latest from NSA * Added selinux_init_load_policy() function as an even higher level interface for the initial policy load by /sbin/init. This obsoletes the load_policy() function in the sysvinit-selinux.patch. * Added selinux_mkload_policy() function as a higher level interface for loading policy than the security_load_policy() interface.- Update to latest from NSA * Merged fix for matchpathcon (regcomp error checking) from Johan Fischer. Also added use of regerror to obtain the error string for inclusion in the error message.- Update to latest from NSA * Changed getseuserbyname to not require (and ignore if present) the MLS level in seusers.conf if MLS is disabled, setting *level to NULL in this case.- Update to latest from NSA * Merged getseuserbyname patch from Dan Walsh.- Fix patch to satisfy upstream- Update to latest from NSA - Add getseuserbyname- Fix patch call- Fix strip_con call- Go back to original libsetrans code- Eliminate forth param from mls context when mls is not enabled.- Update from NSA * Merged modified form of patch to avoid dlopen/dlclose by the static libselinux from Dan Walsh. Users of the static libselinux will not have any context translation by default.- Update from NSA * Added public functions to export context translation to users of libselinux (selinux_trans_to_raw_context, selinux_raw_to_trans_context).- Update from NSA * Remove special definition for context_range_set; use common code.- Update from NSA * Hid translation-related symbols entirely and ensured that raw functions have hidden definitions for internal use. * Allowed setting NULL via context_set* functions. * Allowed whitespace in MLS component of context. * Changed rpm_execcon to use translated functions to workaround lack of MLS level on upgraded systems.- Allow set_comp on unset ranges- Merged context translation patch, originally by TCS, with modifications by Dan Walsh (Red Hat).- Apply translation patch- Update from NSA * Merged several fixes for error handling paths in the AVC sidtab, matchpathcon, booleans, context, and get_context_list code from Serge Hallyn (IBM). Bugs found by Coverity. * Removed setupns; migrated to pam. * Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original symbol is temporarily retained for compatibility until all callers are updated.- Update makefiles- Update from NSA * Merged security_setupns() from Chad Sellers. - fix selinuxenabled man page- Update from NSA * Merged avcstat and selinux man page from Dan Walsh. * Changed security_load_booleans to process booleans.local even if booleans file doesn't exist.