Commit Graph

466 Commits

Author SHA1 Message Date
Chris PeBenito
689f6ddb35 fix typos and import some rules from NSA cvs to make targeted policy work 2005-07-20 14:25:24 +00:00
Chris PeBenito
474f43d13d should actually try compiling first :x 2005-07-20 13:39:10 +00:00
Chris PeBenito
bd7e7a6417 missed a line 2005-07-20 13:37:18 +00:00
Chris PeBenito
a28f6db576 add in some rules from NSA CVS to make targeted policy work 2005-07-20 13:30:06 +00:00
Chris PeBenito
8c3f438f75 corenet was missing from unconfined 2005-07-19 20:38:26 +00:00
Chris PeBenito
892266ca76 more targeted policy fixes 2005-07-19 20:26:02 +00:00
Chris PeBenito
21f47732b1 add new netlink socket class 2005-07-19 20:25:42 +00:00
Chris PeBenito
ec848d247f more fixes for targeted 2005-07-19 19:37:43 +00:00
Chris PeBenito
2ec4c9d38f more cleanup 2005-07-19 18:40:31 +00:00
Chris PeBenito
8b0bbdda34 fixes for targeted policy 2005-07-19 18:40:19 +00:00
Chris PeBenito
391edeb577 fix assertions for framework 2005-07-18 20:17:21 +00:00
Chris PeBenito
a5f339f134 more cleanup in system 2005-07-18 18:31:49 +00:00
Chris PeBenito
9f103ce14b fix to use context_template() 2005-07-18 14:25:05 +00:00
Chris PeBenito
3b6174a142 add missing context template 2005-07-15 20:54:24 +00:00
Chris PeBenito
50aca6d2f9 add raid (mdadm) 2005-07-15 20:45:26 +00:00
Chris PeBenito
d9fd8e7562 more pcmcia cleanup 2005-07-15 19:18:55 +00:00
Chris PeBenito
157c69416f add macro to expand object class sets for use in require blocks 2005-07-15 15:53:54 +00:00
Chris PeBenito
50f6503452 * break up files_getattr_all_files into correct interfaces
* move stuff out of pcmcia into the appropriate modules
2005-07-15 15:17:57 +00:00
Chris PeBenito
f136a944c5 reorder in alpha order of type, for sanity purposes 2005-07-15 14:30:19 +00:00
Chris PeBenito
e0d57fbcb1 add pcmcia 2005-07-14 20:57:17 +00:00
Chris PeBenito
c429cb5e26 fix up the xml 2005-07-14 20:02:53 +00:00
Chris PeBenito
11633bbaa8 add ipsec 2005-07-14 18:15:47 +00:00
Chris PeBenito
493d6c4adc add nscd 2005-07-13 20:48:51 +00:00
Chris PeBenito
df00b2e235 * fix chroot exec interface
* more TODO cleanup
* move IPC out of generic domtrans interfaces
2005-07-13 18:29:08 +00:00
Chris PeBenito
b24f35d8a3 more cleanup of current TODOs 2005-07-12 20:34:24 +00:00
Chris PeBenito
20a22759a7 fix comments for templates to have same number of # as interfaces 2005-07-12 20:33:42 +00:00
Chris PeBenito
4051d15b62 fix xml 2005-07-11 19:15:54 +00:00
Chris PeBenito
ae9e2716c3 fix more TODOs. fix selinux.te to selinuxutil.te in optionals 2005-07-11 19:02:50 +00:00
Chris PeBenito
a42ca7ebec another round of TODO cleanup 2005-07-08 20:44:57 +00:00
Chris PeBenito
4d0d4157f4 silly formatting fix 2005-07-08 19:44:12 +00:00
Chris PeBenito
e5f8060316 implement direct_sysadm_daemon 2005-07-07 15:25:28 +00:00
Chris PeBenito
1aa526281b missing rules uncovered by sediff 2005-07-07 15:20:24 +00:00
Chris PeBenito
c98340cfeb support for targeted policy 2005-07-06 20:28:29 +00:00
Chris PeBenito
ed1a92b88c ksu moves to su 2005-07-06 17:41:58 +00:00
Chris PeBenito
bb32544d61 add missing ssh file contexts 2005-07-06 15:59:54 +00:00
Chris PeBenito
9726b31857 add unconfined 2005-07-05 20:59:51 +00:00
Chris PeBenito
e8f0055b6d fix quoting problem 2005-07-05 20:54:12 +00:00
Chris PeBenito
2745476e4a add required tags 2005-07-05 17:47:15 +00:00
Chris PeBenito
a7a9799d79 convert can_kerberos() 2005-07-01 13:31:34 +00:00
Chris PeBenito
65c8613766 ul has to be in a p 2005-07-01 13:10:57 +00:00
Chris PeBenito
5e1ed4903e initial commit 2005-06-30 21:11:54 +00:00
Chris PeBenito
fd89e19f12 more work on current modules 2005-06-30 18:54:08 +00:00
Chris PeBenito
ebdc3b7902 clean up more todos 2005-06-29 20:53:53 +00:00
Chris PeBenito
