Commit Graph

375 Commits

Author SHA1 Message Date
Chris PeBenito
3df88de0ba hide broken symptoms 2005-10-24 22:55:28 +00:00
Don Miner
d2c57395ab Fixed an allow that should have been a dontaudit 2005-10-24 22:20:04 +00:00
Chris PeBenito
69dcd685ad fix most disable_trans errors 2005-10-24 22:08:13 +00:00
Don Miner
f470a1e329 Added a rule to allow apache to read httpd_sys_content_t so that it can show html error messages 2005-10-24 22:01:08 +00:00
Chris PeBenito
67167371a5 fix most of samba 2005-10-24 21:33:46 +00:00
Don Miner
9c4fcf666e Removed differences between refpolicy and targeted NetworkManager_t 2005-10-24 21:25:02 +00:00
Chris PeBenito
30705b6bc0 fixes 2005-10-24 19:50:21 +00:00
Chris PeBenito
9bbc757a76 more fix 2005-10-24 18:40:24 +00:00
Don Miner
dd57ca3454 Added rules to the bind policy for the named server so that it would start 2005-10-24 18:06:31 +00:00
Don Miner
57d8e6c7a3 Added signal permissions to postgres so it can start 2005-10-24 17:28:17 +00:00
Chris PeBenito
162dfc3395 corenet fixes 2005-10-24 17:06:34 +00:00
Chris PeBenito
34e722f3cd more sediff 2005-10-24 14:15:29 +00:00
Don Miner
fa16f25281 Added rules to the smbd_t and the nmbd_t domains so that they would start properly 2005-10-24 12:45:16 +00:00
Chris PeBenito
1dd86c43cd sediff fixes 2005-10-24 12:38:45 +00:00
Don Miner
3d37bca18f Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start 2005-10-24 11:21:28 +00:00
Chris PeBenito
19b5555f77 more fixes 2005-10-24 03:21:26 +00:00
Chris PeBenito
43989f82f8 add rpc 2005-10-24 01:53:13 +00:00
Chris PeBenito
2db2c7d099 fixes from sediff 2005-10-24 00:54:39 +00:00
Don Miner
f8964c04ba Added a file context for httpd.pid so that it is correctly labeled
Added some rules to mysql to make it work
2005-10-24 00:23:12 +00:00
Chris PeBenito
f85544209a nwmgr fixes 2005-10-23 22:46:06 +00:00
Chris PeBenito
ef5ca0fb79 add cups 2005-10-23 22:10:59 +00:00
Chris PeBenito
04926d07a8 add postfix 2005-10-23 20:18:36 +00:00
Chris PeBenito
f932d8e3cb add spamassassin 2005-10-22 23:50:23 +00:00
Chris PeBenito
44fc06b0cb add radius and amanda, which I forgot to ci 2005-10-22 22:51:01 +00:00
Chris PeBenito
230838e117 add pegasus 2005-10-22 21:55:39 +00:00
Chris PeBenito
a636210ef8 add dbskk 2005-10-22 21:18:03 +00:00
Chris PeBenito
ad3b9d76dc add lpd 2005-10-22 21:09:03 +00:00
Chris PeBenito
10b1f324d5 add amanda 2005-10-22 19:58:58 +00:00
Chris PeBenito
239db5e20c add networkmanager 2005-10-22 17:44:04 +00:00
Chris PeBenito
1f8a8bbbbd more sediff fixes 2005-10-21 22:56:41 +00:00
Chris PeBenito
e6a2eaffdf more fixes 2005-10-21 21:35:25 +00:00
Chris PeBenito
da4fc9ce2b sediff fixes 2005-10-21 19:36:49 +00:00
Chris PeBenito
23a4442bf1 add xdm 2005-10-21 17:55:15 +00:00
Chris PeBenito
3509484c6f add canna 2005-10-21 16:39:28 +00:00
Chris PeBenito
fe7b943240 fix 2005-10-21 16:19:26 +00:00
Chris PeBenito
ea557a85df add cyrus 2005-10-21 16:18:11 +00:00
Chris PeBenito
29ce0009bc add dovecot 2005-10-21 15:38:22 +00:00
Chris PeBenito
cf6141a72e fix corenetwork generation and add distcc 2005-10-21 13:11:17 +00:00
Chris PeBenito
de764944d8 targeted policy fixes 2005-10-19 19:45:20 +00:00
Chris PeBenito
af4752bcb9 targeted and distro fixes for loadable modules 2005-10-19 16:44:24 +00:00
Chris PeBenito
0efe52ae99 fix last loadable module problems 2005-10-19 14:36:04 +00:00
Chris PeBenito
12ae7557d3 piles of fixes for loadable modules 2005-10-18 18:25:33 +00:00
Chris PeBenito
c3812748c3 misc fixes 2005-10-18 15:07:11 +00:00
Chris PeBenito
e749cd12a6 wrap up almost all of apache 2005-10-17 17:55:38 +00:00
