libsepol - SELinux binary policy manipulation library

Property Value
Distribution CentOS 7
Repository CentOS x86_64
Package filename libsepol-2.5-10.el7.i686.rpm
Package name libsepol
Package version 2.5
Package release 10.el7
Package architecture i686
Package type rpm
Category System Environment/Libraries
License LGPLv2+
Maintainer -
Download size 294.39 KB
Installed size 689.79 KB
Security-enhanced Linux is a feature of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux.  The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
libsepol provides an API for the manipulation of SELinux binary policies.
It is used by checkpolicy (the policy compiler) and similar tools, as well
as by programs like load_policy that need to perform specific transformations
on binary policies such as customizing policy boolean settings.


Package Version Architecture Repository
libsepol-2.5-10.el7.x86_64.rpm 2.5 x86_64 CentOS
libsepol - - -


Name Value
/sbin/ldconfig - -
rtld(GNU_HASH) -


Name Value
libsepol = 2.5-10.el7
libsepol(x86-32) = 2.5-10.el7 - - -


Type URL
Binary Package libsepol-2.5-10.el7.i686.rpm
Source Package libsepol-2.5-10.el7.src.rpm

Install Howto

Install libsepol rpm package:

# yum install libsepol




2018-07-25 - Vit Mojzis <> - 2.5-10
- Add support for the SCTP portcon keyword (rhbz#1603571)
2018-04-30 - Vit Mojzis <> - 2.5-9
- Define extended_socket_class policy capability (rhbz#1564775)
2017-10-12 - Vit Mojzis <> - 2.5-8.1
- Define nnp_nosuid_transition policy capability (rhbz#1480519)
- use IN6ADDR_ANY_INIT to initialize IPv6 addresses
- Allow runtime labeling of ibendports (rhbz#1464489)
- Allow runtime labeling of Infiniband Pkeys (rhbz#1464489)
- Add IB end port handling to CIL (rhbz#1464489)
- Add ibendport ocontext handling (rhbz#1464489)
- Add support for ibendportcon labels (rhbz#1464489)
- Add Infiniband Pkey handling to CIL (rhbz#1464489)
- Add ibpkey ocontext handling (rhbz#1464489)
- Add support for ibpkeycon labels (rhbz#1464489)
- Remove unused attribute on a used argument from avrule_read() (rhbz#1464489)
- Add binary module support for xperms
- Add support for converting extended permissions to CIL
2017-09-20 - Vit Mojzis <> - 2.5-7
- Define cgroup_seclabel policy capability (rhbz#1493517)
- Fix unitialized jmp and invalid dereference
2016-08-10 - Petr Lautrbach <> 2.5-6
- Fix memory leak in expand.c
- Fix invalid read when policy file is corrupt
- Fix possible use of uninitialized variables
2016-08-02 - Petr Lautrbach <> 2.5-5
- Warn instead of fail if permission is not resolved
- Ignore object_r when adding userrole mappings to policydb
2016-07-12 - Petr Lautrbach <> 2.5-4
- Add missing return to sepol_node_query()
2016-06-27 - Petr Lautrbach <> - 2.5-3
- Correctly detect unknown classes in sepol_string_to_security_class
- Sort object files for deterministic linking order
- Fix neverallowxperm checking on attributes
- Remove when cleaning
- Add high-level language line marking support to CIL
- Change logic of bounds checking to match change in kernel
- Fix multiple spelling errors
- Only apply bounds checking to source types in rules
- Fix CIL and not add an attribute as a type in the attr_type_map
- Build policy on systems not supporting DCCP protocol
- Fix extended permissions neverallow checking
- Fix CIL neverallow and bounds checking
- Add -D_GNU_SOURCE to common_cflags
2016-04-11 - Petr Lautrbach <> - 2.5-2.1
- Fix bug in CIL when resetting classes
- Add support for portcon dccp protocol
2016-02-23 - Petr Lautrbach <> 2.5-1
- Update to upstream release 2016-02-23

See Also

Package Description
libsepol-devel-2.5-10.el7.i686.rpm Header files and libraries used to build policy manipulation tools
libsepol-devel-2.5-10.el7.x86_64.rpm Header files and libraries used to build policy manipulation tools
libsepol-static-2.5-10.el7.i686.rpm static libraries used to build policy manipulation tools
libsepol-static-2.5-10.el7.x86_64.rpm static libraries used to build policy manipulation tools
libserializer-1.1.2-10.el7.noarch.rpm JFreeReport General Serialization Framework
libserializer-javadoc-1.1.2-10.el7.noarch.rpm Javadoc for libserializer
libsexy-0.1.11-23.el7.i686.rpm Funky fresh graphical widgets for GTK+ 2
libsexy-0.1.11-23.el7.x86_64.rpm Funky fresh graphical widgets for GTK+ 2
libsexy-devel-0.1.11-23.el7.i686.rpm Development files for libsexy
libsexy-devel-0.1.11-23.el7.x86_64.rpm Development files for libsexy
libshout-2.2.2-11.el7.i686.rpm Icecast source streaming library
libshout-2.2.2-11.el7.x86_64.rpm Icecast source streaming library
libshout-devel-2.2.2-11.el7.i686.rpm static libraries and header files for libshout development
libshout-devel-2.2.2-11.el7.x86_64.rpm static libraries and header files for libshout development
libsigc++20-2.10.0-1.el7.i686.rpm Typesafe signal framework for C++