I'm almost ready to release SMACK user space v1.0.4. Main highlights
for the release are at least:
- Rules are ordered by subject in the internal structure and merged
when they are applied to the kernel or written to a file.
- Label addition operation uses a hash table to lookup whether a label
- Rules are uploaded to the kernel in page chunks when the kernel is
recent enough. The availability of the feature is dynamically probed.
- Improved backwards compatibility. Handling of short labels and short
CIPSO labels has been added to every function that deals with the
- libsmack is now ready for init systems like systemd and
upstart. Lazy lookup is used to find the SmackFS mount point instead
of doing the lookup in the DSO initializer.
- Reliability and security has been improved by keeping a file
descriptor open to the SmackFS mount point from the point when it is
first accessed to the end of the process life-cycle.
- chsmack has gained a feature to follow symbolic links with '-L' option.
- chsmack has gained a feature to delete attributes with '-d' option.
Phew, I just scratched these things from my head without looking much
to the code. The thing I'm happy about in this release is that I've been
able to move myself more from developer role to the maintainer role making
only small fixes and improvements here and there and big things come from
people who need those for some of their workloads.
I'll put a full git changelog with release announcement when once I've
tagged the release to this mailing list.