libselinux-python3-2.5-12.fc24$>~x_JpXY]os>:K?Kd ! J )X^d     $GjZ(89:dGG HG(IGDXGLYGT\Gl]G^GbHydI{eIfIlItIuIvIwK(xKDyK`KKClibselinux-python32.512.fc24SELinux python 3 bindings for libselinuxThe libselinux-python3 package contains python 3 bindings for developing SELinux applications.X4buildvm-20.phx2.fedoraproject.org LFedora ProjectFedora ProjectPublic DomainFedora ProjectDevelopment/Librarieshttps://github.com/SELinuxProject/selinux/wikilinuxi6864UUXA큤A큤X4X4X4X4X4X4X43ef82512e4a67936f7c379864fa547034570c1c746646293873ebcd6ee6bc30beadcc2351c54e3db3c0239e5ed502581fd46bd299081e9b21cf98a783e21be1e157160cd6afe7be6fef39a4b855c71b9bb0acc2db4a49d66e66a2abd5e416a2b157160cd6afe7be6fef39a4b855c71b9bb0acc2db4a49d66e66a2abd5e416a2b28d6f6a04c25443e1880d2ee82296b7824851b52650a005ea006acadcd232b5brootrootrootrootrootrootrootrootrootrootrootrootrootrootlibselinux-2.5-12.fc24.src.rpmlibselinux-python3libselinux-python3(x86-32)@@@@@@@@@@    @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libselinux(x86-32)libselinux.so.1python(abi)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.5-12.fc243.53.0.4-14.6.0-14.0-15.2-14.13.0-rc1WH@W9W@Wq@Wm Wk@W,@W'A@W#LW@VяVIVɦV=@VVii@V@V UU@U4@Ua@UQ@U8U6;UTS@S@SSShShSXS 4@S@R@RUR&RʚRkR%R@RMUM@M@M@M@MlMQ0@MGM5ML@L-@L@L*@LLq@LN@LF@L$@KKKrK@KKqK}+KTM@KA@K@JJJJG@JG@JG@JjJS8JS8JB@J@JMIܑI@IԨIbI̿I@IV@III@I@I2I@IcGIcGIcGIG@IG@IBR@I1.I!\I!\I-HHHe@He@He@He@H@HHH@Ht@HsVHgy@H^>H^>H-w@H!H @H@G@GG#GF@G@GGƢ@GƢ@G­G@GGD@G@G@G@G,@G,@G@GG@GZ@GZ@GeGeG|@G|@GO@GO@G<4G<4G0W@G'@FF@FIFFFFF&@FF@FvFFS@FF@FF]F@FtFFzh@Fw@Fm9@F` @F; @F-@F,F@F@FF*FF @F @FoE@EE@E4@EE?Eɿ@EEEEElEx@E&E=E=E@Ex@EvEnEYEK/@E>@E4EE EgEgEDfDDDDq@D@DB@DB@DB@DB@D{DDX@D4D4D4DD@D@D~D~D|3DvDu@Dr@Dr@DlaDk@DiD`@D_2D_2DX@DWID?D;@D'Dj@C@CCC-Cǖ@Cǖ@C[CCC8@C@CC @CCqC @CCCC@CBC@C@C|pC|pC{@CyCp@Cp@CoACkM@CiCf@C_oC_oC^@C^@CX@CWCS@COCFc@CFc@CECECBnCA@C;@C:C*C&@C&@C%mCC@CC C a@C a@C&B=BۙB@B@Br!Br!Br!Bn-@BgB] B] BZfBS@BQ,@BIC@BAZ@B9q@B9q@B06B-B$Y@B#BB@B@B LB LBBAA)@A@A@AA@A@A@AyAҜ@AJA@A`A`AA@AA@Ak@AAA@AvA@AAoA]FA]FAQi@AN@AI@AF@AF@AA@A>@A>@A7 @A7 @A5A4h@A3A3A/"@A-A+-A(A$@A!@A A A@A@@@q@7@@@@6@@@A@)@@@@@@@@@~y@@~y@@~y@@}'@s@@s@@s@@l@@ia@@b@b@b@O@@O@@Dw@@9@@,@@ @/@@???E@?E@?٭???q@??@?@?@?}d?z?a@?M?D@>S@Petr Lautrbach 2.5-12Petr Lautrbach 2.5-11Fedora Release Engineering - 2.5-10Petr Lautrbach - 2.5-9Petr Lautrbach - 2.5-8Petr Lautrbach - 2.5-7Petr Lautrbach - 2.5-6Petr Lautrbach - 2.5-5Petr Lautrbach - 2.5-4Petr Lautrbach - 2.5-3Petr Lautrbach 2.5-2Petr Lautrbach 2.5-1Petr Lautrbach 2.5-0.1.rc1Fedora Release Engineering - 2.4-8Vít Ondruch - 2.4-7Petr Lautrbach - 2.4-6Robert Kuska - 2.4-5Petr Lautrbach 2.4-4Petr Lautrbach 2.4-3Adam Jackson 2.4-2Petr Lautrbach 2.4-1.1Fedora Release Engineering - 2.3-11Petr Lautrbach 2.3-10Petr Lautrbach 2.3-9Petr Lautrbach 2.3-8Than Ngo - 2.3-7Vít Ondruch - 2.3-6Miroslav Grepl - 2.3-5Fedora Release Engineering - 2.3-4Fedora Release Engineering - 2.3-3Kalev Lember - 2.3-2Dan Walsh - 2.3-1Miroslav Grepl - 2.2.2-8Vít Ondruch - 2.2.2-7Dan Walsh - 2.2.2-6Dan Walsh - 2.2.2-5Dan Walsh - 2.2.2-4Dan Walsh - 2.2.2-3Dan Walsh - 2.2.2-2Dan Walsh - 2.2.2-1Adam Williamson - 2.2.1-6Dan Walsh - 2.2.1-5Dan Walsh - 2.2.1-4Dan Walsh - 2.2.1-3Dan Walsh - 2.2.1-2Dan Walsh - 2.2.1-1Dan Walsh - 2.2-1Dan Walsh - 2.1.13-21Dan Walsh - 2.1.13-20Dan Walsh - 2.1.13-19Dan Walsh - 2.1.13-17Fedora Release Engineering - 2.1.13-17Dan Walsh - 2.1.13-16Dan Walsh - 2.1.13-15Dan Walsh - 2.1.13-14Dan Walsh - 2.1.13-13Dan Walsh - 2.1.13-12Dan Walsh - 2.1.13-11Dan Walsh - 2.1.13-10Dan Walsh - 2.1.13-9Dan Walsh - 2.1.13-8Dan Walsh - 2.1.13-7Dan Walsh - 2.1.13-6Dan Walsh - 2.1.13-5Dan Walsh - 2.1.13-4Dan Walsh - 2.1.13-3Dan Walsh - 2.1.13-2Dan Walsh - 2.1.13-1Dan Walsh - 2.1.12-20Dan Walsh - 2.1.12-19Dan Walsh - 2.1.12-18Dan Walsh - 2.1.12-17Dan Walsh - 2.1.12-16Dan Walsh - 2.1.12-15Dan Walsh - 2.1.12-14Dan Walsh - 2.1.12-13Dan Walsh - 2.1.12-12Dan Walsh - 2.1.12-11Dan Walsh - 2.1.12-10Dan Walsh - 2.1.12-9Dan Walsh - 2.1.12-8Dan Walsh - 2.1.12-7Dan Walsh - 2.1.12-6Dan Walsh - 2.1.12-5Dan Walsh - 2.1.12-4Dan Walsh - 2.1.12-3Dan Walsh - 2.1.12-2Dan Walsh - 2.1.12-1David Malcolm - 2.1.11-6David Malcolm - 2.1.11-5Fedora Release Engineering - 2.1.11-4Dan Walsh - 2.1.11-3Dan Walsh - 2.1.11-2Dan Walsh - 2.1.11-1Dan Walsh - 2.1.10-5Dan Walsh - 2.1.10-4Dan Walsh - 2.1.10-3Dan Walsh - 2.1.10-2Dan Walsh - 2.1.10-1Dan Walsh - 2.1.9-9Dan Walsh - 2.1.9-8Dan Walsh - 2.1.9-7Kay Sievers - 2.1.9-6Dan Walsh - 2.1.9-5Harald Hoyer 2.1.9-4Dan Walsh - 2.1.9-3Dan Walsh - 2.1.9-2Dan Walsh - 2.1.9-1Dan Walsh - 2.1.8-5Dan Walsh - 2.1.8-4Dan Walsh - 2.1.8-2Dan Walsh - 2.1.8-1Dan Walsh - 2.1.7-2Dan Walsh - 2.1.7-1Dan Walsh - 2.1.6-4Dan Walsh - 2.1.6-3Dan Walsh - 2.1.6-2Dan Walsh - 2.1.6-1Dan Walsh - 2.1.5-5Ville Skyttä - 2.1.5-4Dan Walsh - 2.1.5-3Dan Walsh - 2.1.5-2Dan Walsh - 2.1.5-1Dan Walsh - 2.1.4-2Dan Walsh - 2.1.4-1Dan Walsh - 2.1.0-1Dan Walsh - 2.0.102-6Dan Walsh - 2.0.102-5Dan Walsh - 2.0.102-4Dan Walsh - 2.0.102-3Dan Walsh - 2.0.102-2Dan Walsh - 2.0.102-1Dan Walsh - 2.0.101-1Dan Walsh - 2.0.99-5Dan Walsh - 2.0.99-4Dan Walsh - 2.0.99-3Dan Walsh - 2.0.99-2Dan Walsh - 2.0.99-1Fedora Release Engineering Dan Walsh - 2.0.98-3Dan Walsh - 2.0.98-2Dan Walsh - 2.0.98-1Dan Walsh - 2.0.97-1Dan Walsh - 2.0.96-9Dan Walsh - 2.0.96-8jkeating - 2.0.96-7Adam Tkac - 2.0.96-6Dan Walsh - 2.0.96-5Dan Walsh - 2.0.96-4David Malcolm - 2.0.96-3Dan Walsh - 2.0.96-2Dan Walsh - 2.0.96-1Dan Walsh - 2.0.94-1Dan Walsh - 2.0.93-1Dan Walsh - 2.0.92-1Dan Walsh - 2.0.91-1Dan Walsh - 2.0.90-5Dan Walsh - 2.0.90-4Dan Walsh - 2.0.90-3Dan Walsh - 2.0.90-2Dan Walsh - 2.0.90-1Dan Walsh - 2.0.89-2Dan Walsh - 2.0.89-1Dan Walsh - 2.0.88-1Dan Walsh - 2.0.87-1Dan Walsh - 2.0.86-2Dan Walsh - 2.0.86-1Fedora Release Engineering - 2.0.85-2Dan Walsh - 2.0.85-1Dan Walsh - 2.0.84-1Dan Walsh - 2.0.82-2Dan Walsh - 2.0.82-1Dan Walsh - 2.0.81-1Dan Walsh - 2.0.80-1Dan Walsh - 2.0.79-6Dan Walsh - 2.0.79-5Dan Walsh - 2.0.79-4Dan Walsh - 2.0.79-3Dan Walsh - 2.0.79-1Dan Walsh - 2.0.78-5Dan Walsh - 2.0.78-4Dan Walsh - 2.0.78-3Dan Walsh - 2.0.78-2Dan Walsh - 2.0.78-1Fedora Release Engineering - 2.0.77-6Dan Walsh - 2.0.77-5Dan Walsh - 2.0.77-3Dan Walsh - 2.0.77-2Dan Walsh - 2.0.77-1Dan Walsh - 2.0.76-6Dan Walsh l - 2.0.76-5Dan Walsh - 2.0.76-4Ignacio Vazquez-Abrams - 2.0.76-2Dan Walsh - 2.0.76-1Dan Walsh - 2.0.75-2Dan Walsh - 2.0.75-1Dan Walsh - 2.0.73-1Dan Walsh - 2.0.71-6Dan Walsh - 2.0.71-5Dan Walsh - 2.0.71-4Dan Walsh - 2.0.71-3Dan Walsh - 2.0.71-2Dan Walsh - 2.0.71-1Dan Walsh - 2.0.70-1Dan Walsh - 2.0.69-2Dan Walsh - 2.0.69-1Dan Walsh - 2.0.67-4Dan Walsh - 2.0.67-3Dan Walsh - 2.0.67-2Dan Walsh - 2.0.67-1Dan Walsh - 2.0.65-1Dan Walsh - 2.0.64-3Dan Walsh - 2.0.64-2Dan Walsh - 2.0.64-1Dan Walsh - 2.0.61-4Dan Walsh - 2.0.61-3Dan Walsh - 2.0.61-2Dan Walsh - 2.0.61-1Dan Walsh - 2.0.60-1Dan Walsh - 2.0.59-2Dan Walsh - 2.0.59-1Dan Walsh - 2.0.58-1Dan Walsh - 2.0.57-2Dan Walsh - 2.0.57-1Dan Walsh - 2.0.56-1Dan Walsh - 2.0.55-1Dan Walsh - 2.0.53-1Dan Walsh - 2.0.52-1Dan Walsh - 2.0.50-1Dan Walsh - 2.0.49-2Dan Walsh - 2.0.49-1Dan Walsh - 2.0.48-1Dan Walsh - 2.0.47-4Adel Gadllah - 2.0.47-3Dan Walsh - 2.0.47-2Dan Walsh - 2.0.47-1Dan Walsh - 2.0.46-6Dan Walsh - 2.0.46-5Dan Walsh - 2.0.46-4Dan Walsh - 2.0.46-3Dan Walsh - 2.0.46-2Dan Walsh - 2.0.46-1Dan Walsh - 2.0.45-1Dan Walsh - 2.0.43-1Dan Walsh - 2.0.42-1Dan Walsh - 2.0.40-1Dan Walsh - 2.0.37-1Dan Walsh - 2.0.36-1Dan Walsh - 2.0.35-2Dan Walsh - 2.0.35-1Dan Walsh - 2.0.34-3Dan Walsh - 2.0.34-2Dan Walsh - 2.0.34-1Dan Walsh - 2.0.33-2Dan Walsh - 2.0.33-1Dan Walsh - 2.0.31-4Dan Walsh - 2.0.31-3Dan Walsh - 2.0.31-2Dan Walsh - 2.0.30-2Dan Walsh - 2.0.30-1Dan Walsh - 2.0.29-1Dan Walsh - 2.0.24-3Dan Walsh - 2.0.24-2Dan Walsh - 2.0.24-1Dan Walsh - 2.0.23-3Dan Walsh - 2.0.23-2Dan Walsh - 2.0.23-1Dan Walsh - 2.0.22-1Dan Walsh - 2.0.21-2Dan Walsh - 2.0.21-1Dan Walsh - 2.0.18-1Dan Walsh - 2.0.16-1Dan Walsh - 2.0.14-1Dan Walsh - 2.0.13-2Dan Walsh - 2.0.13-1Dan Walsh - 2.0.12-2Dan Walsh - 2.0.12-1Dan Walsh - 2.0.11-1Dan Walsh - 2.0.9-2Dan Walsh - 2.0.9-1Dan Walsh - 2.0.8-1Dan Walsh - 2.0.7-2Dan Walsh - 2.0.7-1Dan Walsh - 2.0.5-2Dan Walsh - 2.0.5-1Dan Walsh - 2.0.4-1Dan Walsh - 2.0.2-1Dan Walsh - 2.0.1-1Dan Walsh - 2.0.0-1Dan Walsh - 1.34.0-2Dan Walsh - 1.34.0-1Dan Walsh - 1.33.6-1Dan Walsh - 1.33.5-1Dan Walsh - 1.33.4-3Dan Walsh - 1.33.4-2Dan Walsh - 1.33.4-1Dan Walsh - 1.33.3-3Dan Walsh - 1.33.3-2Dan Walsh - 1.33.3-1Jeremy Katz - 1.33.2-4Dan Walsh - 1.33.2-3Dan Walsh - 1.33.2-2Dan Walsh - 1.33.2-1Dan Walsh - 1.33.1-2Dan Walsh - 1.33.1-1Dan Walsh - 1.32-1Jesse Keating - 1.30.29-2Dan Walsh - 1.30.29-1Jeremy Katz - 1.30.28-3Dan Walsh - 1.30.28-2Dan Walsh - 1.30.28-1Jeremy Katz - 1.30.27-2Dan Walsh - 1.30.27-1Jesse Keating - 1.20.26-2Dan Walsh - 1.30.25-1Dan Walsh - 1.30.24-1Dan Walsh - 1.30.22-2Dan Walsh - 1.30.22-1Dan Walsh - 1.30.20-1Jeremy Katz - 1.30.19-5Jeremy Katz - 1.30.19-4Dan Walsh 1.30.19-3Dan Walsh 1.30.19-2Dan Walsh 1.30.19-1Dan Walsh 1.30.15-5Dan Walsh 1.30.15-4Dan Walsh 1.30.15-3Dan Walsh 1.30.15-2Dan Walsh 1.30.15-1Dan Walsh 1.30.12-2Dan Walsh 1.30.12-1Dan Walsh 1.30.11-2Dan Walsh 1.30.11-1Dan Walsh 1.30.10-4Dan Walsh 1.30.10-3Dan Walsh 1.30.10-2Dan Walsh 1.30.10-1Dan Walsh 1.30.8-1Dan Walsh 1.30.7-2Dan Walsh 1.30.7-1Dan Walsh 1.30.6-2Dan Walsh 1.30.6-1Dan Walsh 1.30.5-1Dan Walsh 1.30.3-3Dan Walsh 1.30.3-2Dan Walsh 1.30.3-1Dan Walsh 1.30.1-2Dan Walsh 1.30.1-1Dan Walsh 1.30-1Jesse Keating - 1.29.7-1.2Jesse Keating - 1.29.7-1.1Dan