libselinux-ruby-2.5-15.el7>t  DH`p^$ƨ1E.mj[OS!JdKa"2"!Ilᔴ0[{KinP.jrnP MMmr-d{r^s ਦv|DaƻhgLm+brq;j1?D]9+z5CbA#(upG O A<8qM9I_QKfzx+6;?^ƴ `@a2]B!ߙދ}Y*VT߲{Yb:L\^ijdzz>*pZ\Γ Pk g'QdѰagG<4mD827N|PiS!P+lqZKbo[bGrl_KMfIeؿĊxfI `Lez{ )Im07^wQ7fkQ-ݿ;OYd i4Q r4#ۂ Y2c0ffdfe6d5aa7718bf63615bb2c1771a50a4eb3޴^$ƨ0s1$2da~5t/΀{!J́l[SF {؜ҜgsR/K$K-cp+u,VcJP,Ф*1V:Pr- T9Șz"N@Xt֒\_'E8É(b 3sWN=nw};6oZ"DyZ|r@ iV3$G{;5 AP̕'?o"LR=& + ᕐ\B>["/ &qGS@9)jd0dIY*lyXIf* %e3܇7UŠ554Rt#C!L4\(9n''졶K%dHX#yr0։9VFq)qBj#*B.S=Ft4(;„R+c?ypю]Z bvߤJj(8=?=d  B FLTX Z \ `   < b (8 9  :^ G;H;I;X;Y;\;];^;b<d<e<f<l<t<u<v<w=lx=py=t=Clibselinux-ruby2.515.el7SELinux ruby bindings for libselinuxThe libselinux-ruby package contains the ruby bindings for developing SELinux applications.^x86-02.bsys.centos.org`CentOSPublic DomainCentOS BuildSystem Development/Librarieshttps://github.com/SELinuxProject/selinux/wikilinuxx86_64`^8cd02048c7cd10fc39e586718c20083fca9791b650c3b548690a7279b3ff0eddrootrootlibselinux-2.5-15.el7.src.rpmlibselinux-rubylibselinux-ruby(x86-64)ruby(selinux)@@@@@@   @ libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libselinux(x86-64)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rtld(GNU_HASH)rpmlib(PayloadIsXz)2.5-15.el73.0.4-14.6.0-14.0-15.2-14.11.3]@[Xf@Z@YXӸX@X+XXn5@W/@W@Wq@W W VIR@R@R@RR&RʚRkR%R@RMUM@M@M@M@MlMQ0@MGM5ML@L-@L@L*@LLq@LN@LF@L$@KKKrK@KKqK}+KTM@KA@K@JJJJG@JG@JG@JjJS8JS8JB@J@JMIܑI@IԨIbI̿I@IV@III@I@I2I@IcGIcGIcGIG@IG@IBR@I1.I!\I!\I-HHHe@He@He@He@H@HHH@Ht@HsVHgy@H^>H^>H-w@H!H @H@G@GG#GF@G@GGƢ@GƢ@G­G@GGD@G@G@G@G,@G,@G@GG@GZ@GZ@GeGeG|@G|@GO@GO@G<4G<4G0W@G'@FF@FIFFFFF&@FF@FvFFS@FF@FF]F@FtFFzh@Fw@Fm9@F` @F; @F-@F,F@F@FF*FF @F @FoE@EE@E4@EE?Eɿ@EEEEElEx@E&E=E=E@Ex@EvEnEYEK/@E>@E4EE EgEgEDfDDDDq@D@DB@DB@DB@DB@D{DDX@D4D4D4DD@D@D~D~D|3DvDu@Dr@Dr@DlaDk@DiD`@D_2D_2DX@DWID?D;@D'Dj@C@CCC-Cǖ@Cǖ@C[CCC8@C@CC @CCqC @CCCC@CBC@C@C|pC|pC{@CyCp@Cp@CoACkM@CiCf@C_oC_oC^@C^@CX@CWCS@COCFc@CFc@CECECBnCA@C;@C:C*C&@C&@C%mCC@CC C a@C a@C&B=BۙB@B@Br!Br!Br!Bn-@BgB] B] BZfBS@BQ,@BIC@BAZ@B9q@B9q@B06B-B$Y@B#BB@B@B LB LBBAA)@A@A@AA@A@A@AyAҜ@AJA@A`A`AA@AA@Ak@AAA@AvA@AAoA]FA]FAQi@AN@AI@AF@AF@AA@A>@A>@A7 @A7 @A5A4h@A3A3A/"@A-A+-A(A$@A!@A A A@A@@@q@7@@@@6@@@A@)@@@@@@@@@~y@@~y@@~y@@}'@s@@s@@s@@l@@ia@@b@b@b@O@@O@@Dw@@9@@,@@ @/@@???E@?E@?٭???q@??@?@?@?}d?z?a@?M?D@>S@Vit Mojzis - 2.5-15Vit Mojzis - 2.5-14.1Vit Mojzis - 2.5-13Vit Mojzis - 2.5-12Petr Lautrbach - 2.5-11Petr Lautrbach - 2.5-10Petr Lautrbach - 2.5-9Vit Mojzis - 2.5-8Petr Lautrbach - 2.5-7Petr Lautrbach 2.5-6Petr Lautrbach 2.5-5Petr Lautrbach - 2.5-4Petr Lautrbach - 2.5-3Petr Lautrbach - 2.5-2Petr Lautrbach 2.5-1Dan Walsh - 2.2.2-6Dan Walsh - 2.2.2-5Miroslav Grepl - 2.2.2-4Daniel Mach - 2.2.2-3Dan Walsh - 2.2.2-2Dan Walsh - 2.2.2-1Adam Williamson - 2.2.1-6Dan Walsh - 2.2.1-5Dan Walsh - 2.2.1-4Daniel Mach - 2.2.1-3Dan Walsh - 2.2.1-2Dan Walsh - 2.2.1-1Dan Walsh - 2.2-1Dan Walsh - 2.1.13-21Dan Walsh - 2.1.13-20Dan Walsh - 2.1.13-19Dan Walsh - 2.1.13-17Fedora Release Engineering - 2.1.13-17Dan Walsh - 2.1.13-16Dan Walsh - 2.1.13-15Dan Walsh - 2.1.13-14Dan Walsh - 2.1.13-13Dan Walsh - 2.1.13-12Dan Walsh - 2.1.13-11Dan Walsh - 2.1.13-10Dan Walsh - 2.1.13-9Dan Walsh - 2.1.13-8Dan Walsh - 2.1.13-7Dan Walsh - 2.1.13-6Dan Walsh - 2.1.13-5Dan Walsh - 2.1.13-4Dan Walsh - 2.1.13-3Dan Walsh - 2.1.13-2Dan Walsh - 2.1.13-1Dan Walsh - 2.1.12-20Dan Walsh - 2.1.12-19Dan Walsh - 2.1.12-18Dan Walsh - 2.1.12-17Dan Walsh - 2.1.12-16Dan Walsh - 2.1.12-15Dan Walsh - 2.1.12-14Dan Walsh - 2.1.12-13Dan Walsh - 2.1.12-12Dan Walsh - 2.1.12-11Dan Walsh - 2.1.12-10Dan Walsh - 2.1.12-9Dan Walsh - 2.1.12-8Dan Walsh - 2.1.12-7Dan Walsh - 2.1.12-6Dan Walsh - 2.1.12-5Dan Walsh - 2.1.12-4Dan Walsh - 2.1.12-3Dan Walsh - 2.1.12-2Dan Walsh - 2.1.12-1David Malcolm - 2.1.11-6David Malcolm - 2.1.11-5Fedora Release Engineering - 2.1.11-4Dan Walsh - 2.1.11-3Dan Walsh - 2.1.11-2Dan Walsh - 2.1.11-1Dan Walsh - 2.1.10-5Dan Walsh - 2.1.10-4Dan Walsh - 2.1.10-3Dan Walsh - 2.1.10-2Dan Walsh - 2.1.10-1Dan Walsh - 2.1.9-9Dan Walsh - 2.1.9-8Dan Walsh - 2.1.9-7Kay Sievers - 2.1.9-6Dan Walsh - 2.1.9-5Harald Hoyer 2.1.9-4Dan Walsh - 2.1.9-3Dan Walsh - 2.1.9-2Dan Walsh - 2.1.9-1Dan Walsh - 2.1.8-5Dan Walsh - 2.1.8-4Dan Walsh - 2.1.8-2Dan Walsh - 2.1.8-1Dan Walsh - 2.1.7-2Dan Walsh - 2.1.7-1Dan Walsh - 2.1.6-4Dan Walsh - 2.1.6-3Dan Walsh - 2.1.6-2Dan Walsh - 2.1.6-1Dan Walsh - 2.1.5-5Ville Skyttä - 2.1.5-4Dan Walsh - 2.1.5-3Dan Walsh - 2.1.5-2Dan Walsh - 2.1.5-1Dan Walsh - 2.1.4-2Dan Walsh - 2.1.4-1Dan Walsh - 2.1.0-1Dan Walsh - 2.0.102-6Dan Walsh - 2.0.102-5Dan Walsh - 2.0.102-4Dan Walsh - 2.0.102-3Dan Walsh - 2.0.102-2Dan Walsh - 2.0.102-1Dan Walsh - 2.0.101-1Dan Walsh - 2.0.99-5Dan Walsh - 2.0.99-4Dan Walsh - 2.0.99-3Dan Walsh - 2.0.99-2Dan Walsh - 2.0.99-1Fedora Release Engineering Dan Walsh - 2.0.98-3Dan Walsh - 2.0.98-2Dan Walsh - 2.0.98-1Dan Walsh - 2.0.97-1Dan Walsh - 2.0.96-9Dan Walsh - 2.0.96-8jkeating - 2.0.96-7Adam Tkac - 2.0.96-6Dan Walsh - 2.0.96-5Dan Walsh - 2.0.96-4David Malcolm - 2.0.96-3Dan Walsh - 2.0.96-2Dan Walsh - 2.0.96-1Dan Walsh - 2.0.94-1Dan Walsh - 2.0.93-1Dan Walsh - 2.0.92-1Dan Walsh - 2.0.91-1Dan Walsh - 2.0.90-5Dan Walsh - 2.0.90-4Dan Walsh - 2.0.90-3Dan Walsh - 2.0.90-2Dan Walsh - 2.0.90-1Dan Walsh - 2.0.89-2Dan Walsh - 2.0.89-1Dan Walsh - 2.0.88-1Dan Walsh - 2.0.87-1Dan Walsh - 2.0.86-2Dan Walsh - 2.0.86-1Fedora Release Engineering - 2.0.85-2Dan Walsh - 2.0.85-1Dan Walsh - 2.0.84-1Dan Walsh - 2.0.82-2Dan Walsh - 2.0.82-1Dan Walsh - 2.0.81-1Dan Walsh - 2.0.80-1Dan Walsh - 2.0.79-6Dan Walsh - 2.0.79-5Dan Walsh - 2.0.79-4Dan Walsh - 2.0.79-3Dan Walsh - 2.0.79-1Dan Walsh - 2.0.78-5Dan Walsh - 2.0.78-4Dan Walsh - 2.0.78-3Dan Walsh - 2.0.78-2Dan Walsh - 2.0.78-1Fedora Release Engineering - 2.0.77-6Dan Walsh - 2.0.77-5Dan Walsh - 2.0.77-3Dan Walsh - 2.0.77-2Dan Walsh - 2.0.77-1Dan Walsh - 2.0.76-6Dan Walsh l - 2.0.76-5Dan Walsh - 2.0.76-4Ignacio Vazquez-Abrams - 2.0.76-2Dan Walsh - 2.0.76-1Dan Walsh - 2.0.75-2Dan Walsh - 2.0.75-1Dan Walsh - 2.0.73-1Dan Walsh - 2.0.71-6Dan Walsh - 2.0.71-5Dan Walsh - 2.0.71-4Dan Walsh - 2.0.71-3Dan Walsh - 2.0.71-2Dan Walsh - 2.0.71-1Dan Walsh - 2.0.70-1Dan Walsh - 2.0.69-2Dan Walsh - 2.0.69-1Dan Walsh - 2.0.67-4Dan Walsh - 2.0.67-3Dan Walsh - 2.0.67-2Dan Walsh - 2.0.67-1Dan Walsh - 2.0.65-1Dan Walsh - 2.0.64-3Dan Walsh - 2.0.64-2Dan Walsh - 2.0.64-1Dan Walsh - 2.0.61-4Dan Walsh - 2.0.61-3Dan Walsh - 2.0.61-2Dan Walsh - 2.0.61-1Dan Walsh - 2.0.60-1Dan Walsh - 2.0.59-2Dan Walsh - 2.0.59-1Dan Walsh - 2.0.58-1Dan Walsh - 2.0.57-2Dan Walsh - 2.0.57-1Dan Walsh - 2.0.56-1Dan Walsh - 2.0.55-1Dan Walsh - 2.0.53-1Dan Walsh - 2.0.52-1Dan Walsh - 2.0.50-1Dan Walsh - 2.0.49-2Dan Walsh - 2.0.49-1Dan Walsh - 2.0.48-1Dan Walsh - 2.0.47-4Adel Gadllah - 2.0.47-3Dan Walsh - 2.0.47-2Dan Walsh - 2.0.47-1Dan Walsh - 2.0.46-6Dan Walsh - 2.0.46-5Dan Walsh - 2.0.46-4Dan Walsh - 2.0.46-3Dan Walsh - 2.0.46-2Dan Walsh - 2.0.46-1Dan Walsh - 2.0.45-1Dan Walsh - 2.0.43-1Dan Walsh - 2.0.42-1Dan Walsh - 2.0.40-1Dan Walsh - 2.0.37-1Dan Walsh - 2.0.36-1Dan Walsh - 2.0.35-2Dan Walsh - 2.0.35-1Dan Walsh - 2.0.34-3Dan Walsh - 2.0.34-2Dan Walsh - 2.0.34-1Dan Walsh - 2.0.33-2Dan Walsh - 2.0.33-1Dan Walsh - 2.0.31-4Dan Walsh - 2.0.31-3Dan Walsh - 2.0.31-2Dan Walsh - 2.0.30-2Dan Walsh - 2.0.30-1Dan Walsh - 2.0.29-1Dan Walsh - 2.0.24-3Dan Walsh - 2.0.24-2Dan Walsh - 2.0.24-1Dan Walsh - 2.0.23-3Dan Walsh - 2.0.23-2Dan Walsh - 2.0.23-1Dan Walsh - 2.0.22-1Dan Walsh - 2.0.21-2Dan Walsh - 2.0.21-1Dan Walsh - 2.0.18-1Dan Walsh - 2.0.16-1Dan Walsh - 2.0.14-1Dan Walsh - 2.0.13-2Dan Walsh - 2.0.13-1Dan Walsh - 2.0.12-2Dan Walsh - 2.0.12-1Dan Walsh - 2.0.11-1Dan Walsh - 2.0.9-2Dan Walsh - 2.0.9-1Dan Walsh - 2.0.8-1Dan Walsh - 2.0.7-2Dan Walsh - 2.0.7-1Dan Walsh - 2.0.5-2Dan Walsh - 2.0.5-1Dan Walsh - 2.0.4-1Dan Walsh - 2.0.2-1Dan Walsh - 2.0.1-1Dan Walsh - 2.0.0-1Dan Walsh - 1.34.0-2Dan Walsh - 1.34.0-1Dan Walsh - 1.33.6-1Dan Walsh - 1.33.5-1Dan Walsh - 1.33.4-3Dan Walsh - 1.33.4-2Dan Walsh - 1.33.4-1Dan Walsh - 1.33.3-3Dan Walsh - 1.33.3-2Dan Walsh - 1.33.3-1Jeremy Katz - 1.33.2-4Dan Walsh - 1.33.2-3Dan Walsh - 1.33.2-2Dan Walsh - 1.33.2-1Dan Walsh - 1.33.1-2Dan Walsh - 1.33.1-1Dan Walsh - 1.32-1Jesse Keating - 1.30.29-2Dan Walsh - 1.30.29-1Jeremy Katz - 1.30.28-3Dan Walsh - 1.30.28-2Dan Walsh - 1.30.28-1Jeremy Katz - 1.30.27-2Dan Walsh - 1.30.27-1Jesse Keating - 1.20.26-2Dan Walsh - 1.30.25-1Dan Walsh - 1.30.24-1Dan Walsh - 1.30.22-2Dan Walsh - 1.30.22-1Dan Walsh - 1.30.20-1Jeremy Katz - 1.30.19-5Jeremy Katz - 1.30.19-4Dan Walsh 1.30.19-3Dan Walsh 1.30.19-2Dan Walsh 1.30.19-1Dan Walsh 1.30.15-5Dan Walsh 1.30.15-4Dan Walsh 1.30.15-3Dan Walsh 1.30.15-2Dan Walsh 1.30.15-1Dan Walsh 1.30.12-2Dan Walsh 1.30.12-1Dan Walsh 1.30.11-2Dan Walsh 1.30.11-1Dan Walsh 1.30.10-4Dan Walsh 1.30.10-3Dan Walsh 1.30.10-2Dan Walsh 1.30.10-1Dan Walsh 1.30.8-1Dan Walsh 1.30.7-2Dan Walsh 1.30.7-1Dan Walsh 1.30.6-2Dan Walsh 1.30.6-1Dan Walsh 1.30.5-1Dan Walsh 1.30.3-3Dan Walsh 1.30.3-2Dan Walsh 1.30.3-1Dan Walsh 1.30.1-2Dan Walsh 1.30.1-1Dan Walsh 1.30-1Jesse Keating - 1.29.7-1.2Jesse Keating - 1.29.7-1.1Dan Walsh 1.29.7-1Dan Walsh 1.29.6-1Dan Walsh 1.29.5-2Dan Walsh 1.29.5-1Dan Walsh 1.29.4-1Dan Walsh 1.29.3-2Dan Walsh 1.29.3-1Dan Walsh 1.29.2-4Dan Walsh 1.29.2-3Dan Walsh 1.29.2-2Dan Walsh 1.29.2-1Dan Walsh 1.29.1-3Jesse Keating Dan Walsh 1.29.1-1Dan Walsh 1.28-1Dan Walsh 1.27.28-2Dan Walsh 1.27.28-1Dan Walsh 1.27.26-1Dan Walsh 1.27.25-1Dan Walsh 1.27.23-1Dan Walsh 1.27.22-4Dan Walsh 1.27.22-3Dan Walsh 1.27.22-2Dan Walsh 1.27.22-1Dan Walsh 1.27.21-2Dan Walsh 1.27.21-1Dan Walsh 1.27.20-1Dan Walsh 1.27.19-1Dan Walsh 1.27.18-1Dan Walsh 1.27.17-4Dan Walsh 1.27.17-2Dan Walsh 1.27.17-1Dan Walsh 1.27.14-3Dan Walsh 1.27.14-2Dan Walsh 1.27.14-1Dan Walsh 1.27.13-2Dan Walsh 1.27.13-1Dan Walsh 1.27.12-1Dan