Commit Graph

463 Commits

Author SHA1 Message Date
Daniel J Walsh
741e816e8e - Fixes for samba_var_t 2007-03-19 19:33:06 +00:00
Daniel J Walsh
db4f0ec7b9 - Remove disable_trans booleans
- hald_acl_t needs to talk to nscd
2007-03-19 14:51:28 +00:00
Daniel J Walsh
2823e28d58 - Remove enable_audit booleans
- hald_acl_t needs to talk to nscd
2007-03-19 14:42:08 +00:00
Daniel J Walsh
2f82eed685 - Fix prelink to be able to manage usr dirs. 2007-03-16 03:14:13 +00:00
Daniel J Walsh
9468a641a6 - Allow insmod to launch init scripts 2007-03-14 12:48:09 +00:00
Daniel J Walsh
271752a5ca - Remove setsebool policy 2007-03-13 17:46:34 +00:00
Daniel J Walsh
bdb7f99f00 - Fix handling of unlabled_t packets 2007-03-12 14:51:29 +00:00
Daniel J Walsh
2a9b648b37 - More of my patches from upstream 2007-03-11 05:19:36 +00:00
Daniel J Walsh
1fed4c745c - Update to latest from upstream
- Add fail2ban policy
2007-03-01 21:57:47 +00:00
Daniel J Walsh
9a8202d585 - Update to latest from upstream
- Add fail2ban policy
2007-03-01 16:30:20 +00:00
Daniel J Walsh
5ad70cf38c - Update to remove security_t:filesystem getattr problems 2007-02-28 21:23:19 +00:00
Daniel J Walsh
13893ed688 - Policy for consolekit 2007-02-27 18:34:08 +00:00
Daniel J Walsh
af8af9caee 2007-02-26 15:06:22 +00:00
Daniel J Walsh
cc1be2260f - Revert Nemiver change
- Set sudo as a corecmd so prelink will work, remove sudoedit mapping,
    since this will not work, it does not transition.
- Allow samba to execute useradd
2007-02-23 15:35:01 +00:00
Daniel J Walsh
b0861172ab - Add sepolgen support
- Add bugzilla policy
2007-02-20 21:37:52 +00:00
Daniel J Walsh
b7da3b9e3e - Add sepolgen support
- Add bugzilla policy
2007-02-20 17:35:59 +00:00
Daniel J Walsh
2fa5bb00e9 - Add sepolgen support
- Add bugzilla policy
2007-02-16 19:55:48 +00:00
Daniel J Walsh
e10e57a4a6 THu Feb 15 2007 Dan Walsh <dwalsh@redhat.com> 2.5.3-3
- Add sepolgen support
- Add bugzilla policy
2007-02-15 20:46:02 +00:00
Daniel J Walsh
07dcdf7654 - Fix file context for nemiver 2007-02-15 20:29:48 +00:00
Daniel J Walsh
1a24735d8f - Fix file context for nemiver 2007-02-15 00:19:30 +00:00
Daniel J Walsh
df0bef9ac0 - 2007-02-12 16:27:42 +00:00
Daniel J Walsh
9aff35b779 - 2007-02-12 16:18:31 +00:00
Daniel J Walsh
39b6cecaf2 - Allow mozilla, evolution and thunderbird to read dev_random. Resolves:
#227002
- Allow spamd to connect to smtp port Resolves: #227184
- Fixes to make ypxfr work Resolves: #227237
2007-02-06 16:54:13 +00:00
Daniel J Walsh
33501ce93f - Fix ssh_agent to be marked as an executable
- Allow Hal to rw sound device
2007-02-04 12:42:16 +00:00
Daniel J Walsh
de0b364127 - Fix spamassisin so crond can update spam files
- Fixes to allow kpasswd to work
- Fixes for bluetooth
2007-02-01 21:40:50 +00:00
Daniel J Walsh
3902fd87fd - Remove some targeted diffs in file context file 2007-01-31 22:18:10 +00:00
Daniel J Walsh
edd045d7c0 - Fix squid cachemgr labeling 2007-01-26 16:12:32 +00:00
Daniel J Walsh
e45f5d36d0 - Add ability to generate webadm_t policy
- Lots of new interfaces for httpd
- Allow sshd to login as unconfined_t
2007-01-25 19:07:00 +00:00
Daniel J Walsh
cc7c06a0d1 - Continue fixing, additional user domains 2007-01-23 01:08:45 +00:00
Daniel J Walsh
f86e42306e - Begin adding user confinement to targeted policy 2007-01-22 16:52:18 +00:00
Daniel J Walsh
45478192f4 - Fixes for prelink, ktalkd, netlabel 2007-01-17 19:58:32 +00:00
Daniel J Walsh
ee095f5817 - Fixes for prelink, ktalkd, netlabel 2007-01-11 22:43:22 +00:00
Daniel J Walsh
b6ed674a00 - Fixes for prelink, ktalkd, netlabel 2007-01-10 22:05:57 +00:00
Daniel J Walsh
