Commit Graph

116 Commits

Author SHA1 Message Date
Daniel J Walsh
b86cfc3a43 - Fix strip_con call 2005-09-16 18:42:27 +00:00
Daniel J Walsh
c2b28e3158 - Go back to original libsetrans code 2005-09-13 21:21:50 +00:00
Daniel J Walsh
bc0a935c8c - Eliminate forth param from mls context when mls is not enabled. 2005-09-13 16:48:16 +00:00
Daniel J Walsh
017ea0e76c - Update from NSA
Merged modified form of patch to avoid dlopen/dlclose by the static
    libselinux from Dan Walsh. Users of the static libselinux will not have
    any context translation by default.
2005-09-12 15:52:30 +00:00
Daniel J Walsh
99ddec8d69 - Update from NSA
Merged modified form of patch to avoid dlopen/dlclose by the static
    libselinux from Dan Walsh. Users of the static libselinux will not have
    any context translation by default.
2005-09-06 16:41:47 +00:00
Daniel J Walsh
59d6552e7d - Update from NSA
Added public functions to export context translation to users of libselinux
    (selinux_trans_to_raw_context, selinux_raw_to_trans_context).
2005-09-01 15:23:17 +00:00
Daniel J Walsh
eb500fb164 - Update from NSA
Remove special definition for context_range_set; use common code.
2005-08-29 11:59:41 +00:00
Daniel J Walsh
d3d9f9e7f8 - Update from NSA
Hid translation-related symbols entirely and ensured that raw functions
    have hidden definitions for internal use.
Allowed setting NULL via context_set* functions.
Allowed whitespace in MLS component of context.
Changed rpm_execcon to use translated functions to workaround lack of MLS
    level on upgraded systems.
2005-08-25 20:21:14 +00:00
Daniel J Walsh
e7e35da33b Merged context translation patch, originally by TCS, with modifications by
Dan Walsh (Red Hat).
2005-08-24 13:15:02 +00:00
Daniel J Walsh
1f935e2ec7 - Update from NSA
Merged several fixes for error handling paths in the AVC sidtab,
    matchpathcon, booleans, context, and get_context_list code from Serge
    Hallyn (IBM). Bugs found by Coverity.
Removed setupns; migrated to pam.
Merged patches to rename checkPasswdAccess() from Joshua Brindle. Original
    symbol is temporarily retained for compatibility until all callers are
    updated.
2005-08-12 02:46:49 +00:00
Daniel J Walsh
856cdc49d0 - Update makefiles 2005-07-21 15:58:45 +00:00
Daniel J Walsh
44200d6b78 - Update makefiles 2005-07-18 19:15:29 +00:00
Daniel J Walsh
67d0acbf49 - Update from NSA
Merged security_setupns() from Chad Sellers.
- fix selinuxenabled man page
2005-06-29 20:04:50 +00:00
Daniel J Walsh
661867eccf - Update from NSA
Merged avcstat and selinux man page from Dan Walsh.
Changed security_load_booleans to process booleans.local even if booleans
    file doesn't exist.
Fri Apr 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-3
- Fix avcstat to clear totals
2005-05-20 17:18:49 +00:00
Daniel J Walsh
8456bc124a - Fix avcstat to clear totals 2005-05-11 15:00:11 +00:00
Daniel J Walsh
8f3fa78bf6 - Add info to man page 2005-04-29 19:03:45 +00:00
Daniel J Walsh
d3be4d7a20 - Update from NSA
Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
Rewrote get_ordered_context_list and helpers, including changing logic to
    allow variable MLS fields.
2005-04-29 19:01:28 +00:00
Daniel J Walsh
3127b94941 - Update from NSA
Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
Rewrote get_ordered_context_list and helpers, including changing logic to
    allow variable MLS fields.
2005-04-29 18:11:40 +00:00
Daniel J Walsh
d7bbd88ea0 - Update from NSA 2005-04-26 16:25:57 +00:00
Daniel J Walsh
4ff3f08454 - Add backin matchpathcon 2005-04-21 14:20:57 +00:00
Daniel J Walsh
ce82f572f7 - Fix selinux_policy_root man page 2005-04-13 19:12:02 +00:00
Daniel J Walsh
b83512ff2c - Change assert(selinux_mnt) to if (!selinux_mnt) return -1; 2005-04-13 15:42:02 +00:00
Daniel J Walsh
e39f335d11 - Update from NSA
Fixed bug in matchpathcon_filespec_destroy.
