Commit Graph

417 Commits

Author SHA1 Message Date
Chris PeBenito
0350b1dc7f support_modules is finally gone, and modules.disable->modules.conf 2005-06-08 21:03:00 +00:00
Chris PeBenito
b29d23f315 initial commit 2005-06-08 20:49:16 +00:00
Chris PeBenito
c2c00bee05 add aliases 2005-06-08 20:28:45 +00:00
Karl MacMillan
72bdc60860 Moved and changed user_mls to gen_user. 2005-06-08 20:23:43 +00:00
Karl MacMillan
eb5e237573 Renamed support macros for consistency. 2005-06-08 20:23:12 +00:00
Chris PeBenito
eac7c31055 make infoflow optional 2005-06-08 20:08:24 +00:00
Chris PeBenito
dc5daf8b99 overhaul 2005-06-08 19:57:26 +00:00
Chris PeBenito
9f72a2655f renaming 2005-06-08 18:40:30 +00:00
Chris PeBenito
0c5a288e98 interface renaming 2005-06-08 18:00:04 +00:00
Chris PeBenito
1694dee685 interface renaming 2005-06-08 16:18:08 +00:00
Chris PeBenito
066d463147 comment fix 2005-06-08 16:16:41 +00:00
Chris PeBenito
84eb353cd9 more fixes 2005-06-08 13:44:23 +00:00
Chris PeBenito
a7197232e8 add can_exec 2005-06-08 13:41:05 +00:00
Chris PeBenito
763c441e3b start renaming filesystem interfaces 2005-06-08 13:12:00 +00:00
Chris PeBenito
a9ec5414d1 add interface macro 2005-06-08 13:11:47 +00:00
Chris PeBenito
b46609f09f fix missing _socket in class 2005-06-08 13:08:01 +00:00
Chris PeBenito
3865d6b95e add xml 2005-06-07 22:36:07 +00:00
Chris PeBenito
ddea18b0ad more tunable work 2005-06-07 22:26:39 +00:00
Chris PeBenito
758618b1f3 initial commit 2005-06-07 22:26:11 +00:00
Karl MacMillan
6847e8295c First cut at fixing fc_sort. 2005-06-07 21:20:14 +00:00
Chris PeBenito
2224ed3aa5 remove java 2005-06-07 18:50:35 +00:00
Chris PeBenito
9c25fdd816 add updated dtd 2005-06-07 18:49:44 +00:00
Chris PeBenito
254bbc7bb3 start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00
Chris PeBenito
3a80ec29c6 initial tunable tool fixes 2005-06-07 18:35:18 +00:00
Chris PeBenito
8fb301e9ab 32 is space. ascii <= 32 is all whitespace 2005-06-07 18:26:28 +00:00
Chris PeBenito
89ec2321b7 initial commit 2005-06-07 18:23:00 +00:00
Chris PeBenito
0fbe15dc8a start adding module disable and tunable infrastructure 2005-06-07 15:11:47 +00:00
Chris PeBenito
02b584a174 initial commit 2005-06-07 15:10:43 +00:00
Chris PeBenito
43bc3906c5 initial commit 2005-06-07 14:46:31 +00:00
Chris PeBenito
2d68932a8d fix broken macros 2005-06-07 14:46:20 +00:00
Chris PeBenito
a1d2e8ab29 add domain(_auto)_trans 2005-06-07 14:43:14 +00:00
Chris PeBenito
eb7f9a34cb move audit to logging 2005-06-07 14:27:19 +00:00
Chris PeBenito
ef5e55c9fa move to logging 2005-06-07 14:16:14 +00:00
Chris PeBenito
09693356ac fix appconfig dir 2005-06-06 18:16:41 +00:00
Chris PeBenito
b67488e36a rework policy build options 2005-06-06 18:13:38 +00:00
Chris PeBenito
0c73cd2526 change over to some perm set macros. add indentation 2005-06-03 12:25:14 +00:00
Chris PeBenito
36e54b81f7 initial commit of xml->html conversion 2005-06-02 20:39:32 +00:00
Chris PeBenito
4196997813 add some indentation 2005-06-02 20:26:48 +00:00
Chris PeBenito
d115660e3b change network verb in corenetwork to sendrecv 2005-06-02 18:55:47 +00:00
Chris PeBenito
cabfa520aa move fs_use and isids to respective modules 2005-06-02 15:39:10 +00:00
Chris PeBenito
ca83afe7e6 start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00
Chris PeBenito
44cda51b4f add some comments. make install target install appconfig files 2005-06-01 20:17:47 +00:00
Chris PeBenito
f5d4efd756 add missing system_crond_t transition pieces 2005-06-01 20:16:36 +00:00
