Commit Graph

558 Commits

Author SHA1 Message Date
Chris PeBenito
a1fcff33f2 final updates from nsa cvs 2005-09-19 21:17:45 +00:00
Chris PeBenito
41c4800de4 a few module compile fixes 2005-09-19 14:18:48 +00:00
Chris PeBenito
cf6a7d8993 more upstream merging 2005-09-16 21:20:37 +00:00
Chris PeBenito
cff75c90ca more upstream merging 2005-09-16 19:36:10 +00:00
Chris PeBenito
ccc5978224 add snmp 2005-09-16 14:54:36 +00:00
Chris PeBenito
a0824843c2 more merging from nsa cvs 2005-09-16 13:36:26 +00:00
Chris PeBenito
98a8ead4c5 more updates 2005-09-15 21:03:29 +00:00
Chris PeBenito
605ba28540 more merging from nsa cvs 2005-09-15 15:34:31 +00:00
Chris PeBenito
84c92239d4 add samba 2005-09-14 18:33:53 +00:00
Chris PeBenito
4479b31614 require fix 2005-09-14 15:41:46 +00:00
Chris PeBenito
71fe0fa4c5 fixes for module compiling 2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0 more merging of NSA CVS policy 2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3 begin merging in upstream NSA CVS changes 2005-09-12 21:40:56 +00:00
Chris PeBenito
712566ee41 fixes to make base module compilable 2005-09-12 15:17:39 +00:00
Chris PeBenito
2e863f8ad0 add first part of changes to make base module compilable 2005-09-09 20:51:54 +00:00
Chris PeBenito
9ff3003346 add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work 2005-09-09 13:24:11 +00:00
Chris PeBenito
eb3cb6820a add portmap 2005-09-08 17:12:38 +00:00
Chris PeBenito
9b06402eaf add missing rules of other domains using inn 2005-09-08 13:23:11 +00:00
Chris PeBenito
8d93523409 add inn 2005-09-06 18:37:27 +00:00
Chris PeBenito
603f90ab9d misc fixes 2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3 add ntp 2005-09-05 16:47:19 +00:00
Chris PeBenito
ce1b44aac4 typo 2005-09-02 20:55:17 +00:00
Chris PeBenito
ac0483aefe add dictd 2005-09-02 20:50:54 +00:00
Chris PeBenito
fdae8e755e add hal 2005-09-02 20:29:52 +00:00
Chris PeBenito
0f707d52ab add squid 2005-09-02 19:11:07 +00:00
Chris PeBenito
7c8fc35b14 add dhcpd 2005-09-02 14:52:08 +00:00
Chris PeBenito
9d3bdc25af fix bugs uncovered from sediff 2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13 move rhgb_domain into TODO so modules can compile as binary modules 2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf finish remaining dbus bits 2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578 add dbus 2005-08-31 20:58:12 +00:00
Chris PeBenito
6af06cd8b6 fix typos 2005-08-31 16:54:19 +00:00
Chris PeBenito
6e61566dba add comsat. clean up kerberos and nscd interfaces 2005-08-31 15:25:12 +00:00
Chris PeBenito
246839f3d2 fix up most of mta attribute insanity 2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59 send user role to per userdomain templates. update templated interfaces
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
e5d45268fd make corecommands required 2005-08-30 14:41:52 +00:00
Chris PeBenito
2a94561a89 start adding in templated interfaces 2005-08-25 20:27:20 +00:00
Chris PeBenito
d83fdad248 add bind 2005-08-23 17:26:19 +00:00
Chris PeBenito
fb0a3a98c6 initial support for compiling loadable modules 2005-08-18 21:27:20 +00:00
Chris PeBenito
f862c35c37 add gpm 2005-08-17 21:28:31 +00:00
Chris PeBenito
2961e79b55 add ldap 2005-08-17 18:33:43 +00:00
Chris PeBenito
23ca91f8bb cleanup 2005-08-17 17:31:57 +00:00
Chris PeBenito
57a96cbd0b add firstboot 2005-08-17 14:14:07 +00:00
Chris PeBenito
4806a05cfb fix broken xml of previous commit 2005-08-15 19:35:20 +00:00
Chris PeBenito
5f38a65aab try to knock out more of the distro_debian bootloader stuff 2005-08-15 19:31:37 +00:00
Chris PeBenito
21468a6076 add loadkeys 2005-08-15 14:46:17 +00:00
Chris PeBenito
f7ebea06e3 finalize desc -> summary xml change 2005-08-11 17:46:39 +00:00
Chris PeBenito
052c953ae5 add quota 2005-08-11 14:49:58 +00:00
Chris PeBenito
e784300a62 add sudo 2005-08-09 19:30:43 +00:00
Chris PeBenito
dce68dc48d add updfstab 2005-08-08 15:51:15 +00:00
Chris PeBenito
ed78ea0034 add tmpreaper 2005-08-05 15:32:27 +00:00
Chris PeBenito
9a66d4e562 add acct 2005-08-05 14:32:12 +00:00
Chris PeBenito
3fd8336882 misc cleanup 2005-08-04 20:54:51 +00:00
Chris PeBenito
42be7c214d add mysql 2005-08-03 17:56:26 +00:00
Chris PeBenito
046a21da80 search sbin dirs to find the pgms 2005-08-03 17:43:41 +00:00
Chris PeBenito
81343a6f90 * Rename ipsec connect interface for consistency.
