From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Thu, 9 Oct 2008 14:09:45 -0400
Subject: [refpolicy] services_snort.patch
In-Reply-To: <48DA9C28.8000109@redhat.com>
References: <48DA9C28.8000109@redhat.com>
Message-ID: <1223575785.2165.138.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wed, 2008-09-24 at 15:59 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_snort.patch
> 
> New path for snort
> 
> snort now uses /var/run/snort
> 
> Add initrc script support
> 
> allow admin to start/stop service
> 
> Admin needs admin_pattern on all file types
> 
> snort uses the netlinkg_firewall_socket
> 
> connects to the prelude port
> 
> reads random devices
> 
> reads utmp file
> 
> resolves hostnames
> 
> playes with prelude

Merged, except for the prelude bits.  It also sounds like that DNS
resolve should go in the prelude optional too.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150