Chris PeBenito
|
bbd6a62111
|
convert over to system_domain, plus a couple init cleanups
|
2005-05-05 18:30:00 +00:00 |
|
Chris PeBenito
|
4fc91539f6
|
initial commit
|
2005-05-05 17:44:36 +00:00 |
|
Chris PeBenito
|
d0eddb6b0d
|
add in system_domain
|
2005-05-05 17:44:11 +00:00 |
|
Chris PeBenito
|
f66a1af94b
|
move type delcarations after attribute delcarations to fix a typeattribute
ordering issue. comment out the TODO types with a # so they don't get moved
|
2005-05-05 14:08:26 +00:00 |
|
Chris PeBenito
|
23af43bfef
|
fix depends
|
2005-05-05 14:02:32 +00:00 |
|
Chris PeBenito
|
df431c87fb
|
add missing copyright and policy_module lines
|
2005-05-05 14:01:59 +00:00 |
|
Chris PeBenito
|
f1470e5ede
|
rules picked up from sediff
|
2005-05-04 21:44:51 +00:00 |
|
Chris PeBenito
|
849380bd9a
|
add usermanage
|
2005-05-04 19:15:13 +00:00 |
|
Chris PeBenito
|
1e5c2a416a
|
more conversion
|
2005-05-04 17:01:46 +00:00 |
|
Chris PeBenito
|
bd202fe157
|
clean up interfaces for new binary module optional structure
|
2005-05-04 13:19:47 +00:00 |
|
Chris PeBenito
|
f1578d05a9
|
stuff from sysnetwork
|
2005-05-04 13:16:34 +00:00 |
|
Chris PeBenito
|
0bc32e04de
|
a few more copied over
|
2005-05-04 13:16:09 +00:00 |
|
Chris PeBenito
|
0d7ad32935
|
start moving in dhcpc and ifconfig
|
2005-05-04 13:14:48 +00:00 |
|
Chris PeBenito
|
75a10baf44
|
add in pam console
|
2005-05-03 21:04:20 +00:00 |
|
Chris PeBenito
|
b2e0625ca1
|
more conversion due to new interfaces
|
2005-05-03 20:44:35 +00:00 |
|
Chris PeBenito
|
3ce6cb4a45
|
fill pam and utempter authlogin policy and fix up interfaces
|
2005-05-03 20:23:33 +00:00 |
|
Chris PeBenito
|
07d6e32f44
|
reorg run_init a little, and add a convert to a few new interfaces
|
2005-05-02 21:02:14 +00:00 |
|
Chris PeBenito
|
ab64c30fc3
|
add newrole:fd use
|
2005-05-02 21:01:31 +00:00 |
|
Chris PeBenito
|
3a9aef9246
|
updates
|
2005-05-02 21:01:08 +00:00 |
|
Chris PeBenito
|
6b93833ba0
|
initial commit
|
2005-05-02 19:24:29 +00:00 |
|
Chris PeBenito
|
25baab18d1
|
switch over to tunable_policy and optional_policy
|
2005-05-02 19:22:58 +00:00 |
|
Chris PeBenito
|
f360f82f54
|
fix stupid _depend define errors (s/ifdef/define/g)
|
2005-05-02 19:19:06 +00:00 |
|
Chris PeBenito
|
67484fced4
|
add ignore read system state
|
2005-05-02 18:42:33 +00:00 |
|
Chris PeBenito
|
de2cee6817
|
add tty_device_t and devpts_t chr_file interfaces
|
2005-05-02 18:42:10 +00:00 |
|
Chris PeBenito
|
dfaf6c2ad8
|
add authlogin_read_pam_runtime_data and cleanup interfaces
|
2005-05-02 18:41:20 +00:00 |
|
Chris PeBenito
|
9f2f9e6dfe
|
add ignore read rootfs file
|
2005-05-02 18:40:42 +00:00 |
|
Chris PeBenito
|
d0b6abebb9
|
add in use and ignore use init control channel interfaces
|
2005-05-02 18:40:05 +00:00 |
|
Chris PeBenito
|
ba7740d145
|
handful of changes
|
2005-05-02 18:38:02 +00:00 |
|
Chris PeBenito
|
c3c58c5d8e
|
move in rule from hotplug
|
2005-05-02 18:37:24 +00:00 |
|
Chris PeBenito
|
1b909968df
|
add in missing policy_module line
|
2005-05-02 18:36:51 +00:00 |
|
Chris PeBenito
|
fc83dba9a0
|
domains not needed for execute interface
|
2005-05-02 18:36:11 +00:00 |
|
Chris PeBenito
|
85bd7f1ffa
|
add in transition and execute interfaces, and newrole sigchld interface
|
2005-05-02 18:18:45 +00:00 |
|
Chris PeBenito
|
5eafc37492
|
add append to /dev/null write
|
2005-05-02 15:42:20 +00:00 |
|
Chris PeBenito
