Chris PeBenito
4e69c1c423
obj class typo for certs
2005-10-20 19:28:27 +00:00
Chris PeBenito
de764944d8
targeted policy fixes
2005-10-19 19:45:20 +00:00
Chris PeBenito
af4752bcb9
targeted and distro fixes for loadable modules
2005-10-19 16:44:24 +00:00
Chris PeBenito
0efe52ae99
fix last loadable module problems
2005-10-19 14:36:04 +00:00
Chris PeBenito
90c3ddefe3
fix requires
2005-10-19 13:11:49 +00:00
Chris PeBenito
12ae7557d3
piles of fixes for loadable modules
2005-10-18 18:25:33 +00:00
Chris PeBenito
c3812748c3
misc fixes
2005-10-18 15:07:11 +00:00
Chris PeBenito
c3a05c9f5a
fix error uncovered by sechecker
2005-10-17 20:00:20 +00:00
Chris PeBenito
e749cd12a6
wrap up almost all of apache
2005-10-17 17:55:38 +00:00
Chris PeBenito
e08118a52f
add ppp
2005-10-14 20:00:07 +00:00
Chris PeBenito
fe9d17fe14
more merging from 1.27.1-15
2005-10-14 18:42:42 +00:00
Chris PeBenito
d8636fc937
more merging from 1.27.1-15
2005-10-14 17:55:40 +00:00
Chris PeBenito
77f6e2cd27
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
Chris PeBenito
b1421d8712
add some docs, do some reordering
2005-10-12 21:25:16 +00:00
Chris PeBenito
c4bf979302
start adding perm sets with refpol names
2005-10-12 18:17:10 +00:00
Chris PeBenito
4c71994852
add missing interface
2005-10-12 17:32:41 +00:00
Chris PeBenito
be4690a5ae
add in last bits of webalizer
2005-10-12 17:22:25 +00:00
Chris PeBenito
c2b18fa1f3
more apache work
2005-10-12 16:23:22 +00:00
Chris PeBenito
799a0b43cd
add mailman
2005-10-11 15:36:53 +00:00
Chris PeBenito
f33561f560
add webalizer and sasl
2005-10-10 18:50:08 +00:00
Chris PeBenito
4483ee849c
add apm and arpwatch. fix implementation error on fs_getattr_all_files,
...
splitting it up into correct interfaces.
2005-10-10 18:11:46 +00:00
Chris PeBenito
d4dca58511
add finger and bluetooth
2005-10-07 21:45:04 +00:00
Chris PeBenito
9d3e339e82
partial mailman merge
2005-10-07 19:35:36 +00:00
Chris PeBenito
99505c1c89
fix files_exec_usr_src_files
2005-10-07 18:48:43 +00:00
Chris PeBenito
4f9f30c8df
* Updated to sedoctool to read bool files and tunable
...
files separately.
* Changed the xml tag of <boolean> to <bool> to be consistent
with gen_bool().
* Modified the implementation of segenxml to use regular
expressions.
2005-10-07 18:08:50 +00:00
Chris PeBenito
e02c61cfa4
rename context_template() to gen_context()
2005-10-06 19:33:06 +00:00
Chris PeBenito
6e99a6cfd1
more apache work
2005-10-05 21:17:22 +00:00
Chris PeBenito
fc6524d746
add ftp
2005-10-05 19:52:53 +00:00
Chris PeBenito
5bc9f3061b
fix comment
2005-10-05 19:10:31 +00:00
Chris PeBenito
f4d7fdcfaf
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
Chris PeBenito
a996bdf4ad
add most of apache
2005-09-29 20:59:00 +00:00
Chris PeBenito
a5ec7cb6c4
more pieces of ftp
2005-09-29 13:32:28 +00:00
Chris PeBenito
a2868f6eae
start adding secure_file_type implementation
2005-09-28 19:07:22 +00:00
Chris PeBenito
79cde317df
add winbind
2005-09-28 18:22:58 +00:00
Chris PeBenito
6942484b6f
add in a couple missing rules
2005-09-28 18:10:48 +00:00
Chris PeBenito
246a604273
add in a few parts of ftp
2005-09-27 22:29:45 +00:00
Chris PeBenito
20e306e2de
add dmidecode
2005-09-27 21:24:01 +00:00
Chris PeBenito
b03f960ece
add disable_trans support
2005-09-27 20:17:50 +00:00
Chris PeBenito
1f91e1bfe5
a few conditional cleanups
2005-09-27 19:40:44 +00:00
Chris PeBenito
f0574fa9aa
add mls privileges
2005-09-26 20:26:32 +00:00
Chris PeBenito
6d788d87d1
comment fix
2005-09-26 20:24:44 +00:00
Chris PeBenito
9edc289521
add anaconda
2005-09-23 22:15:04 +00:00
Chris PeBenito
b9ae3aab39
rework nis_use_ypbind since optionals dont work in conditionals
2005-09-23 22:14:54 +00:00
Chris PeBenito
fa67570d9a
add radvd, plus a few cleanups from sediff
2005-09-23 21:20:03 +00:00
Chris PeBenito
842859260c
add kudzu
2005-09-23 19:38:34 +00:00
Chris PeBenito
0058418017
remove classes from gen_requires, and disable net_raw for now
2005-09-23 15:37:41 +00:00
Chris PeBenito
681c9a02e7
fixes from sediff
2005-09-22 21:59:50 +00:00
Chris PeBenito
f7ba4a8963
add uucp
2005-09-22 16:27:52 +00:00
Chris PeBenito
b53f93a41f
testing fixes
2005-09-22 15:32:53 +00:00
Chris PeBenito
08c5c972cf
fix for targeted
2005-09-22 14:14:25 +00:00
Chris PeBenito
25c6746156
loadable module compile fixes
2005-09-21 20:01:40 +00:00
Chris PeBenito
142e9f40ea
targeted and redhat cleanups
2005-09-21 14:49:41 +00:00
Chris PeBenito
0e15cdfb50
change monolithic_policy to self_contained_policy for clarity
2005-09-21 13:26:30 +00:00
Chris PeBenito
3774e4eb28
todo cleanup
2005-09-20 20:48:17 +00:00
Chris PeBenito
93070cbaed
add cvs
2005-09-20 18:49:13 +00:00
Chris PeBenito
9210553ecb
add cpucontrol
2005-09-20 18:15:35 +00:00
Chris PeBenito
4fd5201a59
add rlogin and telnet
2005-09-20 17:11:53 +00:00
Chris PeBenito
200f453ff5
add stunnel
2005-09-20 13:47:36 +00:00
Chris PeBenito
a1fcff33f2
final updates from nsa cvs
2005-09-19 21:17:45 +00:00
Chris PeBenito
41c4800de4
a few module compile fixes
2005-09-19 14:18:48 +00:00
Chris PeBenito
cf6a7d8993
more upstream merging
2005-09-16 21:20:37 +00:00
Chris PeBenito
cff75c90ca
more upstream merging
2005-09-16 19:36:10 +00:00
Chris PeBenito
40adb57f47
add tftp
2005-09-16 15:18:09 +00:00
Chris PeBenito
ccc5978224
add snmp
2005-09-16 14:54:36 +00:00
Chris PeBenito
a0824843c2
more merging from nsa cvs
2005-09-16 13:36:26 +00:00
Chris PeBenito
98a8ead4c5
more updates
2005-09-15 21:03:29 +00:00
Chris PeBenito
605ba28540
more merging from nsa cvs
2005-09-15 15:34:31 +00:00
Chris PeBenito
5a2649cefd
cleanup
2005-09-14 19:27:30 +00:00
Chris PeBenito
84c92239d4
add samba
2005-09-14 18:33:53 +00:00
Chris PeBenito
4479b31614
require fix
2005-09-14 15:41:46 +00:00
Chris PeBenito
71fe0fa4c5
fixes for module compiling
