94e3f48a8e
iptables: Module version bump.
2018-03-09 17:09:50 -05:00
b0b4bc947c
xtables-multi wants to getattr of the proc fs
2018-03-01 12:32:22 +01:00
aa0eecf3e3
Bump module versions for release.
2017-08-05 12:59:42 -04:00
6293813020
Module version bump for patches from cgzones.
2017-06-12 18:48:58 -04:00
ce7aa47ff5
iptables: update
...
v2:
- do not remove interfaces superseded by auth_use_nsswitch()
2017-06-12 18:42:53 -04:00
a599f28196
Module version bump for /usr/bin fc fixes from Nicolas Iooss.
2017-05-04 08:27:46 -04:00
c2b04d1ea2
kmod, lvm, brctl patches from Russell Coker
...
Patches for modutils, at least one of which is needed to generate an initramfs
on Debian.
Patch to allow lvm to talk to fifos from dpkg_script_t for postinst scripts
etc.
Patch for brctl to allow it to create sysfs files.
2017-04-18 21:17:36 -04:00
4d028498d8
Module version bumps for fixes from cgzones.
2017-03-05 10:48:42 -05:00
4b79a54b41
modutils: adopt callers to new interfaces
2017-03-03 12:28:17 +01:00
9f99cfb771
Network daemon patches from Russell Coker.
2017-02-25 11:20:19 -05:00
1720e109a3
Sort capabilities permissions from Russell Coker.
2017-02-15 18:47:33 -05:00
2e7553db63
Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker.
2017-02-04 15:19:35 -05:00
69ede859e8
Bump module versions for release.
2017-02-04 13:30:53 -05:00
67c435f1fc
Module version bump for fc updates from Nicolas Iooss.
2016-12-28 14:38:05 -05:00
f850ec37df
Module version bumps for /run fc changes from cgzones.
2016-12-22 15:54:46 -05:00
34055cae87
Bump module versions for release.
2016-10-23 16:58:59 -04:00
7fd44b8fb8
Module version bump for nftables fc entry from Jason Zaman.
2016-05-16 09:20:30 -04:00
b5e8ec6346
Module version bump for iptables/firewalld patch from Laurent Bigonville.
2016-02-16 09:48:37 -05:00
a54d52058d
Allow {eb,ip,ip6}tables-restore to read files in /run/firewalld
...
Since version 0.4.0, firewalld uses *tables-restore to speedup the
load of the rules
2016-02-13 10:06:58 +01:00
137cca377d
Module version bump for iptables fc entries from Laurent Bigonville and Lukas Vrabec.
2016-02-10 10:36:09 -05:00
d35f6b7c58
Module version bump for ipset fc entry from Laurent Bigonville.
2016-02-08 08:33:08 -05:00
c23353bcd8
Bump module versions for release.
2015-12-08 09:53:02 -05:00
17694adc7b
Module version bump for systemd additions.
2015-10-23 14:53:14 -04:00
f7286189b3
Add systemd units for core refpolicy services.
...
Only for services that already have a named init script.
Add rules to init_startstop_service(), with conditional arg until
all of refpolicy-contrib callers are updated.
2015-10-23 10:17:46 -04:00
acabb517e6
Module version bump for admin interface changes from Jason Zaman.
2015-06-09 08:39:18 -04:00
a38c3be208
Module version bump for updated netlink sockets from Stephen Smalley
2015-05-22 08:38:53 -04:00
58b3029576
Update netlink socket classes.
...
Define new netlink socket security classes introduced by kernel commit
223ae516404a7a65f09e79a1c0291521c233336e.
Note that this does not remove the long-since obsolete
netlink_firewall_socket and netlink_ip6_fw_socket classes
from refpolicy in case they are still needed for legacy
distribution policies.
Add the new socket classes to socket_class_set.
Update ubac and mls constraints for the new socket classes.
Add allow rules for a few specific known cases (netutils, iptables,
netlabel, ifconfig, udev) in core policy that require access.
Further refinement for the contrib tree will be needed. Any allow
rule previously written on :netlink_socket may need to be rewritten or
duplicated for one of the more specific classes. For now, we retain the
existing :netlink_socket rules for compatibility on older kernels.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-05-22 08:29:03 -04:00
10ff4d0fa3
Bump module versions for release.
2014-03-11 08:16:57 -04:00
b339b85001
Module version bump for patches from Dominick Grift.
2013-12-06 09:49:41 -05:00
e784e78825
iptables: calls to firewalld interfaces from Fedora. The firewalld_dontaudit_rw_tmp_files(iptables_t) was confirmed on Debian.
...
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2013-12-06 08:16:49 -05:00
d174521a64
Bump module versions for release.
2013-04-24 16:14:52 -04:00
f1aa23dc47
Add conntrack fc entry.
...
This tool is for maintaining the netfilter connection tracking.
2013-04-05 09:45:04 -04:00
f11752ff60
Module version bump for iptables fc entry from Sven Vermeulen and inn log from Dominick Grift.
2012-11-27 08:53:57 -05:00
f65edd8280
Bump module versions for release.
2012-02-15 14:32:45 -05:00
7d6b1e5889
Module version bump and changelog for role attributes usage.
2011-09-21 09:16:34 -04:00
a858f08e5b
Add role attributes in iptables.
2011-09-21 08:27:24 -04:00
003361c264
Module version bump for xtables-multi patch from Sven Vermeulen.
2011-08-24 08:55:00 -04:00
aa4dad379b
Module version bump for release.
2011-07-26 08:11:01 -04:00
127d617b31
Pull in some changes from Fedora policy system layer.
2011-04-14 11:36:56 -04:00
1ca577db8c
Shorewall patch from Miroslav Grepl.
2011-03-21 09:42:12 -04:00
48f99a81c0
Whitespace change: drop unnecessary blank line at the start of .te files.
2010-06-10 08:16:35 -04:00
29af4c13e7
Bump module versions for release.
2010-05-24 15:32:01 -04:00
4fbcd778de
Iptables patch from Dan Walsh.
2010-03-18 08:10:21 -04:00
7491a9ed62
Iptables and modutils patches from Dan Walsh.
2009-12-01 09:23:11 -05:00
ed3a1f559a
bump module versions for release.
2009-11-17 10:05:56 -05:00
625be1b4e6
add shorewall from dan.
2009-09-02 08:58:52 -04:00
9570b28801
module version number bump for release 2.20090730 that was mistakenly omitted.
2009-08-05 10:59:21 -04:00
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
09125ae411
trunk: module version bump for previous commit.
2009-04-03 14:15:53 +00:00
d6605bc48b
trunk: 3 patches from dan.
2009-04-03 14:14:43 +00:00
Chris PeBenito
Miroslav Grepl
cgzones
Chris PeBenito
Laurent Bigonville
Stephen Smalley
Dominick Grift
Chris PeBenito