Chris PeBenito
e08118a52f add ppp 2005-10-14 20:00:07 +00:00
Chris PeBenito
fe9d17fe14 more merging from 1.27.1-15 2005-10-14 18:42:42 +00:00
Chris PeBenito
d8636fc937 more merging from 1.27.1-15 2005-10-14 17:55:40 +00:00
Chris PeBenito
77f6e2cd27 partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15 2005-10-13 20:59:36 +00:00
Chris PeBenito
b1421d8712 add some docs, do some reordering 2005-10-12 21:25:16 +00:00
Chris PeBenito
4c71994852 add missing interface 2005-10-12 17:32:41 +00:00
Chris PeBenito
be4690a5ae add in last bits of webalizer 2005-10-12 17:22:25 +00:00
Chris PeBenito
c2b18fa1f3 more apache work 2005-10-12 16:23:22 +00:00
Chris PeBenito
799a0b43cd add mailman 2005-10-11 15:36:53 +00:00
Chris PeBenito
f33561f560 add webalizer and sasl 2005-10-10 18:50:08 +00:00
Chris PeBenito
4483ee849c add apm and arpwatch. fix implementation error on fs_getattr_all_files,
splitting it up into correct interfaces.
2005-10-10 18:11:46 +00:00
Chris PeBenito
d4dca58511 add finger and bluetooth 2005-10-07 21:45:04 +00:00
Chris PeBenito
9d3e339e82 partial mailman merge 2005-10-07 19:35:36 +00:00
Chris PeBenito
e02c61cfa4 rename context_template() to gen_context() 2005-10-06 19:33:06 +00:00
Chris PeBenito
6e99a6cfd1 more apache work 2005-10-05 21:17:22 +00:00
Chris PeBenito
fc6524d746 add ftp 2005-10-05 19:52:53 +00:00
Chris PeBenito
a996bdf4ad add most of apache 2005-09-29 20:59:00 +00:00
Chris PeBenito
a2868f6eae start adding secure_file_type implementation 2005-09-28 19:07:22 +00:00
Chris PeBenito
79cde317df add winbind 2005-09-28 18:22:58 +00:00
Chris PeBenito
6942484b6f add in a couple missing rules 2005-09-28 18:10:48 +00:00
Chris PeBenito
246a604273 add in a few parts of ftp 2005-09-27 22:29:45 +00:00
Chris PeBenito
20e306e2de add dmidecode 2005-09-27 21:24:01 +00:00
Chris PeBenito
1f91e1bfe5 a few conditional cleanups 2005-09-27 19:40:44 +00:00
Chris PeBenito
f0574fa9aa add mls privileges 2005-09-26 20:26:32 +00:00
Chris PeBenito
b9ae3aab39 rework nis_use_ypbind since optionals dont work in conditionals 2005-09-23 22:14:54 +00:00
Chris PeBenito
fa67570d9a add radvd, plus a few cleanups from sediff 2005-09-23 21:20:03 +00:00
Chris PeBenito
842859260c add kudzu 2005-09-23 19:38:34 +00:00
Chris PeBenito
681c9a02e7 fixes from sediff 2005-09-22 21:59:50 +00:00
Chris PeBenito
f7ba4a8963 add uucp 2005-09-22 16:27:52 +00:00
Chris PeBenito
b53f93a41f testing fixes 2005-09-22 15:32:53 +00:00
Chris PeBenito
25c6746156 loadable module compile fixes 2005-09-21 20:01:40 +00:00
Chris PeBenito
142e9f40ea targeted and redhat cleanups 2005-09-21 14:49:41 +00:00
Chris PeBenito
3774e4eb28 todo cleanup 2005-09-20 20:48:17 +00:00
Chris PeBenito
93070cbaed add cvs 2005-09-20 18:49:13 +00:00
Chris PeBenito
9210553ecb add cpucontrol 2005-09-20 18:15:35 +00:00
Chris PeBenito
4fd5201a59 add rlogin and telnet 2005-09-20 17:11:53 +00:00
Chris PeBenito
200f453ff5 add stunnel 2005-09-20 13:47:36 +00:00
Chris PeBenito
a1fcff33f2 final updates from nsa cvs 2005-09-19 21:17:45 +00:00
Chris PeBenito
41c4800de4 a few module compile fixes 2005-09-19 14:18:48 +00:00
Chris PeBenito
cf6a7d8993 more upstream merging 2005-09-16 21:20:37 +00:00
Chris PeBenito
cff75c90ca more upstream merging 2005-09-16 19:36:10 +00:00
Chris PeBenito
40adb57f47 add tftp 2005-09-16 15:18:09 +00:00
Chris PeBenito
ccc5978224 add snmp 2005-09-16 14:54:36 +00:00
Chris PeBenito
a0824843c2 more merging from nsa cvs 2005-09-16 13:36:26 +00:00
Chris PeBenito
98a8ead4c5 more updates 2005-09-15 21:03:29 +00:00