2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0
more merging of NSA CVS policy
2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3
begin merging in upstream NSA CVS changes
2005-09-12 21:40:56 +00:00
Chris PeBenito
712566ee41
fixes to make base module compilable
2005-09-12 15:17:39 +00:00
Chris PeBenito
2e863f8ad0
add first part of changes to make base module compilable
2005-09-09 20:51:54 +00:00
Chris PeBenito
0fdf3ef75e
fix sshd to use initrc transition while typeattribute in conditionals is still broken
2005-09-09 20:49:59 +00:00
Chris PeBenito
9ff3003346
add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work
2005-09-09 13:24:11 +00:00
Chris PeBenito
eb3cb6820a
add portmap
2005-09-08 17:12:38 +00:00
Chris PeBenito
d17b4d2323
add ktalk
2005-09-08 13:42:13 +00:00
Chris PeBenito
9b06402eaf
add missing rules of other domains using inn
2005-09-08 13:23:11 +00:00
Chris PeBenito
763a5e30c6
misc fixes
2005-09-07 13:31:37 +00:00
Chris PeBenito
8d93523409
add inn
2005-09-06 18:37:27 +00:00
Chris PeBenito
603f90ab9d
misc fixes
2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3
add ntp
2005-09-05 16:47:19 +00:00
Chris PeBenito
ce1b44aac4
typo
2005-09-02 20:55:17 +00:00
Chris PeBenito
ac0483aefe
add dictd
2005-09-02 20:50:54 +00:00
Chris PeBenito
fdae8e755e
add hal
2005-09-02 20:29:52 +00:00
Chris PeBenito
f344c0f38e
move dhcpd to dhcp
2005-09-02 19:18:43 +00:00
Chris PeBenito
0f707d52ab
add squid
2005-09-02 19:11:07 +00:00
Chris PeBenito
7c8fc35b14
add dhcpd
2005-09-02 14:52:08 +00:00
Chris PeBenito
9d3bdc25af
fix bugs uncovered from sediff
2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13
move rhgb_domain into TODO so modules can compile as binary modules
2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf
finish remaining dbus bits
2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578
add dbus
2005-08-31 20:58:12 +00:00
Chris PeBenito
6af06cd8b6
fix typos
2005-08-31 16:54:19 +00:00
Chris PeBenito
768283ac46
cosmetics
2005-08-31 16:49:30 +00:00
Chris PeBenito
6e61566dba
add comsat. clean up kerberos and nscd interfaces
2005-08-31 15:25:12 +00:00
Chris PeBenito
246839f3d2
fix up most of mta attribute insanity
2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59
send user role to per userdomain templates. update templated interfaces
...
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
e5d45268fd
make corecommands required
2005-08-30 14:41:52 +00:00
Chris PeBenito
9439a25899
update config, switch most to module
2005-08-26 13:30:59 +00:00
Chris PeBenito
2a94561a89
start adding in templated interfaces
2005-08-25 20:27:20 +00:00
Chris PeBenito
6d12276bf5
fix quoting
2005-08-24 20:18:28 +00:00
Chris PeBenito
3110dec4f3
fix tunables
2005-08-24 20:00:10 +00:00
Chris PeBenito
82024f9942
do bools until loadable modules support tunables
2005-08-24 18:30:47 +00:00
Chris PeBenito
d83fdad248
add bind
2005-08-23 17:26:19 +00:00
Chris PeBenito
902be0ae21
add privoxy
2005-08-22 21:49:27 +00:00
Chris PeBenito
35ecf83839
add rsync
2005-08-22 21:17:10 +00:00
Chris PeBenito
f9b11e9615
add howl
2005-08-22 20:43:20 +00:00
Chris PeBenito
4b8c5489ec
move require to right position, for modular policy
2005-08-22 20:18:42 +00:00
Chris PeBenito
c04f2abe88
complete infrastructure support for building modules
2005-08-22 17:07:17 +00:00
Chris PeBenito
db93d707c5
mark userpace object classes
2005-08-22 14:13:19 +00:00
Chris PeBenito
f6e28abbab
moved to selinux module
2005-08-19 20:05:02 +00:00
Chris PeBenito
fb0a3a98c6
initial support for compiling loadable modules
2005-08-18 21:27:20 +00:00
Chris PeBenito
f862c35c37
add gpm
2005-08-17 21:28:31 +00:00
Chris PeBenito
2961e79b55
add ldap
2005-08-17 18:33:43 +00:00
Chris PeBenito
23ca91f8bb
cleanup
2005-08-17 17:31:57 +00:00
Chris PeBenito
545b0c9176
add rshd
2005-08-17 15:23:24 +00:00
Chris PeBenito
57a96cbd0b
add firstboot
2005-08-17 14:14:07 +00:00
Chris PeBenito
2d803edc73
more debian cleanup
2005-08-17 14:09:29 +00:00
Chris PeBenito
4806a05cfb
fix broken xml of previous commit
2005-08-15 19:35:20 +00:00
Chris PeBenito
5f38a65aab
try to knock out more of the distro_debian bootloader stuff
2005-08-15 19:31:37 +00:00
Chris PeBenito
21468a6076
add loadkeys
2005-08-15 14:46:17 +00:00
Chris PeBenito
8843093607
more comments
2005-08-12 19:28:30 +00:00
Chris PeBenito
f0b1efa2a2
all dev nodes assoc to tmpfs, since most everyone is moving to udev
2005-08-12 19:28:15 +00:00
Chris PeBenito
35b494789d
fix some udev naming
2005-08-12 18:13:03 +00:00
Chris PeBenito
aae06c1306
fix system spool file problem
2005-08-12 17:54:55 +00:00
Chris PeBenito
f7ebea06e3
finalize desc -> summary xml change
2005-08-11 17:46:39 +00:00
Chris PeBenito
4aa0dc20b4
add tcpd
2005-08-11 15:17:13 +00:00
Chris PeBenito
052c953ae5
add quota
2005-08-11 14:49:58 +00:00
Chris PeBenito
5a3895a9f6
tabbing fix
2005-08-11 14:35:52 +00:00
Chris PeBenito
e784300a62
add sudo
2005-08-09 19:30:43 +00:00
Chris PeBenito
b9d7d70b33
add template xml
2005-08-09 19:21:25 +00:00
Chris PeBenito
9489149ec0
add su
2005-08-08 21:03:23 +00:00
Chris PeBenito
9465452eec
fix gen_user comment for more clarity
2005-08-08 18:13:56 +00:00
Chris PeBenito
dce68dc48d
add updfstab
2005-08-08 15:51:15 +00:00
Chris PeBenito
f5e321b0f0
fix xml tags
2005-08-08 15:43:20 +00:00
Chris PeBenito
7057c18db0
a few more ssh touchups
2005-08-05 18:49:23 +00:00
Chris PeBenito
ed78ea0034
add tmpreaper
2005-08-05 15:32:27 +00:00
Chris PeBenito
9a66d4e562
add acct
2005-08-05 14:32:12 +00:00
Chris PeBenito
3fd8336882
misc cleanup
2005-08-04 20:54:51 +00:00
Chris PeBenito
42be7c214d
add mysql
2005-08-03 17:56:26 +00:00
Chris PeBenito
046a21da80
search sbin dirs to find the pgms
2005-08-03 17:43:41 +00:00
Chris PeBenito
81343a6f90
* Rename ipsec connect interface for consistency.