Walsh 1.27.9-2Dan Walsh 1.27.9-1Dan Walsh 1.27.7-1Dan Walsh 1.27.6-1Dan Walsh 1.27.4-1Dan Walsh 1.27.3-1Dan Walsh 1.27.2-1Dan Walsh 1.27.1-3Dan Walsh 1.27.1-2Dan Walsh 1.26-6Dan Walsh 1.26-5Dan Walsh 1.26-3Dan Walsh 1.26-2Dan Walsh 1.25.7-1Dan Walsh 1.25.6-1Dan Walsh 1.25.5-1Dan Walsh 1.25.4-1Dan Walsh 1.25.3-2Dan Walsh 1.25.3-1Dan Walsh 1.25.2-2Dan Walsh 1.25.2-1Dan Walsh 1.24.2-1Dan Walsh 1.24.1-1Dan Walsh 1.23.11-1Dan Walsh 1.23.10-3Dan Walsh 1.23.10-2Dan Walsh 1.23.10-1Dan Walsh 1.23.8-1Dan Walsh 1.23.7-3Dan Walsh 1.23.7-2Dan Walsh 1.23.7-1Dan Walsh 1.23.6-1Dan Walsh 1.23.5-1Dan Walsh 1.23.4-1Dan Walsh 1.23.2-3Dan Walsh 1.23.2-2Dan Walsh 1.23.2-1Dan Walsh 1.23.1-1Dan Walsh 1.22-1Dan Walsh 1.21.13-1Dan Walsh 1.21.12-1Dan Walsh 1.21.11-2Dan Walsh 1.21.11-1Dan Walsh 1.21.10-3Dan Walsh 1.21.10-1Dan Walsh 1.21.9-2Dan Walsh 1.21.9-1Dan Walsh 1.21.8-1Dan Walsh 1.21.7-1Dan Walsh 1.21.5-1Dan Walsh 1.21.4-1Dan Walsh 1.21.2-1Dan Walsh 1.21.1-3Dan Walsh 1.21.1-2Dan Walsh 1.21.1-1Dan Walsh 1.20.1-3Dan Walsh 1.20.1-2Dan Walsh 1.20.1-1Dan Walsh 1.19.4-1Dan Walsh 1.19.3-3Dan Walsh 1.19.3-2Dan Walsh 1.19.3-1Dan Walsh 1.19.2-1Dan Walsh 1.19.1-6Dan Walsh 1.19.1-4Dan Walsh 1.19.1-2Dan Walsh 1.19.1-1Steve Grubb 1.18.1-5Dan Walsh 1.18.1-4Dan Walsh 1.18.1-3Steve Grubb 1.18.1-2Dan Walsh 1.18.1-1Steve Grubb 1.17.15-2Steve Grubb 1.17.15-2Dan Walsh 1.17.15-1Dan Walsh 1.17.14-1Dan Walsh 1.17.13-3Dan Walsh 1.17.13-2Dan Walsh 1.17.13-1Dan Walsh 1.17.12-2Dan Walsh 1.17.12-1Dan Walsh 1.17.11-1Dan Walsh 1.17.10-1Dan Walsh 1.17.9-2Dan Walsh 1.17.9-1Dan Walsh 1.17.8-2Dan Walsh 1.17.8-1Dan Walsh 1.17.7-1Dan Walsh 1.17.6-1Dan Walsh 1.17.5-1Dan Walsh 1.17.4-1Dan Walsh 1.17.3-1Dan Walsh 1.17.2-1Dan Walsh 1.17.1-1Dan Walsh 1.16.1-1Colin Walters 1.16-1Dan Walsh 1.15.7-1Dan Walsh 1.15.6-1Dan Walsh 1.15.5-1Dan Walsh 1.15.4-1Dan Walsh 1.15.3-2Dan Walsh 1.15.3-1Dan Walsh 1.15.2-1Dan Walsh 1.15.1-3Dan Walsh 1.15.1-2Dan Walsh 1.15.1-1Dan Walsh 1.14.1-1Dan Walsh 1.13.4-1Elliot Lee Dan Walsh 1.13.3-2Dan Walsh 1.13.2-1Dan Walsh 1.13.1-1Dan Walsh 1.12-2Dan Walsh 1.12-1Dan Walsh 1.11.4-1Dan Walsh 1.11.3-1Dan Walsh 1.11.2-1Dan Walsh 1.11-4Dan Walsh 1.11-3Dan Walsh 1.11-2Dan Walsh 1.11-1Dan Walsh 1.10-2Dan Walsh 1.10-1Dan Walsh 1.9-1Dan Walsh 1.8-1Dan Walsh 1.6-6Dan Walsh 1.6-5Dan Walsh 1.6-4Dan Walsh 1.6-3Dan Walsh 1.6-2Elliot Lee Dan Walsh 1.4-11Elliot Lee Dan Walsh 1.4-9Dan Walsh 1.4-8Dan Walsh 1.4-7Dan Walsh 1.4-6Dan Walsh 1.4-5Dan Walsh 1.4-4Dan Walsh 1.4-3Dan Walsh 1.4-2Dan Walsh 1.4-1Dan Walsh 1.3-2Dan Walsh 1.3-1Dan Walsh 1.2-9Dan Walsh 1.2-8Dan Walsh 1.2-7Dan Walsh 1.2-6Dan Walsh 1.2-5Dan Walsh 1.2-4Dan Walsh 1.2-3Dan Walsh 1.2-2Dan Walsh 1.2-1Dan Walsh 1.0-1- Build libselinux-python3 subpackage (#1756015)- Add conflict with selinux policy from before store migration (#1469571)- Correct manpages regarding removable_context (#1395621)- Improve getfilecon man page (#1258513)- Fix audit2why.init error reporting (#1435139)- Add missing av_permission values (#1025931) - Set an appropriate errno in booleans.c (#1402140) - Change matchpathcon usage to match with matchpathcon manpage (#1412797)- Fix pointer handling in realpath_not_final (#1404644)- selinux_restorecon: fix realpath logic (#1386498)- Keep recursing if matchpathcon returns ENOENT (#1406520)- Handle NULL pcre study data- Fix in tree compilation of utils that depend on libsepol- Clarify is_selinux_mls_enabled() description - Explain how to free policy type from selinux_getpolicytype() - Compare absolute pathname in matchpathcon -V - Add selinux_snapperd_contexts_path() - Modify audit2why analyze function to use loaded policy - Sort object files for deterministic linking order - Respect CC and PKG_CONFIG environment variable - Avoid mounting /proc outside of selinux_init_load_policy() - Fix multiple spelling errors- Fix setexecfilecon() to work better in a chroot (#1329931) - Fix typo in sefcontext_compile.8 (#1320062)- Fix location of selinuxfs mount point (#1321086) - Only mount /proc if necessary - procattr: return einval for <= 0 pid args - procattr: return error on invalid pid_t inpu- Update to upstream release 2016-02-23- Add additional go bindings for get*con calls - Add go bindings test command - Modify man pages of set*con calls to mention that they are thread specific Resolves:#1053122- Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go - Add Int_to_mcs function to generate MCS labels from integers.- Fix libselinux.spec file - Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go - Add Int_to_mcs function to generate MCS labels from integers.- Mass rebuild 2014-01-24- Add ghost flag for /var/run/setrans Resolves: #1053122- Update to upstream * Fix userspace AVC handling of per-domain permissive mode. - Verify context is not null when passed into *setfilecon_raw- revert unexplained change to rhat.patch which broke SELinux disablement- Verify context is not null when passed into lsetfilecon_raw- Mv selinux.go to /usr/share/gocode/src/selinux - Add golang support to selinux.- Mass rebuild 2013-12-27- Remove togglesebool man page Resolves: #1038606- Update to upstream * Remove -lpthread from pkg-config file; it is not required. - Add support for policy compressed with xv- Update to upstream * Fix avc_has_perm() returns -1 even when SELinux is in permissive mode. * Support overriding Makefile RANLIB from Sven Vermeulen. * Update pkgconfig definition from Sven Vermeulen. * Mount sysfs before trying to mount selinuxfs from Sven Vermeulen. * Fix man pages from Laurent Bigonville. * Support overriding PATH and LIBBASE in Makefiles from Laurent Bigonville. * Fix LDFLAGS usage from Laurent Bigonville * Avoid shadowing stat in load_mmap from Joe MacDonald. * Support building on older PCRE libraries from Joe MacDonald. * Fix handling of temporary file in sefcontext_compile from Dan Walsh. * Fix procattr cache from Dan Walsh. * Define python constants for getenforce result from Dan Walsh. * Fix label substitution handling of / from Dan Walsh. * Add selinux_current_policy_path from Dan Walsh. * Change get_context_list to only return good matches from Dan Walsh. * Support udev-197 and higher from Sven Vermeulen and Dan Walsh. * Add support for local substitutions from Dan Walsh. * Change setfilecon to not return ENOSUP if context is already correct from Dan Walsh. * Python wrapper leak fixes from Dan Walsh. * Export SELINUX_TRANS_DIR definition in selinux.h from Dan Walsh. * Add selinux_systemd_contexts_path from Dan Walsh. * Add selinux_set_policy_root from Dan Walsh. * Add man page for sefcontext_compile from Dan Walsh.- Add systemd_contexts support - Do substitutions on a local sub followed by a dist sub Resolves: #971425- Eliminate requirement on pthread library, by applying patch for Jakub Jelinek Resolves: #1013801- Fix handling of libselinux getconlist with only one entry- Add Python constants for SELinux enforcing modes- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Add sefcontext_compile.8 man page - Add Russell Coker patch to fix man pages - Add patches from Laurent Bigonville to fix Makefiles for debian. - modify spec file to use /usr/lib- Fix patch that Handles substitutions for /- Handle substitutions for / - semanage fcontext -a -e / /opt/rh/devtoolset-2/root- Add Eric Paris patch to fix procattr calls after a fork.- Move secolor.conf.5 into mcstrans package and out of libselinux- Fix python bindings for selinux_check_access- Fix reseting the policy root in matchpathcon- Cleanup setfcontext_compile atomic patch - Add matchpathcon -P /etc/selinux/mls support by allowing users to set alternate root - Make sure we set exit codes from selinux_label calls to ENOENT or SUCCESS- Make setfcontext_compile atomic- Fix memory leak in set*con calls.- Move matchpathcon to -utils package - Remove togglesebool- Fix selinux man page to reflect what current selinux policy is.- Add new constant SETRANS_DIR which points to the directory where mstransd can find the socket and libvirt can write its translations files.- Bring back selinux_current_policy_path- Revert some changes which are causing the wrong policy version file to be created- Update to upstream * audit2why: make sure path is nul terminated * utils: new file context regex compiler * label_file: use precompiled filecontext when possible * do not leak mmapfd * sefcontontext_compile: Add error handling to help debug problems in libsemanage. * man: make selinux.8 mention service man pages * audit2why: Fix segfault if finish() called twice * audit2why: do not leak on multiple init() calls * mode_to_security_class: interface to translate a mode_t in to a security class * audit2why: Cleanup audit2why analysys function * man: Fix program synopsis and function prototypes in man pages * man: Fix man pages formatting * man: Fix typo in man page * man: Add references and man page links to _raw function variants * Use ENOTSUP instead of EOPNOTSUPP for getfilecon functions * man: context_new(3): fix the return value description * selinux_status_open: handle error from sysconf * selinux_status_open: do not leak statusfd on exec * Fix errors found by coverity * Change boooleans.subs to booleans.subs_dist. * optimize set*con functions * pkg-config do not specifc ruby version * unmap file contexts on selabel_close() * do not leak file contexts with mmap'd backend * sefcontext_compile: do not leak fd on error * matchmediacon: do not leak fd * src/label_android_property: do not leak fd on error- Update to latest patches from eparis/Upstream- Update to latest patches from eparis/Upstream- Try procatt speedup patch again- Roll back procattr speedups since it seems to be screwing up systemd labeling.