Walsh 1.29.7-1Dan Walsh 1.29.6-1Dan Walsh 1.29.5-2Dan Walsh 1.29.5-1Dan Walsh 1.29.4-1Dan Walsh 1.29.3-2Dan Walsh 1.29.3-1Dan Walsh 1.29.2-4Dan Walsh 1.29.2-3Dan Walsh 1.29.2-2Dan Walsh 1.29.2-1Dan Walsh 1.29.1-3Jesse Keating Dan Walsh 1.29.1-1Dan Walsh 1.28-1Dan Walsh 1.27.28-2Dan Walsh 1.27.28-1Dan Walsh 1.27.26-1Dan Walsh 1.27.25-1Dan Walsh 1.27.23-1Dan Walsh 1.27.22-4Dan Walsh 1.27.22-3Dan Walsh 1.27.22-2Dan Walsh 1.27.22-1Dan Walsh 1.27.21-2Dan Walsh 1.27.21-1Dan Walsh 1.27.20-1Dan Walsh 1.27.19-1Dan Walsh 1.27.18-1Dan Walsh 1.27.17-4Dan Walsh 1.27.17-2Dan Walsh 1.27.17-1Dan Walsh 1.27.14-3Dan Walsh 1.27.14-2Dan Walsh 1.27.14-1Dan Walsh 1.27.13-2Dan Walsh 1.27.13-1Dan Walsh 1.27.12-1Dan Walsh 1.27.9-2Dan Walsh 1.27.9-1Dan Walsh 1.27.7-1Dan Walsh 1.27.6-1Dan Walsh 1.27.4-1Dan Walsh 1.27.3-1Dan Walsh 1.27.2-1Dan Walsh 1.27.1-3Dan Walsh 1.27.1-2Dan Walsh 1.26-6Dan Walsh 1.26-5Dan Walsh 1.26-3Dan Walsh 1.26-2Dan Walsh 1.25.7-1Dan Walsh 1.25.6-1Dan Walsh 1.25.5-1Dan Walsh 1.25.4-1Dan Walsh 1.25.3-2Dan Walsh 1.25.3-1Dan Walsh 1.25.2-2Dan Walsh 1.25.2-1Dan Walsh 1.24.2-1Dan Walsh 1.24.1-1Dan Walsh 1.23.11-1Dan Walsh 1.23.10-3Dan Walsh 1.23.10-2Dan Walsh 1.23.10-1Dan Walsh 1.23.8-1Dan Walsh 1.23.7-3Dan Walsh 1.23.7-2Dan Walsh 1.23.7-1Dan Walsh 1.23.6-1Dan Walsh 1.23.5-1Dan Walsh 1.23.4-1Dan Walsh 1.23.2-3Dan Walsh 1.23.2-2Dan Walsh 1.23.2-1Dan Walsh 1.23.1-1Dan Walsh 1.22-1Dan Walsh 1.21.13-1Dan Walsh 1.21.12-1Dan Walsh 1.21.11-2Dan Walsh 1.21.11-1Dan Walsh 1.21.10-3Dan Walsh 1.21.10-1Dan Walsh 1.21.9-2Dan Walsh 1.21.9-1Dan Walsh 1.21.8-1Dan Walsh 1.21.7-1Dan Walsh 1.21.5-1Dan Walsh 1.21.4-1Dan Walsh 1.21.2-1Dan Walsh 1.21.1-3Dan Walsh 1.21.1-2Dan Walsh 1.21.1-1Dan Walsh 1.20.1-3Dan Walsh 1.20.1-2Dan Walsh 1.20.1-1Dan Walsh 1.19.4-1Dan Walsh 1.19.3-3Dan Walsh 1.19.3-2Dan Walsh 1.19.3-1Dan Walsh 1.19.2-1Dan Walsh 1.19.1-6Dan Walsh 1.19.1-4Dan Walsh 1.19.1-2Dan Walsh 1.19.1-1Steve Grubb 1.18.1-5Dan Walsh 1.18.1-4Dan Walsh 1.18.1-3Steve Grubb 1.18.1-2Dan Walsh 1.18.1-1Steve Grubb 1.17.15-2Steve Grubb 1.17.15-2Dan Walsh 1.17.15-1Dan Walsh 1.17.14-1Dan Walsh 1.17.13-3Dan Walsh 1.17.13-2Dan Walsh 1.17.13-1Dan Walsh 1.17.12-2Dan Walsh 1.17.12-1Dan Walsh 1.17.11-1Dan Walsh 1.17.10-1Dan Walsh 1.17.9-2Dan Walsh 1.17.9-1Dan Walsh 1.17.8-2Dan Walsh 1.17.8-1Dan Walsh 1.17.7-1Dan Walsh 1.17.6-1Dan Walsh 1.17.5-1Dan Walsh 1.17.4-1Dan Walsh 1.17.3-1Dan Walsh 1.17.2-1Dan Walsh 1.17.1-1Dan Walsh 1.16.1-1Colin Walters 1.16-1Dan Walsh 1.15.7-1Dan Walsh 1.15.6-1Dan Walsh 1.15.5-1Dan Walsh 1.15.4-1Dan Walsh 1.15.3-2Dan Walsh 1.15.3-1Dan Walsh 1.15.2-1Dan Walsh 1.15.1-3Dan Walsh 1.15.1-2Dan Walsh 1.15.1-1Dan Walsh 1.14.1-1Dan Walsh 1.13.4-1Elliot Lee Dan Walsh 1.13.3-2Dan Walsh 1.13.2-1Dan Walsh 1.13.1-1Dan Walsh 1.12-2Dan Walsh 1.12-1Dan Walsh 1.11.4-1Dan Walsh 1.11.3-1Dan Walsh 1.11.2-1Dan Walsh 1.11-4Dan Walsh 1.11-3Dan Walsh 1.11-2Dan Walsh 1.11-1Dan Walsh 1.10-2Dan Walsh 1.10-1Dan Walsh 1.9-1Dan Walsh 1.8-1Dan Walsh 1.6-6Dan Walsh 1.6-5Dan Walsh 1.6-4Dan Walsh 1.6-3Dan Walsh 1.6-2Elliot Lee Dan Walsh 1.4-11Elliot Lee Dan Walsh 1.4-9Dan Walsh 1.4-8Dan Walsh 1.4-7Dan Walsh 1.4-6Dan Walsh 1.4-5Dan Walsh 1.4-4Dan Walsh 1.4-3Dan Walsh 1.4-2Dan Walsh 1.4-1Dan Walsh 1.3-2Dan Walsh 1.3-1Dan Walsh 1.2-9Dan Walsh 1.2-8Dan Walsh 1.2-7Dan Walsh 1.2-6Dan Walsh 1.2-5Dan Walsh 1.2-4Dan Walsh 1.2-3Dan Walsh 1.2-2Dan Walsh 1.2-1Dan Walsh 1.0-1- Fix -Wsign-compare warnings - Drop unused stdio_ext.h header file - Kill logging check for selinux_enabled() - Drop usage of _D_ALLOC_NAMLEN - Add openrc_contexts functions - Fix redefinition of XATTR_NAME_SELINUX - Correct error path to always try text - Clean up process_file() - Handle NULL pcre study data - Fix in tree compilation of utils that depend on libsepol- Rebuilt with libsepol-2.5-9- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- Clarify is_selinux_mls_enabled() description - Explain how to free policy type from selinux_getpolicytype() - Compare absolute pathname in matchpathcon -V - Add selinux_snapperd_contexts_path()- Move _selinux.so to /usr/lib64/python*/site-packages- Modify audit2why analyze function to use loaded policy - Sort object files for deterministic linking order - Respect CC and PKG_CONFIG environment variable - Avoid mounting /proc outside of selinux_init_load_policy()- Fix multiple spelling errors- Rebuilt with libsepol-2.5-5- Fix typo in sefcontext_compile.8- Fix location of selinuxfs mount point - Only mount /proc if necessary - procattr: return einval for <= 0 pid args - procattr: return error on invalid pid_t input- Use fully versioned arch-specific requires- Update to upstream release 2016-02-23- Update to upstream rc1 release 2016-01-07- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.3- Build libselinux without rpm_execcon() (#1284019)- Rebuilt for Python3.5 rebuild- Flush the class/perm string mapping cache on policy reload (#1264051) - Fix restorecon when path has no context- Simplify procattr cache (#1257157,#1232371)- Export ldflags into the build so hardening works- Update to 2.4 release- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- is_selinux_enabled: Add /etc/selinux/config test (#1219045) - matchpathcon/selabel_file: Fix man pages (#1219718)- revert support for policy compressed with xv (#1185266)- selinux.py - use os.walk() instead of os.path.walk() (#1195004) - is_selinux_enabled(): drop no-policy-loaded test (#1195074) - fix -Wformat errors and remove deprecated mudflap option- bump release and rebuild so that koji-shadow can rebuild it against new gcc on secondary arch- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.2- Compiled file context files and the original should have the same permissions from dwalsh@redhat.com - Add selinux_openssh_contexts_path() to get a path to /contexts/openssh_contexts- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4- Update to upstream * Get rid of security_context_t and fix const declarations. * Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.- Add selinux_openssh_contexts_path()- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.1- Fix spelling mistake in man page- More go bindings - restorecon, getpidcon, setexeccon- Add additional go bindings for get*con calls - Add go bindings test command - Modify man pages of set*con calls to mention that they are thread specific- Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go - Add Int_to_mcs function to generate MCS labels from integers.- Add ghost flag for /var/run/setrans- Update to upstream * Fix userspace AVC handling of per-domain permissive mode. - Verify context is not null when passed into *setfilecon_raw- revert unexplained change to rhat.patch which broke SELinux disablement- Verify context is not null when passed into lsetfilecon_raw- Mv selinux.go to /usr/share/gocode/src/selinux- Add golang support to selinux.- Remove togglesebool man page- Update to upstream * Remove -lpthread from pkg-config file; it is not required. - Add support for policy compressed with xv- Update to upstream * Fix avc_has_perm() returns -1 even when SELinux is in permissive mode. * Support overriding Makefile RANLIB from Sven Vermeulen. * Update pkgconfig definition from Sven Vermeulen. * Mount sysfs before trying to mount selinuxfs from Sven Vermeulen. * Fix man pages from Laurent Bigonville. * Support overriding PATH and LIBBASE in Makefiles from Laurent Bigonville. * Fix LDFLAGS usage from Laurent Bigonville * Avoid shadowing stat in load_mmap from Joe MacDonald. * Support building on older PCRE libraries from Joe MacDonald. * Fix handling of temporary file in sefcontext_compile from Dan Walsh. * Fix procattr cache from Dan Walsh. * Define python constants for getenforce result from Dan Walsh. * Fix label substitution handling of / from Dan Walsh. * Add selinux_current_policy_path from Dan Walsh. * Change get_context_list to only return good matches from Dan Walsh. * Support udev-197 and higher from Sven Vermeulen and Dan Walsh. * Add support for local substitutions from Dan Walsh. * Change setfilecon to not return ENOSUP if context is already correct from Dan Walsh. * Python wrapper leak fixes from Dan Walsh. * Export SELINUX_TRANS_DIR definition in selinux.h from Dan Walsh. * Add selinux_systemd_contexts_path from Dan Walsh. * Add selinux_set_policy_root from Dan Walsh. * Add man page for sefcontext_compile from Dan Walsh.- Add systemd_contexts support - Do substitutions on a local sub followed by a dist sub- Eliminate requirement on pthread library, by applying patch for Jakub Jelinek Resolves #1013801- Fix handling of libselinux getconlist with only one entry- Add Python constants for SELinux enforcing modes- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Add sefcontext_compile.8 man page - Add Russell Coker patch to fix man pages - Add patches from Laurent Bigonville to fix Makefiles for debian. - modify spec file to use /usr/lib- Fix patch that Handles substitutions for /- Handle substitutions for / - semanage fcontext -a -e / /opt/rh/devtoolset-2/root- Add Eric Paris patch to fix procattr calls after a fork.- Move secolor.conf.5 into mcstrans package and out of libselinux- Fix python bindings for selinux_check_access- Fix reseting the policy root in matchpathcon- Cleanup setfcontext_compile atomic patch - Add matchpathcon -P /etc/selinux/mls support by allowing users to set alternate root - Make sure we set exit codes from selinux_label calls to ENOENT or SUCCESS- Make setfcontext_compile atomic- Fix memory leak in set*con calls.