Chris PeBenito
|
8967bf8b89
|
merge in some of dan's old policy changes
|
2005-11-07 20:09:28 +00:00 |
|
Don Miner
|
bc6dfa6778
|
Changed a { create rw_dir_perms } to a create_dir_perms since starting radius was getting a setattr denial and setattr was shown to be missing in sediff
|
2005-11-04 16:43:05 +00:00 |
|
Don Miner
|
45aa10abd7
|
Added signal_perms to nscd_t.
|
2005-11-04 14:13:24 +00:00 |
|
Chris PeBenito
|
307e11419a
|
missing dir
|
2005-11-03 21:07:29 +00:00 |
|
Chris PeBenito
|
7afca0b4c1
|
user tty fixes
|
2005-11-03 19:33:53 +00:00 |
|
Chris PeBenito
|
9c6feb63de
|
add stuff from distros.fc
|
2005-11-03 18:08:36 +00:00 |
|
Don Miner
|
8f882ffcd9
|
Added rules so that tracepath, traceroute and ping work.
|
2005-11-02 20:44:17 +00:00 |
|
Chris PeBenito
|
73ef293bc5
|
fixes just so sediff is easier to handle
|
2005-11-01 21:15:11 +00:00 |
|
Chris PeBenito
|
b488014fd7
|
hack
|
2005-11-01 20:52:48 +00:00 |
|
Chris PeBenito
|
b9ea0fed0f
|
clean up last var_run_domain expansion errors
|
2005-11-01 19:52:37 +00:00 |
|
Chris PeBenito
|
ee08bc4c75
|
read certs
|
2005-11-01 16:11:32 +00:00 |
|
Chris PeBenito
|
35adb6f8d7
|
clean up socket
|
2005-11-01 15:57:15 +00:00 |
|
Chris PeBenito
|
31a1c2df88
|
fix filesystem associations
|
2005-11-01 15:45:00 +00:00 |
|
Chris PeBenito
|
7ac22585e3
|
tty and caps fixes
|
2005-11-01 15:34:00 +00:00 |
|
Chris PeBenito
|
0b12fa4bd0
|
more dbus cleanup
|
2005-11-01 15:19:48 +00:00 |
|
Chris PeBenito
|
dab808bde7
|
dbus obj class cleanup
|
2005-11-01 15:11:05 +00:00 |
|
Chris PeBenito
|
ce0ff19691
|
more of the same
|
2005-10-31 22:44:03 +00:00 |
|
Chris PeBenito
|
b422aa9b1e
|
initrc couldn't create/use its own pty!
|
2005-10-31 22:27:45 +00:00 |
|
Chris PeBenito
|
30910b37c6
|
more fixes
|
2005-10-31 22:19:16 +00:00 |
|
Don Miner
|
305106ebb9
|
Added a rule to allow dmidecode to use locallogin_t fd to make it so it works.
|
2005-10-31 21:45:42 +00:00 |
|
Chris PeBenito
|
aba9c7a3cf
|
add missing httpd_helper_t tty part
|
2005-10-31 20:58:44 +00:00 |
|
Chris PeBenito
|
9ca7e78a35
|
misc sediff fixes
|
2005-10-31 20:54:33 +00:00 |
|
Chris PeBenito
|
0500e01f2d
|
* fixes uncovered by sediff
* fix disable_trans support so the daemon can be both
init and inet services, and not get dup bool decl
|
2005-10-31 20:32:53 +00:00 |
|
Chris PeBenito
|
bea7b4548e
|
add missing tunable
|
2005-10-31 19:58:51 +00:00 |
|
Chris PeBenito
|
6ff85b5c84
|
fix perm set
|
2005-10-31 19:31:22 +00:00 |
|
Chris PeBenito
|
62841791a5
|
fixes uncovered by sediff
|
2005-10-31 14:55:34 +00:00 |
|
Chris PeBenito
|
f3936d3876
|
nicer te_trans conflict fix
|
2005-10-28 19:18:50 +00:00 |
|
Chris PeBenito
|
cac3eca0be
|
fix te_trans conflict
|
2005-10-28 19:13:54 +00:00 |
|
Chris PeBenito
|
dc8f17037b
|
fix up sendmail for targeted
|
2005-10-28 18:57:23 +00:00 |
|
Chris PeBenito
|
f1b0a8c55b
|
fix
|
2005-10-28 18:46:46 +00:00 |
|
Chris PeBenito
|
2d13f72977
|
