Merge branch 'master' into f23
This commit is contained in:
commit
a547df577b
@ -11,7 +11,7 @@ diff -up ./contrib/selinux/cjdns.te.selinux ./contrib/selinux/cjdns.te
|
|||||||
}
|
}
|
||||||
|
|
||||||
type cjdns_t;
|
type cjdns_t;
|
||||||
@@ -18,12 +18,13 @@ init_daemon_domain(cjdns_t,cjdns_exec_t)
|
@@ -18,23 +18,23 @@ init_daemon_domain(cjdns_t,cjdns_exec_t)
|
||||||
#============= cjdns_t ==============
|
#============= cjdns_t ==============
|
||||||
# Let master process run further restricted subprocess
|
# Let master process run further restricted subprocess
|
||||||
allow cjdns_t cjdns_exec_t:file { execute_no_trans execmod };
|
allow cjdns_t cjdns_exec_t:file { execute_no_trans execmod };
|
||||||
@ -27,8 +27,9 @@ diff -up ./contrib/selinux/cjdns.te.selinux ./contrib/selinux/cjdns.te
|
|||||||
# allow network access
|
# allow network access
|
||||||
allow cjdns_t node_t:udp_socket node_bind;
|
allow cjdns_t node_t:udp_socket node_bind;
|
||||||
allow cjdns_t port_t:udp_socket name_bind;
|
allow cjdns_t port_t:udp_socket name_bind;
|
||||||
@@ -31,10 +32,9 @@ allow cjdns_t unreserved_port_t:udp_sock
|
allow cjdns_t unreserved_port_t:udp_socket name_bind;
|
||||||
allow cjdns_t self:netlink_route_socket { bind create getattr nlmsg_read read write };
|
-allow cjdns_t self:netlink_route_socket { bind create getattr nlmsg_read read write };
|
||||||
|
+allow cjdns_t self:netlink_route_socket { bind create getattr nlmsg_read read write nlmsg_write };
|
||||||
allow cjdns_t self:packet_socket { bind create ioctl read write };
|
allow cjdns_t self:packet_socket { bind create ioctl read write };
|
||||||
allow cjdns_t self:tun_socket create;
|
allow cjdns_t self:tun_socket create;
|
||||||
-allow cjdns_t self:udp_socket { create setopt bind ioctl getattr read write };
|
-allow cjdns_t self:udp_socket { create setopt bind ioctl getattr read write };
|
||||||
|
@ -39,7 +39,7 @@
|
|||||||
Name: cjdns
|
Name: cjdns
|
||||||
# major version is cjdns protocol version:
|
# major version is cjdns protocol version:
|
||||||
Version: 17.4
|
Version: 17.4
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
Summary: The privacy-friendly network without borders
|
Summary: The privacy-friendly network without borders
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# cjdns is all GPLv3 except libuv which is MIT and BSD and ISC
|
# cjdns is all GPLv3 except libuv which is MIT and BSD and ISC
|
||||||
@ -467,6 +467,9 @@ fi
|
|||||||
%{_bindir}/graphStats
|
%{_bindir}/graphStats
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jun 23 2016 Stuart D. Gathman <stuart@gathman.org> 17.4-4
|
||||||
|
- cjdns-selinux: allow cjdroute to manipulate route table
|
||||||
|
|
||||||
* Thu Jun 23 2016 Stuart D. Gathman <stuart@gathman.org> 17.4-3
|
* Thu Jun 23 2016 Stuart D. Gathman <stuart@gathman.org> 17.4-3
|
||||||
- Remove cjdns-resume.service patch, incorporated upstream
|
- Remove cjdns-resume.service patch, incorporated upstream
|
||||||
- Add --interface option to cjdns-online.sh
|
- Add --interface option to cjdns-online.sh
|
||||||
|
Loading…
Reference in New Issue
Block a user