Chris PeBenito
605ba28540 more merging from nsa cvs 2005-09-15 15:34:31 +00:00
Chris PeBenito
84c92239d4 add samba 2005-09-14 18:33:53 +00:00
Chris PeBenito
71fe0fa4c5 fixes for module compiling 2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0 more merging of NSA CVS policy 2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3 begin merging in upstream NSA CVS changes 2005-09-12 21:40:56 +00:00
Chris PeBenito
712566ee41 fixes to make base module compilable 2005-09-12 15:17:39 +00:00
Chris PeBenito
2e863f8ad0 add first part of changes to make base module compilable 2005-09-09 20:51:54 +00:00
Chris PeBenito
0fdf3ef75e fix sshd to use initrc transition while typeattribute in conditionals is still broken 2005-09-09 20:49:59 +00:00
Chris PeBenito
9ff3003346 add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work 2005-09-09 13:24:11 +00:00
Chris PeBenito
eb3cb6820a add portmap 2005-09-08 17:12:38 +00:00
Chris PeBenito
d17b4d2323 add ktalk 2005-09-08 13:42:13 +00:00
Chris PeBenito
9b06402eaf add missing rules of other domains using inn 2005-09-08 13:23:11 +00:00
Chris PeBenito
763a5e30c6 misc fixes 2005-09-07 13:31:37 +00:00
Chris PeBenito
8d93523409 add inn 2005-09-06 18:37:27 +00:00
Chris PeBenito
603f90ab9d misc fixes 2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3 add ntp 2005-09-05 16:47:19 +00:00
Chris PeBenito
ac0483aefe add dictd 2005-09-02 20:50:54 +00:00
Chris PeBenito
fdae8e755e add hal 2005-09-02 20:29:52 +00:00
Chris PeBenito
f344c0f38e move dhcpd to dhcp 2005-09-02 19:18:43 +00:00
Chris PeBenito
0f707d52ab add squid 2005-09-02 19:11:07 +00:00
Chris PeBenito
7c8fc35b14 add dhcpd 2005-09-02 14:52:08 +00:00
Chris PeBenito
9d3bdc25af fix bugs uncovered from sediff 2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13 move rhgb_domain into TODO so modules can compile as binary modules 2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf finish remaining dbus bits 2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578 add dbus 2005-08-31 20:58:12 +00:00
Chris PeBenito
768283ac46 cosmetics 2005-08-31 16:49:30 +00:00
Chris PeBenito
6e61566dba add comsat. clean up kerberos and nscd interfaces 2005-08-31 15:25:12 +00:00
Chris PeBenito
246839f3d2 fix up most of mta attribute insanity 2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59 send user role to per userdomain templates. update templated interfaces
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
2a94561a89 start adding in templated interfaces 2005-08-25 20:27:20 +00:00
Chris PeBenito
d83fdad248 add bind 2005-08-23 17:26:19 +00:00
Chris PeBenito
902be0ae21 add privoxy 2005-08-22 21:49:27 +00:00
Chris PeBenito
35ecf83839 add rsync 2005-08-22 21:17:10 +00:00
Chris PeBenito
f9b11e9615 add howl 2005-08-22 20:43:20 +00:00
Chris PeBenito
f862c35c37 add gpm 2005-08-17 21:28:31 +00:00
Chris PeBenito
2961e79b55 add ldap 2005-08-17 18:33:43 +00:00
Chris PeBenito
23ca91f8bb cleanup 2005-08-17 17:31:57 +00:00
Chris PeBenito
545b0c9176 add rshd 2005-08-17 15:23:24 +00:00
Chris PeBenito
57a96cbd0b add firstboot 2005-08-17 14:14:07 +00:00
Chris PeBenito
aae06c1306 fix system spool file problem 2005-08-12 17:54:55 +00:00
Chris PeBenito
f7ebea06e3 finalize desc -> summary xml change 2005-08-11 17:46:39 +00:00
Chris PeBenito
4aa0dc20b4 add tcpd 2005-08-11 15:17:13 +00:00
Chris PeBenito
7057c18db0 a few more ssh touchups 2005-08-05 18:49:23 +00:00
Chris PeBenito
42be7c214d add mysql 2005-08-03 17:56:26 +00:00
Chris PeBenito
81343a6f90 * Rename ipsec connect interface for consistency.