|
e9a6fcb8f1
|
fix privfd
|
2005-04-29 21:00:40 +00:00 |
|
Chris PeBenito
|
4472f3ec01
|
doh
|
2005-04-29 21:00:29 +00:00 |
|
Chris PeBenito
|
7009881cc0
|
add in missing devices
|
2005-04-29 20:35:49 +00:00 |
|
Chris PeBenito
|
05a5cdccc3
|
add a few missing ports, and ppp_device_t
|
2005-04-29 20:22:04 +00:00 |
|
Chris PeBenito
|
a7ed44d531
|
initial commit
|
2005-04-29 20:16:38 +00:00 |
|
Chris PeBenito
|
a2d8246bf6
|
make mountpoints work, plus misc
|
2005-04-28 21:41:09 +00:00 |
|
Chris PeBenito
|
07efe969fe
|
initial local login commit
|
2005-04-28 19:50:58 +00:00 |
|
Chris PeBenito
|
ee5772e455
|
add bulk of selinux module policy, and add required interfaces
|
2005-04-28 18:59:01 +00:00 |
|
Chris PeBenito
|
f9cfa192a4
|
minor fixes
|
2005-04-28 18:58:39 +00:00 |
|
Chris PeBenito
|
b5860610b4
|
missed that sysctl_dev is a dir too
|
2005-04-28 15:52:42 +00:00 |
|
Chris PeBenito
|
3009816bcd
|
convert over optional policy to optional_policy macro
|
2005-04-28 15:48:27 +00:00 |
|
Chris PeBenito
|
55a46da18a
|
add console setattr if
|
2005-04-28 15:47:50 +00:00 |
|
Chris PeBenito
|
4fbd2ee111
|
remove entrypoint assertion
|
2005-04-28 15:46:53 +00:00 |
|
Chris PeBenito
|
4600e08867
|
reorganize the policy
|
2005-04-28 15:46:23 +00:00 |
|
Chris PeBenito
|
dfb86adde5
|
initial commit
|
2005-04-28 15:45:32 +00:00 |
|
Chris PeBenito
|
b5ab18b3f1
|
initial commit
|
2005-04-28 13:41:37 +00:00 |
|
Chris PeBenito
|
55f4564e31
|
start merging in rules from daemon domain
|
2005-04-27 21:56:41 +00:00 |
|
Chris PeBenito
|
889c9a9789
|
add init_t:fd use interface and initrc pty rw interface
|
2005-04-27 21:56:12 +00:00 |
|
Chris PeBenito
|
bcd35991d1
|
daemon domain allows noatsecure siginh rlimitinh, not dontaudit
|
2005-04-27 21:55:18 +00:00 |
|
Chris PeBenito
|
8119850297
|
add console dontaudit
|
2005-04-27 21:54:39 +00:00 |
|
Chris PeBenito
|
3016a9ff95
|
initial commit
|
2005-04-26 21:12:52 +00:00 |
|
Chris PeBenito
|
f9438fdfd1
|
add search all dirs
|
2005-04-26 21:12:32 +00:00 |
|
Chris PeBenito
|
e064a64b0e
|
move system_chkpwd to fix ordering issue with checkpolicy
|
2005-04-26 21:10:11 +00:00 |
|
Chris PeBenito
|
8beec89d27
|
add legacy lib use
|
2005-04-26 19:10:29 +00:00 |
|
Chris PeBenito
|
960373dddd
|
add module statement macro and entrypoint executable attribute to replicate
can_exec($1,exec_type)
|
2005-04-26 17:00:25 +00:00 |
|
Chris PeBenito
|
94edcc5c83
|
fix tmp_domain
|
2005-04-25 21:44:48 +00:00 |
|
Chris PeBenito
|
5f75f56066
|
move modules_object_t back to bootloader
|
2005-04-25 21:32:09 +00:00 |
|
Chris PeBenito
|
91a7ab6cb3
|
add sysnetwork
|
2005-04-25 21:28:25 +00:00 |
|
Chris PeBenito
|
b303042477
|
add missing transition dontaudits
|
2005-04-25 21:07:59 +00:00 |
|
Chris PeBenito
|
549180e874
|
initial commit
|
2005-04-25 20:13:45 +00:00 |
|
Chris PeBenito
|
219bcf7a8f
|
attack with sediff, make fs:getattr interfaces consistent, create init and
daemon domains
|
2005-04-25 19:54:27 +00:00 |
|
Chris PeBenito
|
a266e3cc83
|
restructure kernel module to be consistent with other module ordering. put
in missing rules. fix naming problems
|
2005-04-25 16:11:21 +00:00 |
|
Chris PeBenito
|
343a231d5f
|
reorg
|
2005-04-22 22:00:09 +00:00 |
|
Chris PeBenito
|
22e1131e23
|
fix te trans error
|
2005-04-22 22:00:02 +00:00 |
|
Chris PeBenito
|
8a0da1086c
|
make getattr and setattr interfaces and make naming consistent