- Fix tid handling for setfscreatecon, old patch still broken in libvirt- Fix tid handling for setfscreatecon, old patch still broken in libvirt- setfscreatecon after fork was broken by the Set*con patch. - We needed to reset the thread variables after a fork.- Fix setfscreatecon call to handle failure mode, which was breaking udev- Ondrej Oprala patch to optimize set*con functions - Set*con now caches the security context and only re-sets it if it changes.- Rebuild against latest libsepol- Update to latest patches from eparis/Upstream - Fix errors found by coverity - set the sepol_compute_av_reason_buffer flag to 0. This means calculate denials only? - audit2why: remove a useless policy vers variable - audit2why: use the new constraint information- Rebuild with latest libsepol- Return EPERM if login program can not reach default label for user - Attempt to return container info from audit2why- Apply patch from eparis to fix leaked file descriptor in new labeling code- Add new function mode_to_security_class which takes mode instead of a string. - Possibly will be used with coreutils.- Add back selinuxconlist and selinuxdefcon man pages- Fix segfault from calling audit2why.finish() multiple times- Fix up selinux man page to reference service man pages- Rebuild with fixed libsepol- Update to upstream * Add support for lxc_contexts_path * utils: add service to getdefaultcon * libsemanage: do not set soname needlessly * libsemanage: remove PYTHONLIBDIR and ruby equivalent * boolean name equivalency * getsebool: support boolean name substitution * Add man page for new selinux_boolean_sub function. * expose selinux_boolean_sub * matchpathcon: add -m option to force file type check * utils: avcstat: clear sa_mask set * seusers: Check for strchr failure * booleans: initialize pointer to silence coveriety * stop messages when SELinux disabled * label_file: use PCRE instead of glibc regex functions * label_file: remove all typedefs * label_file: move definitions to include file * label_file: do string to mode_t conversion in a helper function * label_file: move error reporting back into caller * label_file: move stem/spec handling to header * label_file: drop useless ncomp field from label_file data * label_file: move spec_hasMetaChars to header * label_file: fix potential read past buffer in spec_hasMetaChars * label_file: move regex sorting to the header * label_file: add accessors for the pcre extra data * label_file: only run regex files one time * label_file: new process_file function * label_file: break up find_stem_from_spec * label_file: struct reorg * label_file: only run array once when sorting * Ensure that we only close the selinux netlink socket once. * improve the file_contexts.5 manual page- rebuild for https://fedoraproject.org/wiki/Features/Python_3.3- make with_python3 be conditional on fedora- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d- Revert Eric Paris Patch for selinux_binary_policy_path- Update to upstream * Fortify source now requires all code to be compiled with -O flag * asprintf return code must be checked * avc_netlink_recieve handle EINTR * audit2why: silence -Wmissing-prototypes warning * libsemanage: remove build warning when build swig c files * matchpathcon: bad handling of symlinks in / * seusers: remove unused lineno * seusers: getseuser: gracefully handle NULL service * New Android property labeling backend * label_android_property whitespace cleanups * additional makefile support for rubywrap- Fix booleans.subs name, change function name to selinux_boolean_sub, add man page, minor fixes to the function- Fix to compile with Fortify source * Add -O compiler flag * Check return code from asprintf - Fix handling of symbolic links in / by realpath_not_final- Add support for lxc contexts file- Add support fot boolean subs file- Update to upstream * Fix dead links to www.nsa.gov/selinux * Remove jump over variable declaration * Fix old style function definitions * Fix const-correctness * Remove unused flush_class_cache method * Add prototype decl for destructor * Add more printf format annotations * Add printf format attribute annotation to die() method * Fix const-ness of parameters & make usage() methods static * Enable many more gcc warnings for libselinux/src/ builds * utils: Enable many more gcc warnings for libselinux/utils builds * Change annotation on include/selinux/avc.h to avoid upsetting SWIG * Ensure there is a prototype for 'matchpathcon_lib_destructor' * Update Makefiles to handle /usrmove * utils: Stop separating out matchpathcon as something special * pkg-config to figure out where ruby include files are located * build with either ruby 1.9 or ruby 1.8 * assert if avc_init() not called * take security_deny_unknown into account * security_compute_create_name(3) * Do not link against python library, this is considered * bad practice in debian * Hide unnecessarily-exported library destructors- Add selinux_current_policy_path to return /sys/fs/selinux/policy if it exists - Otherwise search for policy on disk- Change selinux_binary_policy_path to return /sys/fs/selinux/policy - Add selinux_installed_policy_path to return what selinux_binary_policy_path used to return - avc_has_perm will now return yes if the machine is in permissive mode - Make work with ruby-1.9- avc_netlink_recieve should continue to poll if it receinves an EINTR rather- use /sbin/ldconfig, glibc does not provide /usr/sbin/ldconfig in the RPM database for now- Rebuild with cleaned up upstream to work in /usr- install everything in /usr https://fedoraproject.org/wiki/Features/UsrMove- Add Dan Berrange code cleanup patches.- Fix selabal_open man page to refer to proper selinux_opt structure-Update to upstream * Fix setenforce man page to refer to selinux man page * Cleanup Man pages * merge freecon with getcon man page- Add patch from Richard Haines When selabel_lookup found an invalid context with validation enabled, it always stated it was 'file_contexts' whether media, x, db or file. The fix is to store the spec file name in the selabel_lookup_rec on selabel_open and use this as output for logs. Also a minor fix if key is NULL to stop seg faults. - Fix setenforce manage page.- Rebuild with new libsepol- Fix setenforce man page, from Miroslav Grepl- Upgrade to upstream * selinuxswig_python.i: don't make syscall if it won't change anything * Remove assert in security_get_boolean_names(3) * Mapped compute functions now obey deny_unknown flag * get_default_type now sets EINVAL if no entry. * return EINVAL if invalid role selected * Updated selabel_file(5) man page * Updated selabel_db(5) man page * Updated selabel_media(5) man page * Updated selabel_x(5) man page * Add man/man5 man pages * Add man/man5 man pages * Add man/man5 man pages * use -W and -Werror in utils- Change python binding for restorecon to check if the context matches. - If it does do not reset- Upgrade to upstream * Makefiles: syntax, convert all ${VAR} to $(VAR) * load_policy: handle selinux=0 and /sys/fs/selinux not exist * regenerate .pc on VERSION change * label: cosmetic cleanups * simple interface for access checks * Don't reinitialize avc_init if it has been called previously * seusers: fix to handle large sets of groups * audit2why: close fd on enomem * rename and export symlink_realpath * label_file: style changes to make Eric happy.- Apply libselinux patch to handle large groups in seusers.- Add selinux_check_access function. Needed for passwd, chfn, chsh- Handle situation where selinux=0 passed to the kernel and both /selinux and-Update to upstream * utils: matchpathcon: remove duplicate declaration * src: matchpathcon: use myprintf not fprintf * src: matchpathcon: make sure resolved path starts * put libselinux.so.1 in /lib not /usr/lib * tree: default make target to all not- Switch to use ":" as prefix separator rather then ";"- Avoid unnecessary shell invocation in %post.- Fix handling of subset labeling that is causing segfault in restorecon- Change matchpathcon_init_prefix and selabel_open to allow multiple initial prefixes. Now you can specify a ";" separated list of prefixes and the labeling system will only load regular expressions that match these prefixes.- Change matchpatcon to use proper myprintf - Fix symlink_realpath to always include "/" - Update to upstream * selinux_file_context_verify function returns wrong value. * move realpath helper to matchpathcon library * python wrapper makefile changes- Move to new Makefile that can build with or without PYTHON being set-Update to upstream 2.1.4 2011-0817 * mapping fix for invalid class/perms after selinux_set_mapping * audit2why: work around python bug not defining * resolv symlinks and dot directories before matching 2.1.2 2011-0803 * audit2allow: do not print statistics * make python bindings for restorecon work on relative path * fix python audit2why binding error * support new python3 functions * do not check fcontext duplicates on use * Patch for python3 for libselinux 2.1.1 2011-08-02 * move .gitignore into utils * new setexecon utility * selabel_open fix processing of substitution files * mountpoint changing patch. * simplify SRCS in Makefile 2.1.1 2011-08-01 * Remove generated files, introduce more .gitignore-Update to upstream * Release, minor version bump * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Only call dups check within selabel/matchpathcon if you are validating the context - This seems to speed the loading of labels by 4 times.- Move /selinux to /sys/fs/selinux - Add selinuxexeccon - Add realpath to matchpathcon to handle matchpathcon * type queries.