take care of missing types
|
2005-10-28 18:38:04 +00:00 |
|
Chris PeBenito
|
375c241556
|
ssh updates for targeted
|
2005-10-28 18:13:44 +00:00 |
|
Chris PeBenito
|
f0f18e0734
|
typo
|
2005-10-28 15:12:23 +00:00 |
|
Chris PeBenito
|
495a7026d9
|
add missing range transition
|
2005-10-28 15:09:03 +00:00 |
|
Chris PeBenito
|
005a9aa6e2
|
initrc fixes
|
2005-10-28 14:34:26 +00:00 |
|
Chris PeBenito
|
7e1c14d1f6
|
fix quoting
|
2005-10-28 13:53:18 +00:00 |
|
Chris PeBenito
|
dd3544d1a5
|
fixes from testing
|
2005-10-28 13:33:25 +00:00 |
|
Chris PeBenito
|
f1baed733f
|
fix some /opt regexes
|
2005-10-27 18:32:16 +00:00 |
|
Chris PeBenito
|
08c22f4d17
|
more transition work
|
2005-10-27 15:16:42 +00:00 |
|
Chris PeBenito
|
b281bf6ed9
|
add some missing transitions from unconfined
|
2005-10-27 15:06:15 +00:00 |
|
Chris PeBenito
|
a525f293c3
|
sediff fixes
|
2005-10-27 14:52:37 +00:00 |
|
Chris PeBenito
|
fc6198ced0
|
fixes from sediff
|
2005-10-27 14:08:53 +00:00 |
|
Chris PeBenito
|
ce03837abe
|
rpc fixes from testing
|
2005-10-27 14:08:47 +00:00 |
|
Chris PeBenito
|
5abea9818a
|
fixes from testing
|
2005-10-27 13:37:36 +00:00 |
|
Chris PeBenito
|
4614e83fbb
|
more fixing
|
2005-10-26 21:03:19 +00:00 |
|
Don Miner
|
f13da83f99
|
Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail process would be able to start through init
|
2005-10-26 18:31:09 +00:00 |
|
Chris PeBenito
|
d1b9d9228b
|
another pile o fixes
|
2005-10-26 18:07:20 +00:00 |
|
Chris PeBenito
|
33acca55ce
|
pile o fixes
|
2005-10-26 16:00:13 +00:00 |
|
Chris PeBenito
|
f5e4f795b6
|
fix rpm transition
|
2005-10-26 13:51:33 +00:00 |
|
Chris PeBenito
|
e8d0a659c3
|
fixes from arpwatch testing
|
2005-10-25 20:27:08 +00:00 |
|
Chris PeBenito
|
7a6d427eae
|
a few more strays
|
2005-10-25 20:22:25 +00:00 |
|
Chris PeBenito
|
c3cf6693c7
|
try to fix associations
|
2005-10-25 20:06:27 +00:00 |
|
Chris PeBenito
|
b7e1825b68
|
privfd
|
2005-10-25 19:20:56 +00:00 |
|
Chris PeBenito
|
ccfd7b19cf
|
easy fixes
|
2005-10-25 19:03:15 +00:00 |
|
Chris PeBenito
|
2526a44dea
|
missing privloggers
|
2005-10-25 18:42:08 +00:00 |
|
Chris PeBenito
|
ee64ef496f
|
typo
|
2005-10-25 18:34:46 +00:00 |
|
Chris PeBenito
|
d49d524d53
|
initrc also uses nscd
|
2005-10-25 18:33:13 +00:00 |
|
Chris PeBenito
|
e11d2e3bfd
|
add missing nscd clients
|
2005-10-25 18:28:41 +00:00 |
|
Chris PeBenito
|
2aec1461b4
|
use our own interface to make maintenance easier
|
2005-10-25 18:13:47 +00:00 |
|
Chris PeBenito
|
7eec657c86
|
add default_t read back
|
2005-10-25 18:00:42 +00:00 |
|
Chris PeBenito
|
784a3bbcad
|
privhome implementation
|
2005-10-25 17:50:00 +00:00 |
|
Chris PeBenito
|
7b90f2db5a
|
testing fixes
|
2005-10-25 17:37:56 +00:00 |
|
Chris PeBenito
|
51f5c6a2ab
|
add dontaudit
|
2005-10-25 15:56:28 +00:00 |
|
Chris PeBenito
|
467602f5d5
|
system_chkpwd can winbind
|
2005-10-25 15:53:36 +00:00 |
|
Chris PeBenito
|
b0bdeb0392
|
syslog logs to itself?