Chris PeBenito
98af6c7763 remove extra whitespace 2005-06-01 19:18:54 +00:00
Chris PeBenito
de96491bda move global.if to support_macros at top level 2005-06-01 19:17:13 +00:00
Chris PeBenito
6d9915d615 add missing pieces of crond_t -> $1_crond_t transition 2005-06-01 19:01:28 +00:00
Chris PeBenito
0447352aec use variable for dtd. move policy type to variant section 2005-06-01 19:01:00 +00:00
Chris PeBenito
004db90d3f do dtd verification on xml. fix current xml to be valid 2005-06-01 18:34:34 +00:00
Chris PeBenito
3c62aa31a9 fix policy.xml to not have templates for generated interfaces 2005-06-01 17:45:06 +00:00
Chris PeBenito
2fc84fd172 move user_u and root to users 2005-06-01 17:40:22 +00:00
Chris PeBenito
aa40608fbe remove copyright until licensing issues are resolved 2005-06-01 17:34:13 +00:00
Chris PeBenito
2926f9c788 better handling of appconfig dir 2005-06-01 17:27:56 +00:00
Chris PeBenito
f267dfbb8b fix module name in xml 2005-06-01 17:27:39 +00:00
Chris PeBenito
134191be67 move flask dir to top level, and update them from nsa cvs. move files in
misc to top level.  make mls support work.
2005-06-01 15:40:37 +00:00
Chris PeBenito
7555aab027 initial commit 2005-06-01 14:37:51 +00:00
Chris PeBenito
e32d52ba47 fix xml 2005-06-01 14:17:43 +00:00
Chris PeBenito
1293184998 last fixes for cab 2005-06-01 13:51:54 +00:00
Chris PeBenito
d115b24712 more cab work 2005-05-31 23:02:11 +00:00
Chris PeBenito
3b857eae09 add some file_t interfaces, and console write 2005-05-31 21:25:45 +00:00
Chris PeBenito
b8fca44d3f initial commit 2005-05-31 20:39:15 +00:00
Chris PeBenito
b4c3f54eca initial commit 2005-05-31 19:53:54 +00:00
Chris PeBenito
4bf4ed9e68 permission set macro changes, plus more cab related work 2005-05-31 19:52:57 +00:00
Chris PeBenito
08eb9d1a33 fix tmpfs assoc call 2005-05-31 13:45:37 +00:00
Chris PeBenito
f5c42bd80b many fixes from cab work 2005-05-30 21:17:20 +00:00
Chris PeBenito
32e53ac1b8 cleanup inspired by sediff 2005-05-27 21:56:01 +00:00
Chris PeBenito
16e9b0cb6b rpmbuild_t is not a system domain. also mark it as most likely dead. 2005-05-27 21:29:54 +00:00
Chris PeBenito
c6fd1f85ba restructure users, and add signalling 2005-05-27 20:44:05 +00:00
Chris PeBenito
07da0af7bd tmpfs associate for redhat 2005-05-27 20:43:37 +00:00
Chris PeBenito
dd31631500 fix ordering and put in var_lib_t 2005-05-27 20:29:17 +00:00
Chris PeBenito
d490eb6b5c fixes from cab 2005-05-26 20:38:45 +00:00
Chris PeBenito
c220381539 initial commit 2005-05-26 15:50:53 +00:00
Chris PeBenito
efd8ede34d many fixes from cab testing 2005-05-25 20:58:21 +00:00
Chris PeBenito
c9a26b3e95 add in appconfig files 2005-05-25 20:58:09 +00:00
Chris PeBenito
10abae75d9 initial commit 2005-05-25 19:52:21 +00:00
Chris PeBenito
cbeef67c1c cleanup 2005-05-24 22:22:26 +00:00
Chris PeBenito
3b3bf871a7 cleanup 2005-05-24 21:41:29 +00:00
Chris PeBenito
6f3dab294e initial commit 2005-05-24 21:32:34 +00:00
Chris PeBenito
7d7a36af98 initial commit 2005-05-24 21:23:39 +00:00
Chris PeBenito
e7fcdc6d2f fix the object class in process transition interfaces 2005-05-24 20:45:27 +00:00
Chris PeBenito
547283e29a more fixes 2005-05-24 20:44:31 +00:00
Chris PeBenito
c907b3e2c7 cleanup for corenetwork interface generation 2005-05-24 17:34:29 +00:00
Chris PeBenito
88c72f4408 a few touchups 2005-05-24 17:31:39 +00:00
Chris PeBenito
dc771ff40e another cleanup pass 2005-05-24 15:55:57 +00:00
Chris PeBenito
