Chris PeBenito
3a39015792
On Tue, 2007-02-20 at 12:30 -0500, Daniel J Walsh wrote:
...
> prelink creates temporarly files that it then needs to relabel.
2007-02-23 21:20:46 +00:00
Chris PeBenito
5c45eaede1
On Tue, 2007-02-20 at 12:28 -0500, Daniel J Walsh wrote:
...
> audit needs fsetid
>
> syslog needs to be able to create a tcp_socket for off machine logging.
2007-02-23 20:19:29 +00:00
Chris PeBenito
66cf194680
Patch to remove redundant mls_trusted_object() call from Dan Walsh.
2007-02-23 20:05:12 +00:00
Chris PeBenito
4685213857
Patch for misc fixes to nis ypxfr policy from Dan Walsh.
2007-02-23 19:52:52 +00:00
Chris PeBenito
aeb54c6dd0
Patch to allow apmd to telinit from Dan Walsh.
2007-02-23 19:41:41 +00:00
Chris PeBenito
d114071e7a
While using samba and SELinux with Debian GNU/Linux (etch) the
...
following files need to be labeled correctly:
/var/run/samba/gencache.tdb
/var/run/samba/share_info.tdb
Should also concern other distributions than Debian.
-Stefan
2007-02-23 19:30:17 +00:00
Chris PeBenito
bcac3a5e3d
Patch to remove incorrect cron labeling in apache.fc from Ryan Bradetich.
2007-02-23 19:08:45 +00:00
Daniel J Walsh
cc1be2260f
- Revert Nemiver change
...
- Set sudo as a corecmd so prelink will work, remove sudoedit mapping,
since this will not work, it does not transition.
- Allow samba to execute useradd
2007-02-23 15:35:01 +00:00
Daniel J Walsh
b0861172ab
- Add sepolgen support
...
- Add bugzilla policy
2007-02-20 21:37:52 +00:00
Chris PeBenito
f1be09c2b1
make ttys and ptys device nodes
2007-02-20 20:17:07 +00:00
Daniel J Walsh
b7da3b9e3e
- Add sepolgen support
...
- Add bugzilla policy
2007-02-20 17:35:59 +00:00
Chris PeBenito
6b19be3360
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
Daniel J Walsh
2fa5bb00e9
- Add sepolgen support
...
- Add bugzilla policy
2007-02-16 19:55:48 +00:00
Daniel J Walsh
e10e57a4a6
THu Feb 15 2007 Dan Walsh <dwalsh@redhat.com> 2.5.3-3
...
- Add sepolgen support
- Add bugzilla policy
2007-02-15 20:46:02 +00:00
Daniel J Walsh
07dcdf7654
- Fix file context for nemiver
2007-02-15 20:29:48 +00:00
Daniel J Walsh
1a24735d8f
- Fix file context for nemiver
2007-02-15 00:19:30 +00:00
Daniel J Walsh
df0bef9ac0
-
2007-02-12 16:27:42 +00:00
Daniel J Walsh
9aff35b779
-
2007-02-12 16:18:31 +00:00
Daniel J Walsh
80f561f26e
- Allow mozilla, evolution and thunderbird to read dev_random. Resolves:
...
#227002
- Allow spamd to connect to smtp port Resolves : #227184
- Fixes to make ypxfr work Resolves : #227237
2007-02-08 13:53:46 +00:00
Chris PeBenito
4bd55ebf32
Fix explicit use of httpd_t in openca_domtrans(), bug #22 .
2007-02-07 22:16:18 +00:00
Chris PeBenito
10e12095d6
Fix explicit use of httpd_t in openca_domtrans(), bug #22 .
2007-02-07 22:10:45 +00:00
Daniel J Walsh
39b6cecaf2
- Allow mozilla, evolution and thunderbird to read dev_random. Resolves:
...
#227002
- Allow spamd to connect to smtp port Resolves : #227184
- Fixes to make ypxfr work Resolves : #227237
2007-02-06 16:54:13 +00:00
Daniel J Walsh
33501ce93f
- Fix ssh_agent to be marked as an executable
...
- Allow Hal to rw sound device
2007-02-04 12:42:16 +00:00
Daniel J Walsh
de0b364127
- Fix spamassisin so crond can update spam files
...