- Move matchpathcon to -utils package - Remove togglesebool- Fix selinux man page to reflect what current selinux policy is.- Add new constant SETRANS_DIR which points to the directory where mstransd can find the socket and libvirt can write its translations files.- Bring back selinux_current_policy_path- Revert some changes which are causing the wrong policy version file to be created- Update to upstream * audit2why: make sure path is nul terminated * utils: new file context regex compiler * label_file: use precompiled filecontext when possible * do not leak mmapfd * sefcontontext_compile: Add error handling to help debug problems in libsemanage. * man: make selinux.8 mention service man pages * audit2why: Fix segfault if finish() called twice * audit2why: do not leak on multiple init() calls * mode_to_security_class: interface to translate a mode_t in to a security class * audit2why: Cleanup audit2why analysys function * man: Fix program synopsis and function prototypes in man pages * man: Fix man pages formatting * man: Fix typo in man page * man: Add references and man page links to _raw function variants * Use ENOTSUP instead of EOPNOTSUPP for getfilecon functions * man: context_new(3): fix the return value description * selinux_status_open: handle error from sysconf * selinux_status_open: do not leak statusfd on exec * Fix errors found by coverity * Change boooleans.subs to booleans.subs_dist. * optimize set*con functions * pkg-config do not specifc ruby version * unmap file contexts on selabel_close() * do not leak file contexts with mmap'd backend * sefcontext_compile: do not leak fd on error * matchmediacon: do not leak fd * src/label_android_property: do not leak fd on error- Update to latest patches from eparis/Upstream- Update to latest patches from eparis/Upstream- Try procatt speedup patch again- Roll back procattr speedups since it seems to be screwing up systemd labeling.- Fix tid handling for setfscreatecon, old patch still broken in libvirt- Fix tid handling for setfscreatecon, old patch still broken in libvirt- setfscreatecon after fork was broken by the Set*con patch. - We needed to reset the thread variables after a fork.- Fix setfscreatecon call to handle failure mode, which was breaking udev- Ondrej Oprala patch to optimize set*con functions - Set*con now caches the security context and only re-sets it if it changes.- Rebuild against latest libsepol- Update to latest patches from eparis/Upstream - Fix errors found by coverity - set the sepol_compute_av_reason_buffer flag to 0. This means calculate denials only? - audit2why: remove a useless policy vers variable - audit2why: use the new constraint information- Rebuild with latest libsepol- Return EPERM if login program can not reach default label for user - Attempt to return container info from audit2why- Apply patch from eparis to fix leaked file descriptor in new labeling code- Add new function mode_to_security_class which takes mode instead of a string. - Possibly will be used with coreutils.- Add back selinuxconlist and selinuxdefcon man pages- Fix segfault from calling audit2why.finish() multiple times- Fix up selinux man page to reference service man pages- Rebuild with fixed libsepol- Update to upstream * Add support for lxc_contexts_path * utils: add service to getdefaultcon * libsemanage: do not set soname needlessly * libsemanage: remove PYTHONLIBDIR and ruby equivalent * boolean name equivalency * getsebool: support boolean name substitution * Add man page for new selinux_boolean_sub function. * expose selinux_boolean_sub * matchpathcon: add -m option to force file type check * utils: avcstat: clear sa_mask set * seusers: Check for strchr failure * booleans: initialize pointer to silence coveriety * stop messages when SELinux disabled * label_file: use PCRE instead of glibc regex functions * label_file: remove all typedefs * label_file: move definitions to include file * label_file: do string to mode_t conversion in a helper function * label_file: move error reporting back into caller * label_file: move stem/spec handling to header * label_file: drop useless ncomp field from label_file data * label_file: move spec_hasMetaChars to header * label_file: fix potential read past buffer in spec_hasMetaChars * label_file: move regex sorting to the header * label_file: add accessors for the pcre extra data * label_file: only run regex files one time * label_file: new process_file function * label_file: break up find_stem_from_spec * label_file: struct reorg * label_file: only run array once when sorting * Ensure that we only close the selinux netlink socket once. * improve the file_contexts.5 manual page- rebuild for https://fedoraproject.org/wiki/Features/Python_3.3- make with_python3 be conditional on fedora- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d- Revert Eric Paris Patch for selinux_binary_policy_path- Update to upstream * Fortify source now requires all code to be compiled with -O flag * asprintf return code must be checked * avc_netlink_recieve handle EINTR * audit2why: silence -Wmissing-prototypes warning * libsemanage: remove build warning when build swig c files * matchpathcon: bad handling of symlinks in / * seusers: remove unused lineno * seusers: getseuser: gracefully handle NULL service * New Android property labeling backend * label_android_property whitespace cleanups * additional makefile support for rubywrap- Fix booleans.subs name, change function name to selinux_boolean_sub, add man page, minor fixes to the function- Fix to compile with Fortify source * Add -O compiler flag * Check return code from asprintf - Fix handling of symbolic links in / by realpath_not_final- Add support for lxc contexts file- Add support fot boolean subs file- Update to upstream * Fix dead links to www.nsa.gov/selinux * Remove jump over variable declaration * Fix old style function definitions * Fix const-correctness * Remove unused flush_class_cache method * Add prototype decl for destructor * Add more printf format annotations * Add printf format attribute annotation to die() method * Fix const-ness of parameters & make usage() methods static * Enable many more gcc warnings for libselinux/src/ builds * utils: Enable many more gcc warnings for libselinux/utils builds * Change annotation on include/selinux/avc.h to avoid upsetting SWIG * Ensure there is a prototype for 'matchpathcon_lib_destructor' * Update Makefiles to handle /usrmove * utils: Stop separating out matchpathcon as something special * pkg-config to figure out where ruby include files are located * build with either ruby 1.9 or ruby 1.8 * assert if avc_init() not called * take security_deny_unknown into account * security_compute_create_name(3) * Do not link against python library, this is considered * bad practice in debian * Hide unnecessarily-exported library destructors- Add selinux_current_policy_path to return /sys/fs/selinux/policy if it exists - Otherwise search for policy on disk- Change selinux_binary_policy_path to return /sys/fs/selinux/policy - Add selinux_installed_policy_path to return what selinux_binary_policy_path used to return - avc_has_perm will now return yes if the machine is in permissive mode - Make work with ruby-1.9- avc_netlink_recieve should continue to poll if it receinves an EINTR rather- use /sbin/ldconfig, glibc does not provide /usr/sbin/ldconfig in the RPM database for now- Rebuild with cleaned up upstream to work in /usr- install everything in /usr https://fedoraproject.org/wiki/Features/UsrMove- Add Dan Berrange code cleanup patches.- Fix selabal_open man page to refer to proper selinux_opt structure-Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page- Add patch from Richard Haines When selabel_lookup found an invalid context with validation enabled, it always stated it was 'file_contexts' whether media, x, db or file. The fix is to store the spec file name in the selabel_lookup_rec on selabel_open and use this as output for logs. Also a minor fix if key is NULL to stop seg faults. - Fix setenforce manage page.- Rebuild with new libsepol- Fix setenforce man page, from Miroslav Grepl- Upgrade to upstream * selinuxswig_python.i: don't make syscall if it won't change anything * Remove assert in security_get_boolean_names(3) * Mapped compute functions now obey deny_unknown flag * get_default_type now sets EINVAL if no entry. * return EINVAL if invalid role selected * Updated selabel_file(5) man page * Updated selabel_db(5) man page * Updated selabel_media(5) man page * Updated selabel_x(5) man page * Add man/man5 man pages * Add man/man5 man pages * Add man/man5 man pages * use -W and -Werror in utils- Change python binding for restorecon to check if the context matches. - If it does do not reset- Upgrade to upstream * Makefiles: syntax, convert all ${VAR} to $(VAR) * load_policy: handle selinux=0 and /sys/fs/selinux not exist * regenerate .pc on VERSION change * label: cosmetic cleanups * simple interface for access checks * Don't reinitialize avc_init if it has been called previously * seusers: fix to handle large sets of groups * audit2why: close fd on enomem * rename and export symlink_realpath * label_file: style changes to make Eric happy.- Apply libselinux patch to handle large groups in seusers.