From 6fdbb8b07e9405d3748c32a9b7906c73b95ccef5 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Fri, 15 Jun 2007 10:17:22 +0000
Subject: Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2007-06-15  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_selinux/pam_selinux.8.xml: Remove multiple option,
        add select_context and use_current_range options.
        * modules/pam_selinux/pam_selinux.c (send_audit_message): Added
        function for auditing role/level changes.
        (query_response): Add default response.
        (select_context): Removed.
        (manual_context): Query only role and level.
        (mls_range_allowed): Added function for range check.
        (config_context): Added function for role and level override.
        (pam_sm_open_session): Remove multiple option, add select_context
        and use_current_range_options. Use getseuserbyname to obtain
        SELinux user and level. Audit role/level changes. Call setkeycreatecon
        to assign key creation context. Don't fail on errors when SELinux
        is not in enforcing mode.
---
 NEWS | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 955ec0e0..a895d4e9 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,8 @@ Release X.XX.X.X
 * Add support for limits.d directory to pam_limits.
 * Improve pam_namespace module tobe more useful
   for MLS, fixed crash with bad config files.
+* Improve pam_selinux module to be more useful
+  for MLS.
 
 Release 0.99.7.1
 
-- 
cgit v1.2.3