* Add missing parts of unix stream socket connect interface
  of ipsec.
* Rename inetd connect interface for consistency.
2005-08-03 15:16:33 +00:00
Chris PeBenito
bbdbdb9edf fix stray line that got out of TODO 2005-07-29 15:07:15 +00:00
Chris PeBenito
e5590ea5ec work on user transition 2005-07-28 20:52:55 +00:00
Chris PeBenito
953541a918 update from privmail 2005-07-21 20:34:57 +00:00
Chris PeBenito
689f6ddb35 fix typos and import some rules from NSA cvs to make targeted policy work 2005-07-20 14:25:24 +00:00
Chris PeBenito
ec848d247f more fixes for targeted 2005-07-19 19:37:43 +00:00
Chris PeBenito
9f103ce14b fix to use context_template() 2005-07-18 14:25:05 +00:00
Chris PeBenito
50f6503452 * break up files_getattr_all_files into correct interfaces
* move stuff out of pcmcia into the appropriate modules
2005-07-15 15:17:57 +00:00
Chris PeBenito
11633bbaa8 add ipsec 2005-07-14 18:15:47 +00:00
Chris PeBenito
493d6c4adc add nscd 2005-07-13 20:48:51 +00:00
Chris PeBenito
df00b2e235 * fix chroot exec interface
* more TODO cleanup
* move IPC out of generic domtrans interfaces
2005-07-13 18:29:08 +00:00
Chris PeBenito
b24f35d8a3 more cleanup of current TODOs 2005-07-12 20:34:24 +00:00
Chris PeBenito
ae9e2716c3 fix more TODOs. fix selinux.te to selinuxutil.te in optionals 2005-07-11 19:02:50 +00:00
Chris PeBenito
a42ca7ebec another round of TODO cleanup 2005-07-08 20:44:57 +00:00
Chris PeBenito
e5f8060316 implement direct_sysadm_daemon 2005-07-07 15:25:28 +00:00
Chris PeBenito
ed1a92b88c ksu moves to su 2005-07-06 17:41:58 +00:00
Chris PeBenito
bb32544d61 add missing ssh file contexts 2005-07-06 15:59:54 +00:00
Chris PeBenito
a7a9799d79 convert can_kerberos() 2005-07-01 13:31:34 +00:00
Chris PeBenito
65c8613766 ul has to be in a p 2005-07-01 13:10:57 +00:00
Chris PeBenito
5e1ed4903e initial commit 2005-06-30 21:11:54 +00:00
Chris PeBenito
fd89e19f12 more work on current modules 2005-06-30 18:54:08 +00:00
Chris PeBenito
ebdc3b7902 clean up more todos 2005-06-29 20:53:53 +00:00
Chris PeBenito
d233bfce3f make layer summary required 2005-06-29 16:54:13 +00:00
Chris PeBenito
8fd3673225 another round of renaming, for consistency 2005-06-29 14:26:41 +00:00
Chris PeBenito
96ce00afcc add logrotate, more low-hanging fruit 2005-06-28 20:54:49 +00:00
Chris PeBenito
783b38347e more low hanging fruit cleanup 2005-06-28 17:32:57 +00:00
Chris PeBenito
58c3da55f3 add fstools, and more cleanup 2005-06-27 20:59:28 +00:00
Chris PeBenito
80436b9b8f changes to make inetd work 2005-06-27 18:37:33 +00:00
Chris PeBenito
24bf11c62a initial commit 2005-06-27 18:36:56 +00:00
Chris PeBenito
ab940a4cc1 autofs_t and ypbind cleanup 2005-06-27 16:30:55 +00:00
Chris PeBenito
e88003ffe3 xml updates and nis stuff 2005-06-24 20:37:09 +00:00
Chris PeBenito
73fbc771d1 initial commit 2005-06-24 19:49:46 +00:00
Chris PeBenito
62a7b02c5b add/update comments 2005-06-24 13:36:57 +00:00
Chris PeBenito
414e415198 update for new documentation method 2005-06-23 21:30:57 +00:00
Chris PeBenito
