From john.weeks at sun.com  Fri Jun  6 17:49:12 2008
From: john.weeks at sun.com (john.weeks at sun.com)
Date: Fri,  6 Jun 2008 17:49:12 -0700 (PDT)
Subject: [fmac-notify] 2131 checkpolicy produces different policy files on
	x86 & SPARC
Message-ID: <20080607004912.50527159C3C@mail.opensolaris.org>

Author: John Weeks <john.weeks at sun.com>
Repository: /hg/fmac/fmac-gate
Latest revision: ac651c81228278d60f28fe0c36ac3c1822481abe
Total changesets: 1
Log message:
2131 checkpolicy produces different policy files on x86 & SPARC

Files:
	update: usr/src/cmd/fmac/checkpolicy/policy_parse.y
	update: usr/src/cmd/fmac/checkpolicy/policy_scan.l
	update: usr/src/cmd/fmac/checkpolicy/write.c
	update: usr/src/common/fmac/ss/policydb.c


From john.weeks at sun.com  Tue Jun 10 06:57:23 2008
From: john.weeks at sun.com (john.weeks at sun.com)
Date: Tue, 10 Jun 2008 06:57:23 -0700 (PDT)
Subject: [fmac-notify] Lint cleanup
Message-ID: <20080610135723.F0CFF14A68F@mail.opensolaris.org>

Author: John Weeks <john.weeks at sun.com>
Repository: /hg/fmac/fmac-gate
Latest revision: 80a7460aad8788e1aea4cfb1707ddcd2d767ca71
Total changesets: 1
Log message:
Lint cleanup

Files:
	update: usr/src/common/fmac/ss/avtab.c
	update: usr/src/common/fmac/ss/mls.c
	update: usr/src/common/fmac/ss/mls.h
	update: usr/src/common/fmac/ss/policydb.c
	update: usr/src/common/fmac/ss/services.c
	update: usr/src/common/fmac/ss/symtab.c
	update: usr/src/uts/common/fmac/avc.c


From john.weeks at sun.com  Fri Jun 20 10:22:41 2008
From: john.weeks at sun.com (john.weeks at sun.com)
Date: Fri, 20 Jun 2008 10:22:41 -0700 (PDT)
Subject: [fmac-notify] First FMAC System Calls
Message-ID: <200806201722.m5KHMfNf028463@oss-app2.opensolaris.org>

Author: John Weeks <john.weeks at sun.com>
Repository: /hg/fmac/fmac-gate
Latest revision: a2e814385870d8ff65acc37a47bfddf7283433df
Total changesets: 1
Log message:
First FMAC System Calls

Files:
	create: usr/src/cmd/fmac/loadpolicy/Makefile
	create: usr/src/cmd/fmac/loadpolicy/loadpolicy.c
	create: usr/src/head/fmac/fmac.h
	create: usr/src/lib/libc/port/sys/fmacsys.c
	create: usr/src/uts/common/syscall/fmacsys.c
	update: usr/src/cmd/fmac/Makefile
	update: usr/src/cmd/truss/systable.c
	update: usr/src/common/fmac/ss/services.c
	update: usr/src/head/Makefile
	update: usr/src/lib/libc/amd64/Makefile
	update: usr/src/lib/libc/i386/Makefile.com
	update: usr/src/lib/libc/inc/synonyms.h
	update: usr/src/lib/libc/port/mapfile-vers
	update: usr/src/lib/libc/sparc/Makefile
	update: usr/src/lib/libc/sparcv9/Makefile
	update: usr/src/lib/libproc/common/proc_names.c
	update: usr/src/pkgdefs/SUNWcsr/prototype_com
	update: usr/src/pkgdefs/SUNWhea/prototype_com
	update: usr/src/uts/common/Makefile.files
	update: usr/src/uts/common/fmac/avc.c
	update: usr/src/uts/common/fmac/fmac.c
	update: usr/src/uts/common/krtld/kobj_bootflags.c
	update: usr/src/uts/common/os/main.c
	update: usr/src/uts/common/os/sysent.c
	update: usr/src/uts/common/sys/fmac/fmac.h
	update: usr/src/uts/common/sys/fmac/security.h
	update: usr/src/uts/common/sys/syscall.h
	update: usr/src/uts/common/sys/systm.h
	update: usr/src/uts/intel/os/name_to_sysnum
	update: usr/src/uts/sparc/os/name_to_sysnum


From sds at tycho.nsa.gov  Tue Jun 24 17:57:19 2008
From: sds at tycho.nsa.gov (sds at tycho.nsa.gov)
Date: Tue, 24 Jun 2008 17:57:19 -0700 (PDT)
Subject: [fmac-notify] [fmac-discuss] [PATCH]  Add [gs]etenforce utilities
Message-ID: <200806250057.m5P0vJjL009118@oss-app2.opensolaris.org>

Author: Stephen Smalley <sds at tycho.nsa.gov>
Repository: /hg/fmac/fmac-gate
Latest revision: b5189846142890e3d46d98c7a32cdee522ddab83
Total changesets: 1
Log message:
[fmac-discuss] [PATCH]  Add [gs]etenforce utilities
This patch adds getenforce and setenforce utility programs that in turn
call the corresponding FMAC system calls.

getenforce takes no arguments, outputs the current status, and exits
with a corresponding exit code.

setenforce takes a single argument indicating the desired status as
follows:
	setenforce [0|1|permissive|enforcing]
where 0 is the same as permissive and 1 is the same as enforcing.

Files:
	create: usr/src/cmd/fmac/getenforce/Makefile
	create: usr/src/cmd/fmac/getenforce/getenforce.c
	create: usr/src/cmd/fmac/setenforce/Makefile
	create: usr/src/cmd/fmac/setenforce/setenforce.c
	update: usr/src/cmd/fmac/Makefile
	update: usr/src/pkgdefs/SUNWcsr/prototype_com


From sds at tycho.nsa.gov  Wed Jun 25 12:25:20 2008
From: sds at tycho.nsa.gov (sds at tycho.nsa.gov)
Date: Wed, 25 Jun 2008 12:25:20 -0700 (PDT)
Subject: [fmac-notify] [fmac-discuss] [PATCH] Check for fmac_enabled,
	reset AVC
Message-ID: <200806251925.m5PJPKva022567@oss-app2.opensolaris.org>

Author: Stephen Smalley <sds at tycho.nsa.gov>
Repository: /hg/fmac/fmac-gate
Latest revision: edee5868bda987fbc96e63e43fd98a04b7eca6bf
Total changesets: 1
Log message:
[fmac-discuss] [PATCH] Check for fmac_enabled, reset AVC
Return immediately from the other FMAC syscalls if !fmac_enabled, and
reset the access vector cache when switching to enforcing mode to flush
permissions granted while permissive.

Files:
	update: usr/src/uts/common/syscall/fmacsys.c