- Fix avcstat to clear totals- Add info to man page- Update from NSA * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat). * Rewrote get_ordered_context_list and helpers, including changing logic to allow variable MLS fields.- Update from NSA- Add backin matchpathcon- Fix selinux_policy_root man page- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;- Update from NSA * Fixed bug in matchpathcon_filespec_destroy.- Update from NSA * Fixed bug in rpm_execcon error handling path.- Update from NSA * Merged fix for set_matchpathcon* functions from Andreas Steinmetz. * Merged fix for getconlist utility from Andreas Steinmetz.- Update from NSA- Better handling of booleans- Update from NSA * Merged destructors patch from Tomas Mraz.- Update from NSA * Added set_matchpathcon_flags() function for setting flags controlling operation of matchpathcon. MATCHPATHCON_BASEONLY means only process the base file_contexts file, not file_contexts.homedirs or file_contexts.local, and is for use by setfiles -c. * Updated matchpathcon.3 man page.- Update from NSA- Update from NSA * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.- Update from NSA * Changed matchpathcon_common to ignore any non-format bits in the mode.- Default matchpathcon to regular files if the user specifies a mode- Update from NSA * Merged several fixes from Ulrich Drepper.- Fix matchpathcon on eof.- Update from NSA * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh. * Added selinux_users_path() for path to directory containing system.users and local.users.- Process file_context.homedir- Update from NSA * Changed relabel Makefile target to use restorecon.- Update from NSA * Regenerated av_permissions.h.- Update from NSA * Modified avc_dump_av to explicitly check for any permissions that cannot be mapped to string names and display them as a hex value. * Regenerated av_permissions.h.- Update from NSA * Generalized matchpathcon internals, exported more interfaces, and moved additional code from setfiles into libselinux so that setfiles can directly use matchpathcon.- Update from NSA * Prevent overflow of spec array in matchpathcon. * Fixed several uses of internal functions to avoid relocations. * Changed rpm_execcon to check is_selinux_enabled() and fallback to a regular execve if not enabled (or unable to determine due to a lack of /proc, e.g. chroot'd environment).- Update from NSA * Merged minor fix for avcstat from Dan Walsh.- rpmexeccon should not fail in permissive mode.