...
* Add missing parts of unix stream socket connect interface
of ipsec.
* Rename inetd connect interface for consistency.
2005-08-03 15:16:33 +00:00
Chris PeBenito
bbdbdb9edf
fix stray line that got out of TODO
2005-07-29 15:07:15 +00:00
Chris PeBenito
e5590ea5ec
work on user transition
2005-07-28 20:52:55 +00:00
Chris PeBenito
022f61c0e3
add connect interface on ports to handle name_connect tcp perm
2005-07-22 15:38:01 +00:00
Chris PeBenito
50527cf581
make network_interface able to support multiple interfaces having the same type
2005-07-22 14:00:38 +00:00
Chris PeBenito
953541a918
update from privmail
2005-07-21 20:34:57 +00:00
Chris PeBenito
80526ccbdd
add an example module config for a targeted policy
2005-07-20 20:11:49 +00:00
Chris PeBenito
ea7d571bd7
/var/lib is now a mountpoint
2005-07-20 17:36:48 +00:00
Chris PeBenito
53857c8c05
unconfined can pass all constraints
2005-07-20 17:24:23 +00:00
Chris PeBenito
ef424c14d4
name_connect only on tcp_sockets
2005-07-20 17:10:07 +00:00
Chris PeBenito
9496fd5119
unconfined can name_connect to all ports
2005-07-20 17:08:07 +00:00
Chris PeBenito
d250634311
reorder kernel policy, add attributes for sysctl and proc entries. fix unconfined interface
2005-07-20 17:06:10 +00:00
Chris PeBenito
f82c6ac64c
bah typo
2005-07-20 15:08:33 +00:00
Chris PeBenito
0b28a23114
user home dirs were missing file type in targ policy
2005-07-20 15:06:49 +00:00
Chris PeBenito
1e3f610b3b
add missing dir and file perms for selinuxfs in unconfined
2005-07-20 14:57:13 +00:00
Chris PeBenito
689f6ddb35
fix typos and import some rules from NSA cvs to make targeted policy work
2005-07-20 14:25:24 +00:00
Chris PeBenito
474f43d13d
should actually try compiling first :x
2005-07-20 13:39:10 +00:00
Chris PeBenito
bd7e7a6417
missed a line
2005-07-20 13:37:18 +00:00
Chris PeBenito
a28f6db576
add in some rules from NSA CVS to make targeted policy work
2005-07-20 13:30:06 +00:00
Chris PeBenito
8c3f438f75
corenet was missing from unconfined
2005-07-19 20:38:26 +00:00
Chris PeBenito
892266ca76
more targeted policy fixes
2005-07-19 20:26:02 +00:00
Chris PeBenito
21f47732b1
add new netlink socket class
2005-07-19 20:25:42 +00:00
Chris PeBenito
ec848d247f
more fixes for targeted
2005-07-19 19:37:43 +00:00
Chris PeBenito
2ec4c9d38f
more cleanup
2005-07-19 18:40:31 +00:00
Chris PeBenito
8b0bbdda34
fixes for targeted policy
2005-07-19 18:40:19 +00:00
Chris PeBenito
391edeb577
fix assertions for framework
2005-07-18 20:17:21 +00:00
Chris PeBenito
a5f339f134
more cleanup in system
2005-07-18 18:31:49 +00:00
Chris PeBenito
9f103ce14b
fix to use context_template()
2005-07-18 14:25:05 +00:00
Chris PeBenito
3b6174a142
add missing context template
2005-07-15 20:54:24 +00:00
Chris PeBenito
50aca6d2f9
add raid (mdadm)
2005-07-15 20:45:26 +00:00
Chris PeBenito
d9fd8e7562
more pcmcia cleanup
2005-07-15 19:18:55 +00:00
Chris PeBenito
157c69416f
add macro to expand object class sets for use in require blocks
2005-07-15 15:53:54 +00:00
Chris PeBenito
50f6503452
* break up files_getattr_all_files into correct interfaces
...
* move stuff out of pcmcia into the appropriate modules
2005-07-15 15:17:57 +00:00
Chris PeBenito
f136a944c5
reorder in alpha order of type, for sanity purposes
2005-07-15 14:30:19 +00:00
Chris PeBenito
e0d57fbcb1
add pcmcia
2005-07-14 20:57:17 +00:00
Chris PeBenito
c429cb5e26
fix up the xml
2005-07-14 20:02:53 +00:00
Chris PeBenito
11633bbaa8
add ipsec
2005-07-14 18:15:47 +00:00
Chris PeBenito
493d6c4adc
add nscd
2005-07-13 20:48:51 +00:00
Chris PeBenito
df00b2e235
* fix chroot exec interface
...
* more TODO cleanup
* move IPC out of generic domtrans interfaces
2005-07-13 18:29:08 +00:00
Chris PeBenito
b24f35d8a3
more cleanup of current TODOs
2005-07-12 20:34:24 +00:00
Chris PeBenito
20a22759a7
fix comments for templates to have same number of # as interfaces
2005-07-12 20:33:42 +00:00
Chris PeBenito
4051d15b62
fix xml
2005-07-11 19:15:54 +00:00
Chris PeBenito
ae9e2716c3
fix more TODOs. fix selinux.te to selinuxutil.te in optionals
2005-07-11 19:02:50 +00:00
Chris PeBenito
a42ca7ebec
another round of TODO cleanup
2005-07-08 20:44:57 +00:00
Chris PeBenito
4d0d4157f4
silly formatting fix
2005-07-08 19:44:12 +00:00
Chris PeBenito
e5f8060316
implement direct_sysadm_daemon
2005-07-07 15:25:28 +00:00
Chris PeBenito
1aa526281b
missing rules uncovered by sediff
2005-07-07 15:20:24 +00:00
Chris PeBenito
c98340cfeb
support for targeted policy
2005-07-06 20:28:29 +00:00
Chris PeBenito
ed1a92b88c
ksu moves to su
2005-07-06 17:41:58 +00:00
Chris PeBenito
bb32544d61
add missing ssh file contexts
2005-07-06 15:59:54 +00:00
Chris PeBenito
9726b31857
add unconfined
2005-07-05 20:59:51 +00:00
Chris PeBenito
e8f0055b6d
fix quoting problem
2005-07-05 20:54:12 +00:00
Chris PeBenito
2745476e4a
add required tags
2005-07-05 17:47:15 +00:00
Chris PeBenito
a7a9799d79
convert can_kerberos()
2005-07-01 13:31:34 +00:00
Chris PeBenito
65c8613766
ul has to be in a p
2005-07-01 13:10:57 +00:00
Chris PeBenito
5e1ed4903e
initial commit
2005-06-30 21:11:54 +00:00
Chris PeBenito
fd89e19f12
more work on current modules
2005-06-30 18:54:08 +00:00
Chris PeBenito
ebdc3b7902
clean up more todos
2005-06-29 20:53:53 +00:00
Chris PeBenito
d233bfce3f
make layer summary required
2005-06-29 16:54:13 +00:00
Chris PeBenito
8fd3673225
another round of renaming, for consistency
2005-06-29 14:26:41 +00:00
