selinux-policy/refpolicy/Changelog

116 lines
3.2 KiB
Plaintext
Raw Normal View History

2005-09-21 14:49:41 +00:00
- Make logrotate, sendmail, sshd, and rpm policies
unconfined in the targeted policy so no special
modules.conf is required.
2005-09-16 13:36:26 +00:00
- Add experimental MCS support.
2005-09-20 14:20:02 +00:00
- Add appconfig for MLS.
2005-09-15 21:03:29 +00:00
- Add equivalents for old can_resolve(), can_ldap(), and
can_portmap() to sysnetwork.
2005-09-12 15:58:44 +00:00
- Fix base module compile issues.
2005-09-08 13:42:13 +00:00
- Added policies:
2005-09-20 18:15:35 +00:00
cpucontrol
2005-09-20 18:49:13 +00:00
cvs
2005-09-08 13:42:13 +00:00
ktalk
2005-09-08 17:12:38 +00:00
portmap
2005-09-19 21:17:45 +00:00
postgresql
2005-09-20 17:11:53 +00:00
rlogin
2005-09-14 18:33:53 +00:00
samba
2005-09-16 14:54:36 +00:00
snmp
2005-09-20 13:47:36 +00:00
stunnel
2005-09-20 17:11:53 +00:00
telnet
2005-09-16 15:18:09 +00:00
tftp
2005-09-19 21:17:45 +00:00
vpn
zebra
2005-09-08 13:42:13 +00:00
2005-09-07 16:15:51 +00:00
* Wed Sep 07 2005 Chris PeBenito <selinux@tresys.com> - 20050907
2005-09-02 20:55:17 +00:00
- Fix errors uncovered by sediff.
- Doc tool will explicitly say a module does not have interfaces
or templates on the module page.
- Added policies:
comsat
2005-08-31 20:58:12 +00:00
dbus
2005-09-02 19:18:43 +00:00
dhcp
2005-09-02 20:50:54 +00:00
dictd
2005-09-02 20:29:52 +00:00
hal
2005-09-06 18:37:27 +00:00
inn
2005-09-05 16:47:19 +00:00
ntp
2005-09-02 19:11:07 +00:00
squid
2005-08-26 15:02:23 +00:00
* Fri Aug 26 2005 Chris PeBenito <selinux@tresys.com> - 20050826
2005-08-24 20:18:06 +00:00
- Add Makefile support for building loadable modules.
- Add genclassperms.py tool to add require blocks
for loadable modules.
- Change sedoctool to make required modules part of base
by default, otherwise make as modules, in modules.conf.
- Fix segenxml to handle modules with no interfaces.
- Rename ipsec connect interface for consistency.
- Add missing parts of unix stream socket connect interface
of ipsec.
- Rename inetd connect interface for consistency.
- Rename interface for purging contents of tmp, for clarity,
since it allows deletion of classes other than file.
- Misc. cleanups.
- Added policies:
acct
bind
firstboot
gpm
howl
ldap
loadkeys
mysql
privoxy
quota
rshd
rsync
su
sudo
tcpd
tmpreaper
updfstab
2005-08-24 20:18:06 +00:00
* Tue Aug 2 2005 Chris PeBenito <selinux@tresys.com> - 20050802
- Fix comparison bug in fc_sort.
- Fix handling of ordered and unordered HTML lists.
- Corenetwork now supports multiple network interfaces having the
same type.
- Doc tool now creates pages for global Booleans and global tunables.
- Doc tool now links directly to the interface/template in the
module page when it is selected in the interface/template index.
- Added support for layer summaries.
- Added policies:
ipsec
nscd
pcmcia
raid
2005-08-24 20:18:06 +00:00
* Thu Jul 7 2005 Chris PeBenito <selinux@tresys.com> - 20050707
- Changed xml to have modules encapsulated by layer tags, rather
than putting layer="foo" in the module tags. Also in the future
we can put a summary and description for each layer.
- Added tool to infer interface, module, and layer tags. This will
now list all interfaces, even if they are missing xml docs.
- Shortened xml tag names.
- Added macros to declare interfaces and templates.
- Added interface call trace.
- Updated all xml documentation for shorter and inferred tags.
- Doc tool now displays templates in the web pages.
- Doc tool retains the user's settings in modules.conf and
tunables.conf if the files already exist.
- Modules.conf behavior has been changed to be a list of all
available modules, and the user can specify if the module is
built as a loadable module, included in the monolithic policy,
or excluded.
- Added policies:
fstools (fsck, mkfs, swapon, etc. tools)
logrotate
inetd
kerberos
nis (ypbind and ypserv)
ssh (server, client, and agent)
unconfined
- Added infrastructure for targeted policy support, only missing
transition boolean support.
2005-07-07 17:13:17 +00:00
2005-08-24 20:18:06 +00:00
* Wed Jun 15 2005 Chris PeBenito <selinux@tresys.com> - 20050615
- Initial release