2005-04-11 20:11:29 +00:00
Daniel J Walsh
5b866cc468 - Update from NSA
Fixed bug in rpm_execcon error handling path.
2005-04-06 11:06:40 +00:00
Daniel J Walsh
03a50e15ab - Update from NSA
Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
Merged fix for getconlist utility from Andreas Steinmetz.
2005-04-04 20:17:21 +00:00
Daniel J Walsh
fbe330170e - Update from NSA 2005-03-30 03:12:14 +00:00
Daniel J Walsh
c74c56d735 - Update from NSA 2005-03-30 03:02:38 +00:00
Daniel J Walsh
07da577db2 - Better handling of booleans 2005-03-29 15:33:55 +00:00
Daniel J Walsh
e037587aca - Update from NSA
Merged destructors patch from Tomas Mraz.
2005-03-17 20:01:37 +00:00
Daniel J Walsh
d432883eeb - Update from NSA
Added set_matchpathcon_flags() function for setting flags controlling
    operation of matchpathcon. MATCHPATHCON_BASEONLY means only process the
    base file_contexts file, not file_contexts.homedirs or
    file_contexts.local, and is for use by setfiles -c.
Updated matchpathcon.3 man page.
2005-03-17 15:39:58 +00:00
Daniel J Walsh
8e67581eb8 - Update from NSA 2005-03-10 14:44:02 +00:00
Daniel J Walsh
adbca5042d - Update from NSA
Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
2005-03-08 20:15:20 +00:00
Daniel J Walsh
d4111cf41f - Update from NSA
Changed matchpathcon_common to ignore any non-format bits in the mode.
2005-03-02 04:04:04 +00:00
Daniel J Walsh
1ec9b46064 - Update from NSA
Merged several fixes from Ulrich Drepper.
2005-02-22 22:12:25 +00:00
Daniel J Walsh
4cc1ca9316 - Update from NSA
Merged several fixes from Ulrich Drepper.
2005-02-22 21:38:09 +00:00
Daniel J Walsh
e7c97c5559 - Fix matchpathcon on eof. 2005-02-21 14:25:51 +00:00
Daniel J Walsh
31e19c1580 - Fix matchpathcon on eof. 2005-02-21 14:10:27 +00:00
Daniel J Walsh
8e994c6484 - Update from NSA
Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
Added selinux_users_path() for path to directory containing system.users
    and local.users.
2005-02-17 19:27:56 +00:00
Daniel J Walsh
03d51ea8f7 - Process file_context.homedir 2005-02-11 01:38:47 +00:00
Daniel J Walsh
34474bcbb4 - Update from NSA
Changed relabel Makefile target to use restorecon.
2005-02-10 13:48:34 +00:00
Daniel J Walsh
e508830eca - Update from NSA
Regenerated av_permissions.h.
2005-02-08 21:20:55 +00:00
Daniel J Walsh
3fbeee478d - Update from NSA
Modified avc_dump_av to explicitly check for any permissions that cannot be
    mapped to string names and display them as a hex value.
Regenerated av_permissions.h.
2005-02-02 23:18:13 +00:00
Daniel J Walsh
8851687ce1 - Update from NSA
Generalized matchpathcon internals, exported more interfaces, and moved
    additional code from setfiles into libselinux so that setfiles can
    directly use matchpathcon.
2005-01-31 18:51:58 +00:00
Daniel J Walsh
1d69704875 - Update from NSA
Prevent overflow of spec array in matchpathcon.
Fixed several uses of internal functions to avoid relocations.
Changed rpm_execcon to check is_selinux_enabled() and fallback to a regular
    execve if not enabled (or unable to determine due to a lack of /proc,
    e.g. chroot'd environment).
2005-01-28 17:19:20 +00:00
Daniel J Walsh
cc65d5b546 - Update from NSA
Merged minor fix for avcstat from Dan Walsh.
2005-01-26 16:36:33 +00:00
Daniel J Walsh
e0a30a3da4 - rpmexeccon should not fail in permissive mode. 2005-01-24 20:46:24 +00:00
Daniel J Walsh
ca41c6e4bb - fix printf in avcstat 2005-01-21 20:57:55 +00:00
Daniel J Walsh
e1e9d62ce4 - Update from NSA 2005-01-20 13:58:18 +00:00
Daniel J Walsh
958b6d4982 - Modify matchpathcon to also process file_contexts.local if it exists 2005-01-18 22:27:57 +00:00
Daniel J Walsh
ae6f77c9ad - Add is_customizable_types function call 2005-01-12 14:37:21 +00:00