78 lines
2.4 KiB
Plaintext
78 lines
2.4 KiB
Plaintext
* Add Makefile support for building loadable modules.
|
|
* Add genclassperms.py tool to add require blocks
|
|
for loadable modules.
|
|
* Change sedoctool to make required modules part of base
|
|
by default, otherwise make as modules, in modules.conf.
|
|
* Fix segenxml to handle modules with no interfaces.
|
|
* Rename ipsec connect interface for consistency.
|
|
* Add missing parts of unix stream socket connect interface
|
|
of ipsec.
|
|
* Rename inetd connect interface for consistency.
|
|
* Rename interface for purging contents of tmp, for clarity,
|
|
since it allows deletion of classes other than file.
|
|
* Misc. cleanups.
|
|
* Added policies:
|
|
acct
|
|
bind
|
|
firstboot
|
|
gpm
|
|
howl
|
|
ldap
|
|
loadkeys
|
|
mysql
|
|
privoxy
|
|
quota
|
|
rshd
|
|
rsync
|
|
su
|
|
sudo
|
|
tcpd
|
|
tmpreaper
|
|
updfstab
|
|
|
|
20050802 (2 Aug 2005)
|
|
* Fix comparison bug in fc_sort.
|
|
* Fix handling of ordered and unordered HTML lists.
|
|
* Corenetwork now supports multiple network interfaces having the
|
|
same type.
|
|
* Doc tool now creates pages for global Booleans and global tunables.
|
|
* Doc tool now links directly to the interface/template in the
|
|
module page when it is selected in the interface/template index.
|
|
* Added support for layer summaries.
|
|
* Added policies:
|
|
ipsec
|
|
nscd
|
|
pcmcia
|
|
raid
|
|
|
|
20050707 (7 Jul 2005)
|
|
* Changed xml to have modules encapsulated by layer tags, rather
|
|
than putting layer="foo" in the module tags. Also in the future
|
|
we can put a summary and description for each layer.
|
|
* Added tool to infer interface, module, and layer tags. This will
|
|
now list all interfaces, even if they are missing xml docs.
|
|
* Shortened xml tag names.
|
|
* Added macros to declare interfaces and templates.
|
|
* Added interface call trace.
|
|
* Updated all xml documentation for shorter and inferred tags.
|
|
* Doc tool now displays templates in the web pages.
|
|
* Doc tool retains the user's settings in modules.conf and
|
|
tunables.conf if the files already exist.
|
|
* Modules.conf behavior has been changed to be a list of all
|
|
available modules, and the user can specify if the module is
|
|
built as a loadable module, included in the monolithic policy,
|
|
or excluded.
|
|
* Added policies:
|
|
fstools (fsck, mkfs, swapon, etc. tools)
|
|
logrotate
|
|
inetd
|
|
kerberos
|
|
nis (ypbind and ypserv)
|
|
ssh (server, client, and agent)
|
|
unconfined
|
|
* Added infrastructure for targeted policy support, only missing
|
|
transition boolean support.
|
|
|
|
20050615 (15 Jun 2005)
|
|
* Initial release
|