Dominick Grift
6cd6ed35bd
Use ps_process_pattern to read state.
2010-09-21 13:49:59 +02:00
Dan Walsh
3034a8d941
Fix some names in passenger policy
2010-09-13 10:26:10 -04:00
Dan Walsh
8187343042
Any app that executes service command will not do a getattr of all mounted file systems
2010-09-08 08:56:13 -04:00
Dan Walsh
f5b49a5e0b
Allow iptables to read shorewall tmp files
...
Change chfn and passwd to use auth_use_pam so they can send dbus messages to fprintd
label vlc as an execmem_exec_t
Lots of fixes for mozilla_plugin to run google vidio chat
Allow telepath_msn to execute ldconfig and its own tmp files
Fix labels on hugepages
Allow mdadm to read files on /dev
Remove permissive domains and change back to unconfined
Allow freshclam to execute shell and bin_t
Allow devicekit_power to transition to dhcpc
Add boolean to allow icecast to connect to any port
2010-09-07 16:23:09 -04:00
Dan Walsh
3eaa993945
UPdate for f14 policy
2010-08-26 09:41:21 -04:00
Dominick Grift
a0546c9d1c
System layer xml fixes.
...
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 09:25:55 -04:00
Chris PeBenito
ddd786e404
Init patch from Dan Walsh.
2010-03-18 10:19:49 -04:00
Chris PeBenito
13f000d2ef
Improve the documentation of:
...
init_script_file()
init_daemon_domain()
init_system_domain()
init_ranged_daemon_domain()
init_ranged_system_domain()
init_use_fds()
2010-02-25 16:00:58 -05:00
Chris PeBenito
2c05132062
Utmp fix from Gentoo.
2010-02-17 20:31:46 -05:00
Chris PeBenito
e6d8fd1e50
additional cleanup for e877913
.
2009-11-11 11:28:50 -05:00
Craig Grube
e8779130bf
adding puppet configuration management system
...
Signed-off-by: Craig Grube <Craig.Grube@cobham.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2009-11-11 08:37:16 -05:00
Chris PeBenito
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
ff8f0a63f4
trunk: whitespace fixes in xml blocks.
2008-12-03 19:16:20 +00:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
82d2775c92
trunk: more open perm fixes.
2008-10-20 16:10:42 +00:00
Chris PeBenito
88cf0a9c2b
trunk: whitespace fix; collapse multiple blank lines into one.
2008-10-17 15:29:51 +00:00
Chris PeBenito
0b36a2146e
trunk: Enable open permission checks policy capability.
2008-10-16 16:09:20 +00:00
Chris PeBenito
64c5b9975b
trunk: add interface to transition to initrc_t on labeled init scripts.
2008-09-18 13:47:43 +00:00
Chris PeBenito
36095d11ce
trunk: kudzu and mta patches from dan.
2008-09-12 14:18:20 +00:00
Chris PeBenito
6cc3f35635
trunk: first part of init script labeling support.
2008-08-29 19:00:02 +00:00
Chris PeBenito
dc1920b218
trunk: Database labeled networking update from KaiGai Kohei.
2008-07-25 04:07:09 +00:00
Chris PeBenito
4459a7c086
trunk: update init_telinit() for upstart's datagram socket usage instead of pipe useage.
2008-07-15 15:33:51 +00:00
Chris PeBenito
3ece11804e
trunk: fix init_ranged_system_domain range_transition object class, from james carter.
2007-10-29 22:09:53 +00:00
Chris PeBenito
350b6ab767
trunk: merge strict and targeted policies. merge shlib_t into lib_t.
2007-10-02 16:04:50 +00:00
Chris PeBenito
2d0c9cecaf
trunk: several MLS enhancements.
2007-08-20 15:15:03 +00:00
Chris PeBenito
d46cfe45cd
trunk: add application module
2007-07-19 18:57:48 +00:00
Chris PeBenito
38d0cf1b8a
trunk: long overdue cleanup from when range_transitions were only in the base module
2007-05-14 15:35:47 +00:00
Chris PeBenito
d28e528b0d
Fixes for RHEL4 from the CLIP project.
2007-04-27 15:08:15 +00:00
Chris PeBenito
8021cb4f63
Merge sbin_t and ls_exec_t into bin_t.
2007-03-23 23:24:59 +00:00
Chris PeBenito
ab514d6a89
remove disable_trans booleans
2007-03-23 21:01:49 +00:00
Chris PeBenito
a5f5eba459
Add dontaudits for init fds and console to init_daemon_domain().
2007-03-20 18:47:18 +00:00
Chris PeBenito
ca448bd66c
add init_exec() to init_telinit().
2007-02-26 20:19:53 +00:00
Chris PeBenito
c0868a7a3b
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
Chris PeBenito
ed38ca9f3d
fixes from gentoo strict testing:
...
- Allow semanage to read from /root on strict non-MLS for
local policy modules.
- Gentoo init script fixes for udev.
- Allow udev to read kernel modules.inputmap.
- Dnsmasq fixes from testing.
- Allow kernel NFS server to getattr filesystems so df can work
on clients.
2006-11-13 03:24:07 +00:00
Chris PeBenito
93ddc66983
change transition from run_init to initrc to spec.
2006-10-09 18:52:19 +00:00
Chris PeBenito
e070dd2df0
- Move range transitions to modules.
...
- Make number of MLS sensitivities, and number of MLS and MCS
categories configurable as build options.
2006-10-04 17:25:34 +00:00
Chris PeBenito
693d4aedb5
patch from dan Fri, 22 Sep 2006 16:30:34 -0400
2006-09-25 18:53:06 +00:00
Chris PeBenito
bbcd3c97dd
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
Chris PeBenito
33c7e6b4e8
remove dead selopt rules
2006-08-15 20:00:58 +00:00
Chris PeBenito
497da0953c
ps/ptrace dontaudit cleanup
2006-08-08 17:49:03 +00:00
Chris PeBenito
17de1b790b
remove extra level of directory
2006-07-12 20:32:27 +00:00