- fix printf in avcstat- Update from NSA- Modify matchpathcon to also process file_contexts.local if it exists- Add is_customizable_types function call- Update to latest from upstream * Just changing version number to match upstream- Update to latest from upstream * Changed matchpathcon to return -1 with errno ENOENT for <> entries, and also for an empty file_contexts configuration.- Fix link devel libraries- Fix unitialized variable in avcstat.c- Upgrade to upstream * Removed some trivial utils that were not useful or redundant. * Changed BINDIR default to /usr/sbin to match change in Fedora. * Added security_compute_member. * Added man page for setcon.- Upgrade to upstream- Add avcstat program- Add lots of missing man pages- Fix output of getsebool.- Update from upstream, fix setsebool -P segfault- Add a patch from upstream. Fixes signed/unsigned issues, and incomplete structure copy.- More fixes from sgrubb, better syslog- Have setsebool and togglesebool log changes to syslog- Add patch to make setsebool update bool on disk - Make togglesebool have a rollback capability in case it blows up inflight- Upgrade to latest from NSA- Changed the location of the utilities to /usr/sbin since normal users can't use them anyways.- Updated various utilities, removed utilities that are for testing, added man pages.- Add -g flag to make - Upgrade to latest from NSA * Added rpm_execcon.- Upgrade to latest from NSA * Merged setenforce and removable context patch from Dan Walsh. * Merged build fix for alpha from Ulrich Drepper. * Removed copyright/license from selinux_netlink.h - definitions only.- Change setenforce to accept Enforcing and Permissive- Add alpha patch- Upgrade to latest from NSA- Add selinux_removable_context_path- Update from NSA * Add matchmediacon- Update from NSA * Merged in matchmediacon changes.- Update from NSA * Regenerated headers for new nscd permissions.- Add matchmediacon- Update from NSA * Added get_default_context_with_role.- Clean up spec file * Patch from Matthias Saou- Update from NSA * Added set_matchpathcon_printf.- Update from NSA * Reworked av_inherit.h to allow easier re-use by kernel.- Add strcasecmp in selinux_config - Update from NSA * Changed avc_has_perm_noaudit to not fail on netlink errors. * Changed avc netlink code to check pid based on patch by Steve Grubb. * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA - Add optflags- Update from NSA- Add matchpathcon man page - Latest from NSA * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA- New upstream version- Latest from Upstream- Fix man pages- Latest from Upstream- Latest from Upstream- Add man page for boolean functions and SELinux- Latest from NSA- Latest from NSA- uppercase getenforce returns, to make them match system-config-securitylevel- Remove old path patch- Update to latest from NSA - Add fix to only get old path if file_context file exists in old location- Update to latest from NSA- add nlclass patch - Update to latest from NSA- rebuilt- Fix selinux_config to break once it finds SELINUXTYPE.