2879 |
is used, I changed to allow overriding the trigger for calling external |
is used, I changed to allow overriding the trigger for calling external |
2880 |
policy loader and activating MAC via kernel command line options. |
policy loader and activating MAC via kernel command line options. |
2881 |
|
|
2882 |
Fix 2008/06/14 |
Fix 2011/06/14 |
2883 |
|
|
2884 |
@ Remove unused "struct inode *" parameter from ccs-patch-\*.diff . |
@ Remove unused "struct inode *" parameter from ccs-patch-\*.diff . |
2885 |
|
|
2891 |
If you have your own ccs-patch-*.diff , please update accordingly. |
If you have your own ccs-patch-*.diff , please update accordingly. |
2892 |
|
|
2893 |
Version 1.8.2 2011/06/20 Usability enhancement release. |
Version 1.8.2 2011/06/20 Usability enhancement release. |
2894 |
|
|
2895 |
|
Fix 2011/07/07 |
2896 |
|
|
2897 |
|
@ Remove /proc/ccs/.domain_status interface. |
2898 |
|
|
2899 |
|
Writing to /proc/ccs/.domain_status can be emulated by |
2900 |
|
|
2901 |
|
( echo "select " $domainname; echo "use_profile " $profile ) | |
2902 |
|
/usr/sbin/ccs-loadpolicy -d |
2903 |
|
|
2904 |
|
and reading from /proc/ccs/.domain_status can be emulated by |
2905 |
|
|
2906 |
|
grep -A 1 '^<' /proc/ccs/domain_policy | |
2907 |
|
awk ' { if ( domainname == "" ) { if ( substr($1, 1, 1) == "<" ) |
2908 |
|
domainname = $0; } else if ( $1 == "use_profile" ) { |
2909 |
|
print $2 " " domainname; domainname = ""; } } ; ' |
2910 |
|
|
2911 |
|
. Since this interface is used by only /usr/sbin/ccs-setprofile , |
2912 |
|
remove this interface by updating /usr/sbin/ccs-setprofile . |
2913 |
|
|
2914 |
|
Fix 2011/07/09 |
2915 |
|
|
2916 |
|
@ Fix /proc/ccs/stat parser. |
2917 |
|
|
2918 |
|
For optimization, I changed to use simple_strtoul() rather than sscanf() |
2919 |
|
in ccs_write_stat(). But it caused parsing failure if space is inserted |
2920 |
|
before value (e.g. "Memory used by policy: $value"). |
2921 |
|
|
2922 |
|
Fix 2011/07/13 |
2923 |
|
|
2924 |
|
@ Accept "::" notation for IPv6 address. |
2925 |
|
|
2926 |
|
In order to add network access restriction to TOMOYO 2.4, I backported |
2927 |
|
routines for parsing/printing IPv4/IPv6 address from kernel 3.0 into |
2928 |
|
TOMOYO 1.8.2. |
2929 |
|
Now, IPv6 address accepts "::1" instead of "0:0:0:0:0:0:0:1". |