From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 9CD6F1384B4 for ; Thu, 17 Dec 2015 18:50:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C813421C05B; Thu, 17 Dec 2015 18:49:58 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8F92B21C045 for ; Thu, 17 Dec 2015 18:49:47 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 9073B34045C for ; Thu, 17 Dec 2015 18:49:46 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id AF318CF3 for ; Thu, 17 Dec 2015 18:49:42 +0000 (UTC) From: "Jason Zaman" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" Message-ID: <1450367855.ca03f8aa14fec8faf06c9d9b56c1273b175ce0e4.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/contrib/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/contrib/Changelog X-VCS-Directories: policy/modules/contrib/ X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: ca03f8aa14fec8faf06c9d9b56c1273b175ce0e4 X-VCS-Branch: next Date: Thu, 17 Dec 2015 18:49:42 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 85932500-5c5a-4c8a-8df5-db308125e050 X-Archives-Hash: d6e196f37c90a8d2e4d551a6926a3b09 commit: ca03f8aa14fec8faf06c9d9b56c1273b175ce0e4 Author: Chris PeBenito tresys com> AuthorDate: Tue Dec 8 14:53:02 2015 +0000 Commit: Jason Zaman gentoo org> CommitDate: Thu Dec 17 15:57:35 2015 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ca03f8aa Update Changelog for release. policy/modules/contrib/Changelog | 93 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) diff --git a/policy/modules/contrib/Changelog b/policy/modules/contrib/Changelog index 66e7d7c..63c8ea9 100644 --- a/policy/modules/contrib/Changelog +++ b/policy/modules/contrib/Changelog @@ -1,3 +1,96 @@ +* Tue Dec 08 2015 Chris PeBenito - 2.20151208 +Alexander Wetzel (1): + add vfio support for libvirt + +Chas Williams - CONTRACTOR (1): + afs: update labels, file contexts and allow access to urandom + +Chris PeBenito (14): + Module version bump for hadoop_admin() fix from Jazon Zaman. + Module version bump for fc typo in radius from Sven Vermeulen. + Module version bump for patches from Jason Zaman. + Module version bump for init_startstop_service from Jason Zaman. + Module version bump for cron_admin interface from Jason Zaman. + Comment/whitespace fix in virt.te. + Module version bump for vfio support for libvirt from Alexander Wetzel. + Add systemd unit types. + Add systemd socket activations. + Merge branch 'pebenito-master' + Module version bump for systemd additions. + Merge branch 'bigon-systemd' + Module version bump for dbus systemd patch from Laurent Bigonville. + Bump module versions for release. + +Dominick Grift (16): + Module version bump for courier fixes from Sven Vermeulen. + Module version bump for afs fixes from Chas Williams. + Redundant rules and afs_files_t is not a filesystem type + Various samhain fixes + Cachefilesd module updates + Module version bump for changes to the dnsmasq policy module by Jason + Zaman + Module version bump for changes to the snmp policy module by Jason Zaman + Module version bump for changes to the pulseaudio policy module by Jason + Zaman + cachefiles: It is cachefilesd_cache_t + Module version bump for update to the networkmanager policy module by + Stephen Smalley. + Module version bumps for "Remove run interface calls from admin + interfaces" changes by Jason Zaman. + Module version bump for changes to the pulseaudio module by Niklas Haas. + Changes to the git, hadoop and rsync modules by Jason Zaman. + Module version bump for changes to the virt module by Jason Zaman + Module version bump for changes to the mozilla module from Laurent + Bigonville. + Module version bump for changes to the wine module by Nicolas Iooss + +Jason Zaman (19): + hadoop: remove _role from _admin interface + rpcbind: typo fix + git: make inetd interface optional + rpc: introduce allow_gssd_write_tmp boolean + rpc: allow setgid capability + virt: add virt_tmpfs_t type and permissions + introduce virt_leaseshelper_t + dnsmasq: allow exec shell for scripts + snmp: missing fcontext for snmpd + pulseaudio: filetrans for autospawn.lock + Use init_startstop_service in admin interfaces A-M + Use init_startstop_service in admin interfaces N-Z + Remove _run() interfaces from _admin() + Introduce cron_admin interface + rsync: remove rsync_run from admin interface + git: allow git_system_t to listen on tcp_sockets + hadoop: init_startstop_service() can not take attributes + virt: Allow creating qemu guest agent socket + virt: Add policy for virtlockd the Virtual machine lock manager + +Laurent Bigonville (2): + Transition D-Bus system service out of the init_t domain when PID1 is + systemd + Label iceweasel plugin-container executable as mozilla_plugin_exec_t + +Nicolas Iooss (1): + wine: remove use of nonexisting interface + +Niklas Haas (1): + pulse: don't give pulseaudio_client full access to user_home_t + +Stephen Smalley (1): + contrib: networkmanager: allow netlink_generic_socket access + +Sven Vermeulen (6): + Locate authdaemon socket and communicate with authdaemon + Allow authdaemon to access selinux fs to check SELinux state + Grant setuid/setgid to courier_pop_t + Execute courier helper script after authentication + Courier IMAP needs to manage the users' maildir + Fix typo for radiusd /var/lib location + +doverride (2): + Merge pull request #3 from haasn/pulse-nohome + Merge pull request #6 from bigon/mozilla-1 + * Wed Dec 03 2014 Chris PeBenito - 2.20141203 Chris PeBenito (26): Whitespace fix in ntp.fc. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id AA1781384B4 for ; Thu, 17 Dec 2015 16:11:04 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 337CC21C025; Thu, 17 Dec 2015 16:10:55 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 6B40E21C026 for ; Thu, 17 Dec 2015 16:10:49 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 5F6A23406C0 for ; Thu, 17 Dec 2015 16:10:43 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 0DC6ECF4 for ; Thu, 17 Dec 2015 16:10:40 +0000 (UTC) From: "Jason Zaman" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" Message-ID: <1450367855.ca03f8aa14fec8faf06c9d9b56c1273b175ce0e4.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/contrib/Changelog X-VCS-Directories: policy/modules/contrib/ X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: ca03f8aa14fec8faf06c9d9b56c1273b175ce0e4 X-VCS-Branch: master Date: Thu, 17 Dec 2015 16:10:40 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 653a5353-da13-4f2c-a966-89c7b27b8ff6 X-Archives-Hash: 87ea109706d89e322b54afcc235af631 Message-ID: <20151217161040.INk14rlVjkNzxxYo572Oal2nTT20m9nUzb5sJ7Ra2Qc@z> commit: ca03f8aa14fec8faf06c9d9b56c1273b175ce0e4 Author: Chris PeBenito tresys com> AuthorDate: Tue Dec 8 14:53:02 2015 +0000 Commit: Jason Zaman gentoo org> CommitDate: Thu Dec 17 15:57:35 2015 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ca03f8aa Update Changelog for release. policy/modules/contrib/Changelog | 93 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) diff --git a/policy/modules/contrib/Changelog b/policy/modules/contrib/Changelog index 66e7d7c..63c8ea9 100644 --- a/policy/modules/contrib/Changelog +++ b/policy/modules/contrib/Changelog @@ -1,3 +1,96 @@ +* Tue Dec 08 2015 Chris PeBenito - 2.20151208 +Alexander Wetzel (1): + add vfio support for libvirt + +Chas Williams - CONTRACTOR (1): + afs: update labels, file contexts and allow access to urandom + +Chris PeBenito (14): + Module version bump for hadoop_admin() fix from Jazon Zaman. + Module version bump for fc typo in radius from Sven Vermeulen. + Module version bump for patches from Jason Zaman. + Module version bump for init_startstop_service from Jason Zaman. + Module version bump for cron_admin interface from Jason Zaman. + Comment/whitespace fix in virt.te. + Module version bump for vfio support for libvirt from Alexander Wetzel. + Add systemd unit types. + Add systemd socket activations. + Merge branch 'pebenito-master' + Module version bump for systemd additions. + Merge branch 'bigon-systemd' + Module version bump for dbus systemd patch from Laurent Bigonville. + Bump module versions for release. + +Dominick Grift (16): + Module version bump for courier fixes from Sven Vermeulen. + Module version bump for afs fixes from Chas Williams. + Redundant rules and afs_files_t is not a filesystem type + Various samhain fixes + Cachefilesd module updates + Module version bump for changes to the dnsmasq policy module by Jason + Zaman + Module version bump for changes to the snmp policy module by Jason Zaman + Module version bump for changes to the pulseaudio policy module by Jason + Zaman + cachefiles: It is cachefilesd_cache_t + Module version bump for update to the networkmanager policy module by + Stephen Smalley. + Module version bumps for "Remove run interface calls from admin + interfaces" changes by Jason Zaman. + Module version bump for changes to the pulseaudio module by Niklas Haas. + Changes to the git, hadoop and rsync modules by Jason Zaman. + Module version bump for changes to the virt module by Jason Zaman + Module version bump for changes to the mozilla module from Laurent + Bigonville. + Module version bump for changes to the wine module by Nicolas Iooss + +Jason Zaman (19): + hadoop: remove _role from _admin interface + rpcbind: typo fix + git: make inetd interface optional + rpc: introduce allow_gssd_write_tmp boolean + rpc: allow setgid capability + virt: add virt_tmpfs_t type and permissions + introduce virt_leaseshelper_t + dnsmasq: allow exec shell for scripts + snmp: missing fcontext for snmpd + pulseaudio: filetrans for autospawn.lock + Use init_startstop_service in admin interfaces A-M + Use init_startstop_service in admin interfaces N-Z + Remove _run() interfaces from _admin() + Introduce cron_admin interface + rsync: remove rsync_run from admin interface + git: allow git_system_t to listen on tcp_sockets + hadoop: init_startstop_service() can not take attributes + virt: Allow creating qemu guest agent socket + virt: Add policy for virtlockd the Virtual machine lock manager + +Laurent Bigonville (2): + Transition D-Bus system service out of the init_t domain when PID1 is + systemd + Label iceweasel plugin-container executable as mozilla_plugin_exec_t + +Nicolas Iooss (1): + wine: remove use of nonexisting interface + +Niklas Haas (1): + pulse: don't give pulseaudio_client full access to user_home_t + +Stephen Smalley (1): + contrib: networkmanager: allow netlink_generic_socket access + +Sven Vermeulen (6): + Locate authdaemon socket and communicate with authdaemon + Allow authdaemon to access selinux fs to check SELinux state + Grant setuid/setgid to courier_pop_t + Execute courier helper script after authentication + Courier IMAP needs to manage the users' maildir + Fix typo for radiusd /var/lib location + +doverride (2): + Merge pull request #3 from haasn/pulse-nohome + Merge pull request #6 from bigon/mozilla-1 + * Wed Dec 03 2014 Chris PeBenito - 2.20141203 Chris PeBenito (26): Whitespace fix in ntp.fc.