-Update with latest from NSA- Change to use new policy mechanism- add man patch- Update with latest from NSA- Update with latest from NSA- Add changes for relaxed policy - Update to match NSA- Add relaxed policy changes- Sync with NSA- Remove requires glibc>2.3.4- Fix selinuxenabled man page.- Upgrade to 1.11- Add memleaks patch- Upgrade to latest from NSA and add more man pages- Update to match NSA - Cleanup some man pages- Upgrade to latest from NSA- Add Russell's Man pages- Change getenforce to also check is_selinux_enabled- Add ownership to /usr/include/selinux- fix location of file_contexts file.- Fix matchpathcon to use BUFSIZ- rebuilt- add matchpathcon- rebuilt- Add rootok patch- Updated getpeernam patch- Add getpeernam patch- Add getpeercon patch- Put mntpoint patch, because found fix for SysVinit- Add remove mntpoint patch, because it breaks SysVinit- Add mntpoint patch for SysVinit- Add -r -u -t to getcon- Upgrade to latest from NSA- Fix x86_64 build- Latest tarball from NSA.- Update with latest changes from NSA- Change location of .so file- Break out into development library- Move location of libselinux.so to /lib- Add selinuxenabled patch- Update with final NSA 1.2 sources.- Update with latest from NSA.- Fix to build on x86_64- update for version 1.2- Initial version2.5-12.fc242.5-12.fc24_selinux.soselinux__init__.py__init__.pyc__init__.pyoaudit2why.so/usr/lib/python2.7/site-packages//usr/lib/python2.7/site-packages/selinux/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tablesdrpmxz2i686-redhat-linux-gnuELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f8d212f2567ef78010bee4e82048db311ed2922b, strippeddirectoryPython script, ASCII text executablepython 2.7 byte-compiledELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=8f407f792f327a854367fc04ff236446e62c19df, stripped  RRRRR RRR R R R RRRRRRRR RRR utf-8?`7zXZ !#,]"k%dh-; cl%cˉIu$xak_|][ h.ףb&R_ $-n)Ya:qVm={ @,Z :ӛM;FJB-zвw fn:&1N=I]d2xN߃⸈mCM*g#TڜojZ uSRDFȠ.uo Γ [io$Vg\x !2a!%^1X/1Q4ȽY@>2ei|d޷x lg]q|]l q/A {(;U/8SEbbv,ȯRD|;L6d&glIvgor920>CS~R*F`m2ëYuKs#T/Z|8iOn%/=1(k^nRS}HU9{]Bs\QDƏto <;&C^$A/?~_4aGVzюKlܾLb۩^PNhLӔI柘,4r9M+Mb-aL  ۡksv4d̈UpW[AJu DW>mJ% EԬ6PVS,l0qpCl3]r gzA[;/~iԄ>^%hYbr8_m7y=I l/6õB D$$& :eȐ3Z~"Cq:/r&_; 5WR9$ c>E;IkE|?