- Update for latest libsepol- Update for latest libsepol- Fix restorecon python binding to accept relative paths-Update to upstream * Give correct names to mount points in load_policy by Dan Walsh. * Make sure selinux state is reported correctly if selinux is disabled or fails to load by Dan Walsh. * Fix crash if selinux_key_create was never called by Dan Walsh. * Add new file_context.subs_dist for distro specific filecon substitutions by Dan Walsh. * Update man pages for selinux_color_* functions by Richard Haines.- Clean up patch to make handling of constructor cleanup more portable * db_language object class support for selabel_lookup from KaiGai Kohei. * Library destructors for thread local storage keys from Eamon Walsh.- Add distribution subs pathAdd patch from dbhole@redhat.com to initialize thread keys to -1 Errors were being seen in libpthread/libdl that were related to corrupt thread specific keys. Global destructors that are called on dl unload. During destruction delete a thread specific key without checking if it has been initialized. Since the constructor is not called each time (i.e. key is not initialized with pthread_key_create each time), and the default is 0, there is a possibility that key 0 for an active thread gets deleted. This is exactly what is happening in case of OpenJDK. Workaround patch that initializes the key to -1. Thus if the constructor is not called, the destructor tries to delete key -1 which is deemed invalid by pthread_key_delete, and is ignored.- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data- Change mount source options to use "proc" and "selinuxfs"- Update to upstream * Turn off default user handling when computing user contexts by Dan Walsh- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fixup selinux man page- Fix Makefile to use pkg-config --cflags python3 to discover include paths- Update to upstream - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Update to upstream * Thread local storage fixes from Eamon Walsh.- Add /etc/tmpfiles.d support for /var/run/setrans- Ghost /var/run/setrans- Rebuilt for gcc bug 634757- rebuild via updated swig (#624674)- Update for python 3.2a1- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- Turn off messages in audit2why- Update to upstream * Add const qualifiers to public API where appropriate by KaiGai Kohei. 2.0.95 2010-06-10 * Remove duplicate slashes in paths in selabel_lookup from Chad Sellers * Adds a chcon method to the libselinux python bindings from Steve Lawrence - add python3 subpackage from David Malcolm* Set errno=EINVAL for invalid contexts from Dan Walsh.- Update to upstream * Show strerror for security_getenforce() by Colin Waters. * Merged selabel database support by KaiGai Kohei. * Modify netlink socket blocking code by KaiGai Kohei.- Update to upstream * Fix from Eric Paris to fix leak on non-selinux systems. * regenerate swig wrappers * pkgconfig fix to respect LIBDIR from Dan Walsh.- Update to upstream * Change the AVC to only audit the permissions specified by the policy, excluding any permissions specified via dontaudit or not specified via auditallow. * Fix compilation of label_file.c with latest glibc headers.- Fix potential doublefree on init- Fix libselinux.pc- Fix man page for selinuxdefcon- Free memory on disabled selinux boxes- Update to upstream * add/reformat man pages by Guido Trentalancia . * Change exception.sh to be called with bash by Manoj Srivastava - Fix selinuxdefcon man page- Update to upstream * Add pkgconfig file from Eamon Walsh.- Update to upstream * Rename and export selinux_reset_config()- Update to upstream * Add exception handling in libselinux from Dan Walsh. This uses a shell script called exception.sh to generate a swig interface file. * make swigify * Make matchpathcon print <> if path not found in fcontext file.- Eliminate -pthread switch in Makefile- Update to upstream * Removal of reference counting on userspace AVC SID's.- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Update to upstream * Reverted Tomas Mraz's fix for freeing thread local storage to avoid pthread dependency. * Removed fini_context_translations() altogether. * Merged lazy init patch from Stephen Smalley based on original patch by Steve Grubb.- Update to upstream * Add per-service seuser support from Dan Walsh. * Let load_policy gracefully handle selinuxfs being mounted from Stephen Smalley. * Check /proc/filesystems before /proc/mounts for selinuxfs from Eric Paris.- Add provices ruby(selinux)- Update to upstream * Fix improper use of thread local storage from Tomas Mraz . * Label substitution support from Dan Walsh. * Support for labeling virtual machine images from Dan Walsh.- Update to upstream * Trim / from the end of input paths to matchpathcon from Dan Walsh. * Fix leak in process_line in label_file.c from Hiroshi Shinji. * Move matchpathcon to /sbin, add matchpathcon to clean target from Dan Walsh. * getdefaultcon to print just the correct match and add verbose option from Dan Walsh.- Update to upstream * deny_unknown wrapper function from KaiGai Kohei. * security_compute_av_flags API from KaiGai Kohei. * Netlink socket management and callbacks from KaiGai Kohei.- Fix Memory Leak- Fix crash in python- Add back in additional interfaces- Add back in av_decision to python swig- Update to upstream * Netlink socket handoff patch from Adam Jackson. * AVC caching of compute_create results by Eric Paris.- Add patch from ajax to accellerate X SELinux - Update eparis patch- Add eparis patch to accellerate Xwindows performance- Fix URL- Add substitute pattern - matchpathcon output <> on ENOENT- Update to upstream * Fix incorrect conversion in discover_class code.- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- Add - selinux_virtual_domain_context_path - selinux_virtual_image_context_path- Throw exeptions in python swig bindings on failures- Fix restorecon python code- Update to upstream- Strip trailing / for matchpathcon- Fix segfault if seusers file does not work- Add new function getseuser which will take username and service and return - seuser and level. ipa will populate file in future. - Change selinuxdefcon to return just the context by default- Rebuild for Python 2.6- Update to Upstream * Allow shell-style wildcards in x_contexts file.- Eamon Walsh Patch - libselinux: allow shell-style wildcarding in X names - Add Restorecon/Install python functions from Luke Macken- Update to Upstream * Correct message types in AVC log messages. * Make matchpathcon -V pass mode from Dan Walsh. * Add man page for selinux_file_context_cmp from Dan Walsh.- Update to Upstream * New man pages from Dan Walsh. * Update flask headers from refpolicy trunk from Dan Walsh.- Fix matchpathcon -V call- Add flask definitions for open, X and nlmsg_tty_audit- Add missing get/setkeycreatecon man pages- Split out utilities- Add missing man page links for [lf]getfilecon- Update to Upstream * Add group support to seusers using %groupname syntax from Dan Walsh. * Mark setrans socket close-on-exec from Stephen Smalley. * Only apply nodups checking to base file contexts from Stephen Smalley.- Update to Upstream * Merge ruby bindings from Dan Walsh. - Add support for Linux groups to getseuserbyname- Allow group handling in getseuser call- Update to Upstream * Handle duplicate file context regexes as a fatal error from Stephen Smalley. This prevents adding them via semanage. * Fix audit2why shadowed variables from Stephen Smalley. * Note that freecon NULL is legal in man page from Karel Zak.- Add ruby support for puppet- Rebuild for new libsepol- Add Karel Zak patch for freecon man page- Update to Upstream * New and revised AVC, label, and mapping man pages from Eamon Walsh. * Add swig python bindings for avc interfaces from Dan Walsh.- Update to Upstream * Fix selinux_file_context_verify() and selinux_lsetfilecon_default() to call matchpathcon_init_prefix if not already initialized. * Add -q qualifier for -V option of matchpathcon and change it to indicate whether verification succeeded or failed via exit status.- libselinux no longer neets to telnet -u in post install- Add sedefaultcon and setconlist commands to dump login context- Update to Upstream * Fixed selinux_set_callback man page. * Try loading the max of the kernel-supported version and the libsepol-supported version when no manipulation of the binary policy is needed from Stephen Smalley. * Fix memory leaks in matchpathcon from Eamon Walsh.- Add Xavior Toth patch for security_id_t in swig- Add avc.h to swig code- Grab the latest policy for the kernel- Update to Upstream * Man page typo fix from Jim Meyering.- Update to Upstream * Changed selinux_init_load_policy() to not warn about a failed mount of selinuxfs if selinux was disabled in the kernel.- Fix matchpathcon memory leak- Update to Upstream * Merged new X label "poly_selection" namespace from Eamon Walsh.- Update to Upstream * Merged reset_selinux_config() for load policy from Dan Walsh.- Reload library on loading of policy to handle chroot- Update to Upstream * Merged avc_has_perm() errno fix from Eamon Walsh.- Update to Upstream * Regenerated Flask headers from refpolicy flask definitions.- Update to Upstream * Merged compute_member AVC function and manpages from Eamon Walsh. * Provide more error reporting on load policy failures from Stephen Smalley.- Update to Upstream * Merged new X label "poly_prop" namespace from Eamon Walsh.- Update to Upstream * Disable setlocaldefs if no local boolean or users files are present from Stephen Smalley. * Skip userspace preservebools processing for Linux >= 2.6.22 from Stephen Smalley.- Update to Upstream * Merged fix for audit2why from Dan Walsh.- Fix audit2why to grab latest policy versus the one selected by the kernel* Merged audit2why python binding from Dan Walsh.* Merged updated swig bindings from Dan Walsh, including typemap for pid_t.