aad5b98eba more updates 2005-06-23 20:35:48 +00:00
Chris PeBenito
45239964e5 move ssh tunables into global_tunables 2005-06-23 19:57:15 +00:00
Chris PeBenito
261e0e66ee shorten some xml tags 2005-06-23 16:00:05 +00:00
Chris PeBenito
d3b892e4fd convert a couple network macros 2005-06-23 15:44:18 +00:00
Chris PeBenito
9ccd96dfc6 more work on ssh, plus import ssh-agent 2005-06-22 21:14:48 +00:00
Chris PeBenito
199895e201 move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00
Chris PeBenito
0404a3903a initial commit of ssh. 2005-06-21 21:07:46 +00:00
Chris PeBenito
e04b8e7832 initial commit 2005-06-20 18:43:14 +00:00
Chris PeBenito
57869a681e XML: encapsulate modules in layers, rather then layer being an attribute of
module tag
2005-06-20 18:40:44 +00:00
Chris PeBenito
5e6f9e5aac services interfaces review 2005-06-17 18:41:07 +00:00
Chris PeBenito
d35c621eb0 add a couple more nfs and cifs interfaces, to cover most of the
use_(nfs|cifs)_home_dirs tunable
2005-06-16 20:33:51 +00:00
Chris PeBenito
5e0da6a03e finish renaming system/selinux to system/selinuxutil 2005-06-14 20:48:34 +00:00
Chris PeBenito
8bd6789954 move constraints interfaces to domain module. move sysfs and usbfs to
devices module
2005-06-14 19:56:46 +00:00
Chris PeBenito
3eed10909e convert relevant conditionals into tunable_policy 2005-06-14 14:43:04 +00:00
Chris PeBenito
fa7bea8feb rename requires_block_tempalte to gen_require 2005-06-13 20:47:04 +00:00
Chris PeBenito
31908be07f a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00
Chris PeBenito
c9428d33dc renaming insanity 2005-06-13 17:35:46 +00:00
Karl MacMillan
f0c985ca80 Devices rename. 2005-06-13 16:22:32 +00:00
Chris PeBenito
0fd9dc55cf renaming insanity 2005-06-10 01:01:13 +00:00
Chris PeBenito
7591e83cba fix layer in module tag 2005-06-09 17:56:38 +00:00
Chris PeBenito
d90b274e40 for now, drop infoflow tags 2005-06-09 17:23:53 +00:00
Chris PeBenito
0a10b1fa12 aliases 2005-06-09 15:32:23 +00:00
Chris PeBenito
763c441e3b start renaming filesystem interfaces 2005-06-08 13:12:00 +00:00
Chris PeBenito
254bbc7bb3 start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00
Chris PeBenito
02b584a174 initial commit 2005-06-07 15:10:43 +00:00
Chris PeBenito
43bc3906c5 initial commit 2005-06-07 14:46:31 +00:00
Chris PeBenito
0c73cd2526 change over to some perm set macros. add indentation 2005-06-03 12:25:14 +00:00
Chris PeBenito
d115660e3b change network verb in corenetwork to sendrecv 2005-06-02 18:55:47 +00:00
Chris PeBenito
f5d4efd756 add missing system_crond_t transition pieces 2005-06-01 20:16:36 +00:00
Chris PeBenito
6d9915d615 add missing pieces of crond_t -> $1_crond_t transition 2005-06-01 19:01:28 +00:00
Chris PeBenito
aa40608fbe remove copyright until licensing issues are resolved 2005-06-01 17:34:13 +00:00
Chris PeBenito
3b857eae09 add some file_t interfaces, and console write 2005-05-31 21:25:45 +00:00
Chris PeBenito
4bf4ed9e68 permission set macro changes, plus more cab related work 2005-05-31 19:52:57 +00:00