* Add missing parts of unix stream socket connect interface
  of ipsec.
* Rename inetd connect interface for consistency.
2005-08-03 15:16:33 +00:00
Chris PeBenito
ea7d571bd7 /var/lib is now a mountpoint 2005-07-20 17:36:48 +00:00
Chris PeBenito
53857c8c05 unconfined can pass all constraints 2005-07-20 17:24:23 +00:00
Chris PeBenito
0b28a23114 user home dirs were missing file type in targ policy 2005-07-20 15:06:49 +00:00
Chris PeBenito
689f6ddb35 fix typos and import some rules from NSA cvs to make targeted policy work 2005-07-20 14:25:24 +00:00
Chris PeBenito
474f43d13d should actually try compiling first :x 2005-07-20 13:39:10 +00:00
Chris PeBenito
bd7e7a6417 missed a line 2005-07-20 13:37:18 +00:00
Chris PeBenito
a28f6db576 add in some rules from NSA CVS to make targeted policy work 2005-07-20 13:30:06 +00:00
Chris PeBenito
8c3f438f75 corenet was missing from unconfined 2005-07-19 20:38:26 +00:00
Chris PeBenito
892266ca76 more targeted policy fixes 2005-07-19 20:26:02 +00:00
Chris PeBenito
2ec4c9d38f more cleanup 2005-07-19 18:40:31 +00:00
Chris PeBenito
8b0bbdda34 fixes for targeted policy 2005-07-19 18:40:19 +00:00
Chris PeBenito
391edeb577 fix assertions for framework 2005-07-18 20:17:21 +00:00
Chris PeBenito
a5f339f134 more cleanup in system 2005-07-18 18:31:49 +00:00
Chris PeBenito
9f103ce14b fix to use context_template() 2005-07-18 14:25:05 +00:00
Chris PeBenito
3b6174a142 add missing context template 2005-07-15 20:54:24 +00:00
Chris PeBenito
50aca6d2f9 add raid (mdadm) 2005-07-15 20:45:26 +00:00
Chris PeBenito
d9fd8e7562 more pcmcia cleanup 2005-07-15 19:18:55 +00:00
Chris PeBenito
157c69416f add macro to expand object class sets for use in require blocks 2005-07-15 15:53:54 +00:00
Chris PeBenito
50f6503452 * break up files_getattr_all_files into correct interfaces
* move stuff out of pcmcia into the appropriate modules
2005-07-15 15:17:57 +00:00
Chris PeBenito
e0d57fbcb1 add pcmcia 2005-07-14 20:57:17 +00:00
Chris PeBenito
c429cb5e26 fix up the xml 2005-07-14 20:02:53 +00:00
Chris PeBenito
11633bbaa8 add ipsec 2005-07-14 18:15:47 +00:00
Chris PeBenito
493d6c4adc add nscd 2005-07-13 20:48:51 +00:00
Chris PeBenito
df00b2e235 * fix chroot exec interface
* more TODO cleanup
* move IPC out of generic domtrans interfaces
2005-07-13 18:29:08 +00:00
Chris PeBenito
b24f35d8a3 more cleanup of current TODOs 2005-07-12 20:34:24 +00:00
Chris PeBenito
4051d15b62 fix xml 2005-07-11 19:15:54 +00:00
Chris PeBenito
ae9e2716c3 fix more TODOs. fix selinux.te to selinuxutil.te in optionals 2005-07-11 19:02:50 +00:00
Chris PeBenito
a42ca7ebec another round of TODO cleanup 2005-07-08 20:44:57 +00:00
Chris PeBenito
e5f8060316 implement direct_sysadm_daemon 2005-07-07 15:25:28 +00:00
Chris PeBenito
c98340cfeb support for targeted policy 2005-07-06 20:28:29 +00:00
Chris PeBenito
bb32544d61 add missing ssh file contexts 2005-07-06 15:59:54 +00:00
Chris PeBenito
9726b31857 add unconfined 2005-07-05 20:59:51 +00:00
Chris PeBenito
2745476e4a add required tags 2005-07-05 17:47:15 +00:00
Chris PeBenito
a7a9799d79 convert can_kerberos() 2005-07-01 13:31:34 +00:00