}*)U'LQ;کd*e5}#F%; u1o~EDН;puv K^xW  2Hf?G c؋Jg*Za x$7;6|[W)o9%Y$F0Հ=ҺS2ca&'b~*A_ywseBѲ|Ex[6w~eS-"dlW}Us}.ڳ rw9O` NS9@cd_Op,H/\[w#^2ӴV`Fc4[ uN#ulCsK`Ts`Yx"vBAJ1TRg "MNij]p5CQ1osCHY+K˲.CjY&}TnM%mh~[tzk DZLg BcMu5]ϛvuA+R c9a5J1wm#H)pMcM eSvYZSGON 2 4rK)=Yu{Y:RCC~a ng<@{_kb"q6sa[ML~#(lYϾQHł83 IO`M<'^-,!OAy8G5 wQd58f&J'4]#AyPПmq({@AyJWgOxLɌ%-bijF"!y:=ʍ$( s-ҵ]WB:GMȽq?[麕W`k- kl'[f2Auׂl۸`րh 4gd#tATiX$tݡ✄ipiyj㯇n*P啽޷Q%q3s뺱!89֚WĹ@1K;Hčaoq a$ _X @}xG |2 C`SV&2Z#9NkyATC8һM}x8ia6ꏧz gÏNL0+U2cCB$JR+KޥH= T9hOm&.nCW:bKtsI`:~|hh^J@//X٪"Vkqi *LȌf`.dbj OZad^/&{JHbq֤V'.^rM\0Z_I4MHKI?tPm} )i `L~_cI'(hBP 耳lݾ㒶YM.m`AP,vg"?̧f%CO|@*RS hs&Ɗ})z'Ћjr+7N9"*6u%  S{ɘ .}R,ġo|٣VUX2z  %p͠r)Jִd}ui(bc* ɑxð%87pQOst:r?8Mߡ&"M, # H ;#`qY{^[}qK'{xpo?P|Á5FRtq,@#9Hn al8&ELk |,6<^=>yc TTb#!V7v{s66Kv{]l7Ԗ2XhMJ.UؕO8o ɇMU=`qAs z">9'!|r!;MBVF.$VPX0̔_ 1ŎK|l״'״DSfL-l$mY֐ϾcRާy Sf Tbx򃵶Lܻ-E ~~.Dy"Z ]bdK)V帥)t5u.v--":i$J-mE=ͳگptC!,`ȧ1Y6Νa2I&bz7S7G[9^O^bܘ?vOIҀƘ!>]JQ(_N݃`'%:~t튢:/1g6' u^G] 5MNGcJ1wvbS_)cRO?L8ͺ2DH#e~fE}%m L5?MTP͊%eǮ+`m,d2ae@ի'X7 rc o [ҜT^$ҴJdCmuϖ/ʂo 4z^FӱOhg89iRKwLӏ{\kS@%7 U:r8 pX%Kz=buj!2ZU7"MTeCX[e! ^k"Wz)9_Hdb\l%ϖ.,>2p*o;clql"(v״Qp tn)hauŊ fFT~u%,'; cۢǃ!:K%LR]GqU>'CX[v#yY UDRP(ݾ(?72[!Rdj sK5~ ّ`qZo?0vW:jY*N}5ذ nOm/A5WZ\IFx9B薡 u/:zeQ!8n lS>nU'?q'1;H }TGQ5'R~VdcbX`P;bu4OV4l%s=a|tCRLm&Q/4(/]F*ak<,C)a['SWLazŠ o&ICäAr2d;Ñtt V-(/Eho6A fWn+MZH\zT{%CY/tN2԰<½\ +:NiPpt%Ú9WvvŁ HX9a^gCwWhyr̫ԯm@= ŏܷfC)8\fnJ2fL.֛(vCI*]P<| 2P5 ӵ5ppFW3.ձ5. |o/Rh~;f-qڞE9H BJrϖi Ѕi r;q>212r_eL蠺 h $өdzK 1u՘@ ۲_N-YՐ`!k'u֋]4>k l̞B//7L`GM\ 3 F<(t xڥ`)֣ {jC/Lñ;&_9 Fܬ %EnW[ N (q}Hh.p^.AAQr &2W_&mmɋu9V{ .X:4L#RdZS<]􈅸iƩ5+e;{ ;@T1SS&ڥp}ro)t\r"uZXi5|K*Jj:+  BM+&xF813O$g˩`2DJAtfzUvoR6֤"\M_@RJ,s Y_v`K8P $+Q1RiQřmyy\U<%VsrYhNXi[̈́iC&,.MLm/ M/ 3TVϡn2'eMSjWsǺ iZvK(aᄬGZr#\ /U@,2,^,жgԽMy,y oٗOF$WJC̕?:B?H Գs*#RuB- 0][= h%W)852YE* &ҾGZeQcHl=Õ bNHG;;2==o}B o i/SLhnH|rξR-.ɡAG 1cj#zfZA d]\_cw pW]:JGOX$-`,qVݪ2ٚJhe<$t@ )Zܞa{޺L~.H`vQ޺I5 h}+W̾+qa$FYȟzDFfzaH.ӵ)K!XΫ Mz#MvY2jj˿U8M  ̙hmhIe q࠹ CLsCjգ/?润UDVoY3=c).r7)Mpކ2]vʕNAh;+DՈaJ,o;Dȑ|LL {ƞxAxuZbpbX&s>}FI"` "W؇< Zv1$QίyFz%d2b(.蓇9tD#qNkIs ^ۺ5pʈbghĥ+{@sg cpT(`t]@C$z1)1˴s'E3P#BU҂{^rmX;/3Μ\ &0˷;aS(ّzN̑'ͫObQ+*(#>ZA+Tns;}C(Hlx3er"$C +&%dJߌ8r GHV)5ri.t9g-R16Y;PIu^^clO;,_yJ4>D/iNy]'G@TEQYe{~=\W#JO;/|gQH݃oq^hy\Bꆄ*p5dR3'Lۦ`Mq%LJqBK-^!Z&pJtچ,>#yړDUprAhpq S<L/Gvm&wyA8|TC熔T0*?Ff:e !uG\/#!}y*ܦrD#e̯$ޝC!{;{Ymjߣu\bAVH)ʀA?~2)3|,r]}pLkj\T~R啋 PJu\m9AMRFʥyd$Cz᧝IPh$s荌И"Ҩ2E|BhǮ/Z8=bB,Un4gvJ,Åx+-HǧYdiٳP#/C* SC=CΓ4+V 3_ayoXJ9OJ3S i_Þo"MFMRBp.E31XD9"|F0qՌ:_|Q ^PV:)]Iw]߮[,"!0 `״OٰH%\yiiulF{m5u&ӱc|%pNGWN_;;PtGok@рBxl;RQcPnMp|W صeY X& @kbh?Gs?