- Update to use libsepol-static library- Move libselinux.a to -static package - Spec cleanups- Put back libselinux.a- Fix memory references in audit2why and change to use tuples - Update to Upstream * Fix for the avc: granted null message bug from Stephen Smalley.- Fix __init__.py specification- Add audit2why python bindings- Add pid_t typemap for swig bindings- smp_mflag- Fix spec file caused by spec review- Upgrade to upstream * matchpathcon(8) man page update from Dan Walsh.- Upgrade to upstream * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley. * Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley. * A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.- Upgrade to upstream * Regenerated Flask headers from policy.- Upgrade to upstream * AVC enforcing mode override patch from Eamon Walsh. * Aligned attributes in AVC netlink code from Eamon Walsh. - Move libselinux.so back into devel package, procps has been fixed- Upgrade to upstream * Merged refactored AVC netlink code from Eamon Walsh. * Merged new X label namespaces from Eamon Walsh. * Bux fix and minor refactoring in string representation code.- Upgrade to upstream * Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.- Upgrade to upstream * Fix segfault resulting from missing file_contexts file.- Fix segfault on missing file_context file- Upgrade to upstream * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh. * Pass CFLAGS when using gcc for linking from Dennis Gilmore.- Add sparc patch to from Dennis Gilmore to build on Sparc platform- Remove leaked file descriptor- Upgrade to latest from NSA * Fix selabel option flag setting for 64-bit from Stephen Smalley.- Change matchpatcon to use syslog instead of syserror- Upgrade to latest from NSA * Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley. * Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley. * Fix swig binding for rpm_execcon from James Athey.- Apply James Athway patch to fix rpm_execcon python binding- Move libselinux.so back into main package, breaks procps- Upgrade to upstream * Fix file_contexts.homedirs path from Todd Miller.- Remove requirement on setransd, Moved to selinux-policy-mls- Move libselinux.so into devel package - Upgrade to upstream * Fix segfault resulting from uninitialized print-callback pointer. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh.- Upgrade to upstream * Updated version for stable branch. * Added x_contexts path function patch from Eamon Walsh. * Fix build for EMBEDDED=y from Yuichi Nakamura. * Fix markup problems in selinux man pages from Dan Walsh. * Updated av_permissions.h and flask.h to include new nscd permissions from Dan Walsh. * Added swigify to top-level Makefile from Dan Walsh. * Fix for string_to_security_class segfault on x86_64 from Stephen Smalley.- Apply Steven Smalley patch to fix segfault in string_to_security_class- Fix matchpathcon to set default myprintf- Upgrade to upstream * Fix for getfilecon() for zero-length contexts from Stephen Smalley.- Update to match flask/access_vectors in policy- Fix man page markup lanquage for translations- Fix semanage segfault on x86 platform- Upgrade to upstream * Labeling and callback interface patches from Eamon Walsh.- Refactored swig- Upgrade to upstream * Class and permission mapping support patches from Eamon Walsh. * Object class discovery support patches from Chris PeBenito. * Refactoring and errno support in string representation code.- Upgrade to upstream - Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura. This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case. 2.0.17 2007-05-31 * Updated Lindent script and reindented two header files.- Upgrade to upstream * Merged additional swig python bindings from Dan Walsh. * Merged helpful message when selinuxfs mount fails patch from Dax Kelson.- Upgrade to upstream * Merged build fix for avc_internal.c from Joshua Brindle.- Add get_context_list funcitions to swig file- Upgrade to upstream * Merged rpm_execcon python binding fix, matchpathcon man page fix, and getsebool -a handling for EACCES from Dan Walsh.- Add missing interface- Upgrade to upstream * Merged support for getting initial contexts from James Carter.- Upgrade to upstream * Merged userspace AVC patch to follow kernel's behavior for permissive mode in caching previous denials from Eamon Walsh. * Merged sidput(NULL) patch from Eamon Walsh.- Make rpm_exec swig work- Upgrade to upstream * Merged class/av string conversion and avc_compute_create patch from Eamon Walsh.- Upgrade to upstream * Merged fix for avc.h #include's from Eamon Walsh.- Add stdint.h to avc.h- Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb. - Merged patch to drop support for old /etc/sysconfig/selinux and - /etc/security policy file layout from Steve Grubb.- Do not fail on permission denied in getsebool- Upgrade to upstream * Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve Grubb.- Upgrade to upstream * Removed sending of setrans init message. * Merged matchpathcon memory leak fix from Steve Grubb.- Upgrade to upstream * Merged more swig initializers from Dan Walsh.- Upgrade to upstream * Merged patch from Todd Miller to convert int types over to C99 style.- Merged patch from Todd Miller to remove sscanf in matchpathcon.c because of the use of the non-standard format (original patch changed for style). - Merged patch from Todd Miller to fix memory leak in matchpathcon.c.- Add context function to python to split context into 4 parts- Upgrade to upstream * Updated version for stable branch.- Upgrade to upstream * Merged man page updates to make "apropos selinux" work from Dan Walsh.- Upgrade to upstream * Merged getdefaultcon utility from Dan Walsh.- Add Ulrich NSCD__GETSERV and NSCD__SHMEMGRP for Uli- Add reference to selinux man page in all man pages to make apropos work Resolves: # 217881- Upstream wanted some minor changes, upgrading to keep api the same - Upgrade to upstream * Merged selinux_check_securetty_context() and support from Dan Walsh. Resolves: #200110- Cleanup patch- Add securetty handling Resolves: #200110- Upgrade to upstream * Merged patch for matchpathcon utility to use file mode information when available from Dan Walsh.- rebuild against python 2.5- Fix matchpathcon to lstat files- Update man page- Upgrade to upstream- Add James Antill patch for login verification of MLS Levels - MLS ragnes need to be checked, Eg. login/cron. This patch adds infrastructure.- Upgrade to latest from NSA * Merged updated flask definitions from Darrel Goeddel. This adds the context security class, and also adds the string definitions for setsockcreate and polmatch.- Upgrade to latest from NSA * Updated version for release.- rebuilt for unwind info generation, broken in gcc-4.1.1-21- Upgrade to latest from NSA * Merged av_permissions.h update from Steve Grubb, adding setsockcreate and polmatch definitions.- really make -devel depend on libsepol-devel- Add sgrubb patch for polmatch- Upgrade to latest from NSA * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client- have -devel require libsepol-devel- Upgrade to latest from NSA * Merged patch to not log avc stats upon a reset from Steve Grubb. * Applied patch to revert compat_net setting upon policy load. * Merged file context homedir and local path functions from Chris PeBenito.- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc* (#203001)- Upgrade to latest from NSA * Merged file context homedir and local path functions from Chris PeBenito. * Rework functions that access /proc/pid/attr to access the per-thread nodes, and unify the code to simplify maintenance.- Upgrade to latest from NSA * Merged return value fix for *getfilecon() from Dan Walsh. * Merged sockcreate interfaces from Eric Paris.- Fix translation return codes to return size of buffer- Upgrade to latest from NSA * Merged no-tls-direct-seg-refs patch from Jeremy Katz. * Merged netfilter_contexts support patch from Chris PeBenito.- Upgrade to latest from NSA * Merged context_*_set errno patch from Jim Meyering.- only build non-fpic objects with -mno-tls-direct-seg-refs- build with -mno-tls-direct-seg-refs on x86 to avoid triggering segfaults with xen (#200783)- Rebuild for new gcc- Fix libselinux to not telinit during installs- Upgrade to latest from NSA * Lindent. * Merged {get,set}procattrcon patch set from Eric Paris. * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. * Regenerated Flask headers from refpolicy. * Merged patch from Dan Walsh with: - Added selinux_file_context_{cmp,verify}. - Added selinux_lsetfilecon_default. - Delay translation of contexts in matchpathcon.- Yet another change to matchpathcon- Turn off error printing in library. Need to compile with DEBUG to get it back- Fix error reporting of matchpathcon- Add function to compare file context on disk versus contexts in file_contexts file.- Upgrade to latest from NSA * Merged patch from Dan Walsh with: * Added selinux_getpolicytype() function. * Modified setrans code to skip processing if !mls_enabled. * Set errno in the !selinux_mnt case. * Allocate large buffers from the heap, not on stack. Affects is_context_customizable, selinux_init_load_policy, and selinux_getenforcemode.- Add selinux_getpolicytype()- Upgrade to latest from NSA * Merged !selinux_mnt checks from Ian Kent.- Check for selinux_mnt == NULL- Merged matchmediacon and trans_to_raw_context fixes from Serge Hallyn.- Remove getseuser- Bump requires to grab latest libsepol- Add BuildRequires for swig- Upgrade to latest from NSA * Merged simple setrans client cache from Dan Walsh. Merged avcstat patch from Russell Coker. * Modified selinux_mkload_policy() to also set /selinux/compat_net appropriately for the loaded policy.