Commit Graph

919 Commits

Author SHA1 Message Date
Daniel J Walsh
4e4a82e887 * Mon Nov 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-3
- Raise exception if user tries to add file context with an embedded space
2009-11-16 21:54:45 +00:00
Daniel J Walsh
a1e42cb153 * Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-2
- Fix sandbox to setsid so it can run under mozilla without crashing the session
2009-11-11 21:56:23 +00:00
Daniel J Walsh
942b683f29 * Tue Nov 2 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-1
- Update to upstream
	* Factor out restoring logic from setfiles.c into restore.c
2009-11-09 21:12:58 +00:00
Daniel J Walsh
44bb682976 * Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-15
- Fix typo in seobject.py
2009-11-02 16:40:00 +00:00
Daniel J Walsh
8cf3bcfdee * Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-14
- Allow semanage -i and semanage -o to generate customization files.
- semanage -o will generate a customization file that semanage -i can read and set a machines to the same selinux configuration
2009-10-30 21:01:42 +00:00
Daniel J Walsh
d189740fc7 * Mon Oct 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-12
- Add generation of the users context file to polgengui
2009-10-19 19:05:28 +00:00
Daniel J Walsh
573cd1c340 * Fri Oct 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-11
- Remove tabs from system-config-selinux glade file
2009-10-16 14:46:45 +00:00
Daniel J Walsh
bf48090916 * Thu Oct 15 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-10
- Remove translations screen from system-config-selinux
2009-10-15 21:46:14 +00:00
Daniel J Walsh
fd3c8c94ea * Wed Oct 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-9
- Move fixfiles man pages into the correct package
- Add genhomedircon to fixfiles restore
2009-10-14 14:47:50 +00:00
Daniel J Walsh
ac48b0b34b * Thu Oct 6 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-8
- Add check to sandbox to verify save changes - Chris Pardy
- Fix memory leak in restorecond - Steve Grubb
2009-10-06 16:09:52 +00:00
Daniel J Walsh
678a86d335 * Thu Oct 1 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-7
- Fixes Templates
2009-10-01 16:04:13 +00:00
Daniel J Walsh
d909dfe9a1 * Wed Sep 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-5
- Fixes for semanage -equiv, readded modules, --enable, --disable
2009-09-30 17:28:58 +00:00
Daniel J Walsh
f466aa0b3b * Wed Sep 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-5
- Fixes for semanage -equiv, readded modules, --enable, --disable
2009-09-30 15:37:12 +00:00
Daniel J Walsh
6c27d724c5 * Sun Sep 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-4
- Close sandbox when eclipse exits
2009-09-21 13:54:02 +00:00
Daniel J Walsh
425e7d2796 * Fri Sep 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-3
- Security fixes for seunshare
- Fix Sandbox to handle non file input to command.
2009-09-19 01:40:53 +00:00
Daniel J Walsh
b98d816316 * Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-2
- Security fixes for seunshare
2009-09-17 19:19:53 +00:00
Daniel J Walsh
26d020dedb * Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1
- Update to upstream
	* Change semodule upgrade behavior to install even if the module
	  is not present from Dan Walsh.
	* Make setfiles label if selinux is disabled and a seclabel aware
	  kernel is running from Caleb Case.
	* Clarify forkpty() error message in run_init from Manoj Srivastava.
2009-09-17 13:07:45 +00:00
Daniel J Walsh
1696e8f7d1 * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5
- Fix sandbox to handle relative paths
2009-09-16 19:48:49 +00:00
Daniel J Walsh
c9fdf240be * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-4
- Add symbolic link to load_policy
2009-09-15 21:36:51 +00:00
Daniel J Walsh
f109f0076e * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-3
- Fix restorecond script to use force-reload
2009-09-14 19:39:09 +00:00
Daniel J Walsh
b87b8212fa * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-2
- Fix init script to show status in usage message
2009-09-09 21:07:24 +00:00
Daniel J Walsh
fc20c42a12 * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-2
- Fix init script to show status in usage message
2009-09-09 17:04:51 +00:00
Daniel J Walsh
b745fe1161 * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-1
- Update to upstream
        * Add semanage dontaudit to turn off dontaudits from Dan Walsh.
        * Fix semanage to set correct mode for setrans file from Dan Walsh.
        * Fix malformed dictionary in portRecord from Dan Walsh.
	* Restore symlink handling support to restorecon based on a patch by
	Martin Orr.  This fixes the restorecon /dev/stdin performed by Debian
	udev scripts that was broken by policycoreutils 2.0.70.
2009-09-08 14:23:39 +00:00
Daniel J Walsh
7ae4fd64fa * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-1
- Update to upstream
        * Add semanage dontaudit to turn off dontaudits from Dan Walsh.
        * Fix semanage to set correct mode for setrans file from Dan Walsh.
        * Fix malformed dictionary in portRecord from Dan Walsh.
	* Restore symlink handling support to restorecon based on a patch by
	Martin Orr.  This fixes the restorecon /dev/stdin performed by Debian
	udev scripts that was broken by policycoreutils 2.0.70.