{RUJ&V?h5S[vT=f9XD+.0cĻrܚp9T~+Mc0wP)[ 8`YP5 naͣqchS%|\^FSUpRM1e";|7NX+~r3@~xB ˰hZhAFO`f\)t5c|yeNR6;og ,L@F1bb$ʽ[[JgT |l|ogWtԩӝS h\ h(+X [|﫦F~B\=>q:*a 58(:! \*ّ@O<. ! x~-fiU*ۗ`e]b;ᓆ ĨY&_A)/oCjи9u{Z|{E SgOfF̩ -ͻu7ٝSR4"YdoTT$9y_p?yW# cN%Uh!ےZEokǃql0߀)Puv°)QgZCGp7<&ͅu-hZO&uƲY5vM=0Anw_ e`.{$u8:OZ}#D"zP(F?1yZpd碸8jCp=nЉnk6~ߛ_COR|nCz t㻺 hne-%sҝ`T4ڋ"e.0zzzyHo7Bq-.YtgSnmKu3/=}S}Ƶ{ Lx^/"!cNnY6lVA_[Eڡ-̧l鼉M:#pw/{) ӌp5ė|4#9bcFo`ë&b(xwעf'A_y9(S95*;F N*4 /ה[|*{Fâ'7VOiXJ2O˜CvūJ8ҶO RRwiE6L m<]5-QITu%kʡWn9Z.-_-Nܥztb,y RTv/ v-`k< = ?W:> |B 9\;nP ]gFͭ+ӕk(ڜEҘhTE%Ng}ė#:)!RG[!hz}3]k>>7 qb;uc0K~Y+' /2Ji"t p)b#!`#%ombm,^nleP.\Y#fə!Y F|g压̥wmU׮:bȉ;ŽO;1.mK 91ۨNo# &`f= F[>J&vs)ׁ|L5=Y] y}R͞OSA"MԓdĻ~hoLLO`|wp$s:G/e8IPp2]sF._vÚG9@M+bY/#:K ?I x0d 7wnϯ,vafV1t703 (w\)UY 6xҝnh5C fegGqvB+SGAhG3ɥO]|U%Wd};"[́n%Rܿr _8{ȗ%-q7Hh4>X!rsCE$Ŀ".8I,MEx8ࡱp/aq;sN=?2Q0FsFz'&F$mD/'#d -n⪶kY @F ҂ l+K:JKTY0⇬dvϯEE ӻ?Q[҅sڋp8rxx 39.i2OlDBe0c/Uɣ"Q?Ӌkj5c\-2$FF:'L$\pIHp~kw::ֈj7g(ߍEc:}!oI+#`VKKĿzևSNu!VeŸ7!&4*V80tqeM˰1)MX3 <ޔ{ л/?>ԉ aiʋI7Uj1RU\tY%ROX'5"[6*"2Ek | G?Amf#}Iuŧ#w '@V~irk]};YaU0 EkF `N/H%EҬh w nVd 3u4^]SH9F']gnuy Sj呡ĨOY[PK i!g{ aIʀ!S y tZ]nEkzֈƑ=jd~E'0Ld42YMAG/sA#We_AL8!|dVk&=6-},׫FR}y*lA`zG6@60CˬʨFs.]$  s)bLx,OD|L^Y=3k#!pW!ćZ٥̧[ë$W 5r?1OAJ>C+&:L%'Xu(VUm?ΙV؀̈ U> dB!ʣBM~(_/2Y]!!)ǦTW[/wڿtIkm9Q[nUlAe^Y4ꊝ)~ɝ:"̏SJ5er:G4#ڞ=0w_sx$ ƿu[xj\=clӕCb @'F;#x#TyGt>lAH&4q, Э xipAϟ :lʶ&2Gِ# LguKC`)s~!x *?Ƞ[đRcID`d ٷ؎lkz]#DL?OBĔM!k YAA30 ٠GAx0NtIʡ  φء'<,O c{/cgW(bgicFmsd2G0dҟ>n~l=y̱lp, fgT`7ۧV-a(I-g%H?Vo S!LA I/ޣm4E8!f|cJmχdfTv #?J뾖hhL WX]S a]*H _: @~,w-bH6'yHBvX*<!\YXDz7;1@ w}^+F$Z5wuXSVǙұGg'/:C9} :=,_ZY,w>zXSM U/=E3m㝂K3>pO{d͎>k"#u~}UkSlD~ @_|Z~,+cq#1.hje?} c=c%!!--ZG TeQP #1{( _iDQW75SK(ŷ]U \C`%:V`9B;$WR^]T`{ }JA`σ+ tq z6ޙ1Kpk?a3C'@ `0UW#*ȚNhZ۬U--HQG'{\ۣڷFPv޸ v``0= Jy|s3j'e_ X}B-ΘMKy' Q [N"~c%,9TwmؤZRdlZGFV.P| dJ%$m/__$KuUz]6=IDLznNS KoV]]}lNSm(P+Ue`K/ަú ϵSY`ab+1oKJэ So+?o0>58',_Fd+{`sv:;AsZ%O8 ړL^lipe=nZ7T|ŽI/Ec۽+)Xau`dQj#w Z25p 7:8s]O'D%s]:[_=e9 [R (1WRdu=f^"7=.5OeYH*Gy*, }SM[rޠ mzzq9Sa =7AXf9F&&%|jh J܏dْ`+J o亪ߜ6*OM4CǕQ܆!SuUO`'j!;ySےQqg,)2ؠO)\yo^m`pop`{it}GHX=])qf1$+͜)k.OѡVG6'?6t*fELo X`kBk*^?OM`S[\V&/ʁH< Q\ғYX5}^+s5t[^^57gzN<zMGĢԇ2]*sR/NXo(`՝~Ohm/hLqt#Ƅ,޳ou{]Ό ܶưk~[$UwbpN817ܥbtn4HGz6]L~"rS}x(~EĬwfYTՆM'"bqT#zDUA^Okd+60qaPU@^9J\ǷݪIFAtdiW$ؚuߙADtc ސl:#)'NQAz=VPJӮ 05/iEŇSfռ1AMG))XXNU۷eݾ.(Ɲ/IP܁dNsԞ*/UճiIT8ѹ21gjID^]*ߛ4c`v{4dR:$Y}C/3ÖJ{C _CJ LiDFj3mW< ů=L`  g W#BS׸?Ԝ ؈8Āc҆ w4ONh )3zQxcp$OVOYkLu EIZD<&ofH\ G>LcYCZ$=dі!^c1됷$ZDOm.kp ^;S]uFjw)IbDVͽ{4OkPWB9$clϜ+h4n9VzlvҮd{ R6ٷ?+:%3sv/=n6n&8,RS~c^=q]#Vs̀,vL!8},\E e}k&^v:]qߩ.RԞ೫-@Lm^ 73{O4@!?$k Nx͉jdD&qE*ŬCƆ(-V\{&E&RZ&hVYZhf!Gs?N Ӟoԍ"UȾ;F)JPHOR7rwӿXCMSHTt>-ӣ`_'.2 # |`T[&yA:qr@ԏn$Y `5C=~~T0HE_6&)h,kLQP n%f*y6>6Qdz}\ ?XߥFّJh,Ut܈^$m(5,`j'Q`ew]c MVe]dC f MtiN? "g m8ԕغy<9C;%4 72Ǣ k{|bFYәr(-ǰ$S|#hsg~fMG4maJm_\G>b+O%MJkL^c׶ILE~omOwz $ݴ{ާge>oߦKg ҝoEVbPL) 9ht#J*3wi[JR3540 Ru-60JIE;"\%ߦ o!g$1 ]%$1A܉|%*0ݼ؟