Chris PeBenito
96ce00afcc
add logrotate, more low-hanging fruit
2005-06-28 20:54:49 +00:00
Chris PeBenito
ceebe3b4b0
change desc to summary
2005-06-28 19:51:46 +00:00
Chris PeBenito
cbca03f513
add lost_found_t manage, rename fs_type attribute to filesystem_type and rename fs_make_fs to fs_type
2005-06-28 17:48:59 +00:00
Chris PeBenito
783b38347e
more low hanging fruit cleanup
2005-06-28 17:32:57 +00:00
Chris PeBenito
58c3da55f3
add fstools, and more cleanup
2005-06-27 20:59:28 +00:00
Chris PeBenito
80436b9b8f
changes to make inetd work
2005-06-27 18:37:33 +00:00
Chris PeBenito
24bf11c62a
initial commit
2005-06-27 18:36:56 +00:00
Chris PeBenito
ab940a4cc1
autofs_t and ypbind cleanup
2005-06-27 16:30:55 +00:00
Chris PeBenito
e88003ffe3
xml updates and nis stuff
2005-06-24 20:37:09 +00:00
Chris PeBenito
73fbc771d1
initial commit
2005-06-24 19:49:46 +00:00
Chris PeBenito
62a7b02c5b
add/update comments
2005-06-24 13:36:57 +00:00
Chris PeBenito
414e415198
update for new documentation method
2005-06-23 21:30:57 +00:00
Chris PeBenito
aad5b98eba
more updates
2005-06-23 20:35:48 +00:00
Chris PeBenito
9916c694b4
update to new commenting style
2005-06-23 20:27:06 +00:00
Chris PeBenito
45239964e5
move ssh tunables into global_tunables
2005-06-23 19:57:15 +00:00
Chris PeBenito
19ea99d495
fix
2005-06-23 16:06:39 +00:00
Chris PeBenito
261e0e66ee
shorten some xml tags
2005-06-23 16:00:05 +00:00
Chris PeBenito
d3b892e4fd
convert a couple network macros
2005-06-23 15:44:18 +00:00
Chris PeBenito
007ca5600c
more setcurrent stuff
2005-06-23 15:37:39 +00:00
Chris PeBenito
2a3478cf15
fixes pointed out by steve, plus fixes revealed by the added assertions
2005-06-23 14:19:56 +00:00
Chris PeBenito
9ccd96dfc6
more work on ssh, plus import ssh-agent
2005-06-22 21:14:48 +00:00
Chris PeBenito
199895e201
move all interfaces over to the interface macro. add traceback debugging info
2005-06-22 19:21:31 +00:00
Chris PeBenito
cbc9d6951a
remove remaining _depend macros to prep for switchover to interface declaration macro
2005-06-22 16:07:14 +00:00
Chris PeBenito
0404a3903a
initial commit of ssh.
2005-06-21 21:07:46 +00:00
Chris PeBenito
21871a5cf6
work on newrole policy
2005-06-21 17:01:45 +00:00
Chris PeBenito
e04b8e7832
initial commit
2005-06-20 18:43:14 +00:00
Chris PeBenito
57869a681e
XML: encapsulate modules in layers, rather then layer being an attribute of
...
module tag
2005-06-20 18:40:44 +00:00
Chris PeBenito
7a2f20a315
more work to clean up and complete current modules
2005-06-20 17:41:29 +00:00
Chris PeBenito
2ba9a794db
interface review, and remove net_raw from raw node sends. only give
...
capability for raw send on an interface
2005-06-17 19:17:57 +00:00
Chris PeBenito
bc1fbab472
interface review, and remove net_raw from raw node sends. only give
...
capability for raw send on an interface
2005-06-17 18:59:34 +00:00
Chris PeBenito
c9b7f1a28e
add rw_term_perms
2005-06-17 18:56:23 +00:00
Chris PeBenito
5e6f9e5aac
services interfaces review
2005-06-17 18:41:07 +00:00
Chris PeBenito
7f2e39b8e6
review of admin interfaces
2005-06-17 18:27:08 +00:00
Chris PeBenito
139520a233
review of system interfaces
2005-06-17 17:59:26 +00:00
Chris PeBenito
a7c3a1b920
eliminate _depend macros
2005-06-16 21:06:29 +00:00
Chris PeBenito
0e721690dc
misc cleanup
2005-06-16 20:54:18 +00:00
Chris PeBenito
562cc2bd6c
reorder gpg tunable for alpha sorting
2005-06-16 20:34:57 +00:00
Chris PeBenito
d35c621eb0
add a couple more nfs and cifs interfaces, to cover most of the
...
use_(nfs|cifs)_home_dirs tunable
2005-06-16 20:33:51 +00:00
Chris PeBenito
77c124c8cd
eliminate _depend macros
2005-06-16 20:30:59 +00:00
Chris PeBenito
8c2f3ac695
have can_exec add a require block
2005-06-16 20:30:07 +00:00
Chris PeBenito
8eaa723d28
put user line in col 1, since genhomedircon breaks otherwise
2005-06-15 14:07:20 +00:00
Chris PeBenito
828e03f635
initial commit
2005-06-15 13:53:48 +00:00
Chris PeBenito
5e0da6a03e
finish renaming system/selinux to system/selinuxutil
2005-06-14 20:48:34 +00:00
Chris PeBenito
ff7bc148e4
move security_t to selinux module
2005-06-14 20:40:09 +00:00
Chris PeBenito
be4a8011d4
move selinux to selinuxutil
2005-06-14 20:12:46 +00:00
Chris PeBenito
8bd6789954
move constraints interfaces to domain module. move sysfs and usbfs to
...
devices module
2005-06-14 19:56:46 +00:00
Chris PeBenito
810f2b7155
fix typo
2005-06-14 18:15:01 +00:00
Chris PeBenito
b57dd19400
stray renames in distro_redhat
2005-06-14 17:36:21 +00:00
Chris PeBenito
3eed10909e
convert relevant conditionals into tunable_policy
2005-06-14 14:43:04 +00:00
Chris PeBenito
92e928e1bd
start making genhomedircon work
2005-06-13 21:16:05 +00:00
Chris PeBenito
c24ac9c51c
rename requires_block_template to gen_require
2005-06-13 20:51:09 +00:00
Chris PeBenito
fa7bea8feb
rename requires_block_tempalte to gen_require
2005-06-13 20:47:04 +00:00
Chris PeBenito
34c8fabeeb
tunables work
2005-06-13 20:44:23 +00:00
Chris PeBenito
31908be07f
a few missed renames, and start fixing up tunables
2005-06-13 20:27:32 +00:00
Chris PeBenito
5a45e70177
rename setattr removable_device_t
2005-06-13 20:00:36 +00:00
Karl MacMillan
8700497fb1
Updates to documentation.
2005-06-13 19:22:00 +00:00
Chris PeBenito
d9507b1874
fix xml
2005-06-13 17:40:51 +00:00
Chris PeBenito
c9428d33dc
renaming insanity
2005-06-13 17:35:46 +00:00
Karl MacMillan
f0c985ca80
Devices rename.