ae5ace1a7e - Fixes for prelink, ktalkd, netlabel 2007-01-10 22:01:29 +00:00
Daniel J Walsh
9e0fa4fef3 - Allow prelink when run from rpm to create tmp files Resolves: #221865
- Remove file_context for exportfs Resolves: #221181
- Allow spamassassin to create ~/.spamassissin Resolves: #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves: #200110
- Fixes to run prelink in MLS machine Resolves: #221233
- Allow spamassassin to read var_lib_t dir Resolves: #219234
2007-01-09 15:26:56 +00:00
Daniel J Walsh
a384d73899 - Allow prelink when run from rpm to create tmp files Resolves: #221865
- Remove file_context for exportfs Resolves: #221181
- Allow spamassassin to create ~/.spamassissin Resolves: #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves: #200110
2007-01-09 15:24:41 +00:00
Daniel J Walsh
8a03d5e828 - Allow spamassassin to read var_lib_t dir Resolves: #219234 2007-01-02 16:40:08 +00:00
Daniel J Walsh
9bcfd16a2d - fix mplayer to work under strict policy
- Allow iptables to use nscd Resolves: #220794
2006-12-29 20:01:11 +00:00
Daniel J Walsh
8bacd8ed15 - Add gconf policy and make it work with strict 2006-12-28 17:39:12 +00:00
Daniel J Walsh
5db544f392 - Many fixes for strict policy and by extension mls. 2006-12-24 15:26:26 +00:00
Daniel J Walsh
135ea97ff1 - Many fixes for strict policy and by extension mls. 2006-12-24 07:31:09 +00:00
Daniel J Walsh
9051d60c06 - Fix to allow ftp to bind to ports > 1024 Resolves: #219349 2006-12-22 17:39:01 +00:00
Daniel J Walsh
5ded3c385e 2006-12-22 16:58:33 +00:00
Daniel J Walsh
4fd323b783 2006-12-22 16:56:53 +00:00
Daniel J Walsh
f9e32a004d - Allow semanage to exec it self. Label genhomedircon as semanage_exec_t
Resolves: #219421
- Allow sysadm_lpr_t to manage other print spool jobs Resolves: #220080
2006-12-20 20:40:30 +00:00
Daniel J Walsh
be9aefca3d - allow automount to setgid Resolves: #219999 2006-12-18 21:50:13 +00:00
Daniel J Walsh
5e01b4610b - Allow cron to polyinstatiate
- Fix creation of boot flags Resolves: #207433
2006-12-15 21:42:14 +00:00
Daniel J Walsh
272aa0b2e8 2006-12-14 20:06:00 +00:00
Daniel J Walsh
3a51847bd9 Resolves: #218978 2006-12-13 17:06:33 +00:00
Daniel J Walsh
422dcf1da8 Resolves: #218978 2006-12-13 17:03:55 +00:00
Daniel J Walsh
e3b143b243 - Allow initrc to create files in /var directories Resolves: #219227 2006-12-12 21:46:24 +00:00
Daniel J Walsh
6157a7e6e4 - More fixes for MLS 2006-12-11 12:35:45 +00:00
Daniel J Walsh
dd5d7e7583 - More Fixes polyinstatiation Resolves: #216184 2006-12-06 23:27:45 +00:00
Daniel J Walsh
a169fb7433 - Fix handling of keyrings 2006-12-06 19:38:32 +00:00
Daniel J Walsh
852ba6bb2f - Fix polyinstatiation
- Fix pcscd handling of terminal Resolves: #218149 Resolves: #218350
2006-12-05 23:05:39 +00:00
Daniel J Walsh
414ddd0de3 - More fixes for quota Resolves: #212957 2006-12-01 21:52:08 +00:00
Daniel J Walsh
9f388c1a78 - ncsd needs to use avahi sockets Resolves: #217640 Resolves: #218014 2006-12-01 17:58:00 +00:00
Daniel J Walsh
b6ffd7c2ae - Allow login programs to polyinstatiate homedirs Resolves: #216184
- Allow quotacheck to create database files Resolves: #212957
2006-11-30 22:06:22 +00:00
Daniel J Walsh
aba668f5f8 - Allow login programs to polyinstatiate homedirs Resolves: #216184 2006-11-30 20:55:33 +00:00
Daniel J Walsh
036c1c2fb6 - Dontaudit appending hal_var_lib files Resolves: #217452 Resolves: #217571
Resolves: #217611 Resolves: #217640 Resolves: #217725
2006-11-30 20:23:49 +00:00
Daniel J Walsh
cc1462b7d0 - Dontaudit appending hal_var_lib files Resolves: #217452 Resolves: #217571
Resolves: #217611 Resolves: #217640 Resolves: #217725
2006-11-29 20:11:02 +00:00
Daniel J Walsh