- Add selinux_check_access function. Needed for passwd, chfn, chsh- Handle situation where selinux=0 passed to the kernel and both /selinux and-Update to upstream * utils: matchpathcon: remove duplicate declaration * src: matchpathcon: use myprintf not fprintf * src: matchpathcon: make sure resolved path starts * put libselinux.so.1 in /lib not /usr/lib * tree: default make target to all not- Switch to use ":" as prefix separator rather then ";"- Avoid unnecessary shell invocation in %post.- Fix handling of subset labeling that is causing segfault in restorecon- Change matchpathcon_init_prefix and selabel_open to allow multiple initial prefixes. Now you can specify a ";" separated list of prefixes and the labeling system will only load regular expressions that match these prefixes.- Change matchpatcon to use proper myprintf - Fix symlink_realpath to always include "/" - Update to upstream * selinux_file_context_verify function returns wrong value. * move realpath helper to matchpathcon library * python wrapper makefile changes- Move to new Makefile that can build with or without PYTHON being set-Update to upstream 2.1.4 2011-0817 * mapping fix for invalid class/perms after selinux_set_mapping * audit2why: work around python bug not defining * resolv symlinks and dot directories before matching 2.1.2 2011-0803 * audit2allow: do not print statistics * make python bindings for restorecon work on relative path * fix python audit2why binding error * support new python3 functions * do not check fcontext duplicates on use * Patch for python3 for libselinux 2.1.1 2011-08-02 * move .gitignore into utils * new setexecon utility * selabel_open fix processing of substitution files * mountpoint changing patch. * simplify SRCS in Makefile 2.1.1 2011-08-01 * Remove generated files, introduce more .gitignore-Update to upstream * Release, minor version bump * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Only call dups check within selabel/matchpathcon if you are validating the context - This seems to speed the loading of labels by 4 times.- Move /selinux to /sys/fs/selinux - Add selinuxexeccon - Add realpath to matchpathcon to handle matchpathcon * type queries.- Update for latest libsepol- Update for latest libsepol- Fix restorecon python binding to accept relative paths-Update to upstream * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Clean up patch to make handling of constructor cleanup more portable * db_language object class support for selabel_lookup from KaiGai Kohei. * Library destructors for thread local storage keys from Eamon Walsh.- Add distribution subs pathAdd patch from dbhole@redhat.com to initialize thread keys to -1 Errors were being seen in libpthread/libdl that were related to corrupt thread specific keys. Global destructors that are called on dl unload. During destruction delete a thread specific key without checking if it has been initialized. Since the constructor is not called each time (i.e. key is not initialized with pthread_key_create each time), and the default is 0, there is a possibility that key 0 for an active thread gets deleted. This is exactly what is happening in case of OpenJDK. Workaround patch that initializes the key to -1. Thus if the constructor is not called, the destructor tries to delete key -1 which is deemed invalid by pthread_key_delete, and is ignored.- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data- Change mount source options to use "proc" and "selinuxfs"- Update to upstream * Turn off default user handling when computing user contexts by Dan Walsh- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fixup selinux man page- Fix Makefile to use pkg-config --cflags python3 to discover include paths- Update to upstream - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Update to upstream * Thread local storage fixes from Eamon Walsh.- Add /etc/tmpfiles.d support for /var/run/setrans- Ghost /var/run/setrans- Rebuilt for gcc bug 634757- rebuild via updated swig (#624674)- Update for python 3.2a1- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- Turn off messages in audit2why- Update to upstream * Add const qualifiers to public API where appropriate by KaiGai Kohei. 2.0.95 2010-06-10 * Remove duplicate slashes in paths in selabel_lookup from Chad Sellers * Adds a chcon method to the libselinux python bindings from Steve Lawrence - add python3 subpackage from David Malcolm* Set errno=EINVAL for invalid contexts from Dan Walsh.- Update to upstream * Show strerror for security_getenforce() by Colin Waters. * Merged selabel database support by KaiGai Kohei. * Modify netlink socket blocking code by KaiGai Kohei.- Update to upstream * Fix from Eric Paris to fix leak on non-selinux systems. * regenerate swig wrappers * pkgconfig fix to respect LIBDIR from Dan Walsh.- Update to upstream * Change the AVC to only audit the permissions specified by the policy, excluding any permissions specified via dontaudit or not specified via auditallow. * Fix compilation of label_file.c with latest glibc headers.- Fix potential doublefree on init- Fix libselinux.pc- Fix man page for selinuxdefcon- Free memory on disabled selinux boxes- Update to upstream * add/reformat man pages by Guido Trentalancia . * Change exception.sh to be called with bash by Manoj Srivastava - Fix selinuxdefcon man page- Update to upstream * Add pkgconfig file from Eamon Walsh.- Update to upstream * Rename and export selinux_reset_config()- Update to upstream * Add exception handling in libselinux from Dan Walsh. This uses a shell script called exception.sh to generate a swig interface file. * make swigify * Make matchpathcon print <> if path not found in fcontext file.- Eliminate -pthread switch in Makefile- Update to upstream * Removal of reference counting on userspace AVC SID's.- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Update to upstream * Reverted Tomas Mraz's fix for freeing thread local storage to avoid pthread dependency. * Removed fini_context_translations() altogether. * Merged lazy init patch from Stephen Smalley based on original patch by Steve Grubb.- Update to upstream * Add per-service seuser support from Dan Walsh. * Let load_policy gracefully handle selinuxfs being mounted from Stephen Smalley. * Check /proc/filesystems before /proc/mounts for selinuxfs from Eric Paris.- Add provices ruby(selinux)- Update to upstream * Fix improper use of thread local storage from Tomas Mraz . * Label substitution support from Dan Walsh. * Support for labeling virtual machine images from Dan Walsh.- Update to upstream * Trim / from the end of input paths to matchpathcon from Dan Walsh. * Fix leak in process_line in label_file.c from Hiroshi Shinji. * Move matchpathcon to /sbin, add matchpathcon to clean target from Dan Walsh. * getdefaultcon to print just the correct match and add verbose option from Dan Walsh.- Update to upstream * deny_unknown wrapper function from KaiGai Kohei. * security_compute_av_flags API from KaiGai Kohei. * Netlink socket management and callbacks from KaiGai Kohei.- Fix Memory Leak- Fix crash in python- Add back in additional interfaces- Add back in av_decision to python swig- Update to upstream * Netlink socket handoff patch from Adam Jackson. * AVC caching of compute_create results by Eric Paris.- Add patch from ajax to accellerate X SELinux - Update eparis patch- Add eparis patch to accellerate Xwindows performance- Fix URL- Add substitute pattern - matchpathcon output <> on ENOENT- Update to upstream * Fix incorrect conversion in discover_class code.- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- Add - selinux_virtual_domain_context_path - selinux_virtual_image_context_path- Throw exeptions in python swig bindings on failures- Fix restorecon python code- Update to upstream- Strip trailing / for matchpathcon- Fix segfault if seusers file does not work- Add new function getseuser which will take username and service and return - seuser and level. ipa will populate file in future. - Change selinuxdefcon to return just the context by default- Rebuild for Python 2.6- Update to Upstream * Allow shell-style wildcards in x_contexts file.- Eamon Walsh Patch - libselinux: allow shell-style wildcarding in X names - Add Restorecon/Install python functions from Luke Macken- Update to Upstream * Correct message types in AVC log messages. * Make matchpathcon -V pass mode from Dan Walsh. * Add man page for selinux_file_context_cmp from Dan Walsh.- Update to Upstream * New man pages from Dan Walsh. * Update flask headers from refpolicy trunk from Dan Walsh.- Fix matchpathcon -V call- Add flask definitions for open, X and nlmsg_tty_audit- Add missing get/setkeycreatecon man pages- Split out utilities- Add missing man page links for [lf]getfilecon- Update to Upstream * Add group support to seusers using %groupname syntax from Dan Walsh. * Mark setrans socket close-on-exec from Stephen Smalley. * Only apply nodups checking to base file contexts from Stephen Smalley.- Update to Upstream * Merge ruby bindings from Dan Walsh. - Add support for Linux groups to getseuserbyname- Allow group handling in getseuser call- Update to Upstream * Handle duplicate file context regexes as a fatal error from Stephen Smalley. This prevents adding them via semanage. * Fix audit2why shadowed variables from Stephen Smalley. * Note that freecon NULL is legal in man page from Karel Zak.