From: dsugar@tresys.com (David Sugar)
Date: Sat, 24 Feb 2018 14:37:47 +0000
Subject: [refpolicy] [PATCH 0/5-v3] Updates for chronyd
Message-ID: <MWHPR15MB1853A78390AD5E873BAFB30DB9C30@MWHPR15MB1853.namprd15.prod.outlook.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

 
This patch set is several changes to the chronyd module to achieve the following things:

1) Separate type for /etc/chrony.conf along with interfaces.
??? v2 - fix a comment in the patch
2) Interfaces to start/stop/status/etc.. the chronyd service
??? v2 - fix a comment in the patch
3) Allow chronyd to send/recv ntp client packets
4) New type for chronyc - it is run from chrony-wait.service but it was running in init_t domain
??? v2 - incorporate feedback on interface names & fix denial related to chowning /var/run/chrony
5) Add interface to domtrans into chronyc domain
??? v2 - incorporate feedback on interface names & allow cli access to tty

I have updated based on feedback.? I'm re-submitting the whole set.? I hope this is easiest for Chris when merging.? Only 3/5 has NOT changed.

v3 - don't submit as HTML emails - I'm not sure why that happened.

?chronyd.fc |?? 2 +
?chronyd.if | 161 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
?chronyd.te |? 60 ++++++++++++++++++++++-
?3 files changed, 221 insertions(+), 2 deletions(-)

-- 
2.14.3