rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity
4,860 Commits 9 Branches 112 Tags 34 MiB
2a80c717ae
Commit Graph

4860 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris PeBenito
c141d835f1 add modemmanager from dan. 2009-09-14 09:48:13 -04:00
Chris PeBenito
e3a90e358a add abrt from dan. 2009-09-14 09:22:24 -04:00
Daniel J Walsh
e20e351e10 - Add wordpress/wp-content/uploads label 
- Fixes for sandbox when run from staff_t
 2009-09-11 21:15:35 +00:00
Daniel J Walsh
ddc8588081 - Update to upstream 
- Fixes for devicekit_disk
 2009-09-10 15:38:44 +00:00
Daniel J Walsh
1b1ad1395f - Update to upstream 
- Fixes for devicekit_disk
 2009-09-10 15:31:01 +00:00
Daniel J Walsh
ab8f807545 - More fixes 2009-09-09 21:08:02 +00:00
Chris PeBenito
6af53d08ed rearrange readahead rules. 2009-09-09 09:53:28 -04:00
Chris PeBenito
c1e5b195f7 readahead patch from dan. 2009-09-09 09:45:34 -04:00
Chris PeBenito
937b2c4d91 nscd patch from dan. 2009-09-09 09:35:37 -04:00
Chris PeBenito
c61b35048a cron patch from dan. 2009-09-09 09:28:04 -04:00
Chris PeBenito
163ddfaa80 prelink patch from dan. 2009-09-09 08:18:51 -04:00
Daniel J Walsh
b8498d1e5b - More fixes 2009-09-08 23:55:31 +00:00
Chris PeBenito
81bca10b28 nslcd policy from dan. 2009-09-08 10:31:19 -04:00
Daniel J Walsh
123ae9957d - Lots of fixes for initrc and other unconfined domains 2009-09-08 14:30:36 +00:00
Chris PeBenito
f67bc918d4 term_write_all_terms() patch from Stefan Schulze Frielinghaus 2009-09-08 10:06:38 -04:00
Daniel J Walsh
72bc25da0e - Allow xserver to use netlink_kobject_uevent_socket 2009-09-07 01:29:07 +00:00
Daniel J Walsh
35651d45d8 - Allow xserver to use netlink_kobject_uevent_socket 2009-09-07 01:18:05 +00:00
Chris PeBenito
dbed95369c add gitosis from miroslav grepl. 2009-09-03 09:52:08 -04:00
Chris PeBenito
634a13c21f cpufreqselector patch from dan. 2009-09-03 09:15:17 -04:00
Chris PeBenito
f6137171f3 add an additional vmware host program. 2009-09-03 08:56:58 -04:00
Chris PeBenito
6fdef06522 screen patch from dan. 2009-09-03 08:49:26 -04:00
Chris PeBenito
72b834ccb0 remove stale screen_dir_t references 
The screen_dir_t was made an alias of the screen_var_run_t type.
Remove the remaining references to this type.
 2009-09-03 08:39:42 -04:00
Chris PeBenito
ca7fa520e7 gpg patch from dan. 
gpg sends sigstop and signull

