Update Changelog and VERSION for release.
This commit is contained in:
parent
aa0eecf3e3
commit
794ed7efd0
233
Changelog
233
Changelog
@ -1,3 +1,236 @@
|
||||
* Sat Aug 05 2017 Chris PeBenito <pebenito@ieee.org> - 2.20170805
|
||||
Chris PeBenito (134):
|
||||
Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker.
|
||||
usrmerge FC fixes from Russell Coker.
|
||||
Systemd tmpfiles fix for kmod.conf from Russell Coker.
|
||||
Update contrib.
|
||||
mon policy from Russell Coker.
|
||||
Fix contrib commit.
|
||||
Revert "bootloader: stricter permissions and more tailored file contexts"
|
||||
Module version bump for bootloader patch revert. Plus compat alias.
|
||||
Update contrib.
|
||||
Sort capabilities permissions from Russell Coker.
|
||||
Update contrib.
|
||||
Little misc patches from Russell Coker.
|
||||
Implement WERROR build option to treat warnings as errors.
|
||||
Fix Travis-CI WERROR support.
|
||||
Travis-CI: Terminate build immediately on error.
|
||||
mon: Fix deprecated interface usage.
|
||||
Merge branch 'setfiles_getattr' of git://github.com/cgzones/refpolicy
|
||||
Merge branch 'sysadm_fixes' of git://github.com/cgzones/refpolicy
|
||||
Merge branch 'corecmd_module' of git://github.com/cgzones/refpolicy
|
||||
Merge branch 'var_and_run' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for changes from cgzones.
|
||||
Merge pull request #98 from cgzones/admin_process_pattern
|
||||
Merge branch 'hostname_module' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for hostname fix from cgzones.
|
||||
Only display the WERROR notice if there actually are errors.
|
||||
Merge branch 'master' of github.com:TresysTechnology/refpolicy
|
||||
dpkg: Updates from Russell Coker.
|
||||
Monit policy from Russell Coker and cgzones.
|
||||
monit: Fix build error.
|
||||
fetchmail, mysql, tor: Misc fixes from Russell Coker.
|
||||
Merge branch 'systemd_transient' of git://github.com/cgzones/refpolicy
|
||||
Merge branch 'selinuxutil_module' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for selinuxutil and systmd changes from cgzones.
|
||||
Merge branch 'cgroups_fix' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for cgroups systemd fix from cgzones.
|
||||
alsa, vnstat: Updates from cgzones.
|
||||
Merge branch 'init_ntp_interface' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for ntp fixes from cgzones.
|
||||
Systemd fixes from Russell Coker.
|
||||
Fix CI errors.
|
||||
Module version bump for CI fixes.
|
||||
Xen fixes from Russell Coker.
|
||||
mailman: Fixes from Russell Coker.
|
||||
init: Rename init_search_pid_dirs() to init_search_pids().
|
||||
init: Move interface and whitespace change.
|
||||
systemd: Further revisions from Russell Coker.
|
||||
Fix typo in README.
|
||||
Network daemon patches from Russell Coker.
|
||||
apache: Fix CI error.
|
||||
devices: Fix docs for dev_write_generic_sock_files().
|
||||
Merge branch 'su_module' of git://github.com/cgzones/refpolicy
|
||||
Merge branch 'newrole_fixes' of git://github.com/cgzones/refpolicy
|
||||
auth: Move optional out of auth_use_pam_systemd() to callers.
|
||||
Merge branch 'locallogin_module' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for patches from cgzones.
|
||||
Merge branch 'userdom_terminals_permit_open' of
|
||||
git://github.com/cgzones/refpolicy
|
||||
Module version bump for user terminal improvments from cgzones.
|
||||
Merge branch 'monit_depend' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for misc fixes from cgzones.
|
||||
Merge pull request #103 from fishilico/validate_modular_fc
|
||||
Merge branch 'getty_module' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for getty patch from cgzones.
|
||||
Merge branch 'modutils_module' of git://github.com/cgzones/refpolicy
|
||||
Merge branch 'fix_usr_bin_merge' of git://github.com/cgzones/refpolicy
|
||||
Module version bumps for fixes from cgzones.
|
||||
Merge branch 'lvm' of git://github.com/cgzones/refpolicy
|
||||
Merge branch 'macros' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for fixes from cgzones.
|
||||
Module version bump for fixes from cgzones.
