From: pebenito@ieee.org (Chris PeBenito) Date: Tue, 27 Feb 2018 17:24:13 -0500 Subject: [refpolicy] [PATCH 0/5-v3] Updates for chronyd In-Reply-To: References: Message-ID: <03b59cde-da77-6c23-c612-cf4b7b2900e7@ieee.org> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 02/24/2018 09:37 AM, David Sugar via refpolicy wrote: > > This patch set is several changes to the chronyd module to achieve the following things: > > 1) Separate type for /etc/chrony.conf along with interfaces. > ??? v2 - fix a comment in the patch > 2) Interfaces to start/stop/status/etc.. the chronyd service > ??? v2 - fix a comment in the patch > 3) Allow chronyd to send/recv ntp client packets > 4) New type for chronyc - it is run from chrony-wait.service but it was running in init_t domain > ??? v2 - incorporate feedback on interface names & fix denial related to chowning /var/run/chrony > 5) Add interface to domtrans into chronyc domain > ??? v2 - incorporate feedback on interface names & allow cli access to tty > > I have updated based on feedback.? I'm re-submitting the whole set.? I hope this is easiest for Chris when merging.? Only 3/5 has NOT changed. > > v3 - don't submit as HTML emails - I'm not sure why that happened. > > ?chronyd.fc |?? 2 + > ?chronyd.if | 161 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > ?chronyd.te |? 60 ++++++++++++++++++++++- > ?3 files changed, 221 insertions(+), 2 deletions(-) These still don't apply with git am. There are conflicts and fuzz. -- Chris PeBenito