- More fixes for translation cache - Upgrade to latest from NSA * Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().- Add simple cache to improve translation speed- Upgrade to latest from NSA * Merged setrans client cleanup patch from Steve Grubb.- Add Russell's AVC patch to handle large numbers- Upgrade to latest from NSA * Merged getfscreatecon man page fix from Dan Walsh. * Updated booleans(8) man page to drop references to the old booleans file and to note that setsebool can be used to set the boot-time defaults via -P.- Upgrade to latest from NSA * Merged fix warnings patch from Karl MacMillan. * Merged setrans client support from Dan Walsh. This removes use of libsetrans. * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. * Merged swig typemap fixes from Glauber de Oliveira Costa.- Change the way translations work, Use setransd/remove libsetrans- Add selinuxswig fixes - Stop using PAGE_SIZE and start using sysconf(_SC_PAGE_SIZE)- Upgrade to latest from NSA * Added distclean target to Makefile. * Regenerated swig files. * Changed matchpathcon_init to verify that the spec file is a regular file. * Merged python binding t_output_helper removal patch from Dan Walsh.- Fix python bindings for matchpathcon - Fix booleans man page- Merged Makefile PYLIBVER definition patch from Dan Walsh.- Make some fixes so it will build on RHEL4 - Upgrade to latest from NSA * Updated version for release. * Altered rpm_execcon fallback logic for permissive mode to also handle case where /selinux/enforce is not available.- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- Upgrade to latest from NSA * Merged install-pywrap Makefile patch from Joshua Brindle.- Upgrade to latest from NSA * Merged pywrap Makefile patch from Dan Walsh.- Split out pywrap in Makefile- Upgrade to latest from NSA * Added getseuser test program.- Upgrade to latest from NSA * Added format attribute to myprintf in matchpathcon.c and removed obsoleted rootlen variable in init_selinux_config().- Build with new libsepol- Upgrade to latest from NSA * Merged several fixes and improvements from Ulrich Drepper (Red Hat), including: - corrected use of getline - further calls to __fsetlocking for local files - use of strdupa and asprintf - proper handling of dirent in booleans code - use of -z relro - several other optimizations * Merged getpidcon python wrapper from Dan Walsh (Red Hat).- Add build requires line for libsepol-devel- Fix swig call for getpidcon- Move libselinux.so to base package- Upgrade to latest from NSA * Merged call to finish_context_translations from Dan Walsh. This eliminates a memory leak from failing to release memory allocated by libsetrans.- update to latest libsetrans - Fix potential memory leak- rebuilt- Update to never version * Merged patch for swig interfaces from Dan Walsh.- Update to never version- Fix some of the python swig objects- Update to latest from NSA * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and modified matchpathcon implementation to make context validation/ canonicalization optional at matchpathcon_init time, deferring it to a successful matchpathcon by default unless the new flag is set by the caller. * Added matchpathcon_init_prefix() interface, and reworked matchpathcon implementation to support selective loading of file contexts entries based on prefix matching between the pathname regex stems and the specified path prefix (stem must be a prefix of the specified path prefix).- Update to latest from NSA * Change getsebool to return on/off instead of active/inactive- Update to latest from NSA * Added -f file_contexts option to matchpathcon util. Fixed warning message in matchpathcon_init(). * Merged Makefile python definitions patch from Dan Walsh.- Update to latest from NSA * Merged swigify patch from Dan Walsh.- Separate out libselinux-python bindings into separate rpm- Read libsetrans requirement- Add python bindings- Update to latest from NSA * Merged make failure in rpm_execcon non-fatal in permissive mode patch from Ivan Gyurdiev.- Remove requirement for libsetrans- Update to latest from NSA * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() and modified matchpathcon_init() to skip context translation if it is set by the caller.- Update to latest from NSA * Added security_canonicalize_context() interface and set_matchpathcon_canoncon() interface for obtaining canonical contexts. Changed matchpathcon internals to obtain canonical contexts by default. Provided fallback for kernels that lack extended selinuxfs context interface. - Patch to not translate mls when calling setfiles- Update to latest from NSA * Merged seusers parser changes from Ivan Gyurdiev. * Merged setsebool to libsemanage patch from Ivan Gyurdiev. * Changed seusers parser to reject empty fields.- Update to latest from NSA * Merged seusers empty level handling patch from Jonathan Kim (TCS).- Rebuild for latest libsepol- Rebuild for latest libsepol- Change default to __default__- Change default to __default__- Add selinux_translations_path- Update to latest from NSA * Merged selinux_path() and selinux_homedir_context_path() functions from Joshua Brindle.- Need to check for /sbin/telinit- Update to latest from NSA * Merged fixes for make DESTDIR= builds from Joshua Brindle.- Update to latest from NSA * Merged get_default_context_with_rolelevel and man pages from Dan Walsh (Red Hat). * Updated call to sepol_policydb_to_image for sepol changes. * Changed getseuserbyname to ignore empty lines and to handle no matching entry in the same manner as no seusers file.- Tell init to reexec itself in post script- Update to latest from NSA * Changed selinux_mkload_policy to try downgrading the latest policy version available to the kernel-supported version. * Changed selinux_mkload_policy to fall back to the maximum policy version supported by libsepol if the kernel policy version falls outside of the supported range.- Update to latest from NSA * Changed getseuserbyname to fall back to the Linux username and NULL level if seusers config file doesn't exist unless REQUIRESEUSERS=1 is set in /etc/selinux/config. * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.- Update to latest from NSA * Added selinux_init_load_policy() function as an even higher level interface for the initial policy load by /sbin/init. This obsoletes the load_policy() function in the sysvinit-selinux.patch. * Added selinux_mkload_policy() function as a higher level interface for loading policy than the security_load_policy() interface.- Update to latest from NSA * Merged fix for matchpathcon (regcomp error checking) from Johan Fischer. Also added use of regerror to obtain the error string for inclusion in the error message.- Update to latest from NSA * Changed getseuserbyname to not require (and ignore if present) the MLS level in seusers.conf if MLS is disabled, setting *level to NULL in this case.- Update to latest from NSA * Merged getseuserbyname patch from Dan Walsh.- Fix patch to satisfy upstream- Update to latest from NSA - Add getseuserbyname- Fix patch call- Fix strip_con call- Go back to original libsetrans code- Eliminate forth param from mls context when mls is not enabled.- Update from NSA * Merged modified form of patch to avoid dlopen/dlclose by the static libselinux from Dan Walsh. Users of the static libselinux will not have any context translation by default.- Update from NSA * Added public functions to export context translation to users of libselinux (selinux_trans_to_raw_context, selinux_raw_to_trans_context).- Update from NSA * Remove special definition for context_range_set; use common code.- Update from NSA * Hid translation-related symbols entirely and ensured that raw functions have hidden definitions for internal use. * Allowed setting NULL via context_set* functions. * Allowed whitespace in MLS component of context. * Changed rpm_execcon to use translated functions to workaround lack of MLS level on upgraded systems.- Allow set_comp on unset ranges- Merged context translation patch, originally by TCS, with modifications by Dan Walsh (Red Hat).- Apply translation patch- Update from NSA * Merged several fixes for error handling paths in the AVC sidtab, matchpathcon, booleans, context, and get_context_list code from Serge Hallyn (IBM). Bugs found by Coverity. * Removed setupns; migrated to pam. * Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original symbol is temporarily retained for compatibility until all callers are updated.- Update makefiles- Update from NSA * Merged security_setupns() from Chad Sellers. - fix selinuxenabled man page- Update from NSA * Merged avcstat and selinux man page from Dan Walsh. * Changed security_load_booleans to process booleans.local even if booleans file doesn't exist.- Fix avcstat to clear totals- Add info to man page- Update from NSA * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat). * Rewrote get_ordered_context_list and helpers, including changing logic to allow variable MLS fields.- Update from NSA- Add backin matchpathcon- Fix selinux_policy_root man page- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;- Update from NSA * Fixed bug in matchpathcon_filespec_destroy.- Update from NSA * Fixed bug in rpm_execcon error handling path.- Update from NSA * Merged fix for set_matchpathcon* functions from Andreas Steinmetz. * Merged fix for getconlist utility from Andreas Steinmetz.- Update from NSA- Better handling of booleans- Update from NSA * Merged destructors patch from Tomas Mraz.- Update from NSA * Added set_matchpathcon_flags() function for setting flags controlling operation of matchpathcon. MATCHPATHCON_BASEONLY means only process the base file_contexts file, not file_contexts.homedirs or file_contexts.local, and is for use by setfiles -c. * Updated matchpathcon.3 man page.