d233bfce3f make layer summary required 2005-06-29 16:54:13 +00:00
Chris PeBenito
8fd3673225 another round of renaming, for consistency 2005-06-29 14:26:41 +00:00
Chris PeBenito
96ce00afcc add logrotate, more low-hanging fruit 2005-06-28 20:54:49 +00:00
Chris PeBenito
ceebe3b4b0 change desc to summary 2005-06-28 19:51:46 +00:00
Chris PeBenito
cbca03f513 add lost_found_t manage, rename fs_type attribute to filesystem_type and rename fs_make_fs to fs_type 2005-06-28 17:48:59 +00:00
Chris PeBenito
783b38347e more low hanging fruit cleanup 2005-06-28 17:32:57 +00:00
Chris PeBenito
58c3da55f3 add fstools, and more cleanup 2005-06-27 20:59:28 +00:00
Chris PeBenito
80436b9b8f changes to make inetd work 2005-06-27 18:37:33 +00:00
Chris PeBenito
24bf11c62a initial commit 2005-06-27 18:36:56 +00:00
Chris PeBenito
ab940a4cc1 autofs_t and ypbind cleanup 2005-06-27 16:30:55 +00:00
Chris PeBenito
e88003ffe3 xml updates and nis stuff 2005-06-24 20:37:09 +00:00
Chris PeBenito
73fbc771d1 initial commit 2005-06-24 19:49:46 +00:00
Chris PeBenito
62a7b02c5b add/update comments 2005-06-24 13:36:57 +00:00
Chris PeBenito
414e415198 update for new documentation method 2005-06-23 21:30:57 +00:00
Chris PeBenito
aad5b98eba more updates 2005-06-23 20:35:48 +00:00
Chris PeBenito
9916c694b4 update to new commenting style 2005-06-23 20:27:06 +00:00
Chris PeBenito
45239964e5 move ssh tunables into global_tunables 2005-06-23 19:57:15 +00:00
Chris PeBenito
19ea99d495 fix 2005-06-23 16:06:39 +00:00
Chris PeBenito
261e0e66ee shorten some xml tags 2005-06-23 16:00:05 +00:00
Chris PeBenito
d3b892e4fd convert a couple network macros 2005-06-23 15:44:18 +00:00
Chris PeBenito
007ca5600c more setcurrent stuff 2005-06-23 15:37:39 +00:00
Chris PeBenito
2a3478cf15 fixes pointed out by steve, plus fixes revealed by the added assertions 2005-06-23 14:19:56 +00:00
Chris PeBenito
9ccd96dfc6 more work on ssh, plus import ssh-agent 2005-06-22 21:14:48 +00:00
Chris PeBenito
199895e201 move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00
Chris PeBenito
cbc9d6951a remove remaining _depend macros to prep for switchover to interface declaration macro 2005-06-22 16:07:14 +00:00
Chris PeBenito
0404a3903a initial commit of ssh. 2005-06-21 21:07:46 +00:00
Chris PeBenito
21871a5cf6 work on newrole policy 2005-06-21 17:01:45 +00:00
Chris PeBenito
e04b8e7832 initial commit 2005-06-20 18:43:14 +00:00
Chris PeBenito
57869a681e XML: encapsulate modules in layers, rather then layer being an attribute of
module tag
2005-06-20 18:40:44 +00:00
Chris PeBenito
7a2f20a315 more work to clean up and complete current modules 2005-06-20 17:41:29 +00:00
Chris PeBenito
2ba9a794db interface review, and remove net_raw from raw node sends. only give
capability for raw send on an interface
2005-06-17 19:17:57 +00:00
Chris PeBenito
bc1fbab472 interface review, and remove net_raw from raw node sends. only give
capability for raw send on an interface
2005-06-17 18:59:34 +00:00
Chris PeBenito
c9b7f1a28e add rw_term_perms 2005-06-17 18:56:23 +00:00
Chris PeBenito
5e6f9e5aac services interfaces review 2005-06-17 18:41:07 +00:00
Chris PeBenito
7f2e39b8e6 review of admin interfaces 2005-06-17 18:27:08 +00:00
Chris PeBenito
139520a233 review of system interfaces 2005-06-17 17:59:26 +00:00
Chris PeBenito
a7c3a1b920 eliminate _depend macros 2005-06-16 21:06:29 +00:00
Chris PeBenito
0e721690dc misc cleanup 2005-06-16 20:54:18 +00:00
Chris PeBenito
562cc2bd6c reorder gpg tunable for alpha sorting 2005-06-16 20:34:57 +00:00
Chris PeBenito
d35c621eb0 add a couple more nfs and cifs interfaces, to cover most of the
use_(nfs|cifs)_home_dirs tunable
2005-06-16 20:33:51 +00:00
Chris PeBenito
77c124c8cd eliminate _depend macros 2005-06-16 20:30:59 +00:00
Chris PeBenito