- Fixes to allow kpasswd to work
- Fixes for bluetooth
2007-02-01 21:40:50 +00:00
Daniel J Walsh
3902fd87fd
- Remove some targeted diffs in file context file
2007-01-31 22:18:10 +00:00
Daniel J Walsh
edd045d7c0
- Fix squid cachemgr labeling
2007-01-26 16:12:32 +00:00
Daniel J Walsh
e45f5d36d0
- Add ability to generate webadm_t policy
...
- Lots of new interfaces for httpd
- Allow sshd to login as unconfined_t
2007-01-25 19:07:00 +00:00
Chris PeBenito
ff943a1b9b
Clean up file context regexes in apache and java, from Eamon Walsh:
...
Some file_contexts regular expressions in refpolicy-strict are causing
genhomedircon to die; refpolicy is failing to build for me entirely.
The regular expressions seem redundant to me, perhaps I am missing
something, but the following patch fixes the problems for me. Please
review and apply
2007-01-24 17:10:31 +00:00
Daniel J Walsh
cc7c06a0d1
- Continue fixing, additional user domains
2007-01-23 01:08:45 +00:00
Daniel J Walsh
352de5d2ec
- Begin adding user confinement to targeted policy
2007-01-22 18:15:16 +00:00
Daniel J Walsh
f86e42306e
- Begin adding user confinement to targeted policy
2007-01-22 16:52:18 +00:00
Daniel J Walsh
45478192f4
- Fixes for prelink, ktalkd, netlabel
2007-01-17 19:58:32 +00:00
Daniel J Walsh
ee095f5817
- Fixes for prelink, ktalkd, netlabel
2007-01-11 22:43:22 +00:00
Daniel J Walsh
b6ed674a00
- Fixes for prelink, ktalkd, netlabel
2007-01-10 22:05:57 +00:00
Daniel J Walsh
ae5ace1a7e
- Fixes for prelink, ktalkd, netlabel
2007-01-10 22:01:29 +00:00
Daniel J Walsh
9e0fa4fef3
- Allow prelink when run from rpm to create tmp files Resolves : #221865
...
- Remove file_context for exportfs Resolves : #221181
- Allow spamassassin to create ~/.spamassissin Resolves : #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves : #200110
- Fixes to run prelink in MLS machine Resolves : #221233
- Allow spamassassin to read var_lib_t dir Resolves : #219234
2007-01-09 15:26:56 +00:00
Daniel J Walsh
a384d73899
- Allow prelink when run from rpm to create tmp files Resolves : #221865
...
- Remove file_context for exportfs Resolves : #221181
- Allow spamassassin to create ~/.spamassissin Resolves : #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves : #200110
2007-01-09 15:24:41 +00:00
Daniel J Walsh
8a03d5e828
- Allow spamassassin to read var_lib_t dir Resolves : #219234
2007-01-02 16:40:08 +00:00
Daniel J Walsh
9bcfd16a2d
- fix mplayer to work under strict policy
...
- Allow iptables to use nscd Resolves : #220794
2006-12-29 20:01:11 +00:00
Daniel J Walsh
8bacd8ed15
- Add gconf policy and make it work with strict
2006-12-28 17:39:12 +00:00
Daniel J Walsh
5db544f392
- Many fixes for strict policy and by extension mls.
2006-12-24 15:26:26 +00:00
Daniel J Walsh
135ea97ff1
- Many fixes for strict policy and by extension mls.
2006-12-24 07:31:09 +00:00
Daniel J Walsh
9051d60c06
- Fix to allow ftp to bind to ports > 1024 Resolves : #219349
2006-12-22 17:39:01 +00:00
Daniel J Walsh
5ded3c385e
2006-12-22 16:58:33 +00:00
Daniel J Walsh
4fd323b783
2006-12-22 16:56:53 +00:00
Daniel J Walsh
f9e32a004d
- Allow semanage to exec it self. Label genhomedircon as semanage_exec_t
...
Resolves : #219421
- Allow sysadm_lpr_t to manage other print spool jobs Resolves : #220080
2006-12-20 20:40:30 +00:00
Daniel J Walsh
be9aefca3d
- allow automount to setgid Resolves : #219999
2006-12-18 21:50:13 +00:00
Daniel J Walsh
5e01b4610b
- Allow cron to polyinstatiate
...
- Fix creation of boot flags Resolves : #207433
2006-12-15 21:42:14 +00:00
Daniel J Walsh
272aa0b2e8
2006-12-14 20:06:00 +00:00
Daniel J Walsh
3a51847bd9
Resolves : #218978
2006-12-13 17:06:33 +00:00