This patch set is several changes to the chronyd module to achieve the following things:
1) Separate type for /etc/chrony.conf along with interfaces.
v2 - fix a comment in the patch
2) Interfaces to start/stop/status/etc.. the chronyd service
v2 - fix a comment in the patch
3) Allow chronyd to send/recv ntp client packets
4) New type for chronyc - it is run from chrony-wait.service but it was running in init_t domain
v2 - incorporate feedback on interface names & fix denial related to chowning /var/run/chrony
5) Add interface to domtrans into chronyc domain
v2 - incorporate feedback on interface names & allow cli access to tty
I have updated based on feedback. I'm re-submitting the whole set. I hope this is easiest for Chris when merging. Only 3/5 has NOT changed.
chronyd.fc | 2 +
chronyd.if | 161 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
chronyd.te | 60 ++++++++++++++++++++++-
3 files changed, 221 insertions(+), 2 deletions(-)
--
2.14.3
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20180220/36a87051/attachment.html