1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
|
# ChangeLog for sec-policy/selinux-base-policy
# Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.52 2006/10/21 14:21:37 pebenito Exp $
21 Oct 2006; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20061015.ebuild:
Fix xml generation failure to die.
*selinux-base-policy-20061015 (15 Oct 2006)
15 Oct 2006; Chris PeBenito <pebenito@gentoo.org>
-selinux-base-policy-20061008.ebuild,
+selinux-base-policy-20061015.ebuild:
Update for testing fixes.
*selinux-base-policy-20061008 (08 Oct 2006)
08 Oct 2006; Chris PeBenito <pebenito@gentoo.org> -files/semanage.conf,
+selinux-base-policy-20061008.ebuild,
-selinux-base-policy-99999999.ebuild:
First mainstream reference policy testing release.
29 Sep 2006; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-99999999.ebuild:
Fix for new SVN location. Fixes 147781.
22 Feb 2006; Stephen Bennett <spb@gentoo.org>
selinux-base-policy-20051022-r1.ebuild:
Alpha stable
*selinux-base-policy-99999999 (02 Feb 2006)
02 Feb 2006; Chris PeBenito <pebenito@gentoo.org> +files/config,
+files/modules.conf.strict, +files/modules.conf.targeted,
+files/semanage.conf, +selinux-base-policy-99999999.ebuild:
Add experimental policy for testing reference policy. Requires portage fix
from bug #110857.
02 Feb 2006; Chris PeBenito <pebenito@gentoo.org>
-selinux-base-policy-20050322.ebuild,
-selinux-base-policy-20050618.ebuild,
-selinux-base-policy-20050821.ebuild,
-selinux-base-policy-20051022.ebuild:
Clean out old ebuilds.
14 Jan 2006; Stephen Bennett <spb@gentoo.org>
selinux-base-policy-20051022-r1.ebuild:
Added ~alpha
*selinux-base-policy-20051022-r1 (08 Dec 2005)
08 Dec 2005; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20051022-r1.ebuild:
Change to use compatability genhomedircon. Newer policycoreutils (1.28)
breaks the backwards compatability this policy uses.
*selinux-base-policy-20051022 (22 Oct 2005)
22 Oct 2005; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20051022.ebuild:
Very trivial fixes.
08 Sep 2005; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20050821.ebuild:
Mark stable.
*selinux-base-policy-20050821 (21 Aug 2005)
21 Aug 2005; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20050821.ebuild:
Minor updates for 2.6.12.
21 Jun 2005; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20050618.ebuild:
Mark stable.
*selinux-base-policy-20050618 (18 Jun 2005)
18 Jun 2005; Chris PeBenito <pebenito@gentoo.org>
-selinux-base-policy-20041123.ebuild,
-selinux-base-policy-20050306.ebuild,
+selinux-base-policy-20050618.ebuild:
New release to support 2.6.12 features.
10 May 2005; Stephen Bennett <spb@gentoo.org>
selinux-base-policy-20050322.ebuild:
mips stable
01 May 2005; Stephen Bennett <spb@gentoo.org>
selinux-base-policy-20050322.ebuild:
Added ~mips.
*selinux-base-policy-20050322 (23 Mar 2005)
23 Mar 2005; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20050322.ebuild:
New release.
*selinux-base-policy-20050306 (06 Mar 2005)
06 Mar 2005; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20050306.ebuild:
Fix bad samba_domain dummy macro. Add policies needed for udev support.
*selinux-base-policy-20050224 (24 Feb 2005)
24 Feb 2005; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20050224.ebuild:
New release.
19 Jan 2005; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20041123.ebuild:
Mark stable.
*selinux-base-policy-20041123 (23 Nov 2004)
23 Nov 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20041123.ebuild:
New release with 1.18 merge.
*selinux-base-policy-20041023 (23 Oct 2004)
23 Oct 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20041023.ebuild:
New release with 1.16 merge. Tcpd and inetd have been deprecated since they
are not in the base system anymore, and probably no one uses them anyway.
*selinux-base-policy-20040906 (06 Sep 2004)
06 Sep 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20040906.ebuild:
New release with 1.14 merge, which has policy 18 (fine-grained netlink)
features.
05 Sep 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040225.ebuild, -selinux-base-policy-20040509.ebuild,
-selinux-base-policy-20040604.ebuild, selinux-base-policy-20040629.ebuild,
selinux-base-policy-20040702.ebuild:
Remove old builds, switch to epause and ebeep in remaining builds.
*selinux-base-policy-20040702 (02 Jul 2004)
02 Jul 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20040702.ebuild:
Same as 20040629, except with updated flask headers, which will come out in
2.6.8.
*selinux-base-policy-20040629 (29 Jun 2004)
29 Jun 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20040629.ebuild:
Large sysadmfile cleanup: disable admin_separation to give sysadm_r back its
ablility to modify all files. Minor fixes: portage_r works again, syslog-ng
breakage fixed, put back manual PaX policy for pageexec/segmexec.
16 Jun 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040604.ebuild:
Mark stable.
10 Jun 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040225.ebuild, selinux-base-policy-20040509.ebuild,
selinux-base-policy-20040604.ebuild:
Add src_compile() stub
*selinux-base-policy-20040604 (04 Jun 2004)
04 Jun 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20040604.ebuild:
New release including 1.12 NSA policy, and experimental sesandbox.
15 May 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040509.ebuild:
Mark stable.
*selinux-base-policy-20040509 (09 May 2004)
09 May 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20040509.ebuild:
A few small cleanups. Make PaX non exec pages macro based on arch. Large
portage update, get rid of portage_exec_fetch_t, portage will setexec. Add
global_ssp tunable.