Reads usb devices

Can encrypts users content in /tmp and the homedir, as well as on NFS and cifs
 2009-09-03 08:23:18 -04:00
Daniel J Walsh
1a2981be4a - Dontaudit setroubleshootfix looking at /root directory 2009-09-02 13:33:15 +00:00
Chris PeBenito
f2f296ba60 openvpn patch from dan: Openvpn connects to cache ports and stores files in nfs and cifs directories. 2009-09-02 09:24:10 -04:00
Chris PeBenito
93be4ba581 Webalizer does not list inotify, this was caused by leaked file descriptors in either dbus or cron. Both of which have been cleaned up. 2009-09-02 09:10:30 -04:00
Chris PeBenito
625be1b4e6 add shorewall from dan. 2009-09-02 08:58:52 -04:00
Chris PeBenito
71965a1fc5 add kdump from dan. 2009-09-02 08:33:25 -04:00
Chris PeBenito
a4b6385b9d cdrecord patch from dan. 2009-09-01 09:22:40 -04:00
Chris PeBenito
1a79193449 awstats patch from dan. 2009-09-01 08:59:24 -04:00
Chris PeBenito
b2324fa76d certwatch patch from dan. 2009-09-01 08:50:39 -04:00
Chris PeBenito
b515ab0182 mrtg patch from dan. 2009-09-01 08:44:20 -04:00
Chris PeBenito
aa83007d5a add hddtemp from dan. 2009-09-01 08:34:04 -04:00
Daniel J Walsh
65c3f9a0a8 - Update to upsteam 2009-08-31 21:27:50 +00:00
Daniel J Walsh
d367ee8125 - Allow gssd to send signals to users 
- Fix duplicate label for apache content
 2009-08-31 17:06:58 +00:00
Daniel J Walsh
7d592be23e - Allow gssd to send signals to users 
- Fix duplicate label for apache content
 2009-08-31 16:05:43 +00:00
Chris PeBenito
aac56b12b7 add ptchown policy from dan. 2009-08-31 10:21:01 -04:00
Chris PeBenito
a3dd1499ef pulseaudio patch from dan. 2009-08-31 10:07:57 -04:00
Chris PeBenito
da4332a3c5 man page update from dan. 2009-08-31 09:57:55 -04:00
Chris PeBenito
6774578327 module version number bump for nscd patch. 2009-08-31 09:44:38 -04:00
Manoj Srivastava
2a79debe9b nscd cache location changed from /var/db/nscd to /var/cache/nscd 
The nscd policy module uses the old nscd cache location. The cache location
changed with glibc 2.7-1, and the current nscd does place the files in
/var/cache/nscd/.

Signed-off-by: Manoj Srivastava <srivasta@debian.org>
 2009-08-31 09:43:52 -04:00
Daniel J Walsh
cb5670ca1b - Allow gssd to send signals to users 
- Fix duplicate label for apache content
 2009-08-31 13:39:37 +00:00
Chris PeBenito
a9e9678fc7 kismet patch from dan. 2009-08-31 09:38:47 -04:00
Chris PeBenito
aaff2fcfcd module version number bump for tun patches 2009-08-31 09:17:31 -04:00
Chris PeBenito
0be901ba40 rename admin_tun_type to admindomain. 2009-08-31 09:03:51 -04:00
Chris PeBenito
bd75703c7d reorganize tun patch changes. 2009-08-31 08:49:57 -04:00
Paul Moore
9dc3cd1635 refpol: Policy for the new TUN driver access controls 
Add policy for the new TUN driver access controls which allow policy to
control which domains have the ability to create and attach to TUN/TAP
devices.  The policy rules for creating and attaching to a device are as
shown below:

  # create a new device
  allow domain_t self:tun_socket { create };

  # attach to a persistent device (created by tunlbl_t)
  allow domain_t tunlbl_t:tun_socket { relabelfrom };
  allow domain_t self:tun_socket { relabelto };

Further discussion can be found on this thread:

 * http://marc.info/?t=125080850900002&r=1&w=2

Signed-off-by: Paul Moore <paul.moore@hp.com>
 2009-08-31 08:36:06 -04:00
Paul Moore
333494fd59 refpol: Add the "tun_socket" object class flask definitions 
Add the new "tun_socket" class to the flask definitions.  The "tun_socket"
object class is used by the new TUN driver hooks which allow policy to control
access to TUN/TAP devices.

Signed-off-by: Paul Moore <paul.moore@hp.com>
 2009-08-31 08:36:00 -04:00
Daniel J Walsh
faf9cbbc4b - Update to upstream 2009-08-28 20:55:16 +00:00
Daniel J Walsh
38d427a08f - Remove polkit_auth on upgrades 2009-08-28 18:56:15 +00:00