2005-06-13 16:22:32 +00:00
Chris PeBenito
0fd9dc55cf
renaming insanity
2005-06-10 01:01:13 +00:00
Chris PeBenito
24040829d0
fix can_exec
2005-06-10 01:00:48 +00:00
Chris PeBenito
cab7c00ff4
make macro work
2005-06-09 23:06:23 +00:00
Chris PeBenito
e3fd778b8f
add can_exec
2005-06-09 23:06:07 +00:00
Chris PeBenito
1b8d67d157
fix
2005-06-09 22:46:38 +00:00
Chris PeBenito
a154cd45f3
reorder
2005-06-09 21:07:58 +00:00
Chris PeBenito
588ffaeb7f
kernel.if renaming
2005-06-09 20:50:17 +00:00
Chris PeBenito
eda201efe8
more renaming and xml
2005-06-09 19:52:50 +00:00
Chris PeBenito
eca5b2dd79
rename
2005-06-09 19:22:27 +00:00
Chris PeBenito
cc41a97c99
aliases
2005-06-09 18:08:26 +00:00
Chris PeBenito
7591e83cba
fix layer in module tag
2005-06-09 17:56:38 +00:00
Chris PeBenito
c6ebefd2f2
rename
2005-06-09 17:51:40 +00:00
Chris PeBenito
d90b274e40
for now, drop infoflow tags
2005-06-09 17:23:53 +00:00
Chris PeBenito
dc67f782e4
aliases
2005-06-09 17:21:52 +00:00
Chris PeBenito
0a10b1fa12
aliases
2005-06-09 15:32:23 +00:00
Chris PeBenito
fe040c9777
renaming and xml
2005-06-09 15:20:31 +00:00
Chris PeBenito
dd822947d2
aliases
2005-06-09 14:50:48 +00:00
Chris PeBenito
80048ca5d2
aliases
2005-06-09 14:26:05 +00:00
Chris PeBenito
5d31560b4d
genhomedircon entries
2005-06-08 22:32:43 +00:00
Chris PeBenito
5552ed88f3
initial commit
2005-06-08 22:32:33 +00:00
Chris PeBenito
f2e4ab3a99
make corenetwork generation explicit, rather then on-the-fly
2005-06-08 21:46:39 +00:00
Chris PeBenito
7edd02d4f1
aliasing
2005-06-08 21:07:03 +00:00
Chris PeBenito
b29d23f315
initial commit
2005-06-08 20:49:16 +00:00
Chris PeBenito
c2c00bee05
add aliases
2005-06-08 20:28:45 +00:00
Karl MacMillan
72bdc60860
Moved and changed user_mls to gen_user.
2005-06-08 20:23:43 +00:00
Karl MacMillan
eb5e237573
Renamed support macros for consistency.
2005-06-08 20:23:12 +00:00
Chris PeBenito
9f72a2655f
renaming
2005-06-08 18:40:30 +00:00
Chris PeBenito
0c5a288e98
interface renaming
2005-06-08 18:00:04 +00:00
Chris PeBenito
1694dee685
interface renaming
2005-06-08 16:18:08 +00:00
Chris PeBenito
066d463147
comment fix
2005-06-08 16:16:41 +00:00
Chris PeBenito
a7197232e8
add can_exec
2005-06-08 13:41:05 +00:00
Chris PeBenito
763c441e3b
start renaming filesystem interfaces
2005-06-08 13:12:00 +00:00
Chris PeBenito
a9ec5414d1
add interface macro
2005-06-08 13:11:47 +00:00
Chris PeBenito
b46609f09f
fix missing _socket in class
2005-06-08 13:08:01 +00:00
Chris PeBenito
3865d6b95e
add xml
2005-06-07 22:36:07 +00:00
Chris PeBenito
ddea18b0ad
more tunable work
2005-06-07 22:26:39 +00:00
Chris PeBenito
758618b1f3
initial commit
2005-06-07 22:26:11 +00:00
Chris PeBenito
254bbc7bb3
start switching over to new tunable infrastructure
2005-06-07 18:45:47 +00:00
Chris PeBenito
02b584a174
initial commit
2005-06-07 15:10:43 +00:00
Chris PeBenito
43bc3906c5
initial commit
2005-06-07 14:46:31 +00:00
Chris PeBenito
2d68932a8d
fix broken macros
2005-06-07 14:46:20 +00:00
Chris PeBenito
a1d2e8ab29
add domain(_auto)_trans
2005-06-07 14:43:14 +00:00
Chris PeBenito
eb7f9a34cb
move audit to logging
2005-06-07 14:27:19 +00:00
Chris PeBenito
ef5e55c9fa
move to logging
2005-06-07 14:16:14 +00:00
Chris PeBenito
0c73cd2526
change over to some perm set macros. add indentation
2005-06-03 12:25:14 +00:00
Chris PeBenito
4196997813
add some indentation
2005-06-02 20:26:48 +00:00
Chris PeBenito
d115660e3b
change network verb in corenetwork to sendrecv
2005-06-02 18:55:47 +00:00
Chris PeBenito
cabfa520aa
move fs_use and isids to respective modules
2005-06-02 15:39:10 +00:00
Chris PeBenito
ca83afe7e6
start breaking up support_macros into macros dir
2005-06-02 14:31:31 +00:00
Chris PeBenito
f5d4efd756
add missing system_crond_t transition pieces
2005-06-01 20:16:36 +00:00
Chris PeBenito
98af6c7763
remove extra whitespace
2005-06-01 19:18:54 +00:00
Chris PeBenito
de96491bda
move global.if to support_macros at top level
2005-06-01 19:17:13 +00:00
Chris PeBenito
6d9915d615
add missing pieces of crond_t -> $1_crond_t transition
2005-06-01 19:01:28 +00:00
Chris PeBenito
004db90d3f
do dtd verification on xml. fix current xml to be valid
2005-06-01 18:34:34 +00:00
Chris PeBenito
2fc84fd172
move user_u and root to users
2005-06-01 17:40:22 +00:00
Chris PeBenito
aa40608fbe
remove copyright until licensing issues are resolved
2005-06-01 17:34:13 +00:00
Chris PeBenito
f267dfbb8b
fix module name in xml
2005-06-01 17:27:39 +00:00
Chris PeBenito
134191be67
move flask dir to top level, and update them from nsa cvs. move files in
...
misc to top level. make mls support work.
2005-06-01 15:40:37 +00:00
Chris PeBenito
e32d52ba47
fix xml
2005-06-01 14:17:43 +00:00
Chris PeBenito
1293184998
last fixes for cab
2005-06-01 13:51:54 +00:00
Chris PeBenito
d115b24712
more cab work
2005-05-31 23:02:11 +00:00
Chris PeBenito
3b857eae09
add some file_t interfaces, and console write
2005-05-31 21:25:45 +00:00
Chris PeBenito
b8fca44d3f
initial commit
2005-05-31 20:39:15 +00:00
Chris PeBenito
4bf4ed9e68
permission set macro changes, plus more cab related work
2005-05-31 19:52:57 +00:00
Chris PeBenito
08eb9d1a33
fix tmpfs assoc call
2005-05-31 13:45:37 +00:00
Chris PeBenito
f5c42bd80b
many fixes from cab work
2005-05-30 21:17:20 +00:00
Chris PeBenito
32e53ac1b8
cleanup inspired by sediff
2005-05-27 21:56:01 +00:00
Chris PeBenito
16e9b0cb6b
rpmbuild_t is not a system domain. also mark it as most likely dead.