|
2005-10-25 15:52:08 +00:00 |
|
Chris PeBenito
|
2c216c09a8
|
use the right interface
|
2005-10-25 15:41:38 +00:00 |
|
Chris PeBenito
|
9aca490302
|
some home dir fixes
|
2005-10-25 15:36:45 +00:00 |
|
Chris PeBenito
|
83e4512c33
|
fix up su
|
2005-10-25 14:31:53 +00:00 |
|
Chris PeBenito
|
60789e16d0
|
fixes
|
2005-10-25 02:51:07 +00:00 |
|
Chris PeBenito
|
28e730b8e2
|
module build fixes
|
2005-10-25 01:17:55 +00:00 |
|
Chris PeBenito
|
9dd50026a0
|
homedir fixes
|
2005-10-25 01:08:10 +00:00 |
|
Chris PeBenito
|
88dd389695
|
more postfix work
|
2005-10-25 00:00:50 +00:00 |
|
Don Miner
|
2192d4baa1
|
Moved the dbus stuff inbetween networkmanager and bind to the bind policy
|
2005-10-24 23:14:39 +00:00 |
|
Chris PeBenito
|
3df88de0ba
|
hide broken symptoms
|
2005-10-24 22:55:28 +00:00 |
|
Chris PeBenito
|
52e1edb35b
|
fix acct
|
2005-10-24 22:31:44 +00:00 |
|
Don Miner
|
d2c57395ab
|
Fixed an allow that should have been a dontaudit
|
2005-10-24 22:20:04 +00:00 |
|
Chris PeBenito
|
977b1d65f5
|
add nscd
|
2005-10-24 22:13:41 +00:00 |
|
Chris PeBenito
|
69dcd685ad
|
fix most disable_trans errors
|
2005-10-24 22:08:13 +00:00 |
|
Don Miner
|
f470a1e329
|
Added a rule to allow apache to read httpd_sys_content_t so that it can show html error messages
|
2005-10-24 22:01:08 +00:00 |
|
Don Miner
|
c11417c4df
|
Reduced the number of differences in amanda between the targeted and the refpolicy
|
2005-10-24 21:35:50 +00:00 |
|
Chris PeBenito
|
67167371a5
|
fix most of samba
|
2005-10-24 21:33:46 +00:00 |
|
Don Miner
|
bdfa8e72f0
|
Removed differences between refpolicy and targeted acct_t
|
2005-10-24 21:25:56 +00:00 |
|
Don Miner
|
9c4fcf666e
|
Removed differences between refpolicy and targeted NetworkManager_t
|
2005-10-24 21:25:02 +00:00 |
|
Chris PeBenito
|
7ebd6a9079
|
add proc_net lnk
|
2005-10-24 20:25:59 +00:00 |
|
Chris PeBenito
|
b4e1ebc1f0
|
hopefully fix su
|
2005-10-24 20:01:03 +00:00 |
|
Chris PeBenito
|
30705b6bc0
|
fixes
|
2005-10-24 19:50:21 +00:00 |
|
Chris PeBenito
|
9bbc757a76
|
more fix
|
2005-10-24 18:40:24 +00:00 |
|
Don Miner
|
0354e306b7
|
Fixed a problem which was allowing processes to become unconfined from initrc
|
2005-10-24 18:10:47 +00:00 |
|
Don Miner
|
dd57ca3454
|
Added rules to the bind policy for the named server so that it would start
|
2005-10-24 18:06:31 +00:00 |
|
Don Miner
|
57d8e6c7a3
|
Added signal permissions to postgres so it can start
|
2005-10-24 17:28:17 +00:00 |
|
Chris PeBenito
|
162dfc3395
|
corenet fixes
|
2005-10-24 17:06:34 +00:00 |
|
Chris PeBenito
|
e64b338b35
|
fix
|
2005-10-24 15:29:27 +00:00 |
