Dan Walsh
|
8dbd4d49f6
|
dd new restorecond service
|
2011-07-05 17:18:12 -04:00 |
|
Dan Walsh
|
759501823b
|
Add -C option to sandbox and seunshare to maintain capabilities, otherwise
the bounding set will be dropped.
Change --cgroups short name -c rather then -C for consistancy
Fix memory and fd leaks in seunshare
|
2011-07-05 16:51:18 -04:00 |
|
Dan Walsh
|
173e9f90db
|
Do not drop capability bounding set in seunshare, this allows sandbox to
run setuid apps.
|
2011-06-13 13:37:04 -04:00 |
|
Dan Walsh
|
299d98087e
|
Remove mount -o bind calls from sandbox init script
pam_namespace now has this built in.
|
2011-06-07 13:58:41 -04:00 |
|
Dan Walsh
|
dc86b007cf
|
Pass desktop dpi to sandbox Xephyr window
|
2011-06-07 08:37:18 -04:00 |
|
Dan Walsh
|
c2ef4a0bea
|
Allow semodule to pick alternate root for selinux files
Add ~/.config/* to restorcond_user.conf, so restorecond will watch for mislabeled files in this directory.
|
2011-06-06 13:01:14 -04:00 |
|
Dan Walsh
|
4a56398540
|
Apply patches from Christoph A.
* fix sandbox title
* stop xephyr from li
Also ignore errors on sandbox include of directory missing files
|
2011-04-22 07:06:23 -04:00 |
|
Dan Walsh
|
588030fc2c
|
Change fixfiles restore to delete unlabeled sockets in /tmp
|
2011-04-18 13:18:18 -04:00 |
|
Dan Walsh
|
61f1bc2068
|
Change fixfiles restore to delete unlabeled sockets in /tmp
|
2011-04-18 12:47:15 -04:00 |
|
Dan Walsh
|
9f65a26864
|
Update to upstream
* Use correct color range in mcstrand by Richard Haines.
|
2011-04-13 16:52:53 -04:00 |
|
Dan Walsh
|
1da0399e25
|
rsynccmd should run outside of execcon
|
2011-03-30 14:42:36 -04:00 |
|
Dan Walsh
|
be38aa471e
|
Rewrite seunshare to make sure /tmp is mounted stickybit owned by root
|
2011-03-03 13:35:37 -05:00 |
|
Dan Walsh
|
433953b033
|
- Cleaup selinux-polgengui to be a little more modern, fix comments and use selected name
- Cleanup chcat man page
|
2011-02-03 16:15:43 -05:00 |
|
Dan Walsh
|
331e9ad06d
|
- Report full errors on OSError on Sandbox
|
2011-02-02 13:34:22 -05:00 |
|
Dan Walsh
|
e764b2d2b6
|
- Fix newrole hanlding of pcap
|
2011-01-21 15:11:31 -05:00 |
|
Dan Walsh
|
971f278f98
|
- Have restorecond watch more directories in homedir
|
2011-01-19 16:45:53 -05:00 |
|
Dan Walsh
|
12eb5b45f4
|
- Fix proper handling of getopt errors
- Do not allow modules names to contain spaces
|
2011-01-10 14:39:21 -05:00 |
|
Dan Walsh
|
c76dc0c642
|
- Polgengui raises the wrong type of exception. #471078
- Change semanage to not allow it to semanage module -D
- Change setsebool to suggest run as root on failure
|
2011-01-06 14:38:19 -05:00 |
|
Dan Walsh
|
448a84b06a
|
- Polgengui raises the wrong type of exception. #471078
- Change semanage to not allow it to semanage module -D
|
2011-01-04 17:23:27 -05:00 |
|
Dan Walsh
|
18119ffd24
|
- Fix restorecond watching utmp file for people logging in our out
|
2010-12-22 14:38:46 -05:00 |
|
Dan Walsh
|
a548207cc4
|
- Change to allow sandbox to run on nfs homedirs, add start python script
|
2010-12-21 16:20:01 -05:00 |
|
Dan Walsh
|
8937a040d8
|
- Change to allow sandbox to run on nfs homedirs, add start python script
|
2010-12-15 16:47:38 -05:00 |
|
Dan Walsh
|
6c80e8dc19
|
- Fix sandbox to show correct types in usage statement
|
2010-11-30 12:09:48 -05:00 |
|
Dan Walsh
|
8c1d9b0f48
|
- Stop fixfiles from complaining about missing dirs
|
2010-11-29 10:14:39 -05:00 |
|
Dan Walsh
|
63fda8aa74
|
- Update to upstream
- List types available for sandbox in usage statement
|
2010-11-24 13:44:58 -05:00 |
|
Dan Walsh
|
f0e85a70d6
|
- Update to upstream
- List types available for sandbox in usage statement
|
2010-11-24 13:41:52 -05:00 |
|
Dan Walsh
|
b9b7f4161c
|
- Fix up problems pointed out by solar designer on dropping capabilities
|
2010-11-08 15:12:25 -05:00 |
|
Dan Walsh
|
d7e1c238f4
|