2005-05-27 21:29:54 +00:00
Chris PeBenito
c6fd1f85ba
restructure users, and add signalling
2005-05-27 20:44:05 +00:00
Chris PeBenito
07da0af7bd
tmpfs associate for redhat
2005-05-27 20:43:37 +00:00
Chris PeBenito
dd31631500
fix ordering and put in var_lib_t
2005-05-27 20:29:17 +00:00
Chris PeBenito
d490eb6b5c
fixes from cab
2005-05-26 20:38:45 +00:00
Chris PeBenito
c220381539
initial commit
2005-05-26 15:50:53 +00:00
Chris PeBenito
efd8ede34d
many fixes from cab testing
2005-05-25 20:58:21 +00:00
Chris PeBenito
10abae75d9
initial commit
2005-05-25 19:52:21 +00:00
Chris PeBenito
cbeef67c1c
cleanup
2005-05-24 22:22:26 +00:00
Chris PeBenito
3b3bf871a7
cleanup
2005-05-24 21:41:29 +00:00
Chris PeBenito
6f3dab294e
initial commit
2005-05-24 21:32:34 +00:00
Chris PeBenito
7d7a36af98
initial commit
2005-05-24 21:23:39 +00:00
Chris PeBenito
e7fcdc6d2f
fix the object class in process transition interfaces
2005-05-24 20:45:27 +00:00
Chris PeBenito
c907b3e2c7
cleanup for corenetwork interface generation
2005-05-24 17:34:29 +00:00
Chris PeBenito
dc771ff40e
another cleanup pass
2005-05-24 15:55:57 +00:00
Chris PeBenito
6276f10155
instead of using macros to drop out non-macro calls during corenetwork
...
interface generation, use grep to get the macro calls and feed to m4
2005-05-24 15:52:57 +00:00
Chris PeBenito
992aba5f15
initial commit
2005-05-23 17:56:47 +00:00
Chris PeBenito
6b48fd013c
stuff from rpm
2005-05-23 17:56:35 +00:00
Chris PeBenito
57440fb076
add dontaudit shadow_t getattr
2005-05-23 17:56:26 +00:00
Chris PeBenito
957e269eb2
fix tmpfs associate infoflow
2005-05-23 17:56:00 +00:00
Chris PeBenito
39255175ca
move in stuff from rpm
2005-05-23 17:01:51 +00:00
Chris PeBenito
15a9613ca4
add ldconfig and rpm transitions
2005-05-23 15:51:33 +00:00
Chris PeBenito
162a57e583
add missing xml
2005-05-23 15:50:12 +00:00
Chris PeBenito
46410fd2b9
add tmpfsfile support
2005-05-23 15:49:31 +00:00
Chris PeBenito
1c9f9a50df
add signull all domains
2005-05-23 15:49:03 +00:00
Chris PeBenito
3000a31552
make transition on shell work
2005-05-23 15:48:45 +00:00
Chris PeBenito
c4309768f1
add transitions
2005-05-23 15:47:13 +00:00
Chris PeBenito
48e0dbd63e
add ldconfig
2005-05-23 15:45:53 +00:00
Chris PeBenito
e32c0d3b86
add mls sensitivity to genfscon, initial sids and fs_use
2005-05-20 20:43:18 +00:00
Chris PeBenito
0d0d2bafd6
add mls port support
2005-05-20 20:23:25 +00:00
Chris PeBenito
085faa06ff
add xml comments to generated sections, and add mls support to interfaces
...
and nodes
2005-05-20 20:07:42 +00:00
Chris PeBenito
daa0e0b01f
add xml comments to interfaces, convert over userdomain stuff
2005-05-19 21:06:06 +00:00
Chris PeBenito
bee546bfd4
add context template to support mls
2005-05-18 21:02:15 +00:00
Chris PeBenito
26c87e0c42
add userdomain:fd use
2005-05-18 21:00:56 +00:00
Chris PeBenito
490639cd57
add a xml comment
2005-05-18 21:00:30 +00:00
Chris PeBenito
2e77b29e67
add xml
2005-05-18 21:00:00 +00:00
Chris PeBenito
494e988f80
fix xml
2005-05-18 20:59:38 +00:00
Chris PeBenito
8623d5b854
move run_init to selinux, as it is part of policycoreutils
2005-05-18 16:03:54 +00:00
Chris PeBenito
1786071159
rename some selinuxfs interfaces for more clarity
2005-05-18 13:22:37 +00:00
Chris PeBenito
ef373408a6
add source policy interfaces
2005-05-18 13:21:28 +00:00
Chris PeBenito
5817e3a820
add renice all domains
2005-05-18 13:21:00 +00:00
Chris PeBenito
759ba0a459
add get all filesystems quotas
2005-05-18 13:20:38 +00:00
Chris PeBenito
76bff31d96
add admin template
2005-05-18 13:20:16 +00:00
Chris PeBenito
c3dff2e0a2
add device_node:{ chr_file blk_file } getattr;
2005-05-18 13:19:51 +00:00
Chris PeBenito
4d8ddf9a4f
start adding admin template
2005-05-18 13:18:49 +00:00
Chris PeBenito
dd14d0d892
change read_shared_libraries to use_shared_libraries, since the execute
...
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
2005-05-17 15:32:52 +00:00
Chris PeBenito
650e75c57d
initial commit
2005-05-16 21:11:26 +00:00
Chris PeBenito
b16c6b8c32
start adding user domains. fix ttynode and ptynode handling, as they're
...
more then user terminals (at least ptynode is). start adding XML comments
2005-05-16 21:10:33 +00:00
Chris PeBenito
c6a3a22457
add more parts to send_mail and drop transition since its more then a transition
2005-05-13 20:52:28 +00:00
Chris PeBenito
ff31386090
move make_{daemon,init,system}_domain to init to fix type_transition'ing
2005-05-13 20:21:50 +00:00
Chris PeBenito
24a7ae1a5a
add lvm.fc, and move relevant entries to devices.fc and storage.fc
2005-05-13 15:03:19 +00:00
Chris PeBenito
7bba9d317a
pile of updates
2005-05-13 14:37:13 +00:00
Chris PeBenito
1bde8321dd
initial commit
2005-05-13 14:36:35 +00:00
Chris PeBenito
075c4fdaf1
additions for cron and mta
2005-05-12 20:50:09 +00:00
Chris PeBenito
fd9deeb8ee
reorg and a fix
2005-05-12 20:49:39 +00:00
Chris PeBenito
d18e3d73bb
add crontab
2005-05-11 20:55:40 +00:00
Chris PeBenito
fb1aee72f4
add iface creating private logs
2005-05-11 20:54:14 +00:00
Chris PeBenito
d25dd9c1c2
add make temporary_file and daemon_runtime_file
2005-05-11 19:36:36 +00:00
Chris PeBenito
38e24ae49e
add files_make_temporary_file and remove type attribute from
...