A9 zcI=/@S!>VF5[9Z}e) [_+2XL+m @ZvUܰTкducB [z,TZpGS,q|$XBv,kA i甯AIr%?v'n#cW4~v2s,Ʒ%/ߒAMQ.Aκ|>qq%1hb4HZu}!Lu<\؂,^xd?A,!T7uȚJJѢDWoQ,x}4>+(Ə`Ep_q&r|J̡8 ԅO R+wQY="# JIƘcz39CY 9 1v1;ɅFSp<{XIpnE%x#Oaփ ӬjY$_:/ (Y)p; Z7fKTܺt&CTe+[ee%37QfcMfc-;mR &q5vj̕=ZP12kXCj;M;h8wfv+݇Lb:1|;ZTq;L#r%./ӥB]:|1hEB|yÕ06Iww`M3Q@sDB܉s/~"zZg20/b 25Zb/qw5a >ƶ(Lô3x+. QouV>OZ7䋉G8tZ ź)KLu.d yb禂bSe||4aI[- A^ZfEJ=U!vU-N+QzoG)dօ+TWtCMm@ s 2ױ)Mrh<馼TJQum"cz;vӇWyfkȍ~)ߵsM3E>7V7jcp'3/=qG[Fޮm?} Y>1%Kp{ 3*yru̾qxetc' <@bz睆}nh<-C\ۖ|zkNV3KZvf }{7 7. +~y&:Mv/xN|IH3х\&H%VE @ ='__(h{2zo (7ߙpтv: }en 2si7wko}@3MTSL}ppd8]_3 wL҆ hlx z?$9/ei((S.஢;ċl"A']ؠ$efeIW爡.ٞJabC܇st4GV<Ūj_KKvv#\8agчS ңxvsɍ2Ԧ֣DNDy&> n5P\+8vF\on/*H; [܉vv5Yf=PdwK׫JC*ލH5@t~ߪODﲎ8:f~WR0H&"߱LP-b/T-|,o~s;c}.BpLѻlڙe~kDŽ Zه@`g=W)!iﭐWwܚ` ǯlZIwhyu|soB)#,tiCo"4 Rq>LgZA}64~gYA(tN/g7ɝE:YwNJh!ĐuOx~sˁMa\Ckuற,uf@Mp|0\-ȡ),:c5FYB OJ;褆hq.l]c]A /1V:@& L7" xfT|˶Ш *uT}QbUEڨsgϮSzѺf.#Aΐ4@]V%.G3%I.c*04\V;=Fr` Os*Oi1Ǫa^HpvaHZQbɖ$#ʥKb- +ʙT;NJ޳/oştۋ8|>Ȼ1^=/w[fLӖtgYt^6y6`5]\xAO%^C~X}~]fx ?$6i ~+%oC;(Rá񘓢a6ێW1Y/?[I>Ҋ\']Eq/]|[@ Tdbח};ьz8v-s Q+lV6d.e '_J`.e"DY_JJ'9gaFiOFrR!-3^Rywسbu1eq[i\*ǹFn= b d>Q蛢S؂OÙq+PxK^iN,h7E;'ev4U $1{'b{r:/^)BRS!ـGLV&RZ|J72EܖIA4={rQPBRmLOJ]j~YMvN# yZD#)@+dD,{)`K~;hH\U{ RJMJC2pZ#uqnqqd!ahJ 3<:Cu Vn"]K|֕wbdk1oOrv3n8p%\q\!Vҷdn!W;Y"GԨ`;# $W4Ë .Fej}ˋ'(# VGB`jYrH2s h84Zrl nIA9ZœM5]ꇂH܏ r$4$>{[4Ce /7 ;g= "{Ęj bċUK/gWbdIvOEe1ݳ%@(f6=)T`-Y'W^S2씺QW@,OP+`fRf4YةA7c0}^ve4\\)[G.r{eG|VA5ˆ!: }CR8(7?PxhV/=$gcZ5,mB"rg­o=֒vsV_Q,mr~X eqv}o1=&,SZp:f_+ tW5fbGZT%vH:#o5Y! _hur$fRLH̄( nW>B;67)6XB^3(%"Q&=?(`Xm3 O6tm팾zɽ0^{TZ,zEq=W͋{* XHɯ[6-yy6PܷaoVAoG9!> ]wI?{zU(:> 0VCA^a ?aVGQe jhhrڡ_!Pzj#a]''TAR%;,3ˠ,QP8,cuZDjўFYci.YaGA=c}{1o1N=}A<9G.5(@aJȹjӚ-dzt/_6+ȶB]qg ]*3A*(yAZXqK1yz5<4W[ĀM{$fP$^ 21,-tFGtrH) ]ٮA^̺j><+͐eXlsߩB4$=dŞˎzaJ_)=^~(BE*=['f:5긁,g|f!O4*@#":ePEz;o07&Cr8 ү9)`-1[5V~a}/?e_r萧j!)'tןLtw}*z˛iաI߭ya#.ޭP$_L\>O4ţ<T#OJc2n sؗ@&c*7Y)(u>$wv#WJ+ou h:l>S;vi>47G.w$O&0N"65o\ӏ5{bn^Z=P .^fo&Tt%_0N"[*k>EXJ5H\ZAtK/%MEq@i%ҟrcxے[1j|V]A4OkrLY k!#!I?< y\?bN4:1{j{ڑ|ggI$07+&G}/lƇgP0+yY8v"V-6W@f6eq,!:qOET5 :ʆCXnQ`EZ{7{ &O9۟;Aqehƞq[ U ~*f}fiy1FpGpaBBpe>_Vm6¨4 ҅VYj )9ԜzVAZY p7 U`v;j[xHhtG*]Y %f3o f鑏ɠCq0/C(uWP=&DCPb *2] c:m$-F.[~-&R,jGʸ!}JcrtPџ罻"jSF$` {GygyEFzrk5r/@%G!w6J8XA+.@heHUHӰ `^諚Vj}3{8aDz`|,*wA +~Q.ooyJ`m(TFj3NNM,{.$s[Y4*PTo0YÝс%}z3ܝ~{J K`tqՃPTNS{_tU@v1\0fS nXg,7-kKT]O#5sQ_Qh\tWQBkj}{>{f22gж{yU_sahs)gU.MEk|)OSĴ [e. B!Ȍg1,+)G3EHfby TR.?Rz0Q`\wͻ:NKƘ=֗|yZ (}J` 0Qxk[4ZaC\ Ooh$0'i*zg_E?K9*D{tɭoI bZģYܠ7S-g"{xvHMLAd4TzXՃrރˡu}YS4fxG{P6d"}= ,%#Wi30Z[CX'[42dG`O-hW4Wey(=V_9;<-;2/DqѯMXzQdaA nWDGWϏg[pDQsB)cm0l{3Sme-*d[$fS\Ko*m06(Ϻv47@M}F͍~ p㒵~1yu/蘨E .