e4d46c95f3 - Fix context for helix players file_context #216942 2006-11-27 22:17:34 +00:00
Daniel J Walsh
02560dace3 - Fix load_policy to be able to mls_write_down so it can talk to the
terminal
2006-11-20 23:24:21 +00:00
Daniel J Walsh
4218645103 - Fixes for hwclock, clamav, ftp 2006-11-20 23:01:06 +00:00
Daniel J Walsh
9e4aeac9dd - Move to upstream version which accepted my patches 2006-11-17 19:21:40 +00:00
Daniel J Walsh
b28d0a788f - Fixes for nvidia driver 2006-11-16 19:25:03 +00:00
Daniel J Walsh
a3f2f571c0 - Fixes for nvidia driver 2006-11-15 22:34:04 +00:00
Daniel J Walsh
150bdfbc67 - Fixes for nvidia driver 2006-11-15 22:28:06 +00:00
Daniel J Walsh
b0ecaa962d - Allow semanage to signal mcstrans 2006-11-15 21:43:36 +00:00
Daniel J Walsh
73ea8c2e4d - Update to upstream 2006-11-15 15:22:30 +00:00
Daniel J Walsh
d925bd337d - Allow modstorage to edit /etc/fstab file 2006-11-14 18:33:09 +00:00
Daniel J Walsh
ec17438ae0 - Fix for qemu, /dev/
Mon Nov 13 2006 Dan Walsh <dwalsh@redhat.com> 2.4.3-11
- Fix path to realplayer.bin
2006-11-14 04:57:37 +00:00
Daniel J Walsh
32b91c9d1f - Fix path to realplayer.bin 2006-11-13 20:48:57 +00:00
Daniel J Walsh
06b64f8c21 - Allow xen to connect to xen port 2006-11-10 20:37:08 +00:00
Daniel J Walsh
1a986f04dc - Allow cups to search samba_etc_t directory
- Allow xend_t to list auto_mountpoints
2006-11-10 13:31:34 +00:00
Daniel J Walsh
2098c9bff2 - Allow xen to search automount 2006-11-09 20:12:53 +00:00
Daniel J Walsh
6ba4868651 - Fix spec of jre files 2006-11-09 18:57:53 +00:00
Daniel J Walsh
0806593363 - Fix unconfined access to shadow file 2006-11-08 20:21:53 +00:00
Daniel J Walsh
4d11495dab - Allow xend to create files in xen_image_t directories 2006-11-08 20:10:30 +00:00
Daniel J Walsh
0fcc493f96 - Fixes for /var/lib/hal 2006-11-08 13:28:28 +00:00
Daniel J Walsh
f08bf9299c - Remove ability for sysadm_t to look at audit.log 2006-11-07 21:16:47 +00:00
Daniel J Walsh
f3ecbbfcb9 - Fix rpc_port_types
- Add aide policy for mls
2006-11-07 20:38:46 +00:00
Daniel J Walsh
d7e0f9fa0d - Merge with upstream 2006-11-06 21:15:57 +00:00
Daniel J Walsh
0dae3b6d89 - Lots of fixes for ricci 2006-11-03 21:27:47 +00:00
Daniel J Walsh
d095a0e65b - Add perms for swat 2006-11-01 00:09:08 +00:00
Daniel J Walsh
6b97615edf - Allow daemons to dump core files to / 2006-10-30 21:18:40 +00:00
Daniel J Walsh
8fb79d40f4 - Fixes for ricci 2006-10-30 16:45:09 +00:00
Daniel J Walsh
6672fcfbdd - Allow mount.nfs to work 2006-10-27 19:16:43 +00:00
Daniel J Walsh
85659e704f - Allow ricci-modstorage to look at lvm_etc_t 2006-10-27 14:42:56 +00:00
Daniel J Walsh
08efeffbe5 - Fixes for ricci using saslauthd 2006-10-25 15:31:39 +00:00
Daniel J Walsh
dc804f3593 - Allow mountpoint on home_dir_t and home_t 2006-10-24 19:55:28 +00:00
Daniel J Walsh
8ff9d6e5a3 - Update xen to read nfs files 2006-10-24 16:12:29 +00:00
Daniel J Walsh
3d011ff2e8 Mon Oct 23 2006 Dan Walsh <dwalsh@redhat.com> 2.4-4
- Allow noxattrfs to associate with other noxattrfs
2006-10-23 20:54:50 +00:00
Daniel J Walsh
11d7ea1908 - Allow hal to use power_device_t 2006-10-23 17:26:25 +00:00
Daniel J Walsh
d6926f7f13 - Allow procemail to look at autofs_t
- Allow xen_image_t to work as a fixed device
2006-10-20 21:08:15 +00:00
Daniel J Walsh
e2eecb7a01 - Refupdate from upstream 2006-10-19 15:52:02 +00:00
Daniel J Walsh
302afb6db1 - Add lots of fixes for mls cups 2006-10-19 14:32:27 +00:00
Daniel J Walsh
6fa5ecef5d - Lots of fixes for ricci 2006-10-18 20:58:51 +00:00
Daniel J Walsh
2d1b4a450f - Fix number of cats 2006-10-17 19:59:07 +00:00
Daniel J Walsh
da08298372 - Update to upstream 2006-10-17 18:43:08 +00:00