6276f10155 instead of using macros to drop out non-macro calls during corenetwork
interface generation, use grep to get the macro calls and feed to m4
2005-05-24 15:52:57 +00:00
Chris PeBenito
992aba5f15 initial commit 2005-05-23 17:56:47 +00:00
Chris PeBenito
6b48fd013c stuff from rpm 2005-05-23 17:56:35 +00:00
Chris PeBenito
57440fb076 add dontaudit shadow_t getattr 2005-05-23 17:56:26 +00:00
Chris PeBenito
957e269eb2 fix tmpfs associate infoflow 2005-05-23 17:56:00 +00:00
Chris PeBenito
39255175ca move in stuff from rpm 2005-05-23 17:01:51 +00:00
Chris PeBenito
15a9613ca4 add ldconfig and rpm transitions 2005-05-23 15:51:33 +00:00
Chris PeBenito
162a57e583 add missing xml 2005-05-23 15:50:12 +00:00
Chris PeBenito
46410fd2b9 add tmpfsfile support 2005-05-23 15:49:31 +00:00
Chris PeBenito
1c9f9a50df add signull all domains 2005-05-23 15:49:03 +00:00
Chris PeBenito
3000a31552 make transition on shell work 2005-05-23 15:48:45 +00:00
Chris PeBenito
c4309768f1 add transitions 2005-05-23 15:47:13 +00:00
Chris PeBenito
48e0dbd63e add ldconfig 2005-05-23 15:45:53 +00:00
Chris PeBenito
e32c0d3b86 add mls sensitivity to genfscon, initial sids and fs_use 2005-05-20 20:43:18 +00:00
Chris PeBenito
0d0d2bafd6 add mls port support 2005-05-20 20:23:25 +00:00
Chris PeBenito
085faa06ff add xml comments to generated sections, and add mls support to interfaces
and nodes
2005-05-20 20:07:42 +00:00
Chris PeBenito
daa0e0b01f add xml comments to interfaces, convert over userdomain stuff 2005-05-19 21:06:06 +00:00
Chris PeBenito
bee546bfd4 add context template to support mls 2005-05-18 21:02:15 +00:00
Chris PeBenito
26c87e0c42 add userdomain:fd use 2005-05-18 21:00:56 +00:00
Chris PeBenito
490639cd57 add a xml comment 2005-05-18 21:00:30 +00:00
Chris PeBenito
2e77b29e67 add xml 2005-05-18 21:00:00 +00:00
Chris PeBenito
494e988f80 fix xml 2005-05-18 20:59:38 +00:00
Chris PeBenito
6d314fd3c1 add xml doc generation 2005-05-18 20:58:13 +00:00
Chris PeBenito
8623d5b854 move run_init to selinux, as it is part of policycoreutils 2005-05-18 16:03:54 +00:00
Chris PeBenito
1786071159 rename some selinuxfs interfaces for more clarity 2005-05-18 13:22:37 +00:00
Chris PeBenito
ef373408a6 add source policy interfaces 2005-05-18 13:21:28 +00:00
Chris PeBenito
5817e3a820 add renice all domains 2005-05-18 13:21:00 +00:00
Chris PeBenito
759ba0a459 add get all filesystems quotas 2005-05-18 13:20:38 +00:00
Chris PeBenito
76bff31d96 add admin template 2005-05-18 13:20:16 +00:00
Chris PeBenito
c3dff2e0a2 add device_node:{ chr_file blk_file } getattr; 2005-05-18 13:19:51 +00:00
Chris PeBenito
4d8ddf9a4f start adding admin template 2005-05-18 13:18:49 +00:00
Chris PeBenito
dd14d0d892 change read_shared_libraries to use_shared_libraries, since the execute
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
2005-05-17 15:32:52 +00:00
Chris PeBenito
650e75c57d initial commit 2005-05-16 21:11:26 +00:00
Chris PeBenito
b16c6b8c32 start adding user domains. fix ttynode and ptynode handling, as they're
more then user terminals (at least ptynode is).  start adding XML comments
2005-05-16 21:10:33 +00:00
Chris PeBenito
c6a3a22457 add more parts to send_mail and drop transition since its more then a transition 2005-05-13 20:52:28 +00:00
Chris PeBenito
ff31386090 move make_{daemon,init,system}_domain to init to fix type_transition'ing 2005-05-13 20:21:50 +00:00
Chris PeBenito
24a7ae1a5a add lvm.fc, and move relevant entries to devices.fc and storage.fc 2005-05-13 15:03:19 +00:00
