Chris PeBenito
2a77737d4e
Add missing rules to make unconfined_cronjob_t a valid cron job domain.
...
Unconfined_cronjob_t is not a valid cron job domain because the cron
module is lacking a transition from the crond to the unconfined_cronjob_t
domain. This adds the transition and also a constraints exemption since
part of the transition is also a seuser and role change typically.
2009-08-12 14:15:39 -04:00
Chris PeBenito
9570b28801
module version number bump for release 2.20090730 that was mistakenly omitted.
2009-08-05 10:59:21 -04:00
Chris PeBenito
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
c1262146e0
trunk: Remove node definitions and change node usage to generic nodes.
2009-01-09 19:48:02 +00:00
Chris PeBenito
668b3093ff
trunk: change network interface access from all to generic network interfaces.
2009-01-06 20:24:10 +00:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
2cca6b79b4
trunk: remove redundant shared lib calls.
2008-10-17 17:31:04 +00:00
Chris PeBenito
0bfccda4e8
trunk: massive whitespace cleanup from dominick grift.
2008-07-23 21:38:39 +00:00
Chris PeBenito
f7925f25f7
trunk: bump module versions for release.
2007-12-14 14:23:18 +00:00
Chris PeBenito
74d920c3b5
trunk: add setrlimit to debian cron.
2007-12-06 14:35:44 +00:00
Chris PeBenito
c0cf6e0a6e
trunk: clean up nsswitch usage, from dan.
2007-12-04 15:05:55 +00:00
Chris PeBenito
12e9ea1ae3
trunk: module version bumps for previous commit.
2007-10-02 17:15:07 +00:00
Chris PeBenito
350b6ab767
trunk: merge strict and targeted policies. merge shlib_t into lib_t.
2007-10-02 16:04:50 +00:00
Chris PeBenito
3480f3f239
trunk: bump version numbers for release.
2007-09-28 13:58:24 +00:00
Chris PeBenito
d46cfe45cd
trunk: add application module
2007-07-19 18:57:48 +00:00
Chris PeBenito
116c1da330
trunk: update module version numbers for release.
2007-06-29 14:48:13 +00:00
Chris PeBenito
1900668638
trunk: Unified labeled networking policy from Paul Moore.
...
The latest revision of the labeled policy patches which enable both labeled
and unlabeled policy support for NetLabel. This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access. The older, transport layer specific interfaces, are still
present for use by third-party modules but are not used in the default policy
modules.
trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.
This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
2007-06-27 15:23:21 +00:00
Chris PeBenito
762d2cb989
merge restorecon into setfiles
2007-05-11 17:10:43 +00:00
Chris PeBenito
0251df3e39
bump module versions for release
2007-04-17 13:28:09 +00:00
Chris PeBenito
56e1b3d207
- Move booleans and tunables to modules when it is only used in a single
...
module.
- Add support for tunables and booleans local to a module.
2007-03-26 18:41:45 +00:00
Chris PeBenito
8021cb4f63
Merge sbin_t and ls_exec_t into bin_t.
2007-03-23 23:24:59 +00:00
Chris PeBenito
a5f5eba459
Add dontaudits for init fds and console to init_daemon_domain().
2007-03-20 18:47:18 +00:00
Chris PeBenito
42c5c5f612
bump versions for release.
2006-12-12 21:22:47 +00:00
Chris PeBenito
c0868a7a3b
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
Chris PeBenito
d6d16b9796
patch from dan Wed, 29 Nov 2006 17:06:40 -0500
2006-12-04 20:10:56 +00:00
Chris PeBenito
d9845ae92a
patch from dan Tue, 24 Oct 2006 11:00:28 -0400
2006-10-31 21:01:48 +00:00
Chris PeBenito
a52b4d4f23
bump versions to release numbers
2006-10-18 19:25:27 +00:00
Chris PeBenito
14b1684aae
gentoo testing fixes.
2006-10-13 21:44:02 +00:00
Chris PeBenito
e070dd2df0
- Move range transitions to modules.
...
- Make number of MLS sensitivities, and number of MLS and MCS
categories configurable as build options.
2006-10-04 17:25:34 +00:00
Chris PeBenito
e2b84ef79a
patch from dan Mon, 25 Sep 2006 15:46:40 -0400
2006-09-28 14:37:29 +00:00
Chris PeBenito
693d4aedb5
patch from dan Fri, 22 Sep 2006 16:30:34 -0400
2006-09-25 18:53:06 +00:00
Chris PeBenito
9dfbd81493
forgot to bump policy vers
2006-09-13 18:42:49 +00:00
Chris PeBenito
73ca55d311
patches from erich Wed, 13 Sep 2006 16:18:18 +0200
2006-09-13 18:35:10 +00:00
Chris PeBenito
5dbda5558a
patch from dan Fri, 01 Sep 2006 15:45:24 -0400
2006-09-04 15:15:35 +00:00
Chris PeBenito
a5e2133bc8
patch from dan Wed, 23 Aug 2006 14:03:49 -0400
2006-08-29 02:41:00 +00:00
Chris PeBenito
3573908f1c
fix cron_system_entry() rules
2006-08-16 13:52:18 +00:00
Chris PeBenito
17de1b790b
remove extra level of directory
2006-07-12 20:32:27 +00:00