create_private_tmp
2005-05-11 19:21:40 +00:00
Chris PeBenito
0b1af28713
fix logging_make_log_file use
2005-05-11 19:11:14 +00:00
Chris PeBenito
23caa6d147
initial commit
2005-05-11 19:05:50 +00:00
Chris PeBenito
24280a524d
updates needed for cron
2005-05-11 19:05:15 +00:00
Chris PeBenito
3ec805f7e5
add read and search for etc_t:dir
2005-05-11 16:48:10 +00:00
Chris PeBenito
118186e3dc
make a reasonable lib_t interface
2005-05-11 15:46:51 +00:00
Chris PeBenito
1832271029
reorder for more consistency
2005-05-11 15:22:28 +00:00
Chris PeBenito
dec1686f0b
oops
2005-05-10 20:25:20 +00:00
Chris PeBenito
6b674012fc
reorder for more consistency
2005-05-10 20:24:26 +00:00
Chris PeBenito
b3416a3762
initial commit
2005-05-10 20:06:19 +00:00
Chris PeBenito
eeb2558418
leftover from netutils
2005-05-10 20:06:04 +00:00
Chris PeBenito
f8ec0ad43b
initial commit
2005-05-10 19:51:00 +00:00
Chris PeBenito
63a310c8cf
leftover from modutils
2005-05-10 19:50:41 +00:00
Chris PeBenito
279b555ae3
reorder to fit file context style rules
2005-05-10 19:47:37 +00:00
Chris PeBenito
0f3be6dbbb
initial commit
2005-05-10 15:31:48 +00:00
Chris PeBenito
6f50b57665
use ptys
2005-05-10 15:03:56 +00:00
Chris PeBenito
2812bfac86
fix hotplug optional
2005-05-10 15:00:54 +00:00
Chris PeBenito
35b2fb4d41
add v4l_device_t
2005-05-10 14:12:10 +00:00
Chris PeBenito
46be1f32ca
add printer_device_t
2005-05-10 13:59:10 +00:00
Chris PeBenito
13e94c09e4
more authlogin handling
2005-05-09 21:07:53 +00:00
Chris PeBenito
5c162193b7
move system_chkpwd to .te rather then using template, so that the
...
ifelse(system,..) can be eliminated
2005-05-09 21:06:51 +00:00
Chris PeBenito
cb28738d20
priv* attribute fixes for sulogin
2005-05-09 21:05:01 +00:00
Chris PeBenito
c18e825f57
unexpand can_kerberos
2005-05-09 21:03:38 +00:00
Chris PeBenito
a9a20ddaae
allow all domains to use /dev/{zero,null,tty}
2005-05-09 19:55:01 +00:00
Chris PeBenito
e843cc89fd
reorder restorecon and setfiles relabel rules for consistency
2005-05-09 19:06:56 +00:00
Chris PeBenito
a1f94a3441
clean up authentication attributes
2005-05-09 18:50:20 +00:00
Chris PeBenito
96b0000f1b
start adding infrastructure for the constraint exceptions
2005-05-09 17:47:57 +00:00
Chris PeBenito
18f25afdf6
start adding infrastructure for the constraint exceptions
2005-05-09 17:41:29 +00:00
Chris PeBenito
c5b5a7479a
cleanup
2005-05-09 15:40:56 +00:00
Chris PeBenito
5d7e8ba6fb
add sulogin
2005-05-09 15:38:06 +00:00
Chris PeBenito
15e3d8e8bc
initial commit
2005-05-09 13:26:33 +00:00
Chris PeBenito
8e02803ce3
add lvm_vg interfaces and do a little cleanup
2005-05-06 21:36:11 +00:00
Chris PeBenito
b2b38c78d4
initial commit
2005-05-05 21:40:32 +00:00
Chris PeBenito
ec81ecb30c
add read fonts
2005-05-05 21:36:53 +00:00
Chris PeBenito
44a43b680b
interfaces needed for clock
2005-05-05 21:19:18 +00:00
Chris PeBenito
2274f9ae4a
initial commit
2005-05-05 21:18:27 +00:00
Chris PeBenito
0fef98c405
add legacy read locale
2005-05-05 20:33:35 +00:00
Chris PeBenito
ebf7600f20
cleanup
2005-05-05 19:04:51 +00:00
Chris PeBenito
bbd6a62111
convert over to system_domain, plus a couple init cleanups
2005-05-05 18:30:00 +00:00
Chris PeBenito
4fc91539f6
initial commit
2005-05-05 17:44:36 +00:00
Chris PeBenito
d0eddb6b0d
add in system_domain
2005-05-05 17:44:11 +00:00
Chris PeBenito
f66a1af94b
move type delcarations after attribute delcarations to fix a typeattribute
...
ordering issue. comment out the TODO types with a # so they don't get moved
2005-05-05 14:08:26 +00:00
Chris PeBenito
23af43bfef
fix depends
2005-05-05 14:02:32 +00:00
Chris PeBenito
df431c87fb
add missing copyright and policy_module lines
2005-05-05 14:01:59 +00:00
Chris PeBenito
f1470e5ede
rules picked up from sediff
2005-05-04 21:44:51 +00:00
Chris PeBenito
849380bd9a
add usermanage
2005-05-04 19:15:13 +00:00
Chris PeBenito
1e5c2a416a
more conversion
2005-05-04 17:01:46 +00:00
Chris PeBenito
bd202fe157
clean up interfaces for new binary module optional structure
2005-05-04 13:19:47 +00:00
Chris PeBenito
f1578d05a9
stuff from sysnetwork
2005-05-04 13:16:34 +00:00
Chris PeBenito
0bc32e04de
a few more copied over
2005-05-04 13:16:09 +00:00
Chris PeBenito
0d7ad32935
start moving in dhcpc and ifconfig
2005-05-04 13:14:48 +00:00
Chris PeBenito
75a10baf44
add in pam console
2005-05-03 21:04:20 +00:00
Chris PeBenito
b2e0625ca1
more conversion due to new interfaces
2005-05-03 20:44:35 +00:00
Chris PeBenito
3ce6cb4a45
fill pam and utempter authlogin policy and fix up interfaces
2005-05-03 20:23:33 +00:00
Chris PeBenito
07d6e32f44
reorg run_init a little, and add a convert to a few new interfaces
2005-05-02 21:02:14 +00:00
Chris PeBenito
ab64c30fc3
add newrole:fd use
2005-05-02 21:01:31 +00:00
Chris PeBenito
3a9aef9246
updates
2005-05-02 21:01:08 +00:00
Chris PeBenito
6b93833ba0
initial commit
2005-05-02 19:24:29 +00:00
Chris PeBenito
25baab18d1
switch over to tunable_policy and optional_policy
2005-05-02 19:22:58 +00:00
Chris PeBenito
f360f82f54
fix stupid _depend define errors (s/ifdef/define/g)
2005-05-02 19:19:06 +00:00
Chris PeBenito
67484fced4
add ignore read system state
2005-05-02 18:42:33 +00:00
Chris PeBenito
de2cee6817
add tty_device_t and devpts_t chr_file interfaces
2005-05-02 18:42:10 +00:00
Chris PeBenito
dfaf6c2ad8
add authlogin_read_pam_runtime_data and cleanup interfaces
2005-05-02 18:41:20 +00:00
Chris PeBenito
9f2f9e6dfe
add ignore read rootfs file
2005-05-02 18:40:42 +00:00
Chris PeBenito
d0b6abebb9
add in use and ignore use init control channel interfaces
2005-05-02 18:40:05 +00:00
Chris PeBenito
ba7740d145
handful of changes
2005-05-02 18:38:02 +00:00
Chris PeBenito
c3c58c5d8e
move in rule from hotplug
2005-05-02 18:37:24 +00:00
Chris PeBenito
1b909968df
add in missing policy_module line
2005-05-02 18:36:51 +00:00
Chris PeBenito
fc83dba9a0
domains not needed for execute interface
2005-05-02 18:36:11 +00:00
Chris PeBenito
85bd7f1ffa
add in transition and execute interfaces, and newrole sigchld interface
2005-05-02 18:18:45 +00:00
