[Selinux-commits] SF.net SVN: selinux: [2848] branches/stable/1_0/selinux-doc

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2848
          http://selinux.svn.sourceforge.net/selinux/?rev=2848&view=rev
Author:   ssmalley
Date:     2008-03-10 06:28:02 -0700 (Mon, 10 Mar 2008)

Log Message:
-----------
applied r2844:2846 from trunk:  add editorial comments to selinux-doc reports to note that they are not up to date

Modified Paths:
--------------
    branches/stable/1_0/selinux-doc/ChangeLog
    branches/stable/1_0/selinux-doc/VERSION
    branches/stable/1_0/selinux-doc/module/changes.sgml
    branches/stable/1_0/selinux-doc/module/intro.sgml
    branches/stable/1_0/selinux-doc/module/ip.sgml
    branches/stable/1_0/selinux-doc/policy/intro.sgml

Modified: branches/stable/1_0/selinux-doc/ChangeLog
===================================================================

--- branches/stable/1_0/selinux-doc/ChangeLog	2008-03-10 13:19:48 UTC (rev 2847)
+++ branches/stable/1_0/selinux-doc/ChangeLog	2008-03-10 13:28:02 UTC (rev 2848)
@@ -1,3 +1,8 @@
+1.26.1 2008-03-07
+	* Added editorial comments to the policy and module reports noting
+	  that they do not reflect the current state of SELinux to avoid
+ 	  reader confusion.
+
 1.26 2006-03-14
 	* Updated version for release.
 

Modified: branches/stable/1_0/selinux-doc/VERSION
===================================================================
--- branches/stable/1_0/selinux-doc/VERSION	2008-03-10 13:19:48 UTC (rev 2847)
+++ branches/stable/1_0/selinux-doc/VERSION	2008-03-10 13:28:02 UTC (rev 2848)
@@ -1 +1 @@
-1.26
+1.26.1

Modified: branches/stable/1_0/selinux-doc/module/changes.sgml
===================================================================
--- branches/stable/1_0/selinux-doc/module/changes.sgml	2008-03-10 13:19:48 UTC (rev 2847)
+++ branches/stable/1_0/selinux-doc/module/changes.sgml	2008-03-10 13:28:02 UTC (rev 2848)
@@ -491,6 +491,7 @@
 2.6.  There is one exception: a getpeercon API has been implemented to
 support obtaining peer security contexts for Unix stream connections,
 and is available in Linux 2.6.
+<comment>Note:  The preceding statements are historical and no longer apply to modern SELinux systems, which do support labeled networking and APIs for getting peer and datagram contexts on both INET and Unix sockets.</comment>
 </para>
 </sect3>
 

Modified: branches/stable/1_0/selinux-doc/module/intro.sgml
===================================================================
--- branches/stable/1_0/selinux-doc/module/intro.sgml	2008-03-10 13:19:48 UTC (rev 2847)
+++ branches/stable/1_0/selinux-doc/module/intro.sgml	2008-03-10 13:28:02 UTC (rev 2848)
@@ -31,8 +31,6 @@
 and several individuals, including Greg Kroah-Hartman and James
 Morris, to develop a Linux kernel patch that implements this
 framework.  The LSM framework is included as part of the Linux 2.6 series.
-Documentation and papers about LSM are available from <ulink
-url="http://lsm.immunix.org/lsm_doc.html">the LSM web site</ulink>. 
 </para>
 
 <para>
@@ -52,5 +50,9 @@
 kernel object or kernel subsystem.
 </para>
 
+<para>
+<comment>Note:  This report predates modern enhancements to the SELinux kernel code, such as the introduction of labeled networking support (labeled IPSEC and NetLabel/CIPSO), the introduction of APIs for getting peer and datagram security contexts for INET and Unix socket IPC, and significant changes to the SELinux network access controls.  Thus, while much of the discussion herein is still applicable, much has changed in modern SELinux kernels.</comment>
+</para>
+
 </sect1>
 

Modified: branches/stable/1_0/selinux-doc/module/ip.sgml
===================================================================
--- branches/stable/1_0/selinux-doc/module/ip.sgml	2008-03-10 13:19:48 UTC (rev 2847)
+++ branches/stable/1_0/selinux-doc/module/ip.sgml	2008-03-10 13:28:02 UTC (rev 2848)
@@ -15,6 +15,7 @@
 using only the socket layer hooks and NetFilter hooks, and some
 functionality such as packet labeling was dropped from SELinux.  This
 section describes the SELinux NetFilter hook functions.
+<comment>Note:  The preceding statements are historical and no longer apply to modern SELinux systems, which do include a set of network hooks and support packet labeling.</comment>
 </para>
 
 <para>

Modified: branches/stable/1_0/selinux-doc/policy/intro.sgml
===================================================================
--- branches/stable/1_0/selinux-doc/policy/intro.sgml	2008-03-10 13:19:48 UTC (rev 2847)
+++ branches/stable/1_0/selinux-doc/policy/intro.sgml	2008-03-10 13:28:02 UTC (rev 2848)
@@ -44,4 +44,8 @@
 purposes.
 </para>
 
+<para>
+<comment>Note:  This report predates the transition from using the original NSA example policy configuration to using the reference policy, and the transition from monolithic policy to modular/managed policy.  Thus, while some of the discussion herein is still applicable, much has changed in modern SELinux systems.</comment>
+</para>
+
 </sect1>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