|
2005-04-22 19:31:32 +00:00 |
|
Chris PeBenito
|
33bc0dd994
|
clean up some filesystem assoc
|
2005-04-21 22:46:49 +00:00 |
|
Chris PeBenito
|
0e730cc8e1
|
complete corenetwork
|
2005-04-21 21:53:15 +00:00 |
|
Chris PeBenito
|
1f7b37c585
|
insmod can be run directly from kernel; fix update_modules errors
|
2005-04-21 21:35:45 +00:00 |
|
Chris PeBenito
|
9eb5e812fe
|
exec and transition interfaces, plus include mod object symlinks in reading modules
|
2005-04-21 21:34:47 +00:00 |
|
Chris PeBenito
|
32b5029cc5
|
uncomment test file
|
2005-04-21 21:34:08 +00:00 |
|
Chris PeBenito
|
5a95221115
|
add devlog_t symlink to loggers
|
2005-04-21 21:33:50 +00:00 |
|
Chris PeBenito
|
bf9e1e3f72
|
logging and modutils updates
|
2005-04-21 21:32:54 +00:00 |
|
Chris PeBenito
|
033c80e683
|
rename files_manage_general_lock_files() to more appropriate files_manage_system_lock_files()
|
2005-04-21 13:35:01 +00:00 |
|
Chris PeBenito
|
7c5d78fbca
|
more insmod work, bring in depmod and update_modules
|
2005-04-20 21:00:01 +00:00 |
|
Chris PeBenito
|
bd76460f61
|
more comments
|
2005-04-20 19:14:56 +00:00 |
|
Chris PeBenito
|
099c8b2475
|
remove unneeded genfs_contexts
|
2005-04-20 19:10:59 +00:00 |
|
Chris PeBenito
|
e181fe05d8
|
add copyright statement
|
2005-04-20 19:07:16 +00:00 |
|
Chris PeBenito
|
0154356271
|
initial commit
|
2005-04-20 13:24:10 +00:00 |
|
Chris PeBenito
|
879b00fe60
|
initial commit
|
2005-04-19 21:08:13 +00:00 |
|
Chris PeBenito
|
67e2ff428c
|
initial commit
|
2005-04-19 20:51:05 +00:00 |
|
Chris PeBenito
|
f0872d22b4
|
add cap sys_rawio to raw memory access interfaces
|
2005-04-19 20:47:29 +00:00 |
|
Chris PeBenito
|
c4890efc00
|
add per-userdomain template, and shadow_t interfaces
|
2005-04-19 20:45:54 +00:00 |
|
Chris PeBenito
|
3ba13bbf03
|
add all types for this module
|
2005-04-19 20:45:24 +00:00 |
|
Chris PeBenito
|
4ddc1abd78
|
add all types for this module, and add klogd policy
|
2005-04-19 20:44:52 +00:00 |
|
Chris PeBenito
|
8c77177b75
|
add interface to send syslog messages
|
2005-04-19 20:44:07 +00:00 |
|
Chris PeBenito
|
5050e500fe
|
use interface to send syslog messages
|
2005-04-19 20:43:44 +00:00 |
|
Chris PeBenito
|
b470e3896b
|
initial commit
|
2005-04-19 20:42:32 +00:00 |
|
Chris PeBenito
|
f0578249d1
|
reorganize and add rootfs dontaudits
|
2005-04-19 18:58:16 +00:00 |
|
Chris PeBenito
|
7aebdb853d
|
add rootfs dontaudits for use in init.te
|
2005-04-19 18:57:13 +00:00 |
|
Chris PeBenito
|
053f6a200a
|
add dontaudit fs getattr
|
2005-04-19 18:56:47 +00:00 |
|
Chris PeBenito
|
88d14a22b6
|
bring over more targets from strict policy, and add more checking
|
2005-04-19 13:53:51 +00:00 |
|
Chris PeBenito
|
5496553038
|
kernel can load modules
|
2005-04-19 13:52:45 +00:00 |
|
Chris PeBenito
|
7f89c7efc6
|
hold off on improving
|
2005-04-19 13:46:06 +00:00 |
|
Chris PeBenito
|
1ea98d0407
|
remove relabeling privilege for now
|
2005-04-18 20:27:16 +00:00 |
|
Chris PeBenito
|
57d236548b
|
move assert.te here
|
2005-04-18 20:17:25 +00:00 |
|
Chris PeBenito
|
5d78128fda
|
add interface to associate to filesystems w/o xattr. allow regular files to
associate to no xattr filesystems
|
2005-04-16 17:20:59 +00:00 |
|
Chris PeBenito
|
70dcf798e9
|
add boot_runtime_t
|
2005-04-16 17:18:34 +00:00 |
|
Chris PeBenito
|
b4cd153394
|
initial commit
|
2005-04-14 20:18:17 +00:00 |
|