- Add ruby support for puppet- Rebuild for new libsepol- Add Karel Zak patch for freecon man page- Update to Upstream * New and revised AVC, label, and mapping man pages from Eamon Walsh. * Add swig python bindings for avc interfaces from Dan Walsh.- Update to Upstream * Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call matchpathcon_init_prefix if not already initialized. * Add -q qualifier for -V option of matchpathcon and change it to indicate whether verification succeeded or failed via exit status.- libselinux no longer neets to telnet -u in post install- Add sedefaultcon and setconlist commands to dump login context- Update to Upstream * Fixed selinux_set_callback man page. * Try loading the max of the kernel-supported version and the libsepol-supported version when no manipulation of the binary policy is needed from Stephen Smalley. * Fix memory leaks in matchpathcon from Eamon Walsh.- Add Xavior Toth patch for security_id_t in swig- Add avc.h to swig code- Grab the latest policy for the kernel- Update to Upstream * Man page typo fix from Jim Meyering.- Update to Upstream * Changed selinux_init_load_policy() to not warn about a failed mount of selinuxfs if selinux was disabled in the kernel.- Fix matchpathcon memory leak- Update to Upstream * Merged new X label "poly_selection" namespace from Eamon Walsh.- Update to Upstream * Merged reset_selinux_config() for load policy from Dan Walsh.- Reload library on loading of policy to handle chroot- Update to Upstream * Merged avc_has_perm() errno fix from Eamon Walsh.- Update to Upstream * Regenerated Flask headers from refpolicy flask definitions.- Update to Upstream * Merged compute_member AVC function and manpages from Eamon Walsh. * Provide more error reporting on load policy failures from Stephen Smalley.- Update to Upstream * Merged new X label "poly_prop" namespace from Eamon Walsh.- Update to Upstream * Disable setlocaldefs if no local boolean or users files are present from Stephen Smalley. * Skip userspace preservebools processing for Linux >= 2.6.22 from Stephen Smalley.- Update to Upstream * Merged fix for audit2why from Dan Walsh.- Fix audit2why to grab latest policy versus the one selected by the kernel* Merged audit2why python binding from Dan Walsh.* Merged updated swig bindings from Dan Walsh, including typemap for pid_t.- Update to use libsepol-static library- Move libselinux.a to -static package - Spec cleanups- Put back libselinux.a- Fix memory references in audit2why and change to use tuples - Update to Upstream * Fix for the avc: granted null message bug from Stephen Smalley.- Fix __init__.py specification- Add audit2why python bindings- Add pid_t typemap for swig bindings- smp_mflag- Fix spec file caused by spec review- Upgrade to upstream * matchpathcon(8) man page update from Dan Walsh.- Upgrade to upstream * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley. * Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley. * A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.- Upgrade to upstream * Regenerated Flask headers from policy.- Upgrade to upstream * AVC enforcing mode override patch from Eamon Walsh. * Aligned attributes in AVC netlink code from Eamon Walsh. - Move libselinux.so back into devel package, procps has been fixed- Upgrade to upstream * Merged refactored AVC netlink code from Eamon Walsh. * Merged new X label namespaces from Eamon Walsh. * Bux fix and minor refactoring in string representation code.- Upgrade to upstream * Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.- Upgrade to upstream * Fix segfault resulting from missing file_contexts file.- Fix segfault on missing file_context file- Upgrade to upstream * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh. * Pass CFLAGS when using gcc for linking from Dennis Gilmore.- Add sparc patch to from Dennis Gilmore to build on Sparc platform- Remove leaked file descriptor- Upgrade to latest from NSA * Fix selabel option flag setting for 64-bit from Stephen Smalley.- Change matchpatcon to use syslog instead of syserror- Upgrade to latest from NSA * Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley. * Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley. * Fix swig binding for rpm_execcon from James Athey.- Apply James Athway patch to fix rpm_execcon python binding- Move libselinux.so back into main package, breaks procps- Upgrade to upstream * Fix file_contexts.homedirs path from Todd Miller.- Remove requirement on setransd, Moved to selinux-policy-mls- Move libselinux.so into devel package - Upgrade to upstream * Fix segfault resulting from uninitialized print-callback pointer. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh.- Upgrade to upstream * Updated version for stable branch. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh. * Updated av_permissions.h and flask.h to include new nscd permissions from Dan Walsh. * Added swigify to top-level Makefile from Dan Walsh. * Fix for string_to_security_class segfault on x86_64 from Stephen Smalley.- Apply Steven Smalley patch to fix segfault in string_to_security_class- Fix matchpathcon to set default myprintf- Upgrade to upstream * Fix for getfilecon() for zero-length contexts from Stephen Smalley.- Update to match flask/access_vectors in policy- Fix man page markup lanquage for translations- Fix semanage segfault on x86 platform- Upgrade to upstream * Labeling and callback interface patches from Eamon Walsh.- Refactored swig- Upgrade to upstream * Class and permission mapping support patches from Eamon Walsh. * Object class discovery support patches from Chris PeBenito. * Refactoring and errno support in string representation code.- Upgrade to upstream - Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura. This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case. 2.0.17 2007-05-31 * Updated Lindent script and reindented two header files.- Upgrade to upstream * Merged additional swig python bindings from Dan Walsh. * Merged helpful message when selinuxfs mount fails patch from Dax Kelson.- Upgrade to upstream * Merged build fix for avc_internal.c from Joshua Brindle.- Add get_context_list funcitions to swig file- Upgrade to upstream * Merged rpm_execcon python binding fix, matchpathcon man page fix, and getsebool -a handling for EACCES from Dan Walsh.- Add missing interface- Upgrade to upstream * Merged support for getting initial contexts from James Carter.- Upgrade to upstream * Merged userspace AVC patch to follow kernel's behavior for permissive mode in caching previous denials from Eamon Walsh. * Merged sidput(NULL) patch from Eamon Walsh.- Make rpm_exec swig work- Upgrade to upstream * Merged class/av string conversion and avc_compute_create patch from Eamon Walsh.- Upgrade to upstream * Merged fix for avc.h #include's from Eamon Walsh.- Add stdint.h to avc.h- Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb. - Merged patch to drop support for old /etc/sysconfig/selinux and - /etc/security policy file layout from Steve Grubb.- Do not fail on permission denied in getsebool- Upgrade to upstream * Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve Grubb.- Upgrade to upstream * Removed sending of setrans init message. * Merged matchpathcon memory leak fix from Steve Grubb.- Upgrade to upstream * Merged more swig initializers from Dan Walsh.- Upgrade to upstream * Merged patch from Todd Miller to convert int types over to C99 style.- Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of the use of the non-standard format (original patch changed for style). - Merged patch from Todd Miller to fix memory leak in matchpathcon.c.- Add context function to python to split context into 4 parts- Upgrade to upstream * Updated version for stable branch.- Upgrade to upstream * Merged man page updates to make "apropos selinux" work from Dan Walsh.- Upgrade to upstream * Merged getdefaultcon utility from Dan Walsh.- Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli- Add reference to selinux man page in all man pages to make apropos work Resolves: # 217881- Upstream wanted some minor changes, upgrading to keep api the same - Upgrade to upstream * Merged selinux_check_securetty_context() and support from Dan Walsh. Resolves: #200110- Cleanup patch- Add securetty handling Resolves: #200110- Upgrade to upstream * Merged patch for matchpathcon utility to use file mode information when available from Dan Walsh.- rebuild against python 2.5- Fix matchpathcon to lstat files- Update man page- Upgrade to upstream- Add James Antill patch for login verification of MLS Levels - MLS ragnes need to be checked, Eg. login/cron. This patch adds infrastructure.- Upgrade to latest from NSA * Merged updated flask definitions from Darrel Goeddel. This adds the context security class, and also adds the string definitions for setsockcreate and polmatch.- Upgrade to latest from NSA * Updated version for release.- rebuilt for unwind info generation, broken in gcc-4.1.1-21- Upgrade to latest from NSA * Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.- really make -devel depend on libsepol-devel- Add sgrubb patch for polmatch- Upgrade to latest from NSA * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client- have -devel require libsepol-devel- Upgrade to latest from NSA * Merged patch to not log avc stats upon a reset from Steve Grubb. * Applied patch to revert compat_net setting upon policy load. * Merged file context homedir and local path functions from Chris PeBenito.- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc* (#203001)- Upgrade to latest from NSA * Merged file context homedir and local path functions from Chris PeBenito. * Rework functions that access /proc/pid/attr to access the per-thread nodes, and unify the code to simplify maintenance.- Upgrade to latest from NSA * Merged return value fix for *getfilecon() from Dan Walsh. * Merged sockcreate interfaces from Eric Paris.- Fix translation return codes to return size of buffer- Upgrade to latest from NSA * Merged no-tls-direct-seg-refs patch from Jeremy Katz. * Merged netfilter_contexts support patch from Chris PeBenito.- Upgrade to latest from NSA * Merged context_*_set errno patch from Jim Meyering.- only build non-fpic objects with -mno-tls-direct-seg-refs- build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults with xen (#200783)- Rebuild for new gcc- Fix libselinux to not telinit during installs- Upgrade to latest from NSA * Lindent. * Merged {get,set}procattrcon patch set from Eric Paris. * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. * Regenerated Flask headers from refpolicy. * Merged patch from Dan Walsh with: - Added selinux_file_context_{cmp,verify}. - Added selinux_lsetfilecon_default. - Delay translation of contexts in matchpathcon.- Yet another change to matchpathcon- Turn off error printing in library. Need to compile with DEBUG to get it back- Fix error reporting of matchpathcon- Add function to compare file context on disk versus contexts in file_contexts file.- Upgrade to latest from NSA * Merged patch from Dan Walsh with: * Added selinux_getpolicytype() function. * Modified setrans code to skip processing if !mls_enabled. * Set errno in the !selinux_mnt case. * Allocate large buffers from the heap, not on stack. Affects is_context_customizable, selinux_init_load_policy, and selinux_getenforcemode.- Add selinux_getpolicytype()- Upgrade to latest from NSA * Merged !selinux_mnt checks from Ian Kent.- Check for selinux_mnt == NULL- Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn.- Remove getseuser- Bump requires to grab latest libsepol- Add BuildRequires for swig- Upgrade to latest from NSA * Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. * Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.- More fixes for translation cache - Upgrade to latest from NSA * Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().- Add simple cache to improve translation speed- Upgrade to latest from NSA * Merged setrans client cleanup patch from Steve Grubb.- Add Russell's AVC patch to handle large numbers- Upgrade to latest from NSA * Merged getfscreatecon man page fix from Dan Walsh. * Updated booleans(8) man page to drop references to the old booleans file and to note that setsebool can be used to set the boot-time defaults via -P.- Upgrade to latest from NSA * Merged fix warnings patch from Karl MacMillan. * Merged setrans client support from Dan Walsh. This removes use of libsetrans. * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. * Merged swig typemap fixes from Glauber de Oliveira Costa.- Change the way translations work, Use setransd/remove libsetrans- Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)- Upgrade to latest from NSA * Added distclean target to Makefile. * Regenerated swig files. * Changed matchpathcon_init to verify that the spec file is a regular file. * Merged python binding t_output_helper removal patch from Dan Walsh.- Fix python bindings for matchpathcon - Fix booleans man page- Merged Makefile PYLIBVER definition patch from Dan Walsh.- Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA * Updated version for release. * Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- Upgrade to latest from NSA * Merged install-pywrap Makefile patch from Joshua Brindle.- Upgrade to latest from NSA * Merged pywrap Makefile patch from Dan Walsh.- Split out pywrap in Makefile- Upgrade to latest from NSA * Added getseuser test program.- Upgrade to latest from NSA * Added format attribute to myprintf in matchpathcon.c and removed obsoleted rootlen variable in init_selinux_config().- Build with new libsepol- Upgrade to latest from NSA * Merged several fixes and improvements from Ulrich Drepper (Red Hat), including: - corrected use of getline - further calls to __fsetlocking for local files - use of strdupa and asprintf - proper handling of dirent in booleans code - use of -z relro - several other optimizations * Merged getpidcon python wrapper from Dan Walsh (Red Hat).- Add build requires line for libsepol-devel- Fix swig call for getpidcon- Move libselinux.so to base package- Upgrade to latest from NSA * Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.- update to latest libsetrans - Fix potential memory leak- rebuilt- Update to never version * Merged patch for swig interfaces from Dan Walsh.- Update to never version- Fix some of the python swig objects- Update to latest from NSA * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified matchpathcon implementation to make context validation/ canonicalization optional at matchpathcon_init time, deferring it to a successful matchpathcon by default unless the new flag is set by the caller. * Added matchpathcon_init_prefix() interface, and reworked matchpathcon implementation to support selective loading of file contexts entries based on prefix matching between the pathname regex stems and the specified path prefix (stem must be a prefix of the specified path prefix).- Update to latest from NSA * Change getsebool to return on/off instead of active/inactive- Update to latest from NSA * Added -f file_contexts option to matchpathcon util. Fixed warning message in matchpathcon_init(). * Merged Makefile python definitions patch from Dan Walsh.- Update to latest from NSA * Merged swigify patch from Dan Walsh.- Separate out libselinux-python bindings into separate rpm- Read libsetrans requirement- Add python bindings- Update to latest from NSA * Merged make failure in rpm_execcon non-fatal in permissive mode patch from Ivan Gyurdiev.- Remove requirement for libsetrans- Update to latest from NSA * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.- Update to latest from NSA * Added security_canonicalize_context() interface and set_matchpathcon_canoncon() interface for obtaining canonical contexts. Changed matchpathcon internals to obtain canonical contexts by default. Provided fallback for kernels that lack extended selinuxfs context interface. - Patch to not translate mls when calling setfiles- Update to latest from NSA * Merged seusers parser changes from Ivan Gyurdiev. * Merged setsebool to libsemanage patch from Ivan Gyurdiev. * Changed seusers parser to reject empty fields.- Update to latest from NSA * Merged seusers empty level handling patch from Jonathan Kim (TCS).- Rebuild for latest libsepol- Rebuild for latest libsepol- Change default to __default__- Change default to __default__- Add selinux_translations_path- Update to latest from NSA * Merged selinux_path() and selinux_homedir_context_path() functions from Joshua Brindle.- Need to check for /sbin/telinit- Update to latest from NSA * Merged fixes for make DESTDIR= builds from Joshua Brindle.- Update to latest from NSA * Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red Hat). * Updated call to sepol_policydb_to_image for sepol changes. * Changed getseuserbyname to ignore empty lines and to handle no matching entry in the same manner as no seusers file.- Tell init to reexec itself in post script- Update to latest from NSA * Changed selinux_mkload_policy to try downgrading the latest policy version available to the kernel-supported version. * Changed selinux_mkload_policy to fall back to the maximum policy version supported by libsepol if the kernel policy version falls outside of the supported range.- Update to latest from NSA * Changed getseuserbyname to fall back to the Linux username and NULL level if seusers config file doesn't exist unless REQUIRESEUSERS=1 is set in /etc/selinux/config. * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.- Update to latest from NSA * Added selinux_init_load_policy() function as an even higher level interface for the initial policy load by /sbin/init. This obsoletes the load_policy() function in the sysvinit-selinux.patch. * Added selinux_mkload_policy() function as a higher level interface for loading policy than the security_load_policy() interface.- Update to latest from NSA * Merged fix for matchpathcon (regcomp error checking) from Johan Fischer. Also added use of regerror to obtain the error string for inclusion in the error message.- Update to latest from NSA * Changed getseuserbyname to not require (and ignore if present) the MLS level in seusers.conf if MLS is disabled, setting *level to NULL in this case.- Update to latest from NSA * Merged getseuserbyname patch from Dan Walsh.- Fix patch to satisfy upstream- Update to latest from NSA - Add getseuserbyname- Fix patch call- Fix strip_con call- Go back to original libsetrans code- Eliminate forth param from mls context when mls is not enabled.- Update from NSA * Merged modified form of patch to avoid dlopen/dlclose by the static libselinux from Dan Walsh. Users of the static libselinux will not have any context translation by default.- Update from NSA * Added public functions to export context translation to users of libselinux (selinux_trans_to_raw_context, selinux_raw_to_trans_context).