*selinux-base-policy-20040418 (18 Apr 2004)
18 Apr 2004; Chris PeBenito <pebenito@gentoo.org>
+selinux-base-policy-20040418.ebuild:
New release for checkpolicy 1.10
*selinux-base-policy-20040414 (14 Apr 2004)
14 Apr 2004; Chris PeBenito <pebenito@gentoo.org>
-selinux-base-policy-20040408.ebuild, +selinux-base-policy-20040414.ebuild:
Minor updates
*selinux-base-policy-20040408 (08 Apr 2004)
08 Apr 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040408.ebuild:
New update. Users.fc is now deprecated, as the contexts for user directories
is now automatically generated. Portage fetching of distfiles now has a
subdomain, for dropping priviledges.
28 Feb 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040225.ebuild:
Mark stable.
*selinux-base-policy-20040225 (25 Feb 2004)
25 Feb 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040225.ebuild:
New support for PaX ACL hooks. Addition of tunable.te for configurable policy
options. Rewrite of portage.te. Now auto-transition for sysadm is default, can
reenable portage_r by tunable.te. Makefile update from NSA CVS.
*selinux-base-policy-20040209 (09 Feb 2004)
09 Feb 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040209.ebuild:
Minor revision to add XFS labeling and policy for integrated
runscript-run_init.
07 Feb 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040202.ebuild:
Mark x86 stable.
*selinux-base-policy-20040202 (02 Feb 2004)
02 Feb 2004; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20040202.ebuild:
A few misc fixes. Allow portage to update bootloader code, such as in lilo or
grub postinst. This requires checkpolicy 1.4-r1.
*selinux-base-policy-20031225 (25 Dec 2003)
25 Dec 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20031225.ebuild:
New release, with merged NSA 1.4 policy. One critical note, this policy
requires pam 0.77. Much work has been done to minimize access to /etc/shadow,
and one requirement is in the patch for pam 0.77. If you do not use this pam
version or newer, you will be unable to authenticate in enforcing. Since
devfs no longer is usable in SELinux, it's policy has been removed. You
should merge the changes, remove the devfsd policy (devfsd.te and devfsd.fc),
load the policy, and relabel.
27 Nov 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20031010-r1.ebuild:
Mark stable. Add build USE flag for stage building.
*selinux-base-policy-20031010-r1 (12 Nov 2003)
12 Nov 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20031010-r1.ebuild,
files/selinux-base-policy-20031010-cvs.diff:
Add fixes from policy cvs for compilers, so non x86 and ppc compilers can
work. Also portage update as a side effect of updated setfiles code in
portage, from bug 31748.
28 Oct 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20031010.ebuild:
Mark stable
*selinux-base-policy-20031010 (10 Oct 2003)
10 Oct 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20031010.ebuild:
New release for new API. Massive cleanups all over the place.
*selinux-base-policy-20030817 (17 Aug 2003)
17 Aug 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030817.ebuild:
Initial commit of new API policy
10 Aug 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030729-r1.ebuild:
Mark stable
*selinux-base-policy-20030729-r1 (31 Jul 2003)
31 Jul 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030729-r1.ebuild:
New rev that handles an empty POLICYDIR sanely.
*selinux-base-policy-20030729 (29 Jul 2003)
29 Jul 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030729.ebuild:
Make the ebuild use POLICYDIR. Important fix so portage can load policy so
selinux-policy.eclass works. update_modules_t cleanup. Fix for an access when
merging baselayout.
*selinux-base-policy-20030720 (20 Jul 2003)
20 Jul 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030720.ebuild:
Many fixes, including the syslog fix. File contexts have changed, so a relabel
is needed. You may encounter problems relabeling /usr/portage, as its file
context has changed, as files should not have the same type as a domain.
Relabelling in permissive will fix this, or temporarily give portage_t a
file_type attribute. Tightened the can_exec_any() macro. Moved staff.fc to
users.fc, since all users with SELinux identities should have their home
directories have the correct identity, not the generic identity.
06 Jun 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030604.ebuild:
Mark stable
*selinux-base-policy-20030604 (04 Jun 2003)
04 Jun 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030604.ebuild:
Fix broken 20030603
04 Jun 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030603.ebuild:
Pulling 20030603, as there are problems, 20030604 later today
*selinux-base-policy-20030603 (03 Jun 2003)
03 Jun 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030603.ebuild:
Numerous various fixes. Added staff role. Removed ipsec, gpm and gpg policies
as they are not appropriate for the base policy, and untested.
*selinux-base-policy-20030522 (22 May 2003)
22 May 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030522.ebuild:
The policy is in pretty good shape now. I've been able to run in enforcing mode
with little problem. I've also been able to successfully merge and unmerge
packages in enforcing mode, with few exceptions (why does mysql need to run ps
during configure?).
*selinux-base-policy-20030514 (14 May 2003)
14 May 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030514.ebuild:
Many improvements in many areas. Of note, rlogind policies were removed. Klogd
is being merged into syslogd. The portage policy is much more complete, but
still needs work. Its suggested that all changes be merged in, policy
reloaded, then relabel.
*selinux-base-policy-20030419 (19 Apr 2003)
23 Apr 2003; Chris PeBenito <pebenito@gentoo.org>
selinux-base-policy-20030419.ebuild:
Marking stable for selinux-small stable usage
19 Apr 2003; Chris PeBenito <pebenito@gentoo.org> Manifest,
selinux-base-policy-20030419.ebuild:
Initial commit. Base policies for SELinux, with Gentoo-specifics
|
GitWeb