|
Chris PeBenito
|
15fefa4958
|
remove bin policy and kern module assertions for now
|
2005-10-24 15:10:03 +00:00 |
|
Chris PeBenito
|
1480d3ad21
|
fix mls r_t
|
2005-10-24 14:22:13 +00:00 |
|
Chris PeBenito
|
34e722f3cd
|
more sediff
|
2005-10-24 14:15:29 +00:00 |
|
Don Miner
|
fa16f25281
|
Added rules to the smbd_t and the nmbd_t domains so that they would start properly
|
2005-10-24 12:45:16 +00:00 |
|
Chris PeBenito
|
1dd86c43cd
|
sediff fixes
|
2005-10-24 12:38:45 +00:00 |
|
Chris PeBenito
|
bb67633572
|
add initrc_su_t
|
2005-10-24 11:55:53 +00:00 |
|
Don Miner
|
3d37bca18f
|
Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start
|
2005-10-24 11:21:28 +00:00 |
|
Chris PeBenito
|
710791f1a4
|
more missing types
|
2005-10-24 03:52:35 +00:00 |
|
Chris PeBenito
|
19b5555f77
|
more fixes
|
2005-10-24 03:21:26 +00:00 |
|
Chris PeBenito
|
43989f82f8
|
add rpc
|
2005-10-24 01:53:13 +00:00 |
|
Chris PeBenito
|
2db2c7d099
|
fixes from sediff
|
2005-10-24 00:54:39 +00:00 |
|
Don Miner
|
f8964c04ba
|
Added a file context for httpd.pid so that it is correctly labeled
Added some rules to mysql to make it work
|
2005-10-24 00:23:12 +00:00 |
|
Chris PeBenito
|
f85544209a
|
nwmgr fixes
|
2005-10-23 22:46:06 +00:00 |
|
Chris PeBenito
|
ef5ca0fb79
|
add cups
|
2005-10-23 22:10:59 +00:00 |
|
Chris PeBenito
|
04926d07a8
|
add postfix
|
2005-10-23 20:18:36 +00:00 |
|
Chris PeBenito
|
f932d8e3cb
|
add spamassassin
|
2005-10-22 23:50:23 +00:00 |
|
Chris PeBenito
|
44fc06b0cb
|
add radius and amanda, which I forgot to ci
|
2005-10-22 22:51:01 +00:00 |
|
Chris PeBenito
|
230838e117
|
add pegasus
|
2005-10-22 21:55:39 +00:00 |
|
Chris PeBenito
|
a636210ef8
|
add dbskk
|
2005-10-22 21:18:03 +00:00 |
|
Chris PeBenito
|
ad3b9d76dc
|
add lpd
|
2005-10-22 21:09:03 +00:00 |
|
Chris PeBenito
|
ae1d9afb5b
|
simplify since alias take care of it
|
2005-10-22 20:06:51 +00:00 |
|
Chris PeBenito
|
10b1f324d5
|
add amanda
|
2005-10-22 19:58:58 +00:00 |
|
Chris PeBenito
|
239db5e20c
|
add networkmanager
|
2005-10-22 17:44:04 +00:00 |
|
Chris PeBenito
|
1f8a8bbbbd
|
more sediff fixes
|
2005-10-21 22:56:41 +00:00 |
|
Chris PeBenito
|
e6a2eaffdf
|
more fixes
|
2005-10-21 21:35:25 +00:00 |
|
Chris PeBenito
|
da4fc9ce2b
|
sediff fixes
|
2005-10-21 19:36:49 +00:00 |
|
Chris PeBenito
|
23a4442bf1
|
add xdm
|
2005-10-21 17:55:15 +00:00 |
|
Chris PeBenito
|
3509484c6f
|
add canna
|
2005-10-21 16:39:28 +00:00 |
|
Chris PeBenito
|
fe7b943240
|
fix
|
2005-10-21 16:19:26 +00:00 |
|
Chris PeBenito
|
ea557a85df
|
add cyrus
|
2005-10-21 16:18:11 +00:00 |
|