- Update from NSA * Remove special definition for context_range_set; use common code.- Update from NSA * Hid translation-related symbols entirely and ensured that raw functions have hidden definitions for internal use. * Allowed setting NULL via context_set* functions. * Allowed whitespace in MLS component of context. * Changed rpm_execcon to use translated functions to workaround lack of MLS level on upgraded systems.- Allow set_comp on unset ranges- Merged context translation patch, originally by TCS, with modifications by Dan Walsh (Red Hat).- Apply translation patch- Update from NSA * Merged several fixes for error handling paths in the AVC sidtab, matchpathcon, booleans, context, and get_context_list code from Serge Hallyn (IBM). Bugs found by Coverity. * Removed setupns; migrated to pam. * Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original symbol is temporarily retained for compatibility until all callers are updated.- Update makefiles- Update from NSA * Merged security_setupns() from Chad Sellers. - fix selinuxenabled man page- Update from NSA * Merged avcstat and selinux man page from Dan Walsh. * Changed security_load_booleans to process booleans.local even if booleans file doesn't exist.- Fix avcstat to clear totals- Add info to man page- Update from NSA * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat). * Rewrote get_ordered_context_list and helpers, including changing logic to allow variable MLS fields.- Update from NSA- Add backin matchpathcon- Fix selinux_policy_root man page- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;- Update from NSA * Fixed bug in matchpathcon_filespec_destroy.- Update from NSA * Fixed bug in rpm_execcon error handling path.- Update from NSA * Merged fix for set_matchpathcon* functions from Andreas Steinmetz. * Merged fix for getconlist utility from Andreas Steinmetz.- Update from NSA- Better handling of booleans- Update from NSA * Merged destructors patch from Tomas Mraz.- Update from NSA * Added set_matchpathcon_flags() function for setting flags controlling operation of matchpathcon. MATCHPATHCON_BASEONLY means only process the base file_contexts file, not file_contexts.homedirs or file_contexts.local, and is for use by setfiles -c. * Updated matchpathcon.3 man page.- Update from NSA- Update from NSA * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.- Update from NSA * Changed matchpathcon_common to ignore any non-format bits in the mode.- Default matchpathcon to regular files if the user specifies a mode- Update from NSA * Merged several fixes from Ulrich Drepper.- Fix matchpathcon on eof.- Update from NSA * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh. * Added selinux_users_path() for path to directory containing system.users and local.users.- Process file_context.homedir- Update from NSA * Changed relabel Makefile target to use restorecon.- Update from NSA * Regenerated av_permissions.h.- Update from NSA * Modified avc_dump_av to explicitly check for any permissions that cannot be mapped to string names and display them as a hex value. * Regenerated av_permissions.h.- Update from NSA * Generalized matchpathcon internals, exported more interfaces, and moved additional code from setfiles into libselinux so that setfiles can directly use matchpathcon.- Update from NSA * Prevent overflow of spec array in matchpathcon. * Fixed several uses of internal functions to avoid relocations. * Changed rpm_execcon to check is_selinux_enabled() and fallback to a regular execve if not enabled (or unable to determine due to a lack of /proc, e.g. chroot'd environment).- Update from NSA * Merged minor fix for avcstat from Dan Walsh.- rpmexeccon should not fail in permissive mode.- fix printf in avcstat- Update from NSA- Modify matchpathcon to also process file_contexts.local if it exists- Add is_customizable_types function call- Update to latest from upstream * Just changing version number to match upstream- Update to latest from upstream * Changed matchpathcon to return -1 with errno ENOENT for <> entries, and also for an empty file_contexts configuration.- Fix link devel libraries- Fix unitialized variable in avcstat.c- Upgrade to upstream * Removed some trivial utils that were not useful or redundant. * Changed BINDIR default to /usr/sbin to match change in Fedora. * Added security_compute_member. * Added man page for setcon.- Upgrade to upstream- Add avcstat program- Add lots of missing man pages- Fix output of getsebool.- Update from upstream, fix setsebool -P segfault- Add a patch from upstream. Fixes signed/unsigned issues, and incomplete structure copy.- More fixes from sgrubb, better syslog- Have setsebool and togglesebool log changes to syslog- Add patch to make setsebool update bool on disk - Make togglesebool have a rollback capability in case it blows up inflight- Upgrade to latest from NSA- Changed the location of the utilities to /usr/sbin since normal users can't use them anyways.- Updated various utilities, removed utilities that are for testing, added man pages.- Add -g flag to make - Upgrade to latest from NSA * Added rpm_execcon.- Upgrade to latest from NSA * Merged setenforce and removable context patch from Dan Walsh. * Merged build fix for alpha from Ulrich Drepper. * Removed copyright/license from selinux_netlink.h - definitions only.- Change setenforce to accept Enforcing and Permissive- Add alpha patch- Upgrade to latest from NSA- Add selinux_removable_context_path- Update from NSA * Add matchmediacon- Update from NSA * Merged in matchmediacon changes.- Update from NSA * Regenerated headers for new nscd permissions.- Add matchmediacon- Update from NSA * Added get_default_context_with_role.- Clean up spec file * Patch from Matthias Saou- Update from NSA * Added set_matchpathcon_printf.- Update from NSA * Reworked av_inherit.h to allow easier re-use by kernel.- Add strcasecmp in selinux_config - Update from NSA * Changed avc_has_perm_noaudit to not fail on netlink errors. * Changed avc netlink code to check pid based on patch by Steve Grubb. * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA - Add optflags- Update from NSA- Add matchpathcon man page - Latest from NSA * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA- New upstream version- Latest from Upstream- Fix man pages- Latest from Upstream- Latest from Upstream- Add man page for boolean functions and SELinux- Latest from NSA- Latest from NSA- uppercase getenforce returns, to make them match system-config-securitylevel- Remove old path patch- Update to latest from NSA - Add fix to only get old path if file_context file exists in old location- Update to latest from NSA- add nlclass patch - Update to latest from NSA- rebuilt- Fix selinux_config to break once it finds SELINUXTYPE.-Update with latest from NSA- Change to use new policy mechanism- add man patch- Update with latest from NSA- Update with latest from NSA- Add changes for relaxed policy - Update to match NSA- Add relaxed policy changes- Sync with NSA- Remove requires glibc>2.3.4- Fix selinuxenabled man page.- Upgrade to 1.11- Add memleaks patch- Upgrade to latest from NSA and add more man pages- Update to match NSA - Cleanup some man pages- Upgrade to latest from NSA- Add Russell's Man pages- Change getenforce to also check is_selinux_enabled- Add ownership to /usr/include/selinux- fix location of file_contexts file.- Fix matchpathcon to use BUFSIZ- rebuilt- add matchpathcon- rebuilt- Add rootok patch- Updated getpeernam patch- Add getpeernam patch- Add getpeercon patch- Put mntpoint patch, because found fix for SysVinit- Add remove mntpoint patch, because it breaks SysVinit- Add mntpoint patch for SysVinit- Add -r -u -t to getcon- Upgrade to latest from NSA- Fix x86_64 build- Latest tarball from NSA.- Update with latest changes from NSA- Change location of .so file- Break out into development library- Move location of libselinux.so to /lib- Add selinuxenabled patch- Update with final NSA 1.2 sources.- Update with latest from NSA.- Fix to build on x86_64- update for version 1.2- Initial version2.5-12.fc242.5-12.fc24_selinux.soselinux__init__.py__pycache____init__.cpython-35.opt-1.pyc__init__.cpython-35.pycaudit2why.so/usr/lib/python3.5/site-packages//usr/lib/python3.5/site-packages/selinux//usr/lib/python3.5/site-packages/selinux/__pycache__/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tablesdrpmxz2i686-redhat-linux-gnuELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=cb0bb3e34f8da43246d4bf07a2af620286a70a0e, strippeddirectoryPython script, ASCII text executableELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=490c6c04286663293586042f0886d199e94813ae, stripped  RRRRR RRR R R R RRRRRRRR RRR utf-8?`7zXZ !#,ߊ]"k%ʽdh-; cl%d!~#3J_μ,ջ~΍M<)ӢDUC6|=Q[_ ^ZUTvl !H`< `2A+4M s䪥FP] $!I2Ef({]PTX$0BR3nWOXz Bt^ثP @,(X~}Q8*x<@yއS|.{UE9-˲(VDD!^l.a41nk~ u@Fq{U(yQ^(fα96s448z㆛L[ =|hA#>=JK`q79cL?R }".b UU%g44o:԰|`] u5J*7 [@rViqBل)W 9uXP)Imsj9%o{"l,ɖNxuFpXD=oxٸr5s>bSXc0 A`-T:b6,_UPD8qk= ;!vpC&\! "-_?/]Vب&?h} dQ8Sdߣ&v"P Y^Ap^^3Kx`&j_}88G@L!M]j.|%˃ryݔ1 1ǡe)wHؖ8[QctyB9,EAa, !HPu9%CXj޺7ˮg[r]vb^4hgH]ͭ^H@~JCJMcwrW/FχnXԒ6n.?5m"@I( V~cEes.$tG4qM{@f<|?Zev*wWT6mh" k6͐"&c{l2oAH"PU$RT|Ex>IĎ<-{XU^cwVS,y=|Rک|fLoI\pA34ֹ76!`YV.I|w^5Ej^E"dQ#870*sX'SzVH16=y"w-7zq>&dzT HYU ݔϲ"T) W*魀)wg*%rmBFѲ*nҼc Nimj\5 !С-.xΙ-&B1?ԃc϶prF>T(?܁ᒆI@wfQ cq8U灼jT7. oof% ҵ'@]Y EzqBc]!iuՋaa-қ._kȅpGd30{Zp;FAaڪYŠc!3IU:R\'( L^/oJ$& i挣.