Chris PeBenito
fd89e19f12 more work on current modules 2005-06-30 18:54:08 +00:00
Chris PeBenito
ebdc3b7902 clean up more todos 2005-06-29 20:53:53 +00:00
Chris PeBenito
d233bfce3f make layer summary required 2005-06-29 16:54:13 +00:00
Chris PeBenito
8fd3673225 another round of renaming, for consistency 2005-06-29 14:26:41 +00:00
Chris PeBenito
96ce00afcc add logrotate, more low-hanging fruit 2005-06-28 20:54:49 +00:00
Chris PeBenito
cbca03f513 add lost_found_t manage, rename fs_type attribute to filesystem_type and rename fs_make_fs to fs_type 2005-06-28 17:48:59 +00:00
Chris PeBenito
783b38347e more low hanging fruit cleanup 2005-06-28 17:32:57 +00:00
Chris PeBenito
58c3da55f3 add fstools, and more cleanup 2005-06-27 20:59:28 +00:00
Chris PeBenito
80436b9b8f changes to make inetd work 2005-06-27 18:37:33 +00:00
Chris PeBenito
ab940a4cc1 autofs_t and ypbind cleanup 2005-06-27 16:30:55 +00:00
Chris PeBenito
e88003ffe3 xml updates and nis stuff 2005-06-24 20:37:09 +00:00
Chris PeBenito
62a7b02c5b add/update comments 2005-06-24 13:36:57 +00:00
Chris PeBenito
414e415198 update for new documentation method 2005-06-23 21:30:57 +00:00
Chris PeBenito
19ea99d495 fix 2005-06-23 16:06:39 +00:00
Chris PeBenito
261e0e66ee shorten some xml tags 2005-06-23 16:00:05 +00:00
Chris PeBenito
007ca5600c more setcurrent stuff 2005-06-23 15:37:39 +00:00
Chris PeBenito
2a3478cf15 fixes pointed out by steve, plus fixes revealed by the added assertions 2005-06-23 14:19:56 +00:00
Chris PeBenito
9ccd96dfc6 more work on ssh, plus import ssh-agent 2005-06-22 21:14:48 +00:00
Chris PeBenito
199895e201 move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00
Chris PeBenito
cbc9d6951a remove remaining _depend macros to prep for switchover to interface declaration macro 2005-06-22 16:07:14 +00:00
Chris PeBenito
0404a3903a initial commit of ssh. 2005-06-21 21:07:46 +00:00
Chris PeBenito
21871a5cf6 work on newrole policy 2005-06-21 17:01:45 +00:00
Chris PeBenito
e04b8e7832 initial commit 2005-06-20 18:43:14 +00:00
Chris PeBenito
57869a681e XML: encapsulate modules in layers, rather then layer being an attribute of
module tag
2005-06-20 18:40:44 +00:00
Chris PeBenito
7a2f20a315 more work to clean up and complete current modules 2005-06-20 17:41:29 +00:00
Chris PeBenito
139520a233 review of system interfaces 2005-06-17 17:59:26 +00:00
Chris PeBenito
0e721690dc misc cleanup 2005-06-16 20:54:18 +00:00
Chris PeBenito
d35c621eb0 add a couple more nfs and cifs interfaces, to cover most of the
use_(nfs|cifs)_home_dirs tunable
2005-06-16 20:33:51 +00:00
Chris PeBenito
77c124c8cd eliminate _depend macros 2005-06-16 20:30:59 +00:00
Chris PeBenito
5e0da6a03e finish renaming system/selinux to system/selinuxutil 2005-06-14 20:48:34 +00:00
Chris PeBenito
be4a8011d4 move selinux to selinuxutil 2005-06-14 20:12:46 +00:00
Chris PeBenito
8bd6789954 move constraints interfaces to domain module. move sysfs and usbfs to
devices module
2005-06-14 19:56:46 +00:00
Chris PeBenito
810f2b7155 fix typo 2005-06-14 18:15:01 +00:00
Chris PeBenito
b57dd19400 stray renames in distro_redhat 2005-06-14 17:36:21 +00:00
