[refpolicy] services_snort.patch

Christopher J. PeBenito cpebenito at tresys.com
Thu Oct 9 13:09:45 CDT 2008


On Wed, 2008-09-24 at 15:59 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_snort.patch
> 
> New path for snort
> 
> snort now uses /var/run/snort
> 
> Add initrc script support
> 
> allow admin to start/stop service
> 
> Admin needs admin_pattern on all file types
> 
> snort uses the netlinkg_firewall_socket
> 
> connects to the prelude port
> 
> reads random devices
> 
> reads utmp file
> 
> resolves hostnames
> 
> playes with prelude

Merged, except for the prelude bits.  It also sounds like that DNS
resolve should go in the prelude optional too.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150



More information about the refpolicy mailing list