- Check if you have full privs and reset otherwise dont drop caps
|
2010-11-01 16:21:00 -04:00 |
|
Dan Walsh
|
cdcc4526b7
|
- Fix setools require line
|
2010-11-01 09:50:12 -04:00 |
|
Dan Walsh
|
622bb69d77
|
- Move /etc/pam.d/newrole in to polcicycoreutils-newrole
- Additiona capability checking in sepolgen
|
2010-10-29 09:39:03 -04:00 |
|
Dan Walsh
|
9852e61813
|
- Remove setuid flag and replace with file capabilities
- Fix sandbox handling of files with spaces in them
|
2010-10-25 17:25:34 -04:00 |
|
Dan Walsh
|
cccd96b8cf
|
- Move restorecond into its own subpackage
|
2010-09-23 16:23:05 -04:00 |
|
Dan Walsh
|
e500ad80f0
|
* Wed Jul 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-9
- Update selinux-polgengui to sepolgen policy generation
|
2010-07-30 11:19:53 -04:00 |
|
Daniel J Walsh
|
1eab65cee2
|
* Tue Jul 20 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-6
- Fix sandbox man page
|
2010-07-26 15:33:31 +00:00 |
|
Daniel J Walsh
|
d6510fbca2
|
* Tue Jul 20 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-4
- Add translations for menus
- Fixup man page from Russell Coker
|
2010-07-20 13:18:18 +00:00 |
|
Daniel J Walsh
|
614ca03ae7
|
* Tue Jun 15 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-3
- Change python scripts to use -s flag
- Update po
|
2010-07-13 17:32:51 +00:00 |
|
Daniel J Walsh
|
73342918cd
|
* Tue Jun 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-30
- Add cgroup support for sandbox
|
2010-06-08 19:13:40 +00:00 |
|
Daniel J Walsh
|
70b2ff10d0
|
* Thu Jun 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-28
- Fix sandbox init script
- Add dbus-launch to sandbox -X
Resolve: #599599
|
2010-06-03 21:14:18 +00:00 |
|
Daniel J Walsh
|
85a18e3dcc
|
* Thu Jun 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-27
- Move genhomedircon.8 to same package as genhomedircon
- Fix sandbox to pass unit test
Resolves: #595796
|
2010-06-03 15:04:49 +00:00 |
|
Daniel J Walsh
|
829762e693
|
* Thu May 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-24
- Man page fixes
- sandbox fixes
Resolves: #595796
- Move seunshare to base package
|
2010-05-27 21:23:08 +00:00 |
|
Daniel J Walsh
|
be45950990
|
* Thu Feb 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.79-1
- Update to upstream
* Fix double-free in newrole
- Fix python language handling
|
2010-02-16 21:35:16 +00:00 |
|
Daniel J Walsh
|
fc6c93ebeb
|
* Thu Feb 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.79-1
- Update to upstream
* Fix double-free in newrole
|
2010-02-16 19:49:37 +00:00 |
|
Daniel J Walsh
|
8fd9d71264
|
* Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21
- Fix display of command in sandbox
|
2010-02-11 22:13:39 +00:00 |
|
Daniel J Walsh
|
fce031b620
|
* Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21
- Fix display of command in sandbox
|
2010-02-11 21:56:38 +00:00 |
|
Daniel J Walsh
|
ee3649bda5
|
* Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21
- Fix display of command in sandbox
|
2010-02-11 18:24:55 +00:00 |
|
Daniel J Walsh
|
e7737e34ea
|
* Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-19
- Fix seobject and fixfiles
|
2010-02-03 20:24:35 +00:00 |
|
Daniel J Walsh
|
c8f4893a95
|
* Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-18
- Fix seobject and fixfiles
|
2010-02-03 16:42:37 +00:00 |
|
Daniel J Walsh
|
35da894f0e
|
* Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-18
- Fix seobject and fixfiles
|
2010-02-03 16:42:35 +00:00 |
|
Daniel J Walsh
|
db71b70994
|
* Fri Jan 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-17
- Change seobject to use translations properly
|
2010-02-01 14:40:42 +00:00 |
|
Daniel J Walsh
|
dd674534b4
|
* Wed Jan 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-14
- Add session capability to sandbox
- sandbox -SX -H ~/.homedir -t unconfined_t -l s0:c15 /etc/gdm/Xsession
|
2010-01-27 21:52:27 +00:00 |
|