Chris PeBenito
3eed10909e convert relevant conditionals into tunable_policy 2005-06-14 14:43:04 +00:00
Chris PeBenito
fa7bea8feb rename requires_block_tempalte to gen_require 2005-06-13 20:47:04 +00:00
Chris PeBenito
34c8fabeeb tunables work 2005-06-13 20:44:23 +00:00
Chris PeBenito
31908be07f a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00
Chris PeBenito
5a45e70177 rename setattr removable_device_t 2005-06-13 20:00:36 +00:00
Karl MacMillan
8700497fb1 Updates to documentation. 2005-06-13 19:22:00 +00:00
Chris PeBenito
c9428d33dc renaming insanity 2005-06-13 17:35:46 +00:00
Karl MacMillan
f0c985ca80 Devices rename. 2005-06-13 16:22:32 +00:00
Chris PeBenito
0fd9dc55cf renaming insanity 2005-06-10 01:01:13 +00:00
Chris PeBenito
a154cd45f3 reorder 2005-06-09 21:07:58 +00:00
Chris PeBenito
588ffaeb7f kernel.if renaming 2005-06-09 20:50:17 +00:00
Chris PeBenito
cc41a97c99 aliases 2005-06-09 18:08:26 +00:00
Chris PeBenito
d90b274e40 for now, drop infoflow tags 2005-06-09 17:23:53 +00:00
Chris PeBenito
dd822947d2 aliases 2005-06-09 14:50:48 +00:00
Chris PeBenito
80048ca5d2 aliases 2005-06-09 14:26:05 +00:00
Chris PeBenito
5d31560b4d genhomedircon entries 2005-06-08 22:32:43 +00:00
Chris PeBenito
5552ed88f3 initial commit 2005-06-08 22:32:33 +00:00
Chris PeBenito
7edd02d4f1 aliasing 2005-06-08 21:07:03 +00:00
Chris PeBenito
b29d23f315 initial commit 2005-06-08 20:49:16 +00:00
Chris PeBenito
066d463147 comment fix 2005-06-08 16:16:41 +00:00
Chris PeBenito
a7197232e8 add can_exec 2005-06-08 13:41:05 +00:00
Chris PeBenito
763c441e3b start renaming filesystem interfaces 2005-06-08 13:12:00 +00:00
Chris PeBenito
3865d6b95e add xml 2005-06-07 22:36:07 +00:00
Chris PeBenito
254bbc7bb3 start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00
Chris PeBenito
2d68932a8d fix broken macros 2005-06-07 14:46:20 +00:00
Chris PeBenito
a1d2e8ab29 add domain(_auto)_trans 2005-06-07 14:43:14 +00:00
Chris PeBenito
eb7f9a34cb move audit to logging 2005-06-07 14:27:19 +00:00
Chris PeBenito
ef5e55c9fa move to logging 2005-06-07 14:16:14 +00:00
Chris PeBenito
0c73cd2526 change over to some perm set macros. add indentation 2005-06-03 12:25:14 +00:00
Chris PeBenito
d115660e3b change network verb in corenetwork to sendrecv 2005-06-02 18:55:47 +00:00
Chris PeBenito
cabfa520aa move fs_use and isids to respective modules 2005-06-02 15:39:10 +00:00
Chris PeBenito
aa40608fbe remove copyright until licensing issues are resolved 2005-06-01 17:34:13 +00:00
Chris PeBenito
e32d52ba47 fix xml 2005-06-01 14:17:43 +00:00
Chris PeBenito
1293184998 last fixes for cab 2005-06-01 13:51:54 +00:00
Chris PeBenito
d115b24712 more cab work 2005-05-31 23:02:11 +00:00
Chris PeBenito
3b857eae09 add some file_t interfaces, and console write 2005-05-31 21:25:45 +00:00
Chris PeBenito
4bf4ed9e68 permission set macro changes, plus more cab related work 2005-05-31 19:52:57 +00:00
Chris PeBenito
f5c42bd80b many fixes from cab work 2005-05-30 21:17:20 +00:00
Chris PeBenito
32e53ac1b8 cleanup inspired by sediff 2005-05-27 21:56:01 +00:00
Chris PeBenito