Chris PeBenito
|
29ce0009bc
|
add dovecot
|
2005-10-21 15:38:22 +00:00 |
|
Chris PeBenito
|
cf6141a72e
|
fix corenetwork generation and add distcc
|
2005-10-21 13:11:17 +00:00 |
|
Chris PeBenito
|
4e69c1c423
|
obj class typo for certs
|
2005-10-20 19:28:27 +00:00 |
|
Chris PeBenito
|
de764944d8
|
targeted policy fixes
|
2005-10-19 19:45:20 +00:00 |
|
Chris PeBenito
|
af4752bcb9
|
targeted and distro fixes for loadable modules
|
2005-10-19 16:44:24 +00:00 |
|
Chris PeBenito
|
0efe52ae99
|
fix last loadable module problems
|
2005-10-19 14:36:04 +00:00 |
|
Chris PeBenito
|
90c3ddefe3
|
fix requires
|
2005-10-19 13:11:49 +00:00 |
|
Chris PeBenito
|
12ae7557d3
|
piles of fixes for loadable modules
|
2005-10-18 18:25:33 +00:00 |
|
Chris PeBenito
|
c3812748c3
|
misc fixes
|
2005-10-18 15:07:11 +00:00 |
|
Chris PeBenito
|
c3a05c9f5a
|
fix error uncovered by sechecker
|
2005-10-17 20:00:20 +00:00 |
|
Chris PeBenito
|
e749cd12a6
|
wrap up almost all of apache
|
2005-10-17 17:55:38 +00:00 |
|
Chris PeBenito
|
e08118a52f
|
add ppp
|
2005-10-14 20:00:07 +00:00 |
|
Chris PeBenito
|
fe9d17fe14
|
more merging from 1.27.1-15
|
2005-10-14 18:42:42 +00:00 |
|
Chris PeBenito
|
d8636fc937
|
more merging from 1.27.1-15
|
2005-10-14 17:55:40 +00:00 |
|
Chris PeBenito
|
77f6e2cd27
|
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
|
2005-10-13 20:59:36 +00:00 |
|
Chris PeBenito
|
b1421d8712
|
add some docs, do some reordering
|
2005-10-12 21:25:16 +00:00 |
|
Chris PeBenito
|
4c71994852
|
add missing interface
|
2005-10-12 17:32:41 +00:00 |
|
Chris PeBenito
|
be4690a5ae
|
add in last bits of webalizer
|
2005-10-12 17:22:25 +00:00 |
|
Chris PeBenito
|
c2b18fa1f3
|
more apache work
|
2005-10-12 16:23:22 +00:00 |
|
Chris PeBenito
|
799a0b43cd
|
add mailman
|
2005-10-11 15:36:53 +00:00 |
|
Chris PeBenito
|
f33561f560
|
add webalizer and sasl
|
2005-10-10 18:50:08 +00:00 |
|
Chris PeBenito
|
4483ee849c
|
add apm and arpwatch. fix implementation error on fs_getattr_all_files,
splitting it up into correct interfaces.
|
2005-10-10 18:11:46 +00:00 |
|
Chris PeBenito
|
d4dca58511
|
add finger and bluetooth
|
2005-10-07 21:45:04 +00:00 |
|
Chris PeBenito
|
9d3e339e82
|
partial mailman merge
|
2005-10-07 19:35:36 +00:00 |
|
Chris PeBenito
|
99505c1c89
|
fix files_exec_usr_src_files
|
2005-10-07 18:48:43 +00:00 |
|
Chris PeBenito
|
e02c61cfa4
|
rename context_template() to gen_context()
|
2005-10-06 19:33:06 +00:00 |
|
Chris PeBenito
|
6e99a6cfd1
|
more apache work
|
2005-10-05 21:17:22 +00:00 |
|
Chris PeBenito
|
fc6524d746
|
add ftp
|
2005-10-05 19:52:53 +00:00 |
|