|
||||
dontaudit net_admin for SO_SNDBUFFORCE
|
||||
/var/run -> /run again
|
||||
Merge branch 'var_run' of git://github.com/cgzones/refpolicy
|
||||
Module version bump from /var/run fixes from cgzones.
|
||||
Merge branch 'monit' of git://github.com/cgzones/refpolicy
|
||||
Module version bump for monit patch from cgzones
|
||||
another version of systemd cgroups hostnamed and logind
|
||||
Merge pull request #109 from cgzones/python3
|
||||
systemd-resolvd, sessions, and tmpfiles take2
|
||||
systemd-nspawn again
|
||||
Merge pull request #112 from cgzones/remove_support/pyplate
|
||||
Misc fc changes from Russell Coker.
|
||||
Systemd-related changes from Russell Coker.
|
||||
Merge pull request #115 from fishilico/python_raw_strings
|
||||
Module version bump for misc fixes from Guido Trentalancia.
|
||||
systemd init from Russell Coker
|
||||
more systemd stuff from Russell Coker
|
||||
misc daemons from Russell Coker.
|
||||
bootloader from Russell Coker.
|
||||
kmod, lvm, brctl patches from Russell Coker
|
||||
devicekit, mount, xserver, and selinuxutil from Russell Coker
|
||||
another bootloader patch from Russell Coker
|
||||
some userdomain patches from Russell Coker
|
||||
corecommands: Add fc escaping for previous patch.
|
||||
Module version bump for patch from Guido Trentalancia
|
||||
Module version bump from fixes from Guido Trentalancia.
|
||||
xdm sigchld interface from Russell Coker.
|
||||
Further strict systemd fixes from Russell Coker.
|
||||
Update contrib.
|
||||
locallogin: Move two sulogin lines.
|
||||
Login take 4 from Russell Coker.
|
||||
Rename apm to acpi from Russell Coker.
|
||||
Module version bump for patches from Russell Coker and Guido Trentalancia.
|
||||
some little misc things from Russell Coker.
|
||||
apt/dpkg strict patches from Russell Coker.
|
||||
little misc strict from Russell Coker.
|
||||
locallogin: Move one line.
|
||||
Module version bump for locallogin patch from Guido Trentalancia.
|
||||
Module version bump for minor fixes from Guido Trentalancia.
|
||||
Merge branch 'usr_bin_fc' of
|
||||
git://github.com/fishilico/selinux-refpolicy-patched
|
||||
Module version bump for /usr/bin fc fixes from Nicolas Iooss.
|
||||
Module version bump for changes from Jason Zaman and Luis Ressel.
|
||||
init: add comment for ProtectSystem.
|
||||
Module version bump for systemd fix from Krzysztof Nowicki.
|
||||
Update contrib
|
||||
Module version bump for libmtp from Guido Trentalancia.
|
||||
corenet/sysadm: Move lines.
|
||||
Module version bump for infiniband policy from Daniel Jurgens.
|
||||
Module version bump for mmap fixes from Stephen Smalley.
|
||||
Update contrib.
|
||||
Module version bumps for patches from Jason Zaman.
|
||||
filesystem: Fix error in fs_cgroup_filetrans().
|
||||
Module version bumps for patches from Jason Zaman.
|
||||
gpg: Module version bump for patch from Guido Trentalancia.
|
||||
miscfiles: Module version bump for patch from Luis Ressel.
|
||||
Module version bump for patches from cgzones.
|
||||
Module version bump for patches from cgzones.
|
||||
netutils: Module version bump for patch from Luis Ressel.
|
||||
README: Update build requirements.
|
||||
travis-ci: Update to 2.7 userspace release.
|
||||
Enable extended_socket_class policy capability;
|
||||
Add nnp_nosuid_transition policycap and related class/perm definitions.
|
||||
Add cgroup_seclabel policycap.
|
||||
init: Add NoNewPerms support for systemd.
|
||||
Bump module versions for release.
|
||||
|
||||
Daniel Jurgens (1):
|
||||
refpolicy: Infiniband pkeys and endports
|
||||
|
||||
Guido Trentalancia (8):
|
||||
userdomain: do not audit netlink socket creation attempts
|
||||
corecommands: new file contexts for Gnome applications
|
||||
locallogin: fix the sulogin submodule (emergency shell!)
