An SETools 4.2.0 release is now available:
This release focused on improving performance and reducing memory usage.
A Cython-based policy representation replaced the
Python/SWIG/static-linked-libsepol implemention. SETools no longer
statically links to libsepol, though it is strongly suggested that users
rebuild SETools after updating libsepol, in case the policy structure
Building on the policy representation change, refinements in sediff
yielded as much as a 90% reduction in memory use, depending on the policies.
This release of SETools has different dependencies than previous
versions. See README.md for more details.
Support for Python 2.7 was dropped because all current
SELinux-supporting distributions provide Python 3.
Other smaller changes included:
* Added support for SCTP portcons
* Updated permission maps
* Policy symbol names are now available as the name attribute (e.g.
Boolean.name, Type.name, etc.)
* Revised some apol layouts to increase the size of text entry fields.
* Revised package structure to make policyrep a module of the setools
* Moved constraint expression to its own class
* Made Conditional.evaluate() more useful and added BaseTERule.enabled()
method to determine if a rule is enabled
Changes since v4.2.0-rc:
* Restored missing statement() methods in some policyrep classes
* Fixed NULL pointer dereference when iterating over type attributes
when the policy has none
* Added xdp_socket permission mapping