c6fd1f85ba restructure users, and add signalling 2005-05-27 20:44:05 +00:00
Chris PeBenito
dd31631500 fix ordering and put in var_lib_t 2005-05-27 20:29:17 +00:00
Chris PeBenito
d490eb6b5c fixes from cab 2005-05-26 20:38:45 +00:00
Chris PeBenito
efd8ede34d many fixes from cab testing 2005-05-25 20:58:21 +00:00
Chris PeBenito
cbeef67c1c cleanup 2005-05-24 22:22:26 +00:00
Chris PeBenito
e7fcdc6d2f fix the object class in process transition interfaces 2005-05-24 20:45:27 +00:00
Chris PeBenito
dc771ff40e another cleanup pass 2005-05-24 15:55:57 +00:00
Chris PeBenito
6b48fd013c stuff from rpm 2005-05-23 17:56:35 +00:00
Chris PeBenito
57440fb076 add dontaudit shadow_t getattr 2005-05-23 17:56:26 +00:00
Chris PeBenito
39255175ca move in stuff from rpm 2005-05-23 17:01:51 +00:00
Chris PeBenito
15a9613ca4 add ldconfig and rpm transitions 2005-05-23 15:51:33 +00:00
Chris PeBenito
162a57e583 add missing xml 2005-05-23 15:50:12 +00:00
Chris PeBenito
46410fd2b9 add tmpfsfile support 2005-05-23 15:49:31 +00:00
Chris PeBenito
1c9f9a50df add signull all domains 2005-05-23 15:49:03 +00:00
Chris PeBenito
3000a31552 make transition on shell work 2005-05-23 15:48:45 +00:00
Chris PeBenito
48e0dbd63e add ldconfig 2005-05-23 15:45:53 +00:00
Chris PeBenito
e32c0d3b86 add mls sensitivity to genfscon, initial sids and fs_use 2005-05-20 20:43:18 +00:00
Chris PeBenito
daa0e0b01f add xml comments to interfaces, convert over userdomain stuff 2005-05-19 21:06:06 +00:00
Chris PeBenito
bee546bfd4 add context template to support mls 2005-05-18 21:02:15 +00:00
Chris PeBenito
26c87e0c42 add userdomain:fd use 2005-05-18 21:00:56 +00:00
Chris PeBenito
490639cd57 add a xml comment 2005-05-18 21:00:30 +00:00
Chris PeBenito
2e77b29e67 add xml 2005-05-18 21:00:00 +00:00
Chris PeBenito
8623d5b854 move run_init to selinux, as it is part of policycoreutils 2005-05-18 16:03:54 +00:00
Chris PeBenito
1786071159 rename some selinuxfs interfaces for more clarity 2005-05-18 13:22:37 +00:00
Chris PeBenito
ef373408a6 add source policy interfaces 2005-05-18 13:21:28 +00:00
Chris PeBenito
5817e3a820 add renice all domains 2005-05-18 13:21:00 +00:00
Chris PeBenito
76bff31d96 add admin template 2005-05-18 13:20:16 +00:00
Chris PeBenito
4d8ddf9a4f start adding admin template 2005-05-18 13:18:49 +00:00
Chris PeBenito
dd14d0d892 change read_shared_libraries to use_shared_libraries, since the execute
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
2005-05-17 15:32:52 +00:00
Chris PeBenito
650e75c57d initial commit 2005-05-16 21:11:26 +00:00
Chris PeBenito
b16c6b8c32 start adding user domains. fix ttynode and ptynode handling, as they're
more then user terminals (at least ptynode is).  start adding XML comments
2005-05-16 21:10:33 +00:00
Chris PeBenito
ff31386090 move make_{daemon,init,system}_domain to init to fix type_transition'ing 2005-05-13 20:21:50 +00:00
Chris PeBenito
24a7ae1a5a add lvm.fc, and move relevant entries to devices.fc and storage.fc 2005-05-13 15:03:19 +00:00
Chris PeBenito
7bba9d317a pile of updates 2005-05-13 14:37:13 +00:00
Chris PeBenito