- Update from NSA- Update from NSA * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.- Update from NSA * Changed matchpathcon_common to ignore any non-format bits in the mode.- Default matchpathcon to regular files if the user specifies a mode- Update from NSA * Merged several fixes from Ulrich Drepper.- Fix matchpathcon on eof.- Update from NSA * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh. * Added selinux_users_path() for path to directory containing system.users and local.users.- Process file_context.homedir- Update from NSA * Changed relabel Makefile target to use restorecon.- Update from NSA * Regenerated av_permissions.h.- Update from NSA * Modified avc_dump_av to explicitly check for any permissions that cannot be mapped to string names and display them as a hex value. * Regenerated av_permissions.h.- Update from NSA * Generalized matchpathcon internals, exported more interfaces, and moved additional code from setfiles into libselinux so that setfiles can directly use matchpathcon.- Update from NSA * Prevent overflow of spec array in matchpathcon. * Fixed several uses of internal functions to avoid relocations. * Changed rpm_execcon to check is_selinux_enabled() and fallback to a regular execve if not enabled (or unable to determine due to a lack of /proc, e.g. chroot'd environment).- Update from NSA * Merged minor fix for avcstat from Dan Walsh.- rpmexeccon should not fail in permissive mode.- fix printf in avcstat- Update from NSA- Modify matchpathcon to also process file_contexts.local if it exists- Add is_customizable_types function call- Update to latest from upstream * Just changing version number to match upstream- Update to latest from upstream * Changed matchpathcon to return -1 with errno ENOENT for <> entries, and also for an empty file_contexts configuration.- Fix link devel libraries- Fix unitialized variable in avcstat.c- Upgrade to upstream * Removed some trivial utils that were not useful or redundant. * Changed BINDIR default to /usr/sbin to match change in Fedora. * Added security_compute_member. * Added man page for setcon.- Upgrade to upstream- Add avcstat program- Add lots of missing man pages- Fix output of getsebool.- Update from upstream, fix setsebool -P segfault- Add a patch from upstream. Fixes signed/unsigned issues, and incomplete structure copy.- More fixes from sgrubb, better syslog- Have setsebool and togglesebool log changes to syslog- Add patch to make setsebool update bool on disk - Make togglesebool have a rollback capability in case it blows up inflight- Upgrade to latest from NSA- Changed the location of the utilities to /usr/sbin since normal users can't use them anyways.- Updated various utilities, removed utilities that are for testing, added man pages.- Add -g flag to make - Upgrade to latest from NSA * Added rpm_execcon.- Upgrade to latest from NSA * Merged setenforce and removable context patch from Dan Walsh. * Merged build fix for alpha from Ulrich Drepper. * Removed copyright/license from selinux_netlink.h - definitions only.- Change setenforce to accept Enforcing and Permissive- Add alpha patch- Upgrade to latest from NSA- Add selinux_removable_context_path- Update from NSA * Add matchmediacon- Update from NSA * Merged in matchmediacon changes.- Update from NSA * Regenerated headers for new nscd permissions.- Add matchmediacon- Update from NSA * Added get_default_context_with_role.- Clean up spec file * Patch from Matthias Saou- Update from NSA * Added set_matchpathcon_printf.- Update from NSA * Reworked av_inherit.h to allow easier re-use by kernel.- Add strcasecmp in selinux_config - Update from NSA * Changed avc_has_perm_noaudit to not fail on netlink errors. * Changed avc netlink code to check pid based on patch by Steve Grubb. * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA * Merged second optimization patch from Ulrich Drepper. * Changed matchpathcon to skip invalid file_contexts entries. * Made string tables private to libselinux. * Merged strcat->stpcpy patch from Ulrich Drepper. * Merged matchpathcon man page from Dan Walsh. * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Update from NSA - Add optflags- Update from NSA- Add matchpathcon man page - Latest from NSA * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA * Autobind netlink socket. * Dropped compatibility code from security_compute_user. * Merged fix for context_range_set from Chad Hanson. * Merged allocation failure checking patch from Chad Hanson. * Merged avc netlink error message patch from Colin Walters.- Latest from NSA- New upstream version- Latest from Upstream- Fix man pages- Latest from Upstream- Latest from Upstream- Add man page for boolean functions and SELinux- Latest from NSA- Latest from NSA- uppercase getenforce returns, to make them match system-config-securitylevel- Remove old path patch- Update to latest from NSA - Add fix to only get old path if file_context file exists in old location- Update to latest from NSA- add nlclass patch - Update to latest from NSA- rebuilt- Fix selinux_config to break once it finds SELINUXTYPE.-Update with latest from NSA- Change to use new policy mechanism- add man patch- Update with latest from NSA- Update with latest from NSA- Add changes for relaxed policy - Update to match NSA- Add relaxed policy changes- Sync with NSA- Remove requires glibc>2.3.4- Fix selinuxenabled man page.- Upgrade to 1.11- Add memleaks patch- Upgrade to latest from NSA and add more man pages- Update to match NSA - Cleanup some man pages- Upgrade to latest from NSA- Add Russell's Man pages- Change getenforce to also check is_selinux_enabled- Add ownership to /usr/include/selinux- fix location of file_contexts file.- Fix matchpathcon to use BUFSIZ- rebuilt- add matchpathcon- rebuilt- Add rootok patch- Updated getpeernam patch- Add getpeernam patch- Add getpeercon patch- Put mntpoint patch, because found fix for SysVinit- Add remove mntpoint patch, because it breaks SysVinit- Add mntpoint patch for SysVinit- Add -r -u -t to getcon- Upgrade to latest from NSA- Fix x86_64 build- Latest tarball from NSA.- Update with latest changes from NSA- Change location of .so file- Break out into development library- Move location of libselinux.so to /lib- Add selinuxenabled patch- Update with final NSA 1.2 sources.- Update with latest from NSA.- Fix to build on x86_64- update for version 1.2- Initial version2.5-15.el72.5-15.el7selinux.so/usr/lib64/ruby/vendor_ruby/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz2x86_64-redhat-linux-gnuELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0542ea863f04a1ebfd9f8cd8373b5ccea3ac830c, strippedRRRRRRR ?7zXZ !#,s'] b2u y-iSqb*Y aY=c 00Aљ'ܪ:3MMCrg{ [Kyԯ5o]c ucZ_˿\ӗ% 2X[ǯ*7۹‹,[{<:פhX1Ub,ʉԝra*KˊcD?K:}Pxx˯$:ՙ+kT:~\_o1c1Erw!AϮ>Y]`2ˣsWb?Uݣ"Z2gS82ܮ.蚫)v{77.ˌcXTPoƈMU{ngۈ((=%M6̡g.^.*}7~3/O;ujb*hUyl2.e dzz4s=W5 3J*F _v|߰yB\9DZڛ!R.iN-@ n_mcķS?~ G<$n>Oީ눜S/jMI0\US@/P \ ~%e%cq-q9ɰPa86A JG%< Mዡ.Q)^q| )bgwWo>'RRӵiYy>ڶti&N選 ᔼB 84K MIaj)nx6/+@p?h# cj2i3Cʀkq[RBGӒ6l^.!GӕH yH [r?)זaQΥ!tw \ =(iKw[Om˜=-<8=n/{ `b㍮сYaVPae<~] an) % BqXrw*l!=g{bҥ2p`B",ogU颳uhDUJ0]B[Î:yY]JO#US*њ DSi-赱:s cp0ӤsV&s ~HuWFme- @G( ҧI^SqJg0DC]bJg~@儾2\kЀ;l{7@e0\ _4Z;k3h~ERaكK-ۀy7UaD<;PGDԁ/ʴ 8Mw9D(XP=nǩO#)Ր;dda7f7}$v1A Ū^Ztw@V[vrS_ {Q܃-ҎY;w!hfmM4=b92K(Y[k̶H;uq mߩ*bBb lq֒藛_xlV5:cyA:XC9NhI)Y%P]I&uј,U\b5e`B/gOf`tY4i+OQuj!ZVV#M4/ ~z' ;@lx:l0ږ `m- # k*˱[b )v*g)XٞP4SK#ht#zYcDXP+j , vo;Rc@EP!p!nf~ͮbHקD}"ۉFr!fq,qA;b̐\|Le`"7%,-o|ҵs`ZSR+pt͇[)I_M`A}6WH5Nk#wG7i҈ok<0Ҹ5-sI5~tIj:M- zBvr͒j5?]H.s79d':9O2}k/ܒ >?t*$Z"TK@픓z¶:Q8ǨY{(0MpiqT{XWa'B}mxAlTiQimDNQ j$MR _%,Gl.d5P̥²s1=?1|ZLЊ#zeMi%zH=똁φ5EO4BMZ Zj 5jt [~ǠP),ܖrZ$<\C۵Ӣ`o& hj&,g!ąQҲEk|R\lh&&sfn̓| ^~l1€,.E)MF 3LJCYW-c8:u*JE| dGβɷ ́`O`ٝ1jcb4Fۂv;Kv_tlLZ3G_s>IŃqt!M]HMsvnjQ":@we}ч*@,!HPR)-d%N.R#+X(ҒQ!ߣj忹YFc [[SN&F$8{M<% $ʞtC`Pgqb||;zɡVX+2++ 7bʧ؋&`)6gv =ϓs)iz;5=^ՀYm$f@|/ke _T57& Vv@AY ^D{I6V 0E{\aff_&WzP_$ ŗ{h@-&h?`j}i$[lWc]1d~m+c6LIGDUKM֠IARKP '!q$ى,6 h u5?~/町mEӺjsuU8YIҍr+g [n`p"W ˥0[["NqPfUA䲼tW-(b4#8Ipݵ\{β)E?I*UPxm vhjk{-`aO2SaS"ĦAZP 3RiE@f{3f|IL-vIs.'08Qrs!Cf~\1W7(i)7ypxiqhvFpl>6Pu6kSM. b? ~uuYmmޝDJnMCTKm2xgdkxEec7 n9<;ԵJ)k@pE>9QnDn%߲W!+1?yo褰B\C*&GGAUA5*-gy,MYr^ r#}Ybű!"qtiږ\D}~a^,32VgcBV }։ȶyGfՁTH6誛FKCZ27:Œl}=8󙑒cLFomc-vfPGR^J 2pAGb1O.vmE#lš*̞i߳Xsnaӌ;jLa7a@Uy6fIv`g,1ZCgCbUl;4vtcZQVA_ s'hٍ[b8'p,qHVu+OԺ BM I\S9v@a?xt9KtdPEU-A I!Ya, WGMGA3T_WzSGBAAQ@98{?Jsje9 y^5=ߺZp,k *xeJ22 ZA8u C=)m9'@~TSByZDE?߁|UDa]v oW""ut.lf[hlu η _ZS`h8i^͒]IJIXS By nZ`BO"\ܲC4N":Z0vS?fwu~:.pBtǸ?!|.ƕ`>'ki NŠ6`.w6غ~ْk_zZiC=_ M!ut mIs=,bޕ{ ;~$4= Jw-%?,Dطs%x>{2||!bysv)]2fZKKaH< [̀uGȴIxCΏnhLWj;z' %f@赂-썠Oʖ.c+UbwJZbL߶Ck0Sg׉7"#jBv?~Ք7Uc_Zrq^$%p\Q̿}9/íHʎRUUQ@.>;,P~V_x -,th`8,%cL}@vvC%U1bkQp 8#,^,JTEyՕv hx^: Xsě&|YU3zĻb.:Ao4OT1/5: O{,E+~+-XGf'44)IO@1p#uc;hWؠ)DXX?_1ץ)t]iɼCe[s?)<2>-{oU(V癜A( * .@v8Mz7ԛ\0B:Gd`춋)W( 2a1NnɈS:Ԏ-WÛ[\},QkddIhMֹ`:o٬ӌɧl$Is$Pʴl#%|gt<],;sV2j_t֋qwh?D~%<Xk'9l9Zęj5gzh)G˔ ߀ A;Csqsm(?+ A5oX#=+kz = ż$3(E`Rmt>zح)c R=HM^Fxa>CJJBt+ %.q;,ݒW3a}@bͬs0z:=pY%y_O`ɪ $_Jk8}\&P \bdLΖYkyt&^% )JpP= yLb];H]S`+G0cG a>#0Y /m7 ΓP; TRA S@r2p3RȔOnͦjs[v6ĴC ?o2v*Hr~:p!f;q8A+H##9)6Ь-e#Aoy}QtճuҲQՖ3^Rrl8<%tppg[J\8۪T$1rn zZڌX -d."_-/l޿ھeNA>(R x־ǒbX7i{#YX46껃6[.*,O[ q^2})b9Wo&'Y|aqᲦK&H03x/Z6J݆s5mzd:wI2gb2FܭB1rP_T\1)9wW^*ӽ!aF/}~~W vU 0BuU|FxN:h$ L$R|ZdM_# g5N?^+n8X%3+'RSڼ9BD#mef ;e!6fnEe䔜2m8m@fѿaU1(/|. V""zf2ZvBlFa/FF:wgD|]Eg/>+p5,YUݖ$`Ln,sȍo\5@͸f6]%O9kx vs0#q QŠ]xR-Hp>إeJͺa9E@59nŎ18 DM}o[߇|[Q;C7:n1n_= vZVkY `OL2f`⡿_XؔrY(k%K2q=zS}_7 /!;$M`>VO8q4Ӡ[Fs);&J,Sеr z8Df7t66= Nʇ ךR,6;8ꋓ#գh'XxJ4DCHωKҼesG+5ح M`޵J~3(J huf,Ϥ%ʘYO jGxO ^*i)KhaV @bI ˕LFB{7eإAc$ 'xP<߮<#"ܾ̯_k ijͪM{O8 Ra5'gc^J,oN%gt2csdh`f+>o\`"TN:8-wY3a+U#`yJDƻtKJCx1OPlU@ G5Y4qS:s4C1ڛ*88N>~C&it “ u"\G*[?k\y 5'mNy SP6)džsVcR-uccE/İ^TrX%H۴X^rBzh$ ;L8i~h$D m4,2 hRk! ycj-iJ~-Ol\~F n>.fGx .)