SELinux userspace release 3.4
RELEASE 3.4
User-visible changes
-
A new selinux_restorecon_parallel(3) function that allows to run relabeling over multiple threads
-
setfiles/restorecon/fixfiles support parallel relabeling via [ -T ] threads option
-
A new semodule options [ -m | --checksum ] to get SHA256 hashes of modules
-
mcstrans ported to PCRE2
-
libsepol/cil supports IPv4/IPv6 address embedding
-
Add a new semodule option [ --rebuild-if-modules-changed ] to optionally rebuild policy when modules
are changed externally -
A lot of static code analyse issues, fuzzer issues and compiler warnings fixed
-
Translations split into sub-packages and updated from
https://translate.fedoraproject.org/projects/selinux/ -
New policy utilities in libsepol - sepol_check_access,
sepol_compute_av, sepol_compute_member, sepol_compute_relabel,
sepol_validate_transition -
A new setfiles option [-C] for distinguishing file tree walk errors
-
Improved code quality and bug fixes
Development-relevant changes
- ci: run the tests under ASan/UBsan on GHActions