4d028498d8
Module version bumps for fixes from cgzones.
2017-03-05 10:48:42 -05:00
4b79a54b41
modutils: adopt callers to new interfaces
2017-03-03 12:28:17 +01:00
9f99cfb771
Network daemon patches from Russell Coker.
2017-02-25 11:20:19 -05:00
1720e109a3
Sort capabilities permissions from Russell Coker.
2017-02-15 18:47:33 -05:00
2e7553db63
Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker.
2017-02-04 15:19:35 -05:00
69ede859e8
Bump module versions for release.
2017-02-04 13:30:53 -05:00
67c435f1fc
Module version bump for fc updates from Nicolas Iooss.
2016-12-28 14:38:05 -05:00
f850ec37df
Module version bumps for /run fc changes from cgzones.
2016-12-22 15:54:46 -05:00
34055cae87
Bump module versions for release.
2016-10-23 16:58:59 -04:00
7fd44b8fb8
Module version bump for nftables fc entry from Jason Zaman.
2016-05-16 09:20:30 -04:00
b5e8ec6346
Module version bump for iptables/firewalld patch from Laurent Bigonville.
2016-02-16 09:48:37 -05:00
a54d52058d
Allow {eb,ip,ip6}tables-restore to read files in /run/firewalld
...
Since version 0.4.0, firewalld uses *tables-restore to speedup the
load of the rules
2016-02-13 10:06:58 +01:00
137cca377d
Module version bump for iptables fc entries from Laurent Bigonville and Lukas Vrabec.
2016-02-10 10:36:09 -05:00
d35f6b7c58
Module version bump for ipset fc entry from Laurent Bigonville.
2016-02-08 08:33:08 -05:00
c23353bcd8
Bump module versions for release.
2015-12-08 09:53:02 -05:00
17694adc7b
Module version bump for systemd additions.
2015-10-23 14:53:14 -04:00
f7286189b3
Add systemd units for core refpolicy services.
...
Only for services that already have a named init script.
Add rules to init_startstop_service(), with conditional arg until
all of refpolicy-contrib callers are updated.
2015-10-23 10:17:46 -04:00
acabb517e6
Module version bump for admin interface changes from Jason Zaman.
2015-06-09 08:39:18 -04:00
a38c3be208
Module version bump for updated netlink sockets from Stephen Smalley
2015-05-22 08:38:53 -04:00
58b3029576
Update netlink socket classes.
...
Define new netlink socket security classes introduced by kernel commit
223ae516404a7a65f09e79a1c0291521c233336e.
Note that this does not remove the long-since obsolete
netlink_firewall_socket and netlink_ip6_fw_socket classes
from refpolicy in case they are still needed for legacy
distribution policies.
Add the new socket classes to socket_class_set.
Update ubac and mls constraints for the new socket classes.
Add allow rules for a few specific known cases (netutils, iptables,
netlabel, ifconfig, udev) in core policy that require access.
Further refinement for the contrib tree will be needed. Any allow
rule previously written on :netlink_socket may need to be rewritten or
duplicated for one of the more specific classes. For now, we retain the
existing :netlink_socket rules for compatibility on older kernels.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-05-22 08:29:03 -04:00
10ff4d0fa3
Bump module versions for release.
2014-03-11 08:16:57 -04:00
b339b85001
Module version bump for patches from Dominick Grift.
2013-12-06 09:49:41 -05:00
e784e78825
iptables: calls to firewalld interfaces from Fedora. The firewalld_dontaudit_rw_tmp_files(iptables_t) was confirmed on Debian.
...
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2013-12-06 08:16:49 -05:00
d174521a64
Bump module versions for release.
2013-04-24 16:14:52 -04:00
f1aa23dc47
Add conntrack fc entry.
...
This tool is for maintaining the netfilter connection tracking.
2013-04-05 09:45:04 -04:00
f11752ff60
Module version bump for iptables fc entry from Sven Vermeulen and inn log from Dominick Grift.
2012-11-27 08:53:57 -05:00
f65edd8280
Bump module versions for release.
2012-02-15 14:32:45 -05:00
7d6b1e5889
Module version bump and changelog for role attributes usage.
2011-09-21 09:16:34 -04:00
a858f08e5b
Add role attributes in iptables.
2011-09-21 08:27:24 -04:00
003361c264
Module version bump for xtables-multi patch from Sven Vermeulen.
2011-08-24 08:55:00 -04:00
aa4dad379b
Module version bump for release.
2011-07-26 08:11:01 -04:00
127d617b31
Pull in some changes from Fedora policy system layer.
2011-04-14 11:36:56 -04:00
1ca577db8c
Shorewall patch from Miroslav Grepl.
2011-03-21 09:42:12 -04:00
48f99a81c0
Whitespace change: drop unnecessary blank line at the start of .te files.
2010-06-10 08:16:35 -04:00
29af4c13e7
Bump module versions for release.
2010-05-24 15:32:01 -04:00
4fbcd778de
Iptables patch from Dan Walsh.
2010-03-18 08:10:21 -04:00
7491a9ed62
Iptables and modutils patches from Dan Walsh.
2009-12-01 09:23:11 -05:00
ed3a1f559a
bump module versions for release.
2009-11-17 10:05:56 -05:00
625be1b4e6
add shorewall from dan.
2009-09-02 08:58:52 -04:00
9570b28801
module version number bump for release 2.20090730 that was mistakenly omitted.
2009-08-05 10:59:21 -04:00
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
09125ae411
trunk: module version bump for previous commit.
2009-04-03 14:15:53 +00:00
d6605bc48b
trunk: 3 patches from dan.
2009-04-03 14:14:43 +00:00
17ec8c1f84
trunk: bump module versions for release.
2008-12-10 19:38:10 +00:00
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
2cca6b79b4
trunk: remove redundant shared lib calls.
2008-10-17 17:31:04 +00:00
5d4f4b5375
trunk: bump version numbers for release.
2008-10-14 15:46:36 +00:00
770c015f88
trunk: 2 patches from dan.
2008-08-14 15:10:41 +00:00
9acf481bd0
trunk: fix from fedora policy, cherry picked from David Hardeman.
2008-08-12 19:52:29 +00:00
f7925f25f7
trunk: bump module versions for release.
2007-12-14 14:23:18 +00:00
Chris PeBenito
cgzones
Chris PeBenito
Laurent Bigonville
Stephen Smalley
Dominick Grift
Chris PeBenito