|
||||
locallogin: fine tune DAC override permissions
|
||||
kernel: low-priority update
|
||||
init: smoother system boot
|
||||
base: role changes for the new libmtp module
|
||||
fc_sort: avoid compiler warning/error
|
||||
|
||||
Guido Trentalancia via refpolicy (1):
|
||||
xserver: fix iceauth_home_t file context creation
|
||||
|
||||
Jason Zaman (6):
|
||||
authlogin: put interface properly inside optional
|
||||
libraries: update wildcard /usr/lib fcontext
|
||||
appconfig: Add openrc_contexts file
|
||||
corecommands: add consolekit fcontexts
|
||||
dirmngr: add to roles
|
||||
filesystem: introduce fs_cgroup_filetrans interface
|
||||
|
||||
Krzysztof Nowicki (1):
|
||||
Enable /etc directory protection using ProtectSystem
|
||||
|
||||
Luis Ressel (5):
|
||||
system/selinuxutil: Allow semanage to execute its tmp files
|
||||
system/miscfiles: Generalize the man_t fc's
|
||||
netutils: Mix nmap perms in with the other traceroute_t perms
|
||||
netutils: Add some permissions required by nmap to traceroute_t
|
||||
netutils: Allow tcpdump to reduce its capability bounding set
|
||||
|
||||
Nicolas Iooss (5):
|
||||
Make "validate" target verify file contexts
|
||||
devices: fix Debian file contexts
|
||||
Use raw strings in regular expressions
|
||||
Synchronize file patterns for /usr/bin/mount... and /usr/sbin/mount...
|
||||
Support systems with a single /usr/bin directory
|
||||
|
||||
Russell Coker (4):
|
||||
inherited file and fifo perms
|
||||
tiny mon patch
|
||||
rw_inherited_file_perms
|
||||
new init interfaces for systemd
|
||||
|
||||
Stephen Smalley (3):
|
||||
refpolicy: Define getrlimit permission for class process
|
||||
refpolicy: Define smc_socket security class
|
||||
refpolicy: Define and allow map permission
|
||||
|
||||
cgzones (40):
|
||||
systemd: label /run/systemd/transient as systemd_unit_t
|
||||
setfiles: allow getattr to kernel pseudo fs
|
||||
sysadm: fix denials
|
||||
hostname: small adjustments
|
||||
selinuxutil: adjustments
|
||||
corecommands: label some binaries as bin_t
|
||||
files: no default types for /run and /var/lock
|
||||
add admin_process_pattern macro
|
||||
systemd_cgroups_t: fix denials
|
||||
locallogin: adjustments
|
||||
authlogin: introduce auth_use_pam_systemd
|
||||
su: some adjustments
|
||||
newrole: fix denials
|
||||
add corecmd_check_exec_bin_files()
|
||||
add fs_getattr_dos_dirs()
|
||||
update init_ACTION_all_units
|
||||
add init_daemon_lock_file()
|
||||
improve documentation for user_user_(inherited_)?user_terminals
|
||||
getty: overlook module
|
||||
modutils: format filecontexts
|
||||
modutils: adjust interfaces after recent binaries merge
|
||||
systemd-tmpfiles: refactor runtime configs
|
||||
corecommands: fix corecmd_*_bin() for usr merged systems
|
||||
corecmd_read_bin_symlinks(): remove deprecated and redundant calls
|
||||
modutils: adopt callers to new interfaces
|
||||
m4 errprint: add __program__ info
|
||||
domtrans_pattern: use inherited fifo perms
|
||||
sysadm: add monit admin permissions
|
||||
lvm: small adjustments
|
||||
convert build scripts to python3
|
||||
travis: run make xml, html and install(-.*)? targets
|
||||
fix travis and genhomedircon
|
||||
remove /var/run file context leftovers
|
||||
travis: move after_success tests into script section
|
||||
clean up python3 cache on make bare
|
||||
rkhunter: add interfaces for rkhunter module and sysadm permit
|
||||
iptables: align file contexts
|
||||
chkrootkit: add interfaces and sysadm permit
|
||||
netutils: update
|
||||
iptables: update
|
||||
|
||||
* Sat Feb 04 2017 Chris PeBenito <pebenito@ieee.org> - 2.20170204
|
||||
Chris PeBenito (55):
|
||||
Module version bumps for patches from Guido Trentalancia.
|
||||
|
@ -1 +1 @@
|
||||
Subproject commit 14334a9ccaa72cf4c8d5055ca48d717d53145f14
|
||||
Subproject commit a393275a6ecb76311323726a029767a3a01e109e
|
Loading…
Reference in New Issue
Block a user