1bde8321dd initial commit 2005-05-13 14:36:35 +00:00
Chris PeBenito
075c4fdaf1 additions for cron and mta 2005-05-12 20:50:09 +00:00
Chris PeBenito
fb1aee72f4 add iface creating private logs 2005-05-11 20:54:14 +00:00
Chris PeBenito
d25dd9c1c2 add make temporary_file and daemon_runtime_file 2005-05-11 19:36:36 +00:00
Chris PeBenito
38e24ae49e add files_make_temporary_file and remove type attribute from
create_private_tmp
2005-05-11 19:21:40 +00:00
Chris PeBenito
24280a524d updates needed for cron 2005-05-11 19:05:15 +00:00
Chris PeBenito
3ec805f7e5 add read and search for etc_t:dir 2005-05-11 16:48:10 +00:00
Chris PeBenito
118186e3dc make a reasonable lib_t interface 2005-05-11 15:46:51 +00:00
Chris PeBenito
1832271029 reorder for more consistency 2005-05-11 15:22:28 +00:00
Chris PeBenito
b3416a3762 initial commit 2005-05-10 20:06:19 +00:00
Chris PeBenito
eeb2558418 leftover from netutils 2005-05-10 20:06:04 +00:00
Chris PeBenito
f8ec0ad43b initial commit 2005-05-10 19:51:00 +00:00
Chris PeBenito
279b555ae3 reorder to fit file context style rules 2005-05-10 19:47:37 +00:00
Chris PeBenito
6f50b57665 use ptys 2005-05-10 15:03:56 +00:00
Chris PeBenito
2812bfac86 fix hotplug optional 2005-05-10 15:00:54 +00:00
Chris PeBenito
13e94c09e4 more authlogin handling 2005-05-09 21:07:53 +00:00
Chris PeBenito
5c162193b7 move system_chkpwd to .te rather then using template, so that the
ifelse(system,..) can be eliminated
2005-05-09 21:06:51 +00:00
Chris PeBenito
cb28738d20 priv* attribute fixes for sulogin 2005-05-09 21:05:01 +00:00
Chris PeBenito
c18e825f57 unexpand can_kerberos 2005-05-09 21:03:38 +00:00
Chris PeBenito
a9a20ddaae allow all domains to use /dev/{zero,null,tty} 2005-05-09 19:55:01 +00:00
Chris PeBenito
e843cc89fd reorder restorecon and setfiles relabel rules for consistency 2005-05-09 19:06:56 +00:00
Chris PeBenito
a1f94a3441 clean up authentication attributes 2005-05-09 18:50:20 +00:00
Chris PeBenito
96b0000f1b start adding infrastructure for the constraint exceptions 2005-05-09 17:47:57 +00:00
Chris PeBenito
18f25afdf6 start adding infrastructure for the constraint exceptions 2005-05-09 17:41:29 +00:00
Chris PeBenito
c5b5a7479a cleanup 2005-05-09 15:40:56 +00:00
Chris PeBenito
5d7e8ba6fb add sulogin 2005-05-09 15:38:06 +00:00
Chris PeBenito
15e3d8e8bc initial commit 2005-05-09 13:26:33 +00:00
Chris PeBenito
b2b38c78d4 initial commit 2005-05-05 21:40:32 +00:00
Chris PeBenito
ec81ecb30c add read fonts 2005-05-05 21:36:53 +00:00
Chris PeBenito
2274f9ae4a initial commit 2005-05-05 21:18:27 +00:00
Chris PeBenito
0fef98c405 add legacy read locale 2005-05-05 20:33:35 +00:00
Chris PeBenito
ebf7600f20 cleanup 2005-05-05 19:04:51 +00:00
Chris PeBenito
bbd6a62111 convert over to system_domain, plus a couple init cleanups 2005-05-05 18:30:00 +00:00
Chris PeBenito
d0eddb6b0d add in system_domain 2005-05-05 17:44:11 +00:00
Chris PeBenito
f66a1af94b move type delcarations after attribute delcarations to fix a typeattribute
ordering issue. comment out the TODO types with a # so they don't get moved
2005-05-05 14:08:26 +00:00
Chris PeBenito