Chris PeBenito
7bba9d317a pile of updates 2005-05-13 14:37:13 +00:00
Chris PeBenito
1bde8321dd initial commit 2005-05-13 14:36:35 +00:00
Chris PeBenito
075c4fdaf1 additions for cron and mta 2005-05-12 20:50:09 +00:00
Chris PeBenito
fd9deeb8ee reorg and a fix 2005-05-12 20:49:39 +00:00
Chris PeBenito
d18e3d73bb add crontab 2005-05-11 20:55:40 +00:00
Chris PeBenito
fb1aee72f4 add iface creating private logs 2005-05-11 20:54:14 +00:00
Chris PeBenito
d25dd9c1c2 add make temporary_file and daemon_runtime_file 2005-05-11 19:36:36 +00:00
Chris PeBenito
38e24ae49e add files_make_temporary_file and remove type attribute from
create_private_tmp
2005-05-11 19:21:40 +00:00
Chris PeBenito
0b1af28713 fix logging_make_log_file use 2005-05-11 19:11:14 +00:00
Chris PeBenito
23caa6d147 initial commit 2005-05-11 19:05:50 +00:00
Chris PeBenito
24280a524d updates needed for cron 2005-05-11 19:05:15 +00:00
Chris PeBenito
3ec805f7e5 add read and search for etc_t:dir 2005-05-11 16:48:10 +00:00
Chris PeBenito
118186e3dc make a reasonable lib_t interface 2005-05-11 15:46:51 +00:00
Chris PeBenito
1832271029 reorder for more consistency 2005-05-11 15:22:28 +00:00
Chris PeBenito
dec1686f0b oops 2005-05-10 20:25:20 +00:00
Chris PeBenito
6b674012fc reorder for more consistency 2005-05-10 20:24:26 +00:00
Chris PeBenito
b3416a3762 initial commit 2005-05-10 20:06:19 +00:00
Chris PeBenito
eeb2558418 leftover from netutils 2005-05-10 20:06:04 +00:00
Chris PeBenito
f8ec0ad43b initial commit 2005-05-10 19:51:00 +00:00
Chris PeBenito
63a310c8cf leftover from modutils 2005-05-10 19:50:41 +00:00
Chris PeBenito
279b555ae3 reorder to fit file context style rules 2005-05-10 19:47:37 +00:00
Chris PeBenito
0f3be6dbbb initial commit 2005-05-10 15:31:48 +00:00
Chris PeBenito
6f50b57665 use ptys 2005-05-10 15:03:56 +00:00
Chris PeBenito
2812bfac86 fix hotplug optional 2005-05-10 15:00:54 +00:00
Chris PeBenito
35b2fb4d41 add v4l_device_t 2005-05-10 14:12:10 +00:00
Chris PeBenito
46be1f32ca add printer_device_t 2005-05-10 13:59:10 +00:00
Chris PeBenito
13e94c09e4 more authlogin handling 2005-05-09 21:07:53 +00:00
Chris PeBenito
5c162193b7 move system_chkpwd to .te rather then using template, so that the
ifelse(system,..) can be eliminated
2005-05-09 21:06:51 +00:00
Chris PeBenito
cb28738d20 priv* attribute fixes for sulogin 2005-05-09 21:05:01 +00:00
Chris PeBenito
c18e825f57 unexpand can_kerberos 2005-05-09 21:03:38 +00:00
Chris PeBenito
a9a20ddaae allow all domains to use /dev/{zero,null,tty} 2005-05-09 19:55:01 +00:00
Chris PeBenito
e843cc89fd reorder restorecon and setfiles relabel rules for consistency 2005-05-09 19:06:56 +00:00
Chris PeBenito
a1f94a3441 clean up authentication attributes 2005-05-09 18:50:20 +00:00
Chris PeBenito
96b0000f1b start adding infrastructure for the constraint exceptions 2005-05-09 17:47:57 +00:00
Chris PeBenito
18f25afdf6 start adding infrastructure for the constraint exceptions 2005-05-09 17:41:29 +00:00
Chris PeBenito
c5b5a7479a cleanup 2005-05-09 15:40:56 +00:00
Chris PeBenito
5d7e8ba6fb add sulogin 2005-05-09 15:38:06 +00:00
Chris PeBenito
15e3d8e8bc initial commit 2005-05-09 13:26:33 +00:00
Chris PeBenito
8e02803ce3 add lvm_vg interfaces and do a little cleanup 2005-05-06 21:36:11 +00:00
Chris PeBenito
b2b38c78d4 initial commit 2005-05-05 21:40:32 +00:00
Chris PeBenito
ec81ecb30c add read fonts 2005-05-05 21:36:53 +00:00
Chris PeBenito