\#9[V/ُ%+Nl#Ep֎>50[@ R<݉^M%fStXR4!L:)h$֤+ܢ1cv)OF}Z9 Uc^ZT#&Um7}2Ɗ ^#.xY3ނs}n|tHoGp;g# i+Gz),~ x[XgVM,cʂ]'D,7NMr 'YtܳBO6Yj7-f^0fxgpX-:>n:<yk]V3ݎƈpYۋ0tu%a0Kv[xBzC9ϻ׃j-<'*_WdR+8 ?5Ttl]Wtz]2CPy0ZdxP"o(~H[G5@Vj+muooQj"|8ǿ$_ݵ7Iۖwe0'z^VymA o}X5BvںK?5H_Ӑ l/ۈu٭f+OFdxMs AlP+uo5 *`{v),M-5XS-puoZ'5cF۷,{6.ߡ}u%bZwm~^ d+1wqq>i1ZҸ:cd`+uyGy5f$ZkWn!voyar^_q6$\ms pY(.\b+ƶ[] F0HEkl獛&)"rj2<5EA s:oX-m%Ax[:̌6#zZ^ ?+c0 \W kuV zRZc QԡAiRhtaY$3 9= ,az.jF259O>Q́VN|f ŕol]+P>MQ%DhZbNIv`C;cEϋG"ߤZ6|ۛF̒P1p2iК?Lu^iXL%Ci`|yL{PHa$Bb:6.ޢ4HeZ(8*CRrl(Zc@6 %׌C)WCF0UrË;IF

9+*#(`DxTJ :{BJjqÕE5>S깱 %'"{|Mrl[>c+~͇农T\7~Lhx T-FIXesKXլqbr[:AAA1{I~ L1/s8b.kSUѲAy gCΥymè y y?kZ@(LUSKg HZ"߯=ƌVls]<{;wrң?'(6:Kl XDuTvW\j1|5v9+cW_&{ĺaFTE]M]idTДa "uySľcڮІ?FEn_^}2 ڿ`(?dnS:AϚfƜUVaOMKh)Xh+o$CBbvrly% VLj Ԣǁ7"Ͳ| ~1]oׇ5/ &yRQ%FȲC1)48[2l,TSƿ1~>\~/RSt` V:#|| B쿲C D_=(QDMk ~}Mc079\q"n<4)~]Bwމ2ʂ2P`]X}*L?.kG7N7o\B )[9@Qm*MN#~ Mi9*}Eݹcv.k10󱲭?oCG rdF$ E!ဨ!Wϲs'&kWM0/Miu Jo.(ۼA(pR*†c+E<@bO}I-.@#7*\7%Ra΂G'[ r}Bt OiQuȩ'U9𕪢Q5γUʈ1cn"^~Ī]ˀ 8yGAqn3I0e6hH,X!T!y!!~WK|n!sk.7_~D*Ӟ_3;Mn*nH)UJa.CH̚%fvs$iU (|dZVJh|qpR@T{`nNbeҗ9ňN٪ "3&?暌e2*y-F >DVw*sAhuU|/zW]yPpK8`Fֆ3뺥L4ѶRqH1Sn1$|vW#>LP0w2ɖo7UɖV_]^ !!I5a!EB$toʰPx檻;xWn"J I@}*lYZ O,oځh(3ɵ1jct[x/kSg/x1fvKEZiXPچ[Ǒ&<GDˢSڽoxWta)lwf7:dXtMY?\Ղ/ӌ4e9NVB{,ZM=WBqnzsֵ+,8#IbT]XXą]E;10UV==Ϸʔ8i\.I~F&_8?J-~WA͝!Bho*>L2*ns"{IkUe|Z聯W|buVl-3I;,ߝ5M{Vm\IOxQƈ^ݛnd۹^3%1xzKiOQ\@e4^ }N)- r[+ ~kZnm\_ m7is xYKT;.\RǯpN4Spj*ZnM2#%1sT!,E3@)Ja2SPDA)? NZts$}{&pS"9R7-!*\LŢpRBky,%6q7N]Fv0tCM*=a;f_1Ēu fxrs{KְK.IL6AS[زad JIY殃^h/#o,=>WKhyKxr Uwz`~o}a6JtxHڲOK#J?^. 8c(ZXD68*J\aG[_;p͛):$M[~X-3uЎq$OA@6'bz9'{]g߲x2P!9 oU!K]JtWIfDRE',4IAy9Tz*UJ^ثIfee/$y]QIt+NYT~LU*>b&· SRQ?R ƣi$~]ŀcY]f&ʜnMa5. &81RA$׆lͶ\|Ί-h@lzvSS ߊH&qCC8L[uZ+ۓ3On B !$ [Mݍ*Bڔ 4;`j*M=߽Ij׌bD#~S`55ئƾ_W-:RD oh t;zFy -hܣKK[% FWl C#nةin8fBLQNd\Je+ƋLr[ieRHX})Rl8埰/S~8vtK*[9=6 %6yS "2-Kƹ\>`*$WQxEItMt_fhZēQZ[p<Քpivy@pCifUבfc-=kfMߚ oJKR‚|]]ozk4QdJ7!Z${&duMKZsAɜY@*C 4o1`gSGsy 0ƺUv2 q@Yհ%/x ) ;2K+˃柀:6po詄c/TJ7{Q^H `kv59ϺVǂYl30&;PK㘆\gKeG FgWaUs^ A[gN{c³lVGNxڹIŵ:#KszqP㩭F%Kۦܕa9CYsAYfȼ rˈ@ĸ,01, {n\V:bﭬ)i9K4Έ0M\k1*S=ظ#&^z=p_E#3D^zN6kXED"˺}h5 sܗ@63$5o4W\ZH(Xzn!m3;6QCA8Z`ڢl_2w,^c+BDGt5[&?FF{ֶ, Duo!噘J['9H尸<72>"I ׋\*9 8Ф)tu`n} )FHƯ9t_D位WHhI>oI _ȉ%m}cV$oFbՙ+x;7O8 [{!F@BRDC3OaNJ6)^z-2T R+(ÚWҪ&Ztg M0G؏^W%WOwiDͰÐv\v`}K1SteNjllک}툻:Y&Of\N;Arc&9NipH89U!V͉:7eiE '{%&G_گќ /N~d ^^7YW@37X2EPƊ*۸%(qp3\J Y -S;︣гJ@j_#!˽~}&9'*|)E6RqV 5吱5M ;8Խ=nV.64Y(h1?N(a 'gk:qta_>ס,e>|>9+ZŊ_QP+wlyh6Ys!yty~EH‰ݞ' K0+Mu} V)/s%kShh7}dr+oVB0|ۯv>TO7eha{2V)+0~d`3䤢QӣuotIj:ZO}C|5hCȞZTTuEqyYR'ozPyL*I/nzD8&[]VG| (40D> ߱m#Ԓ*/^HP;Stȏ^]9e}tx YZ