Chris PeBenito
5eafc37492
add append to /dev/null write
2005-05-02 15:42:20 +00:00
Chris PeBenito
e9a6fcb8f1
fix privfd
2005-04-29 21:00:40 +00:00
Chris PeBenito
4472f3ec01
doh
2005-04-29 21:00:29 +00:00
Chris PeBenito
7009881cc0
add in missing devices
2005-04-29 20:35:49 +00:00
Chris PeBenito
05a5cdccc3
add a few missing ports, and ppp_device_t
2005-04-29 20:22:04 +00:00
Chris PeBenito
a7ed44d531
initial commit
2005-04-29 20:16:38 +00:00
Chris PeBenito
a2d8246bf6
make mountpoints work, plus misc
2005-04-28 21:41:09 +00:00
Chris PeBenito
07efe969fe
initial local login commit
2005-04-28 19:50:58 +00:00
Chris PeBenito
ee5772e455
add bulk of selinux module policy, and add required interfaces
2005-04-28 18:59:01 +00:00
Chris PeBenito
f9cfa192a4
minor fixes
2005-04-28 18:58:39 +00:00
Chris PeBenito
b5860610b4
missed that sysctl_dev is a dir too
2005-04-28 15:52:42 +00:00
Chris PeBenito
3009816bcd
convert over optional policy to optional_policy macro
2005-04-28 15:48:27 +00:00
Chris PeBenito
55a46da18a
add console setattr if
2005-04-28 15:47:50 +00:00
Chris PeBenito
4fbd2ee111
remove entrypoint assertion
2005-04-28 15:46:53 +00:00
Chris PeBenito
4600e08867
reorganize the policy
2005-04-28 15:46:23 +00:00
Chris PeBenito
dfb86adde5
initial commit
2005-04-28 15:45:32 +00:00
Chris PeBenito
b5ab18b3f1
initial commit
2005-04-28 13:41:37 +00:00
Chris PeBenito
55f4564e31
start merging in rules from daemon domain
2005-04-27 21:56:41 +00:00
Chris PeBenito
889c9a9789
add init_t:fd use interface and initrc pty rw interface
2005-04-27 21:56:12 +00:00
Chris PeBenito
bcd35991d1
daemon domain allows noatsecure siginh rlimitinh, not dontaudit
2005-04-27 21:55:18 +00:00
Chris PeBenito
8119850297
add console dontaudit
2005-04-27 21:54:39 +00:00
Chris PeBenito
3016a9ff95
initial commit
2005-04-26 21:12:52 +00:00
Chris PeBenito
f9438fdfd1
add search all dirs
2005-04-26 21:12:32 +00:00
Chris PeBenito
e064a64b0e
move system_chkpwd to fix ordering issue with checkpolicy
2005-04-26 21:10:11 +00:00
Chris PeBenito
8beec89d27
add legacy lib use
2005-04-26 19:10:29 +00:00
Chris PeBenito
960373dddd
add module statement macro and entrypoint executable attribute to replicate
...
can_exec($1,exec_type)
2005-04-26 17:00:25 +00:00
Chris PeBenito
94edcc5c83
fix tmp_domain
2005-04-25 21:44:48 +00:00
Chris PeBenito
5f75f56066
move modules_object_t back to bootloader
2005-04-25 21:32:09 +00:00
Chris PeBenito
91a7ab6cb3
add sysnetwork
2005-04-25 21:28:25 +00:00
Chris PeBenito
b303042477
add missing transition dontaudits
2005-04-25 21:07:59 +00:00
Chris PeBenito
549180e874
initial commit
2005-04-25 20:13:45 +00:00
Chris PeBenito
219bcf7a8f
attack with sediff, make fs:getattr interfaces consistent, create init and
...
daemon domains
2005-04-25 19:54:27 +00:00
Chris PeBenito
a266e3cc83
restructure kernel module to be consistent with other module ordering. put
...
in missing rules. fix naming problems
2005-04-25 16:11:21 +00:00
Chris PeBenito
343a231d5f
reorg
2005-04-22 22:00:09 +00:00
Chris PeBenito
22e1131e23
fix te trans error
2005-04-22 22:00:02 +00:00
Chris PeBenito
8a0da1086c
make getattr and setattr interfaces and make naming consistent
2005-04-22 19:31:32 +00:00
Chris PeBenito
33bc0dd994
clean up some filesystem assoc
2005-04-21 22:46:49 +00:00
Chris PeBenito
0e730cc8e1
complete corenetwork
2005-04-21 21:53:15 +00:00
Chris PeBenito
1f7b37c585
insmod can be run directly from kernel; fix update_modules errors
2005-04-21 21:35:45 +00:00
Chris PeBenito
9eb5e812fe
exec and transition interfaces, plus include mod object symlinks in reading modules
2005-04-21 21:34:47 +00:00
Chris PeBenito
32b5029cc5
uncomment test file
2005-04-21 21:34:08 +00:00
Chris PeBenito
5a95221115
add devlog_t symlink to loggers
2005-04-21 21:33:50 +00:00
Chris PeBenito
bf9e1e3f72
logging and modutils updates
2005-04-21 21:32:54 +00:00
Chris PeBenito
033c80e683
rename files_manage_general_lock_files() to more appropriate files_manage_system_lock_files()
2005-04-21 13:35:01 +00:00
Chris PeBenito
7c5d78fbca
more insmod work, bring in depmod and update_modules
2005-04-20 21:00:01 +00:00
Chris PeBenito
bd76460f61
more comments
2005-04-20 19:14:56 +00:00
Chris PeBenito
e181fe05d8
add copyright statement
2005-04-20 19:07:16 +00:00
Chris PeBenito
0154356271
initial commit
2005-04-20 13:24:10 +00:00
Chris PeBenito
879b00fe60
initial commit
2005-04-19 21:08:13 +00:00
Chris PeBenito
67e2ff428c
initial commit
2005-04-19 20:51:05 +00:00
Chris PeBenito
f0872d22b4
add cap sys_rawio to raw memory access interfaces
2005-04-19 20:47:29 +00:00
Chris PeBenito
c4890efc00
add per-userdomain template, and shadow_t interfaces
2005-04-19 20:45:54 +00:00
Chris PeBenito
3ba13bbf03
add all types for this module
2005-04-19 20:45:24 +00:00
Chris PeBenito
4ddc1abd78
add all types for this module, and add klogd policy
2005-04-19 20:44:52 +00:00
Chris PeBenito
8c77177b75
add interface to send syslog messages
2005-04-19 20:44:07 +00:00
Chris PeBenito
5050e500fe
use interface to send syslog messages
2005-04-19 20:43:44 +00:00
Chris PeBenito
b470e3896b
initial commit
2005-04-19 20:42:32 +00:00
Chris PeBenito
f0578249d1
reorganize and add rootfs dontaudits
2005-04-19 18:58:16 +00:00
Chris PeBenito
7aebdb853d
add rootfs dontaudits for use in init.te
2005-04-19 18:57:13 +00:00
Chris PeBenito
053f6a200a
add dontaudit fs getattr
2005-04-19 18:56:47 +00:00
Chris PeBenito
5496553038
kernel can load modules
2005-04-19 13:52:45 +00:00
Chris PeBenito
7f89c7efc6
hold off on improving
2005-04-19 13:46:06 +00:00
Chris PeBenito
1ea98d0407
remove relabeling privilege for now
2005-04-18 20:27:16 +00:00
Chris PeBenito
57d236548b
move assert.te here
2005-04-18 20:17:25 +00:00
Chris PeBenito
5d78128fda
add interface to associate to filesystems w/o xattr. allow regular files to
...
associate to no xattr filesystems
2005-04-16 17:20:59 +00:00
Chris PeBenito
70dcf798e9
add boot_runtime_t
2005-04-16 17:18:34 +00:00
Chris PeBenito
b4cd153394
initial commit
2005-04-14 20:18:17 +00:00