df431c87fb add missing copyright and policy_module lines 2005-05-05 14:01:59 +00:00
Chris PeBenito
f1470e5ede rules picked up from sediff 2005-05-04 21:44:51 +00:00
Chris PeBenito
849380bd9a add usermanage 2005-05-04 19:15:13 +00:00
Chris PeBenito
1e5c2a416a more conversion 2005-05-04 17:01:46 +00:00
Chris PeBenito
bd202fe157 clean up interfaces for new binary module optional structure 2005-05-04 13:19:47 +00:00
Chris PeBenito
f1578d05a9 stuff from sysnetwork 2005-05-04 13:16:34 +00:00
Chris PeBenito
0bc32e04de a few more copied over 2005-05-04 13:16:09 +00:00
Chris PeBenito
0d7ad32935 start moving in dhcpc and ifconfig 2005-05-04 13:14:48 +00:00
Chris PeBenito
75a10baf44 add in pam console 2005-05-03 21:04:20 +00:00
Chris PeBenito
b2e0625ca1 more conversion due to new interfaces 2005-05-03 20:44:35 +00:00
Chris PeBenito
3ce6cb4a45 fill pam and utempter authlogin policy and fix up interfaces 2005-05-03 20:23:33 +00:00
Chris PeBenito
07d6e32f44 reorg run_init a little, and add a convert to a few new interfaces 2005-05-02 21:02:14 +00:00
Chris PeBenito
ab64c30fc3 add newrole:fd use 2005-05-02 21:01:31 +00:00
Chris PeBenito
3a9aef9246 updates 2005-05-02 21:01:08 +00:00
Chris PeBenito
6b93833ba0 initial commit 2005-05-02 19:24:29 +00:00
Chris PeBenito
25baab18d1 switch over to tunable_policy and optional_policy 2005-05-02 19:22:58 +00:00
Chris PeBenito
dfaf6c2ad8 add authlogin_read_pam_runtime_data and cleanup interfaces 2005-05-02 18:41:20 +00:00
Chris PeBenito
9f2f9e6dfe add ignore read rootfs file 2005-05-02 18:40:42 +00:00
Chris PeBenito
d0b6abebb9 add in use and ignore use init control channel interfaces 2005-05-02 18:40:05 +00:00
Chris PeBenito
ba7740d145 handful of changes 2005-05-02 18:38:02 +00:00
Chris PeBenito
c3c58c5d8e move in rule from hotplug 2005-05-02 18:37:24 +00:00
Chris PeBenito
1b909968df add in missing policy_module line 2005-05-02 18:36:51 +00:00
Chris PeBenito
fc83dba9a0 domains not needed for execute interface 2005-05-02 18:36:11 +00:00
Chris PeBenito
85bd7f1ffa add in transition and execute interfaces, and newrole sigchld interface 2005-05-02 18:18:45 +00:00
Chris PeBenito
e9a6fcb8f1 fix privfd 2005-04-29 21:00:40 +00:00
Chris PeBenito
a7ed44d531 initial commit 2005-04-29 20:16:38 +00:00
Chris PeBenito
a2d8246bf6 make mountpoints work, plus misc 2005-04-28 21:41:09 +00:00
Chris PeBenito
07efe969fe initial local login commit 2005-04-28 19:50:58 +00:00
Chris PeBenito
ee5772e455 add bulk of selinux module policy, and add required interfaces 2005-04-28 18:59:01 +00:00
Chris PeBenito
f9cfa192a4 minor fixes 2005-04-28 18:58:39 +00:00
Chris PeBenito
3009816bcd convert over optional policy to optional_policy macro 2005-04-28 15:48:27 +00:00
Chris PeBenito
4fbd2ee111 remove entrypoint assertion 2005-04-28 15:46:53 +00:00
Chris PeBenito
4600e08867 reorganize the policy 2005-04-28 15:46:23 +00:00
Chris PeBenito
dfb86adde5 initial commit 2005-04-28 15:45:32 +00:00
Chris PeBenito
b5ab18b3f1 initial commit 2005-04-28 13:41:37 +00:00
Chris PeBenito
55f4564e31 start merging in rules from daemon domain 2005-04-27 21:56:41 +00:00
Chris PeBenito