[FWz>6j[>Y-?on]탓&QҴjgDj* uHFIWϘ?bz"ym?SwrAx8³iXqitu:ng71 JĵYx!bK {T)PU iZ2t8K\ =*Z AR@tn)X.YE|zZs9h-S€ӭxUDThjCZkł:?jj۵|œc)%_UGjdNYlnuhʚ1fP~1'ߪB󭶮x \T}.ߘe#&a12;*ӗ_/zMև2 "M\6Zhr$z=aOi*nL`XZ iF.iv#Fd%C"JC= [wvkKMN_~rdjl|1Nd`aMV@zzֵPuJO.y,d{z-s.n.[K9JPؙqj 2L*[ؑ =]Nʜm?!R pcՌ^mN>L)T2OXIǭl$Eq]Ɛ kjYcZ$-u!xVm. h%Xk7Í~u#=&G1X3Vun }D)3`4@e @{][%J/(-TaܚtSE[)<"z:#<@2?c9s5Snrÿ!!>/:Imi6 |!y|>\u5 sO,-HVAE<<~A.ŘL|FC G]?M,%W]?0MVəmz$CUݟPOg?u%䇘F 3Sz~f v,@f茝S+_wOvxJJLyΣ?Q0`)T1&a*{+-.2JiG r;h,]|S/f ]hXm}űcuE['?zuДOClD;;\_O['fOTnK!Rr^/)_chga %=0MQGd;d 97[ʎTEU|;2yw"-$5)Q7H~{_6&\FȨ]|PX@`Ie BO3Xc++h ;PזG)wmJF[LU2>Ғ3 u2 WI^/(M $8ì R%Z֦w-WZ-Y[jQu(E=߁ogx̘@jF덥#k&j01. Iݏ ei˼E(ǯS/&,#j|&AVTZt{.,ُ D_ Zxfx׊UTr%KXwVГdŎ>[ZNV/VR0{ O%vFWC$KC$WQ|i?J$8H?{#pljuJiiXf. nx67:Q,!pI q9I(bMmZd\8薉PTX%C r np##}6Oq;zK㛤]qKK?zob6q\-I298I@vR6ݷiϤ`fG`5kHJzSHƱ="WYBJ7 0͹ibi;Z Ex&HlLuB\S_M`lc 3[5/zj|a2{Y&+;Mf٢R~5|&h|-32G-Auަa\ b}SY8=;zl+m5Lފ9bߵ GdEQ 3 O}2O;J->ijhMAbMn(|Zl-X\9FO.YhĥLv)%Bm!at- <(4OeQHnN'gR,Ʒ53t/qtFlKOٺ0Ҕ)(ZeuGLg@.IݙKj&^0Whtu"YGP`I|TBX UR.yjnK,N6y:#5Az9YV-s:)oSYSrۦ❫'efapBRBϓKFClܩTT:Z\ڄLBr܅0Ax¥x䁂 9]{fb)^.n֨ =M7qP Ny͚7͘,& E*⻾ 'k|I2y~>Xw߈Q\/(&.R>՚ 7c;diUh,YӨPUV1 $_Wϯ(Dž!Vk<FJэ1 il:Rdvz&jOyN|q0yT_>V*ʒpds;*G_)X=ΚH!S_U&~e*Vֽs؉G.XJpf(ig[0:.TaYNptǬn%Ȟ{Z^f/.?o^:F}ݘ#t.@Pa+WzT~LC}'q=x]=~ 41ϝEѕ->1| ˩D]JaVdL,%&o8`@?re-~`Cþ8+Pic{?>t-ѿ Czn5 "ip{e.sUF>vCyʐ :ҾAVǮK!np ?YOoȦYѠPox "hKR񹩬旽DZQ=S:fj)Q Ǹ73ebm;Yn}z⛽me2IL;e CbkJ:EIMPN~cQg}XHEOB)j&a/&Z'c7!fDZTnV"5pӛC ~2KARΫkTu 撔欳ȡ|M+3 9?P(n47KgŤsux`w& |pSw]<'7ﺡwj!*XJ7Y΄M1=̄1bL kڀ2'Ed㛷q% .!~?qaO-OxN{*}u)|[փ™7EG"{s,,(Yhp GޕcjU&:`E9駼|h0MÒ0p=yP8k6$?bڋ vՒ;yB̓̎*8pe%Xœq*fvGBw)J7峛j`^tPV&ή=2pYE+wb܄c{|t`%M(`- wXۏ'ě0||(Qe )lkRCV 'V 3Fj \RfDi@Nɵsa:zƚ%JAiJ zpzq(CegdGx1^90n=f^iB|t;&OFpTLD屖?qȭnV"a+5-"w'OQȷpg/e @):ʓnzb5ryLILTk./Uvrγa_;:}ogaLPцIKp[s'  Dzgպ+:3hX@70PBP]ttј8'R%\_ i=j Q4 zHAES#a]n<]1mzcL"<_})J~vJNcb`(AgD=案p áb V Jk7;Bޱs1lh Sz?'6].ز[(@DDZ$—ϒ{uЕ]RX{~?ȍ\%uuߗrpTpRc Zݝ#p,,&d(_yZD IlZ;H|\:#3FY^ Kwm ʅ^J,w!aoeX 9~{$1{l$P #}yQ,q;r4N,j%S=t-6?& 0zCiڠ0l!u\'}NREQ\ꙘMl7%+ P#P8Vp9ھldFO%l\+oGWP;3-\͒! U`PΣ?`f\Z]{},= Tfw-- a`JZFi10p JW5OƘҀytaa`i^=b- ba'N_EOv%֊ulWi 6Vdf=/9_R wק,usD$H-V Y4];Ysb]d*i;zf`zk[!]I]w-]l:ȡ9]WY}mCořM1'vnV8:-db#lH=/Bvڕ| -X=GlH.Í U W' YΣ0HزIކx) c ި_(GƋNXq`gy[>eԨ]/Cjd)IEyI{]O$ˉL_hYVj|hwfW@V |.gr6jIWg,(*'=4Xg:{K'98͌͞ޝQgp;x7"+A9\sC ?U9ü>ōH#3t]*75"RE U-pwClM2,He -xHē}jͶ!}~6źSuEmSWG{C1.wzΤ { ;ѨP"ᲜX <G}Y(7(4m/9M#QRSEi)j +Cfuhі},܊}{Xg!xΟK[]INy5iG d'O݌J?gL!EB3k4TIpmU20je[ ߫ag46 ,F9)Zn l/%2? ûhzu`B8g_$.F-?r!k Iǹb-j/fg9=*˽XN,m)^T̢?w5  n59t(%3 i8}V|[SDѕ'kߓhԌD8X܌mXܱhai9gRׯ~Vq`<i?7I]OKx=I(=',-,6nE)ncmRY/r prmmuOͰ&JµjӤ9|6&9Pʄds@OfN:7Ur)M' #*}Ϛg06U«qY=#HEJr^vs4A"}ElBIb}/{榛*?(N;SMdөv8#jցGNUkZQP,TŒ(̩^i[}'i?$P)L'G_ Ò\X*ݜK{,\M ӻ4N HPPc=xr. .qK-6i6YTY`r|'DܓhUF L7zBcCeŗ-XG/t0r %2 @8Ogo1Z3( $SQe!en^?pr@2 b_AݩܻӠIsj;q1>YIkx9iY/+czd{vW/}b7u}YK{JΚS֎+nzqAP NBC+;wsSc[eް}2Ԛb <K7=pf9-L꼉 * 5<~I=+ԇj/Bs"aE1" Be3Eus;\\4IZ;[l(F[>=q?\7)0*QuCflaq2}:_|֜= >G]@R3φRĆm¹'\Eg;QtUpB~jY4rU(7VErJh%Tb_+;Pɂ {r) %B҃BV2!8#Ÿe?p2GY&ju[5XDye+GgBt5Xbyrz(|ڄ%VpH5B*G{UN"8 hqلOTtislzDg?'O!edHD:qJVo0oSY S`);ǐhh?N~n;wn C p2c;hB@̓l<ݨآ*R[1YZ {(i-'}9x=z[|[/ r#ӜfAM!J`"FT/m^vQX`f]vpҡs @Dnܱ}ͯVz}( ZbOS; ZaL a?φ)"|4d6!)rO5`n2-bz=zNX91=׀_m^#,͸E9:Mh!.:%t;B^%Hw K  cFBd'·^劮>rڄ GpLB-/E/nTt0)ZiڞW9le3ZB- D[ϡ3M>N`huU@y48(YF" xqpԺ%4RPM8F:Xz̞u]^sfa%o+/qCԟ{*fn#MET$ u@` ]E\8M47He(퀣LRߴ\Ɋ`u8?&(344[k&  J>p1od|T(60bPIFQ,)3!zH D^QfZ&a~gk!i1Tq=@˘_!>H8A`D3w%g5j/(MxYa(VJzaU%8a=iTok;聭$>位c? X<8B< 8@O&+a|"j5궻nbڨ tz1fj EJak4PlfE,?Gjeici7"C\51݂@:NWɟ//4KXOÏߋhઆ/Y}D%1*M9AKB<}UN5E 8P 'vMvaM0ޏ"HZ>lTW|ů+N,J3l'hu:ҠSe ^iP~} t2!\KԨkRVk|9l5qd:U[FL+MߤyT)a j4V)@+`/~k:VIT0L*9H)3jJs 9x2Z#w3=>? uOLO_!_J2<4uʿiGh _!+(9]&e8\㙺WH%ǧ|۬y #xʆ;:Vw"pݝP.kAmXae>Cr cbu2CEL~q}eoi߆k7G&m"͗Wf`I7LLFcsЅ]XYI.hdA5`yG&WsNu|# "J͵ JB_MF,gx`A>ؗZ‡ކV!O$VUv aOΎbD&l@K,3 Q-jÙt~@ )0+{bUU aSsJ5yF9 㫄̑aAiɠ|"~7iӡr_`G}yf+)A6s|/{Ol)6Li D\7IEvmBTSNӁKsYj0TvC~p5KeX|V.}R̍3EЂOjW"h;JDvy$`5B@$=>x@`Kn{8C=/gf +0k]7 5jLYJlDni`+  H ԩ#lL>\t~㋵hCcO~[t{4zHyh"#?4fA㊈[)đ<0;-kBw\&& Z5]HfufD,&}]Hdg89?nL9>VBG'WwPZΔC8h nĦިiX*ʨCm`JGQt$yLwK,A15>7i-Gh_忇Il=)F)8k^nI Iv7@2Uhi4i`)ӧ9AS}!e@8 ]`8ޒ|%b.jk`qRP ζWoC55\{h/T RpX%CtK on-|yZ.c<+}D@y  !K$ˬoIBVv;me'M(E{3-yӱ^Y1S*ע|Y%X<&Mm !h`a[Ћ~AAⳎFzw҅#GYsY (ev#P}67H5!>nLGCQ׼0+&/Ȕ= A$DAɄ@z7KM!yV+P"iJmabpcSj}*f u8kϏ&y# >BHKHw<,Ĩ?MnKKH$Tpzf6Ї;H=M8h̉m5$U4(/96K*Q(ר}T4L3dh\2X3 [j1fȶ pX#N+qs?u^)c3r i\D;(muk$L}";T"ĐOH7wu$i K/NE1BX2t5F^ Sq-6.S4Oh ؑ8f%#㴼dB[NkJZ0Q`] *S"|$A̋Вv* *11 [nGLYA#uc)Ŭ@-"t befTsg8vsX(q)(NKc#l} |$t!Fs5r+&DgYj7MLele쟙z47߷V!>w Ca`YdyGؽiu5f{W6bL{NR\Fc&]=W7y8m'ree@Lo P9I&!/}>6jjU^lb2G=$]?E+&M~5)Zbe#WQHWwF_MF ?2. M 5პH+V!7Wy42F0Q" ty6Z%4}L! JK漇 jqW} eu}jߝcno@4khZUuP@Y„Y5s-&,;~6hDlU@IAF#?@{8x"' g=3 EcJ8SNNR8^S-|U&TuqY6"}ܒFGШK/~}Բ_x%b_MY>mP3QdK(a%`-w؄/5} I߇~Av1<#5Pbug @{DqK]K-|31M3^PG)tulgMNxs>@p&e^䨹QZA6(o2gac~VsJ ̌+tQ!̞cU’BfΖ[#KǾ ꔽ"z[1)" +Qe椗!}_??IK.-|jӲT $jI$ZVoX!g= "`OkC6aOij4C*vP—Cld_k~| U6e6A~e`Ft_ӈ`wPft+B ]o!NچR3F,?vr3{q҂Ꚉ3C8±zd)w֊Hev te`xj?cS:B2G(T:=N|Xu3M#CmO@4v*UP w o*WyKC*_ձ^}缑>v4| ԁ2a$ǰqBvC"TT5[ $;4n^N=#h,n"fz[i L KkJBk8f%V' 0SkuSyL$nA@sӨe}PbC9 4»L  }4I٤  ]I7k]Rz(joƽ'h{ZQ\Y *.L;4OqOZ1jJ}&BFsx@ݺ[/킱ΘM_75?^Hy9}br*!Y oܫAvlDLS刏-BZ CbDQÆPwNW9am; k"?_<kˣ~Wc@WAX PQpG!mrZw(a{¨+_+:E?OcNWK# =yk7u=|u9ч>#9Ъ  A譫/>O5E ~d5QknJ%npAzzWk[F(C5tiEP41lD$(όVXDA+CMdA7UfqƂ{cltV M:L O=r46Lk|Y,QU#>^hׄ#:('$M&J'/yvc( *뢰PF{6ezn!UvxbTf<-8NFi:o"ʶF-a,ߋo0eэ:` E"5Um#v@>o$:7m Hj{xkNUˑc9R /|MBmIП=n?+D7o%>)M`-#]No1)tj;gBS3j4E^҇N+TNFݟB?ƵB%QBˆEh"JBDE[Ith4l8OS,S؊l;W#rr6(^A?VŏF ܚC1-\ӅuI$vϱE -kQ e~yDopCL-t^XqdR-b$OeNiSSjetyHLKeBdZcaB u;+QL! & b)a귣|Cv?s(5,!Lb}@_cFcR끙n4igOWGApʢ|޸KS].lg: E"Zָ!jj&TF[թ-sl81CW]ſ0tnd= rg69_~8Ĩ,s$1K 7~I˻Gq1x l!f&=7\,+x+McHi>Z; &\te.ooNG؃}K`t :`]aۻsNӼR_C[ UA_!3ڊkY.q\ks&<1R y.ǁ\Gb٭gښx3] gdSjs)1ׂ=:5}:"ž(]lUYo&8j쒂G(JKjW뛟*O9~tl`Y.tqpmZ<5s1Szɝ==y"7\JB'eeauGR9!ڷ#ٺ3Zq̓y1íOo$2FEYGSEDs_&[%oc oU Wٜ1QpI%XklJBjZDe(\d I_s q"ؕZqKxpSG%CkW)BƗgP;o,S1Je5fo.C íW2Eٙ􋼤:Tnk(קL(;y 2"ʹ{X@/e+O0K.*?aa^_kmo86m+< {㍤F4QZ(Gi-;I 7oݚײ-s/DA5L6?`,gyx fq-:jz^o{̟D} Yf!|FxM?XbH UkY,&ss1EHSdݲG/S( rfٮ_}juP.<وp(Ţ$͉/{z^m6IR^CXt=m쾜@Z1&I~+kUPug"T[< z)'ڗ_άgO?zhZE/Pj޽y8&m!A~ySȒ'owZE`B_T(.Vg<ήGm hmp@E:17'ۣJ' $>7LlCD `JS{!uL>$o-U&|]FӈOlA[z{kiwYC{tL:P^pd~SxvjPfRGtSWrNE w(.:v|:mR Ç7f&0awkn@Ro:dX$i}`eQuc[S o^s?v)Fr{ lzVPBc0 :C<5,hڧ,"*kpe S{^^l-Dnk]Gf{- "BabN=fqi@Qގ!˚}82N4b(y #^KxYh?q4Yϲ+3 yK0g\mt'DggA vO<{4;3  t/يա^݋bxUm-XSiSnř+s&q//NW>50Ya6-V<]cI:&Z gdžk&Fqb4a,)*B^tŚY 4S%%kWG'vI 3d*YbdrXڔ_ˣ$|EA0*7]w?ݕv`-s/$e保 v@4G]FQ-pZnṈƶ%y5|OKI{YɎ]|1OQ^̰UkH0rសRY ޫ5 tr*LO^܆-ikڝTAґf.^RE8Zhx#޻MIbVm%ِF4E'1**( 3( ڿZ O^2^VYS8XxA!EaX?MRgad5_7P`DJK$JPʥ/8rhM6XbIeB/M΃G; _ҒI FWԾE"0Yes'bKI; )lY(f=yc'/ef }NgʿAc& woN1=8jIO.bT3T]"# 1ܭ"%J O2ɂI]o)oN?H-(g:zQ~_nܶcM-/rl.cԯ0j*oӆu>sjU_`~j[٥Xya(;Pi_.M~Ӝ?U1wcΰ@L>9"o)-/{3:"8y6G 4W}Ÿzf5Yx2$2RP$ !#ӿ(q>xAv:m*0ܴpW.'nUw돝haoQj_+/{/ )MC9 4i"ͪ&؆^ Bx[NR;T`Kϗ~惙0"rD݌X\T_bz탞Tyq.*]BTƀE$l$s+\$h+\6!9H]&g =qGiL<37Blnw}bA%kR74JVA93i g溓:u:Ѩ[ro0'a@pf+tI4̔ 9EJ\+6AZk^kiH{ !Gn !-qVw87GqePh(둛6A0; RPHkPg,GA|H)J?(eVӶm>,\}¸b)}+X#{7a#&{NI#z'lpHf)5n0ͳēޘ'vWtZhea }u,Y VZʄQqsаKdG@(.[>0"SLVww6dؤ"OA ]+KyĿL_ϽN1եLBӧ]gP +"yrRL?0th!KHkmpNMs\j'#6 w ԊQsu(Oc(mGMԒ7*,۔ʜ 5K& =Z y;Kc[#-,xK`lOF!ƥsOX?I#/4v("F/v6>]٘zF@5p(XOҮ\ʿ,݌rZv=1> ®3-OFUqyZxU%~sݬK#6sq85=;8|S9R<;=@bs|v4ű7XI2)F%v-[ LX:~kc3 d@Wo.%Vjb^@Çf~ZuJJT{Ҋ'啢lT>bx'f^Zs[hL5GEL00N&ppHZ,ZX1KvaNj;B EA`x$/1 7$q aA&T+X&$S&;=E՛|nۃE"ƋJB>v/a^6CXװ`A$Otk1i|wA+bkx-CN S~aZDh@2ֵ9\1*)L AV4<+"Vmu-; $njvvJLԥ i?ǁ/8gB>tڹ=@˃BŌ׻[{4둔vGՌtA*2HݱOqNCƤ5Q%`"YnA)\~zp·g"6m zԥΛڝ4B&:Uap;rpK wD0 -R4B@K572/GΘ7.d[ V518,DdT[RWD"<)'ZϽG]L3{^NZ;g+Xi?:-,Q^}8b7\ 7<ֵCB( /kѼq)KQn ,ʹHjг]iWNW(5m9a`+^QTJ9Py] (e-a .SZ+CR oWT`߶KOܗ/k/ Wa/ו[6ZVwhD[ J d*,\K#֊Q\٭o@ı&ݪFkɝR c^+ YEƲ0d%{GU[=2x^\Yjy-$ ~ZyWE,ΐ9.@mz-(3x`rxXי9­q)K}Ӧ{DZې w'#muNf-<>K'|,t[uf܂ZvKo:@#`'H3m2~^lvc?ARۿ<SsEEA7`2RjrT#w U3Q#b8Pf(]i $N=GOkVy]a"Uڤy)l]n5J}ɯ2& K)3~VN:6rM:&4F\'8爐3 ~:kahnWg[> _H "Rꬤ9^*=c&13/{;#\] w9m[vSM3FmP߳5Z݊[Oj m@ox!(^yI1:wH|Mz3iƃD*ZSd8#5p*OY]עHz$f gtn:؇F,ܘLjn}mߋ6AgWl $gvlw)ZY/_wT΂1%OzJ'qߓ4e&vLvP;T͎sJFg0⨓9>k3!/Rrd[wCpjmט6:6%B_EGw>|iK]mc7`-a / ؜}SwҔٯ&=Idִc9%Du~"6)`{Ս)ܬ! #nZz/uI'̳s>ע<P08y/~Z'tX|,J7D_IJ2Qy ;EBzߛiav.u'/zkIgsUܵ os=FWr2W@rlSz XSn^ x<̠V_V8xzBRd}J]pZ8#ef] fy7H<1>s GV\pp>[w4Ӆɜ0jAEf]njoAu2`["R@e4|Q{)Vzw= 2-'ب#ysI]'Pl(zC% qir2TG|ouWȼnҹ+(jGϛMUMN挢xBk'Zk}kY`Qu>FG1!Et ixg{>YLͩ .6T ܨ y[ p8+d `&]DX!e:+0_$U`ڶn`8^h0/NF\ |Ka? K뽞AIyNSs&mL=' =hvDnK"Ƚ)oȱ6i,W'C1`%b+Lh*5Pt% EO=GTS[9ErvewR| ǟ=L?SZ2^Y-[?!D-lh':q6q=Vȸ|wr,];7Rt͹{03,-+c{-!='6k$[ڔMujvx?o^ylcX%/@ :gAqա%wR; 5[3ҍ/]15fckהLO vP̢ȑ: ToǙ`k= Y{f Pl$WjT/{fit` Q!HEz/ќa[TkIUk#s,@I{"YB;֐iU=XPZxci"dzR52|[FDrd`vD+ҜRۡ;#L\tXfyw/Q>9 P}mbt*1e\0roJ4 PP**Y.漚ͳBeu"RŶ盇7v}0(|}{nY\ٹ~Ї\ H+Ne AB]n+:O@ϓbqI+t(kŷrBTdKƀdra8P 2sʺ2I1}Q5a_ RGW 8S43/ >{dBc}}u2[^#'ݕpYMb{ÿON.`B@ecim\ HV? %{6߹@>B24>:۔gwa߮$qH%guOgfty6 .n,m .U|/M'6|~ @O;3ፖC)RoĵrZm !B~:oz zKF)|mqV#dE(Dcrr!1s),9I,2K2R,:Kfd:SLE k5ڎ=[ా,—`Ÿ.S_sQFTDxunz1A2J qXhZ#uYP`OCOYr- %,?{=S- hcK0 8es/@oLf#V~BqVK-+)4GRp&@IE -5B819(v"79 G8ܪ}9xu -6nK)'p`5G2Uxe^CX龏ngΪGtDn-N:}T Җ֝ѷ]$t@#MX1 %quճ͖pԎYŖ{S g[8 g|E`-!x߮[Hݦݔ"vyKIJ!,*XR3v}n4hlIL 'ۙ d,Sw'z^Wǂ4NJʓW&t4? w YVLuA}Oʢ9̾8L. 1ļ U'9? YP -YB._\kǩi"K5ǜ ȸ0K#eP_`@Fg(gy{6zҝa-2Bc[#1 _Ŭ^N9>Cآ1zT9*ݾ8:k tX R.QS 4߀*ݧ%G9ԆFfTkq n-{@irߦ]Yjˌ _`s@Իs"&4tO0 zV"O5Iww$ԫL&molxw̰FW܇U띐+;OܧܦثzlL"+v .Qf3>ix/l7K>=IJ|npEoy6''ңI2ckMӇؗwxHv9yuO{2X:RvKۺb ʯڶ,zp ڨr;QUP4nANǪF< *ZW4k9 ~%aKl*7}b+д5mdq#iЈiYߘb u}TP /oÚWUjWaeNO[F[]#pl&zE u \n.UQS(K\., _yZmɃWV ;(}E?"6I> ]"4eF#ϯn/|%HH sJ+rZnF7?Q(\OXq{kClfZB4.X{=i::Lq~{Â4xN5gcS* $ tS ɾ}Zr9ZeoԼJ[ pE+d^\ZD ,7@ф4L4Dha[;dSl/#Hns eG.(xIOOM/{\rdMj; AJYԋ_3>=X Yo[=h΢ 1oParLA'p;c~qIDS*4'GOݑwy2Gd/=1Q5{BCJo$e*BnP@Tw  +?^mП"y!ziS$gaXCJ2qLl1w^bi}B~"!;2bJ2os˅@H3'9{ ш8nzA r'(ty3Z,LB])l@1,9&Z;!׶֬z'1MgKڡpY~)AaxGQ:jG%Zv׏Ix[MLVBԒ-vCt`{VT7k1=QT=ClD## VY&8k,௜ , $H:C(pJesrY#C>tX9]RXB#n+Ǖr֕* YZ