Commit Graph

27 Commits

Author SHA1 Message Date
Miro Hrončok
6753203a0c Rebuilt for Python 3.9 2020-05-26 02:45:14 +02:00
Radovan Sroka
5edde88663 Rebase fapolicyd to 1.0.0
- release now has 3 integrity modes: file size, IMA, and sha256 based
- it can now send event information to syslog
- the syslog event information is tailorable to how you'd like to see it
- there is now the ability to create sets of words that can be matched
  against in the rules engine
- there are now 2 policies shipped: known-libs and restrictive
- fapolicyd-cli can now dump the trust db for inspection
- the integrity system needs sha256 hashes,
  it will print a warning for files in rpms that do not have them
2020-05-25 15:20:08 +02:00
Radovan Sroka
9f13f29104 Rebase fapolicyd to 0.9.4
- polished the pattern detection engine
- rpm backend now drops most of the files in /usr/share/ to dramatically reduce
  memory consumption and improve startup speed
- the commandline utility can now delete the lmdb trust database and manage
    the file trust source
2020-03-23 18:57:05 +01:00
Radovan Sroka
4ffeb28e23 Rebase fapolicyd to 0.9.3
- dramatically improved startup time
- fapolicyd-cli has picked up --list and --ftype commands to help debug/write policy
- file type identification has been improved
- trust database statistics have been added to the reports
2020-02-24 14:20:46 +01:00
Radovan Sroka
6e714e474b SELinux fix
- Label all fifo_file as fapolicyd_var_run_t in /var/run.
- Allow fapolicyd_t domain to create fifo files labeled as
  fapolicyd_var_run_t
2020-02-04 09:45:21 +01:00
Radovan Sroka
193b9f0cdf Rebase to fapolicyd 0.9.2
- allows watched mount points to be specified by file system types
- ELF file detection was improved
- the rules have been rewritten to express the policy based on subject
  object trust for better performance and reliability
- exceptions for dracut and ansible were added to the rules to avoid problems
  under normal system use
- adds an admin defined trust database (fapolicyd.trust)
- setting boost, queue, user, and group on the daemon
  command line are deprecated
2020-02-03 12:35:43 +01:00
Fedora Release Engineering
ee02cf10a9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 18:06:28 +00:00
Marek Tamaskovic
e46e1e19b2 Update fapolicyd-selinux subpackage to version v0.2 2019-11-05 15:01:27 +01:00
Radovan Sroka
73b7231dfc Added fapolicyd-selinux subpackage 2019-10-07 14:46:26 +02:00
Radovan Sroka
32c7f28dc8 New upstream release
Improved subject cache management, performance improvements, drop need for
fapolicyd.mounts file - daemon detects filesystems to monitor, stop collecting
documentation in the trust database, and handle long paths.
2019-10-07 13:40:06 +02:00
Miro Hrončok
70553de897 Rebuilt for Python 3.8.0rc1 (#1748018) 2019-10-03 13:53:07 +02:00
Radovan Sroka
157f8de90e Rebase to 0.8.10 2019-08-30 13:05:25 +02:00
Miro Hrončok
e99464298e Rebuilt for Python 3.8 2019-08-19 10:13:42 +02:00
Fedora Release Engineering
d6b316ed06 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-25 00:11:34 +00:00
Igor Gnatenko
6a36166442
Rebuild for RPM 4.15
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2019-06-11 00:13:18 +02:00
Igor Gnatenko
43e3df26b3
Rebuild for RPM 4.15
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2019-06-10 17:42:01 +02:00
Radovan Sroka
c8075c471d New upstream release
This release features:
- systemd usage updates
- file permission adjustments based on selinux policy review
- unterminated reads of auid & sessionid values was fixed
- ld_preload pattern is deprecated for now
2019-05-06 12:27:39 +02:00
Radovan Sroka
917c00eccc Backport some patches to resolve dac_override for fapolicyd 2019-03-14 00:11:45 +01:00
Radovan Sroka
f575ae0ed6 New upstream release
- Added new DNF plugin that can update the trust database when rpms are installed
- Added support for FAN_OPEN_EXEC_PERM
2019-03-11 12:23:07 +01:00
Fedora Release Engineering
eeb3038e98 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-01-31 19:20:00 +00:00
Steve Grubb
c2c99a33af New upstream bugfix release 2018-10-03 18:24:56 -04:00
Fedora Release Engineering
e3e9cb7389 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-13 00:19:30 +00:00
Igor Gnatenko
a975d12bce add BuildRequires: gcc
Reference: https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot
2018-07-09 19:06:44 +02:00
Steve Grubb
cb2278bf4e fix bogus date 2018-06-07 09:23:30 -04:00
Steve Grubb
1e0f11df55 New upstream feature release 2018-06-07 09:01:29 -04:00
Steve Grubb
558f243565 Add dist tag (#1579362) 2018-05-17 09:28:52 -04:00
Steve Grubb
c6fc94a305 Initial import (#1544468) 2018-02-16 13:58:12 -05:00