44a43b680b interfaces needed for clock 2005-05-05 21:19:18 +00:00
Chris PeBenito
2274f9ae4a initial commit 2005-05-05 21:18:27 +00:00
Chris PeBenito
0fef98c405 add legacy read locale 2005-05-05 20:33:35 +00:00
Chris PeBenito
0634b6e77e fix per_userdomain_templates macro generation 2005-05-05 19:38:22 +00:00
Chris PeBenito
ebf7600f20 cleanup 2005-05-05 19:04:51 +00:00
Chris PeBenito
bbd6a62111 convert over to system_domain, plus a couple init cleanups 2005-05-05 18:30:00 +00:00
Chris PeBenito
4fc91539f6 initial commit 2005-05-05 17:44:36 +00:00
Chris PeBenito
d0eddb6b0d add in system_domain 2005-05-05 17:44:11 +00:00
Chris PeBenito
f66a1af94b move type delcarations after attribute delcarations to fix a typeattribute
ordering issue. comment out the TODO types with a # so they don't get moved
2005-05-05 14:08:26 +00:00
Chris PeBenito
23af43bfef fix depends 2005-05-05 14:02:32 +00:00
Chris PeBenito
df431c87fb add missing copyright and policy_module lines 2005-05-05 14:01:59 +00:00
Chris PeBenito
f1470e5ede rules picked up from sediff 2005-05-04 21:44:51 +00:00
Chris PeBenito
849380bd9a add usermanage 2005-05-04 19:15:13 +00:00
Chris PeBenito
1e5c2a416a more conversion 2005-05-04 17:01:46 +00:00
Chris PeBenito
bd202fe157 clean up interfaces for new binary module optional structure 2005-05-04 13:19:47 +00:00
Chris PeBenito
f1578d05a9 stuff from sysnetwork 2005-05-04 13:16:34 +00:00
Chris PeBenito
0bc32e04de a few more copied over 2005-05-04 13:16:09 +00:00
Chris PeBenito
0d7ad32935 start moving in dhcpc and ifconfig 2005-05-04 13:14:48 +00:00
Chris PeBenito
75a10baf44 add in pam console 2005-05-03 21:04:20 +00:00
Chris PeBenito
b2e0625ca1 more conversion due to new interfaces 2005-05-03 20:44:35 +00:00
Chris PeBenito
3ce6cb4a45 fill pam and utempter authlogin policy and fix up interfaces 2005-05-03 20:23:33 +00:00
Chris PeBenito
07d6e32f44 reorg run_init a little, and add a convert to a few new interfaces 2005-05-02 21:02:14 +00:00
Chris PeBenito
ab64c30fc3 add newrole:fd use 2005-05-02 21:01:31 +00:00
Chris PeBenito
3a9aef9246 updates 2005-05-02 21:01:08 +00:00
Chris PeBenito
6b93833ba0 initial commit 2005-05-02 19:24:29 +00:00
Chris PeBenito
25baab18d1 switch over to tunable_policy and optional_policy 2005-05-02 19:22:58 +00:00
Chris PeBenito
f360f82f54 fix stupid _depend define errors (s/ifdef/define/g) 2005-05-02 19:19:06 +00:00
Chris PeBenito
67484fced4 add ignore read system state 2005-05-02 18:42:33 +00:00
Chris PeBenito
de2cee6817 add tty_device_t and devpts_t chr_file interfaces 2005-05-02 18:42:10 +00:00
Chris PeBenito
dfaf6c2ad8 add authlogin_read_pam_runtime_data and cleanup interfaces 2005-05-02 18:41:20 +00:00
Chris PeBenito
9f2f9e6dfe add ignore read rootfs file 2005-05-02 18:40:42 +00:00
Chris PeBenito
d0b6abebb9 add in use and ignore use init control channel interfaces 2005-05-02 18:40:05 +00:00
Chris PeBenito
ba7740d145 handful of changes 2005-05-02 18:38:02 +00:00
Chris PeBenito
c3c58c5d8e move in rule from hotplug 2005-05-02 18:37:24 +00:00
Chris PeBenito
1b909968df add in missing policy_module line 2005-05-02 18:36:51 +00:00
Chris PeBenito
fc83dba9a0 domains not needed for execute interface 2005-05-02 18:36:11 +00:00
Chris PeBenito
85bd7f1ffa add in transition and execute interfaces, and newrole sigchld interface 2005-05-02 18:18:45 +00:00
Chris PeBenito
5eafc37492 add append to /dev/null write 2005-05-02 15:42:20 +00:00
Chris PeBenito
e9a6fcb8f1 fix privfd 2005-04-29 21:00:40 +00:00