2009-09-08 14:15:50 +00:00
Bill Nottingham
05becad504 Fix typo 2009-09-02 15:09:25 +00:00
Daniel J Walsh
7b3ab100a9 * Fri Aug 28 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-14
- Add enable/disable patch
2009-08-28 18:18:46 +00:00
Tomáš Mráz
6c6ee0fad7 * Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.0.71-13
- rebuilt with new audit
2009-08-27 07:51:00 +00:00
Daniel J Walsh
a39af4db38 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-12
- Tighten up controls on seunshare.c
2009-08-26 21:52:30 +00:00
Daniel J Walsh
0a51336809 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
- Add sandboxX
2009-08-26 20:45:29 +00:00
Daniel J Walsh
7b1b3e71e3 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
- Add sandboxX
2009-08-26 20:36:45 +00:00
Daniel J Walsh
a45221f297 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
- Add sandboxX
2009-08-26 19:09:44 +00:00
Daniel J Walsh
2d7c5b6d7a * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
- Add sandboxX
2009-08-26 18:05:34 +00:00
Daniel J Walsh
349a457593 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
- Add sandboxX
2009-08-26 18:05:32 +00:00
Daniel J Walsh
4b8a9749e9 * Sat Aug 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-10
- Fix realpath usage to only happen on argv input from user
2009-08-22 12:08:34 +00:00
Daniel J Walsh
f6cc437735 * Fri Aug 21 2009 Ville Skyttä <ville.skytta@iki.fi> - 2.0.71-9
- Don't try to remove restorecond after last erase (done already in %preun).
- Ensure scriptlets exit with status 0.
- Fix %post and %pr
2009-08-21 19:30:00 +00:00
Tomáš Mráz
7c396f5fa5 - rebuilt with new audit 2009-08-21 11:14:26 +00:00
Daniel J Walsh
4bf248f359 * Thu Aug 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-7
- Fix glob handling of /..
2009-08-20 19:51:45 +00:00
Daniel J Walsh
3f2af1bab0 * Thu Aug 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-7
- Fix glob handling of /..
2009-08-20 19:05:30 +00:00
Daniel J Walsh
c14fb87560 * Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-6
- Redesign restorecond to use setfiles/restore functionality
2009-08-19 20:38:19 +00:00
Daniel J Walsh
8c640c000d * Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-6
- Redesign restorecond to use setfiles/restore functionality
2009-08-19 20:25:21 +00:00
Daniel J Walsh
48ee7275f3 * Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-5
- Fix sepolgen again
2009-08-19 19:02:29 +00:00
Daniel J Walsh
8efd3b07e1 * Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-4
- Add --boot flag to audit2allow to get all AVC messages since last boot
2009-08-19 13:08:28 +00:00
Daniel J Walsh
e96c403a63 * Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-4
- Add --boot flag to audit2allow to get all AVC messages since last boot
2009-08-18 19:25:04 +00:00
Daniel J Walsh
2b1f1bd524 * Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-3
- Fix semanage command
2009-08-18 12:32:44 +00:00
Daniel J Walsh
a66c52cf6b * Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-2
- exclude unconfined.if from sepolgen
2009-08-13 22:22:35 +00:00
Daniel J Walsh
d2c83ee012 * Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-1
- Fix chcat to report error on non existing file
- Update to upstream
	* Modify setfiles/restorecon checking of exclude paths.  Only check
	user-supplied exclude paths (not automatically generated ones based on
	lack of seclabel support), don't require them to be directories, and
	ignore permission denied errors on them (it is ok to exclude a path to
	which the caller lacks permission).
2009-08-13 22:08:59 +00:00
Daniel J Walsh
2267915618 * Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-1
- Fix chcat to report error on non existing file
- Update to upstream
	* Modify setfiles/restorecon checking of exclude paths.  Only check
	user-supplied exclude paths (not automatically generated ones based on
	lack of seclabel support), don't require them to be directories, and
	ignore permission denied errors on them (it is ok to exclude a path to
	which the caller lacks permission).
2009-08-13 22:01:02 +00:00
Daniel J Walsh
7bb7784c7d * Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-1
- Fix chcat to report error on non existing file
- Update to upstream
	* Modify setfiles/restorecon checking of exclude paths.  Only check
	user-supplied exclude paths (not automatically generated ones based on
	lack of seclabel support), don't require them to be directories, and
	ignore permission denied errors on them (it is ok to exclude a path to
	which the caller lacks permission).
2009-08-13 21:55:27 +00:00
Daniel J Walsh
afa7adf27e * Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-1
- Fix chcat to report error on non existing file
- Update to upstream
	* Modify setfiles/restorecon checking of exclude paths.  Only check
	user-supplied exclude paths (not automatically generated ones based on
	lack of seclabel support), don't require them to be directories, and
	ignore permission denied errors on them (it is ok to exclude a path to
	which the caller lacks permission).
2009-08-13 15:51:51 +00:00
Daniel J Walsh
f23e0fcdf3 * Mon Aug 10 2009 Dan Walsh <dwalsh@redhat.com> 2.0.70-2
- Don't warn if the user did not specify the exclude if root can not stat file system
2009-08-10 15:26:43 +00:00