889c9a9789 add init_t:fd use interface and initrc pty rw interface 2005-04-27 21:56:12 +00:00
Chris PeBenito
bcd35991d1 daemon domain allows noatsecure siginh rlimitinh, not dontaudit 2005-04-27 21:55:18 +00:00
Chris PeBenito
3016a9ff95 initial commit 2005-04-26 21:12:52 +00:00
Chris PeBenito
f9438fdfd1 add search all dirs 2005-04-26 21:12:32 +00:00
Chris PeBenito
e064a64b0e move system_chkpwd to fix ordering issue with checkpolicy 2005-04-26 21:10:11 +00:00
Chris PeBenito
8beec89d27 add legacy lib use 2005-04-26 19:10:29 +00:00
Chris PeBenito
960373dddd add module statement macro and entrypoint executable attribute to replicate
can_exec($1,exec_type)
2005-04-26 17:00:25 +00:00
Chris PeBenito
94edcc5c83 fix tmp_domain 2005-04-25 21:44:48 +00:00
Chris PeBenito
5f75f56066 move modules_object_t back to bootloader 2005-04-25 21:32:09 +00:00
Chris PeBenito
91a7ab6cb3 add sysnetwork 2005-04-25 21:28:25 +00:00
Chris PeBenito
b303042477 add missing transition dontaudits 2005-04-25 21:07:59 +00:00
Chris PeBenito
549180e874 initial commit 2005-04-25 20:13:45 +00:00
Chris PeBenito
219bcf7a8f attack with sediff, make fs:getattr interfaces consistent, create init and
daemon domains
2005-04-25 19:54:27 +00:00
Chris PeBenito
a266e3cc83 restructure kernel module to be consistent with other module ordering. put
in missing rules.  fix naming problems
2005-04-25 16:11:21 +00:00
Chris PeBenito
343a231d5f reorg 2005-04-22 22:00:09 +00:00
Chris PeBenito
22e1131e23 fix te trans error 2005-04-22 22:00:02 +00:00
Chris PeBenito
8a0da1086c make getattr and setattr interfaces and make naming consistent 2005-04-22 19:31:32 +00:00
Chris PeBenito
33bc0dd994 clean up some filesystem assoc 2005-04-21 22:46:49 +00:00
Chris PeBenito
0e730cc8e1 complete corenetwork 2005-04-21 21:53:15 +00:00
Chris PeBenito
1f7b37c585 insmod can be run directly from kernel; fix update_modules errors 2005-04-21 21:35:45 +00:00
Chris PeBenito
9eb5e812fe exec and transition interfaces, plus include mod object symlinks in reading modules 2005-04-21 21:34:47 +00:00
Chris PeBenito
32b5029cc5 uncomment test file 2005-04-21 21:34:08 +00:00
Chris PeBenito
5a95221115 add devlog_t symlink to loggers 2005-04-21 21:33:50 +00:00
Chris PeBenito
033c80e683 rename files_manage_general_lock_files() to more appropriate files_manage_system_lock_files() 2005-04-21 13:35:01 +00:00
Chris PeBenito
7c5d78fbca more insmod work, bring in depmod and update_modules 2005-04-20 21:00:01 +00:00
Chris PeBenito
bd76460f61 more comments 2005-04-20 19:14:56 +00:00
Chris PeBenito
e181fe05d8 add copyright statement 2005-04-20 19:07:16 +00:00
Chris PeBenito
0154356271 initial commit 2005-04-20 13:24:10 +00:00
Chris PeBenito
879b00fe60 initial commit 2005-04-19 21:08:13 +00:00
Chris PeBenito
67e2ff428c initial commit 2005-04-19 20:51:05 +00:00
Chris PeBenito
c4890efc00 add per-userdomain template, and shadow_t interfaces 2005-04-19 20:45:54 +00:00
Chris PeBenito
3ba13bbf03 add all types for this module 2005-04-19 20:45:24 +00:00
Chris PeBenito
4ddc1abd78 add all types for this module, and add klogd policy 2005-04-19 20:44:52 +00:00