-
Notifications
You must be signed in to change notification settings - Fork 1
/
ChangeLog
173 lines (101 loc) · 5.28 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
2015-01-23 Larry Pezzaglia <[email protected]>
* 0.13.2 release
2015-01-16 Larry Pezzaglia <[email protected]>
* 0.13.1 release
2014-10-08 Larry Pezzaglia <[email protected]>
* specs/chos.spec: Include all pam_chos files in /lib64/security/
2014-10-06 Larry Pezzaglia <[email protected]>
* kernel/find_fork.sh: Update EL7 opcode to match 3.10.0-123.el7.x86_64 kernels
2014-09-27 Larry Pezzaglia <[email protected]>
* specs/chos.spec: Do not build kernel module by default in specfile
2014-09-25 Larry Pezzaglia <[email protected]>
Merge branch 'el7' adding initial support for the EL7 kernel family:
* eb3f552 (HEAD, master, el7) Use --with-kernel-source instead of --with-kheaders
* d8b94fc Explicity set memory associated with the wrapped function to writable. This should remove the requirement for CONFIG_DEBUG_RODATA=n
* 55c85a4 Explicitly use private mounts
* 4786ab9 Update version to 0.13.0rc1
* 81a2c07 Page-align jumper memory and allocate an additional byte for path storage
* 8c7bea2 Remove Wtype-limits from CFLAGS to restore support for el5's gcc
* de51980 Only use set_memory_x on kernels >= 2.6.25
* c4bcf83 Mark memory allocated to the jumper function as executable to accommodate CONFIG_DEBUG_MODULE_RONX
* cf1a259 Add support for the EL7 kernel's do_fork() function
* dccb530 Update operations on files in /proc/chos/ to match the new proc interface
* ca2c1b8 Initial modifications to build against the el7 kernel family
* a1835e9 Add set -Eeu to find_fork.sh
2014-09-12 Larry Pezzaglia <[email protected]>
* 0.12.1 release
2013-07-29 Larry Pezzaglia <[email protected]>
* kernel/chos_lkm.c: Improve several log messages
2013-07-27 Larry Pezzaglia <[email protected]>
* build_rpm, conf/Makefile.am, configure.ac, kernel/dkms.conf,
pam_chos/Makefile.am, specs/chos.spec: Numerous build system
improvements
* conf/chos.sys: Rename to conf/sysconfig/chos and add MAKELINKS
option
* utils/chos.init: Minor improvements to umountlocal functionality
2013-07-03 Larry Pezzaglia <[email protected]>
* conf/Makefile.am, configure.ac, kernel/Makefile,
pam_chos/Makefile.am, utils/Makefile.am: Numerous build system
improvements.
2013-07-02 Larry Pezzaglia <[email protected]>
* utils/chos.init: Add support for link creation in /chos/ and
improvements to handling /chos/local/
Merge branch 'pam_chos_config':
* pam_chos/pam_chos.8: Initial manpage for pam_chos
* pam_chos/pam_chos.c: Whitespace cleanups
* pam_chos/pam_chos.c, pam_chos/pam_chos.h: Add configuration
tracking structure for pam_chos. Implement user_conf_file and
fail_to_default options.
2013-07-01 Larry Pezzaglia <[email protected]>
* utils/chos.h, utils/chos.c, utils/chos.1: Implement --help and
--version options for the chos utility.
* utils/chos.c: Add argmatch function.
* utils/chos.c, utils/chos.h: Move function prototypes into
chos.h. Whitespace cleanups.
2013-06-28 Larry Pezzaglia <[email protected]>
* Kernel/chos_lkm.c: Restore support for building against the EL5
kernel family
* kernel/chos_lkm.c: Check return value from __copy_from_user().
2013-06-27 Larry Pezzaglia <[email protected]>
* 0.11.2 release
* kernel/chos_lkm.c: Modify the behavior of chos_do_fork to
explicitly set the CHOS link of new processes to match that of the
parent process. do_fork() copies the original process, wakes up the
new process, and then returns. This means that there is some amount
of time where the new process is awake but the real do_fork() has
not yet returned. This change should prevent some scenarios
identified by Doug Jacobsen of NERSC where the child process forks
its own child process and then exits before its CHOS link is set,
resulting in the newest child process not receiving the correct CHOS
link mapping.
2012-10-29 Larry Pezzaglia <[email protected]>
* 0.11.1 release
* kernel/chos_lkm.c: Fix issue where it was not possible to change
from the "/" environment back to the previous environment.
2012-10-29 Larry Pezzaglia <[email protected]>
* utils/chos.c, pam_chos/pam_chos.c: Revert "If an invalid CHOS
environment is requested, fall back to the "default" until it can be
implemented as a configurable behavior
2012-10-02 Larry Pezzaglia <[email protected]>
* 0.11 release
* utils/chos.c, pam_chos/pam_chos.c: If an invalid CHOS environment
is requested, fall back to the "default" environment.
* kernel/chos_lkm.c: Populate nonchroot structure with real root
directory
* kernel/chos_lkm.c: Additional changes to facilitate building under
EL6
2012-10-01 Larry Pezzaglia <[email protected]>
* configure.in: Properly record kernel version.
* build_rpm: Increase version number to 11.
* kernel/chos_lkm.c: Minor changes to support building on EL6
against EL6 kernel headers
2012-10-01 Larry Pezzaglia <[email protected]>
* kernel/chos_lkm.c: Merged support for exiting CHOS and returning
to the "root" environment from Shane's branch
* Merged many cleanups and build system improvements from Shane's
branch
2012-10-01 Larry Pezzaglia <[email protected]>
* Do not automatically start CHOS after RPM installation
* pam_chos/pam_chos.c: Modify pam_chos to use appropraite EUID
2011-12-09 Larry Pezzaglia <[email protected]>
* Initial support for the EL6 kernel family