/ )tVg26 |͈ 9x4U6^Eԏ['uN?)FeW⫭@y ! @MFs .<*G}0A,PXmPn9DdnJ91w[KK":tBytN?# -%\ y԰*x+ʭ#G{]1/ϋ٤Q__Y+f%XvqG ֱ<ױtilLfO$WHez^ZSd$u:&@0 }!g)о]'}GFϢ \GuaqAFC9|\Pzys !nA>W`ćt$W~%./Aw /wHExlJ[9vG(/]o6B m3E rtè8jD)+/n(YqU<]M} %5؎ mK:$۫EZ(ZsV Ϛ/Lt){A)g_=u|xgX^um  5rwwg"؛t"5駺Q¸;lUn`OePZKiCydhA};!Wv`W.z<ͻf i톨hȿbҮڮQURMEoh6[>^p5bKP?kF)慢 I'4;]g rՙ)%ĜQTc5yųHMgnO}cJWgȢ S(gd`mF88bcgqN&,3<+cJr.^> `n(C->_ߤh30{ * YiFbPzڲW$T1kgOM[>xlTohUAqOB3H貀7;'<9ɈNGU@ ~ER[x2&(TU/ iWMoB'Y8NPy~Y9T@$ގ7v~\-~Xk) y!>/G4 pW}8{e+VBL ,^w2H8sIѡP?H$1 O5B׃c"n=lEE/3DJ~,'Ϝ U4Uqakwz L.`v43MY9rd3VAFXJ?vEY182HI2MNPΥ*T rjz!!`G+L& KI%VԇLKC]j3gb3qY]vm.=ҏ*__H)lz:gTY\vb 4J-F_Z㘓E^)AP6꓇!F~ )4[|TF~HPn P-bѩY@YTnNK`K:> o|C>18ظ.C}C/gmq-k˩vh dhͰGw"S7g%ԧNGBe)4kBB{OA|䉭f\hS{+ ;~?ru+u s$ CI†p6X:m]u5Da^O>?+,X)9RFBB@ JWI5_>OqYvL;fP0N~ PpIH.Pöq[cam`fvtTxg%dzq*4E#J%[!fJe1>怚هLVpN(XU(,h_mj.dnYt~lB֚o,gF5?!Sd.T7WU1/I7놙ߵ*w+|@iqHąՒN'5ꊬx'fBb FCFi09xe.Xp-PSCE o[;Ti~}_uK@*]rE )ׁr1‰THč9ۥBgƿcC*N). &>J6 D%@~iƀQЇ4&Ha=Vv<MI9p³غF"A-;it8KC @gf㓙>͇mt;\pV_UdnOK!Sτt mJyw_3 ⢧ G"ْ̡Ĝ%X Z`/qKz,5 m;M2LP-6΄Fqij\7tMӪ(]msЙQ3yWB8&5mh=9LΗ{v`J2Xck\՚^P?QlEA3̐PGj6}ᛜF̈́ez *Ua?s_לr#AJ\B.>sk A&kM/ x7n=.@$~d" {υgG+X7>Ick(Ьi^?T#wt3dŜi"6x.*W+J#FIkNOYLtS&sTy5:p9|RI1WB"]>2O4rR*pRq";8Bb?#y,A"jd{%[pd!^?/nsMNNm>ahKL3-ۚGPx_lbZJ1ZV a',+&6P6U]8T'S cqQ)?f~k{Uk$f'^¥š`J:^^*uTB`s(V롐JAMP(ݬ {Q:Ďy9 1s/L d8cT],LwMMC~B AߖjF% oۧ o0⸊^wOF$Gay$ҙI{>j s~%Jr"*~,q 7 <FA.iuv+CpJZ麗CpMɂ9͐h:n2ApU:O-D.Xg|]_v u-+.jf"1EPxeYdV.n_ة#h!JGF\2uvJU߯Q`nKKʳ%P dD7i$89 vx?i5ٲR/+w`{0VG#5N!:K;ezwj$Dq&9\P Xj*sCݘ\ hxJ<9G `1`U!l+6e0K<_) k)m$!ږQ|YKd9ŒjDi<% Fjq2`oh~-Ӭ vOcGpJCo-mJr";DRA 4[ <-$0aܬ=kdjLe;ݭOf=:@'߹v0k4MP Tb7;\,rCq0 2@_Xa_UKҜ$Abu^QghcYmʶ/YX T̜eq9] \/kȣWK"5>Qs 0AVs4.6c z pCT%DP'TTyԱL8/'9b:d*-} iCGꩭ.j)` M4B9g^-J߿.@-~Sfmm;\#"4B 'U}c^LF>II\h46Ǻ3n ̰Qӕ˕FAdi' Xz^tvfǗ(dݷKZ|$]:\Ɔ81K nJmJ3\Oܚ)jX gDL?4g)g=|z_"eBN%jL%>ʰ\ӸbOU)g9v%I,ʼ< %@C C>Ǫ,;9G 2l"HGxHVE=G!*6Dd)e\u/UAwYek?^OuG5T_جÖNGXO.BZ߀5lJ@~.9f*2=4 ^㿱sH _־HB91ƾ*r SlA Y㙖k8' -1W \{s[ 6&TLn2 Rx rӋb*ɐQ,O^$i [HET~;y =u`Nq [|=eK!0_Kzc|[hdē]"cwqnGC%P|uJe^O65vivmnM+X"|u8][ P,%C8lж>yz%sjC$X?v?wiF%Dž'0{6q&&Ա̸?֬Id5%z$f. xi7^YlLI>H};>PC&,y+r;3dRH2{Ls{h[*ˆbd.783S@eŕ*Dw@'nN`o\-S{Ohf=X~M- ä^eR@4Zz6 Ykz;a3&E;U@J*}Uh^&#C8 ` @w;1j( yd'g0!T1ZMO e?eZykے&,:J2) ,\6a:|*7zX+W3OWX+1G'kK'rB+]c3'U%Tǘ#nL"c1A![ 'RQrmb\lpcsH2X0^5>"}YR/c^OڄXAX :E G7GY`u?Vo/K%;f (41,recoѳT xG6ԣ̦9"2R̶fP4 " ̣a\NTxV7vhi:B$o$oESgjM'MxGC~7mMߙ˚{j, adxbQ\15EJ n)wm+DMiE^VΒjHՎJ5v]S.rsDw0o0}@fly3 >r!i ;b'eT4?WW*]y6,F-֜ae@lߞ2fçԚGB\"ؗs*Rv3kJ'#]qOIV;S@| RJe#"/ _T;\?r#`hi1# óYYT{[5z;B߇AʕHQeP Fi`-R89:s*IWwʘ$ᖨzHڃjKKӯPSB6Qj̖jQ滔XLPMr5 zqs+ (Ph&;əЯQ$ë\m~$eeeMQ}t?cF|æJԾ}ʋ`!=2yorioi]Dr>=Tʮ7_3p{Y=+`IJCg۠_4KJ?ZO/gWvsx٠,͗?M,,#Fq^2qo>pO NK~S;w)gwqbXjLqOb+H|GS=̤e'&OPl:4fRbL%9+Teo؆:p{ rgѠ4Ԋdm;:8.nڼPͷ3,j& r\f@tCW.QD뉲7 n={MN4zSugXqr7*T=+vR,Xm%dPV2zB*Ŷ&1"\uFg9V[D`"2 ԨrIWnS+*d'0sܛro(9x4w9~,fO]ʾmtJ4bgHg4qE(ӯKH"R~5H#Dt F.XF)LeiJRrW%QwPfxs%Q/)?*D͚-%E|ezd\>.DfoV8(%gLfڈnf1w"x௾5̥}'YI26?H`=9񖄌s6= 6jUW,xJ|`EfFhAy{V?!/^_ݶOV[.T74{/FQS\R$&ÖgISTUӑJ1CH= RQi-Q9(K+2kN8Q6OH:F;\3S֘fQdy`!_ }!J;G”֠+kߙ|(_1Tg7 3 nvyѝYFhɩRH5tw4Lꛆ2x`rKGV'[U!}8|hH+ZTlBo/=oՃAD;]P=iM 9XW'o. )Y8n#W3:#q@At"H铪lEޚ11<8d@Pi`kl 3Hm(3s9,r G<;*ȭi\,">\ў\^j:]8U: HԍO(7}郃,N ޓ/0.'j邭N:06OQ =mCȄMEΞdss뵭W*!}D8@vfkD3~fо';;4 .=̤eR3鬰!1EMͣ湞*bL!_F`vE}l)zn29-e)tÅ8g C8M3`u*ĐLL%% |V|9^(y>q?Z5}c /G!/3)*1);uNe7Z*Q[D_c0 0k<E3[Pdv $x4.,i/r¡TJjp-PP?G ~IK 1Oha9݌*#ЉڄQObĤ%F]Co}(j8.|α螝?[[KKϕf R=P߆Q>Nd"4bu&Y# owìDA1eTܲظvFqp9f0-)m6_/ mDڴ3KΥp`̻H߀ |H"y}Icd Qo )3d1=k߹b=cB`YsYPs8x0C E4a>!aV%vxVaԦhy `>)Iazr>ҩ葞jizG{ͼOY<#:.yPeH]3びh9v#t̑5fmK?=<U3Cߩ/`22z܈'Yq$DgNҷctEqr_˺w|Oo6ZV!52X DVGoWOPƉ礻i}|3EͷB֠8l6pطe $9iM. ~8``l/.a8Ѹ]łR$vF3{]iNI M򻓾vʷx-8,( [A=d ʷ0rC6ft>evy{m'XM2yuI<mFs =1̫Qt^V}.:Ešsz!ITl{2.n;Fyo"n>tYI4g񃥥񈀙ڇ_ q'K`_Zq8-kmz}/p9FdqRaW%ɶr>B5*ߢ/+eS'y:BV4cX]і8w&*&a"Ǎ>j~5&\jF8R{@ /m6a2o>BKQ0p[X.Z4o;ݨ@8tai;":uPgg50K`b!˒ʗ];Yd ~jPQM~?=L1ѥ+54W/gҳV}GW`0.:[,1(zk<Jw,TrJ+A{|1ψ:UY)#<гP)pr>1G1eg %YDV|CQM/Tا:>V(/U*a؁&u@3:u1fUx^H t RrYb!\TVQ%;1:{;Tֶ5ZH3cBnPM>;Jl״K2KER BLY9];<`v! ,ζ\EVt]7UC˗l> N&2b{j-Z_rqa]4)KS}I~$2ABCU:;xKlhɡr;Ù&uf^C,*/Nq\? rfsLW$GB 2=\wT#Ҝ3S,ԩVKz.U~Y뷄xmS B7d)_uؕDe,s92enyп> fuB^tPƗYQ5!v2u`2vN$^;(4Jw{3:~EŶa*YK$J&BHU 5gPU R `㳚M pNLϾWyww `y`5z=L) b8nif l QoF&΍ L'ZDiz͒)7Z%yth2Z_vk /?je E;DG{à#T[ XJb5>f:^8H]]#<,"sXhUrS<5.m³~7AW.'!0hT03UoXsA{BkXb{}99O3ITvv,(WiZF)4ȋ$$pa??SåVf?I8+*4z PVx9Q6gx6'_L6xAZsNu, vʯt:XC"t]+u f>8|bTI!8 |{JAzsOԎ:KVD4gY<i|8R2 T'=C5yփ} #Wۉg\SZlQϧ%.pbr U"ׁ% 'd#BeV@NhEK\?srv~3?Oz{mA!>\qCON6,P tfG67PS6vAmjij'R'mf\M˳#Cg}O}5Ud|ʩhQU˝inַ]HVHx|7Mlfc-Z8UXbvLF5IrMלJ-Ơϑ*5V_$-H`6ciW!;"EKE%{)<tcX!{O.2'b2qZ uM4F.LA)wE=Q7-nnD&r%llp 094ňt ^^uWUDph] M*nN)7a@6k6(i4֬;nDī'>HVļ\BfȚpPKڝw@܍Ӧ:{h@Wj39bmZTA T~ 0>ἃ@er ޘ jG Bǽ'9sK`lc=q$1ҟߪ~a[*o'O"|Y2chv[1uOB+faSl2LWu8zŲѶV3Oߍ` ]ہ#:(4W]d F4kmr7))i"y4%$atKl 14XIgM<0*g44IvSFU1k}H0kTdeP0@T ]Vˌhlgd3]84hIӂ;zĪ|a;/+p P3!۝p#0o"j +"fK||Ho-:ƶG8I {^˶ n|bJ!sXַBDka=O!s 286 ;iTޅ\ʚr㿾ʱ,ǯH~}m-RN9ڕá,&Bx6u烒} Ӕg6HUU{Q;x A X0ƏuAB] S HEi!,f^9x^RKԝ5o3)1,ڒrCNRl=aSc㙖,K笟vgXIMqnl Ս,@]g^Ou - ^G5@&_za;y~#:~K*ϛݙ&KؠN2}Mfk=/rC;i*,2t< HL$>~A¹V": b[- #g4Ujuqn{0ڪB,[+bWk[Y hyJӭA!I f<^]'L2+ XȎa.يE9}Չ&rzHv.{(GZwqRO('XEiR7/)%t컈&t'z x޽lѾ:|(%ٜ~BKfJ&7 iy)1 j4p|_-;&s!JoQX27uA?3ni:^,`e捭]icq'- #:P])܄085XJN\#C J D;-2tfDx:g~bq1rvpX~o]YQ>8W AٹО*k.лQ+5@ (|Wuȧ1kxue$rD ޝxhF+enY%»BQ`}"!s~Va^O!ж:}wǻ&໷p&Û2Ţ)|Yq}YV!R"~Q9dV-&@?RjWCe4l雲B #f4f]kȀ[5yD ߆J^j<w@ f=o*< 9^)i\z=,6}&J%m8ԓUՄ X֊;c5@\Qw|PBkc8=g5ވ;]xAl ?KŌ(m`psx|؋Hĉݖ/Y#3Ź!El_AAmczx]G_*򡷲ϸhwVy9NjMɒw,hw~k~6=ӷQf$$?~ŀvdtWgDccxƢn[0fgDF@W]bժ@Cmx%Rl3O mHS2 `߉R[wiN^avI]UK8? HP=P0bb sv8_n@h(prIt{#LCj-{W%N~6t m*]tnTV͊HXp<&1l/ PStDG%iFDL9h"ҠK34Rfq-)~@bL>qo%+0!F101:8‡bmm} ="z\j7_nH4]svꢢj (^Vx&A!ђ&wadSSS`d]$kt}eGgRpWV/L> Kh$q’tT}K)M7mk=cҴAݍ2$߮ګ[*9iL &[4 iEl#91AT>-#r/u$w Fc3mܱi6i@pl)C kpX{~uGr,5+R%tF2ѵ?073#OH쑷tvUyN%Y⋀\K[%y'z$mt ƀ@F8B2ي?Oj`Dr3S_3:pﶱbfgĥy$@lٓ$BJ9i.5c4'NGvVDlc[rKpAoi+՝b[T+J!_?P]*"㎞RTլp6$BItg\x?Ũ='$d qpQU"YA 42 9Џ Ee9QjE?VF;.o2ζ"WTQDS4Xn ;v ZIQS.aAaXUJM*Kڛ'h+t9 2 My$CHgMJ8RJ!c WN34jiThC>ǏI[maUU5wOB~k0mߗV|$…%[i? 7 ǁ0Y[&; q^afTu6@iqщ{ڡ.[Fԕ@U76nQsYbƭ\uQ횶bcJaڰ$-am\=4Ś ϝJjuYp FgES\+&d4_ą&G!zytd[Ks\B}0"n!GDi/^+eo_Ppr}04v7f5:G*tjJWiW2}̇RQI6r]y$,5x W|U(.b&IyrsBazD:C\ cs4̬ƒmzsy+ l#Y,zXϱ kDme{u&9 PM0ږ7 f GbVefaJw řa8l$TRýo\ϴgV/x¨q!4A1)LYi Hl5WſΌQUC)8Ϝ/>FyEV2>At<{wWN{^GH5fÏ\(Vf%ŮGi"*ݥm\q< (4ģ^s/n剂X_ ްixR吣`KzT"XH:x"y{F"H@ӶF >HyNڂ ;X_uTs߆fmTF GBgx_/~L-Jai80V|P²Y A;GyMB5_BgWVz#",fNdO_ݗTc{ʑʔf~TzSʭ´£D|+2ɾ5ٴ3=2.FOzf; ܆v3#:ԤM"ƒk/xj0L1LTe-@7ti:̓~wb &Fp'ƷlĂe$T?.̸{IK2ݧo8 vւ "**uaJ!gY(K0$h[9ÏZ|ny|e M0.bmW 1yێnd>5XTx^WG^/8Au{R6~J}?#ZߡdF/jh:,"JK7T㰎33#`d>%@L"qO99%NP)%wfbXWi *Gd⻬A̬nZ=5;/}tv#Qa %bȈ~JƲ\G.'`ȝH ̵'vu@Fu[ٓF:( WޘLD'QB,~Dd1Mϫ3DL9f'# ?S[{|jMɄgM!2CWf=~NC4y^K{gK𭝡@B.bC6G\_z؏חa<"pi{闙u~wd,wyZӝVHM>pS.44E, 2%LʠqL{o%w~IjЇ3|Ģ0 v=Gnٕ7^郵ҧd [uFzNdu*yoAH|2'j>4چ烱z֎K+nL oQӨ/"*OH{$2I6`? 7SB*O1vjKk&;Gؤ=RfFC(:gEsG܌cF+ KLQM/vD^3#nZ r<3aũzؠ}6Dml0؞ cJ_&mȳtg'}Ù#3F~9'Q >]Lwn l9ArZ7Dj0R|uE&S3T} E7~hXr退UQ D8=DZ,t.ӫyL?hLtbEh:Fb{vyC t6GĔP!@M MU ZIԿ# R=ZjVv39lxKgtϯOɍ= /G0 Mˣlp˸ g<]V%b6g肼OgA6Rh蘐O)/yi"ُǪ`,(Ge؝*O'@B.oFg rǻu_}'kPr7iZv(W1 mQqFK3W ugNQ=eVy`F=0)Ip#YXVGI=xE<@V(D .Ya]46vRj,k+qߨ B}/TcνZ^ I-*ͫ;hBػQg9AOsc5fI{ P_c P;9xJ m wBXwtJm,^Ef[b]?A /ǻ)#祉[fAР4fqM98/uaV-^<+8A u6,D[ȘWǮ)d1 tlBr:rRgpVذʣcFye (z1ꝲq^T=i嬉-ke;``[ESmBɉQ"m@  uW5笂4Ej۰zѣsQɣr@}Dp;lYSxF)#,a᪌+Ԫb}IdEh+H3rSԣcA; I&b˶lhbٟbՂ;TWGh 6Ø-r$^RzȜѤa$E?dXиѕX0 iZhvyRTM8@|!pDPm4J]KR `S2sjk-V#)9-!7!ʹ2"$659>J9J}eL8cO&?"T/ *GJ1QOkdQ~' 5Ve|ly!#4bsRu/$^,HC2 VYjlnJaIs_gw s'O DW&)Ss}RC6%0[k1R&FLd yhÿzԁtn΍[* Т ;2yܫc6wßRF,kDTVwH;D0,=1d\A\H`aNe$Ih?ѹ[Y>ޢ_ pQٲ>2u7>m4ǨϦ3ZDoi_~/1-N~+g $aϳf.ӆ Q$c&"͂G AؕwNۈM9қFeM"\$6m-b%Έ)O{]CwpmUG`x@2"#)h8suWzIpi2S|~DV%90ϦoYb̿'d}-~cR_~w7l#~R|̚_fTOZH8V.;ޛ2:S,mT'cg'92OKFAY$mWhg-"@ x^N1#Ǯw չ>ƭ77Z4!c&vJrN+չ:Rʌ*?݌]ݕ:ߣ.X25gu7an ځyNN E{ ;/F 8B7ѱw ":! D}'ZV6V1 y<"&iHa*2),?lPV2X+b|)Y#m+(ZeB夶ylBM Kٍ/3=Jzzw+GL$X?qxӫ ?xϮG uYn-^F,ݣ6J䢇Dzk|m B9hi\yiO`3%Z"GŊdz^uq(K SXHV]4z%hfjIA=(}}R`.^F̗T" .Jvկ7iT 3W)g,*S]4mIʋ6QclV"%k@} ("~bs6W%f)Ƕ`GozQN ^1٭`Cw5Ce>LC8S/NĤ[:3ܝgL^" =NO>4\anuMYVItKPX_UEkB⌜6~њ' S>޽9 a }ހ3:j<yQʟ#ü]):HمL7Y;m)6{ 6a?}l~NA3@\}OE }Ώ+6V1'h\VyU`5ҐxQ99֟=Ou!l s}BRKu0 оRu{w6*0k[!-L3%I0H(z䰘$yu"^գ Ae"dJ)yr_Zi3Gb!-Ӯp-^34'Klg8 K¤NT"CMHe#+w4f0޻Њf&5wmiIbLӻڑlڽS8j|&1N5鳙gy?Дx- >gUexe_(<'ɀQz_0^&GQyXywsZV Մ6-0U_ mQ~LEKy4LMooC8? p3=Uҧ25Y=3xPqO`i̕O;D#۸7]Y* Z洴 18K֩f\hq 񦴾օN?YES8Ri22 ȅ9L zNn#ؒ9\Nv5ʺaT ~1JfqU~%g؊c)C[kBkXhoUψ'bÔ ci'a"$%7c)`STuT&xm%:@ɺ%bvm"mS'ؖDql}0-M "v J< IzbdFA^Աp3x2C"PGQ||1Ӓmq^6!Ra.>;qQD9 ؋ѣ"@B{cn^0crYU!D_#-/ठq>* 2[Ld4M=?>'??m"_IkvA1 C˲z_"DN xlNg&U6Y3ҳ1 .5ԫr$z/x۩x=v:|AS`gs!;䙜SkӅgUy&g5Ķ,d)kNŞ).%Kf:,jˊuZ`6fJ BB(f@?P_[nٿ=hg{`? pKzIcbbUbK>YH)6aI|-9b~뾋~RJ* v1n둣=|)̳chq+AIt`Iy^cPM ʒן=~xa# h3g'LO Hcڄ)4xw)0qSJ\s"|AM҂/gH90~=]`^h6!?;cBG\Y<1XgXa|Μ[gy8zo@T;.kϿӁΗ6w ADCFV]BYA\gæ@M_wsmܔ;hQɇG7eL@1^~7Eq0En]fkۜ${ɐt7 j*X%*5~Ǖ3f{U`]?0 O"a t>pd1Abc&oL GOE[z)jUvǥkJ烶?ĉ p"8^Ң9Zg?4G+ XٌP}L u?@>֐C{$R"Iz69l ]/&4Dx M~jQ Q LuuDohc{?g79Swsϕ( +CK"*gcR0)~ʧ7eHti\ a4y9;6ӴCӏ'9J1&EJ5C~/4g DXщJnyMa5]̌BUWB:6dJ)"+qtL_/ Be TJ+HߦJg{NhFY#D&_ h+"Z2z~咧pH:'&iMy7axg,5(Gk N9uXPao^چ_-#OA% ,]r4t^~H`ۋ_Zæpz\MNnm)ڟw?iEəߙ;TM(I}%wjŧ9=Io s;9Ѭ]j H+ځq 2TZ('.DE%QA;`ȂWR2(Ȓy G1,d.k/41k$rN5]~G8gT$b5L6J <h:L?C0t?ʬ5ؔjAYE-]zAVQjƕ5XEO &>#Np'ӴaGsmj ى R&EwSUÎP xOϪɷa0.$- $f]>5 *ȭFb!o b `1N|%!H=mOwAzڙՐ V剣C&ᅔmn9os01ͨQBḌ\&5{MLWbY1*>L֖-ݍS/+)?Rۆ1|#!ViGx>/MA/# >C-d` y<; -;;7r^)S[m:?8foP{A khdH2c*̄1<Է}Kz{81q@m?b8؟=s$Q5~ַD51*WaLZ$l[*m k~~2pwt=@@GNta,v3_A Djߴ1#+Wzq?֍}"SQ1"%I+SZ%nǏq=P"eʾ_T3k|Dd'̋H% f],h uND>ӵ'ZjjG916&VΦPki@CID %aq|nĆEjP'2(H" v.:ˀߘ8iT3K+F&X*A܀*EBR%T I{EV;Db_5IWHWWOXlNa!`hpm \00 ʿduŽ䑳+T0(cro$l4*Nh gŇ@N(ab+ On;hsMDvI+_N4Q~Нzˈa2ێ 1!wB߆Rb gP^AȼF1AXkdE¾5.pn&Ak9a1ҬQ{u7SM ArF8xcHJ'QۉG ZeP o!y1йw^aƮh$8HuFdn3M*ѯ#kcھ쮷 1RqcO2; ?ֳв&fQ)QYɜƠI&o i%AW\N*YW8WY ͝TߌT \H u`^o\tx} `Z~] `<;}ɼٯUg 'XEMGO-dZDRҳJ/~,d^"&:Dl(&_qѣ۠ |#uJܹY+ kL4ȒQY<;QaܦmOnuۆD%}ͺ/s5 q̄Ď0 @4P,҉z?S!@0ʓ.}W;!n]FnIɟu?73c7*iZxP&t53)C+[9I[MؤM+#-b srf[ywWYOFڬe7Ie5 ))m'kBj&ah yc­ 7͐إ#Dߪh3ֺF"' 4PW:B%6aQe {pJu` CӪPݺ_xr~hx(5´Pu܁[7>OEejttQS.V,ҥ;ԡN9M IEY팠W|&XlbW՚_@$9OBp–U]Ut[X:O7 cHĹdlSJ2 ES:?܀$ŋBD:\#;smq޵IvY1Lmn#\i3e<{^3# ,a1BG8-*"ʄsM4o-qAݒ2#zi7q5c~H^ aYE0FOSFe65|hwQ0 '߂J5,l (@B[$%^jv`Gpۺ _J~ YZ