8c2f3ac695 have can_exec add a require block 2005-06-16 20:30:07 +00:00
Chris PeBenito
8eaa723d28 put user line in col 1, since genhomedircon breaks otherwise 2005-06-15 14:07:20 +00:00
Chris PeBenito
828e03f635 initial commit 2005-06-15 13:53:48 +00:00
Chris PeBenito
5e0da6a03e finish renaming system/selinux to system/selinuxutil 2005-06-14 20:48:34 +00:00
Chris PeBenito
ff7bc148e4 move security_t to selinux module 2005-06-14 20:40:09 +00:00
Chris PeBenito
be4a8011d4 move selinux to selinuxutil 2005-06-14 20:12:46 +00:00
Chris PeBenito
8bd6789954 move constraints interfaces to domain module. move sysfs and usbfs to
devices module
2005-06-14 19:56:46 +00:00
Chris PeBenito
810f2b7155 fix typo 2005-06-14 18:15:01 +00:00
Chris PeBenito
b57dd19400 stray renames in distro_redhat 2005-06-14 17:36:21 +00:00
Chris PeBenito
3eed10909e convert relevant conditionals into tunable_policy 2005-06-14 14:43:04 +00:00
Chris PeBenito
92e928e1bd start making genhomedircon work 2005-06-13 21:16:05 +00:00
Chris PeBenito
c24ac9c51c rename requires_block_template to gen_require 2005-06-13 20:51:09 +00:00
Chris PeBenito
fa7bea8feb rename requires_block_tempalte to gen_require 2005-06-13 20:47:04 +00:00
Chris PeBenito
34c8fabeeb tunables work 2005-06-13 20:44:23 +00:00
Chris PeBenito
31908be07f a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00
Chris PeBenito
5a45e70177 rename setattr removable_device_t 2005-06-13 20:00:36 +00:00
Karl MacMillan
8700497fb1 Updates to documentation. 2005-06-13 19:22:00 +00:00
Chris PeBenito
d9507b1874 fix xml 2005-06-13 17:40:51 +00:00
Chris PeBenito
c9428d33dc renaming insanity 2005-06-13 17:35:46 +00:00
Karl MacMillan
f0c985ca80 Devices rename. 2005-06-13 16:22:32 +00:00
Chris PeBenito
0fd9dc55cf renaming insanity 2005-06-10 01:01:13 +00:00
Chris PeBenito
24040829d0 fix can_exec 2005-06-10 01:00:48 +00:00
Chris PeBenito
cab7c00ff4 make macro work 2005-06-09 23:06:23 +00:00
Chris PeBenito
e3fd778b8f add can_exec 2005-06-09 23:06:07 +00:00
Chris PeBenito
1b8d67d157 fix 2005-06-09 22:46:38 +00:00
Chris PeBenito
a154cd45f3 reorder 2005-06-09 21:07:58 +00:00
Chris PeBenito
588ffaeb7f kernel.if renaming 2005-06-09 20:50:17 +00:00
Chris PeBenito
eda201efe8 more renaming and xml 2005-06-09 19:52:50 +00:00
Chris PeBenito
eca5b2dd79 rename 2005-06-09 19:22:27 +00:00
Chris PeBenito
cc41a97c99 aliases 2005-06-09 18:08:26 +00:00
Chris PeBenito
7591e83cba fix layer in module tag 2005-06-09 17:56:38 +00:00
Chris PeBenito
c6ebefd2f2 rename 2005-06-09 17:51:40 +00:00
Chris PeBenito
d90b274e40 for now, drop infoflow tags 2005-06-09 17:23:53 +00:00
Chris PeBenito
dc67f782e4 aliases 2005-06-09 17:21:52 +00:00
Chris PeBenito
0a10b1fa12 aliases 2005-06-09 15:32:23 +00:00
Chris PeBenito
fe040c9777 renaming and xml 2005-06-09 15:20:31 +00:00
Chris PeBenito
dd822947d2 aliases 2005-06-09 14:50:48 +00:00
Chris PeBenito
80048ca5d2 aliases 2005-06-09 14:26:05 +00:00
Chris PeBenito
5d31560b4d genhomedircon entries 2005-06-08 22:32:43 +00:00
Chris PeBenito
5552ed88f3 initial commit 2005-06-08 22:32:33 +00:00
Chris PeBenito
f2e4ab3a99 make corenetwork generation explicit, rather then on-the-fly 2005-06-08 21:46:39 +00:00
Chris PeBenito
7edd02d4f1 aliasing 2005-06-08 21:07:03 +00:00
Chris PeBenito
b29d23f315 initial commit 2005-06-08 20:49:16 +00:00
Chris PeBenito
c2c00bee05 add aliases 2005-06-08 20:28:45 +00:00
Karl MacMillan
72bdc60860 Moved and changed user_mls to gen_user. 2005-06-08 20:23:43 +00:00
Karl MacMillan
eb5e237573 Renamed support macros for consistency. 2005-06-08 20:23:12 +00:00
Chris PeBenito
9f72a2655f renaming 2005-06-08 18:40:30 +00:00
Chris PeBenito
0c5a288e98 interface renaming 2005-06-08 18:00:04 +00:00
Chris PeBenito
1694dee685 interface renaming 2005-06-08 16:18:08 +00:00
Chris PeBenito
066d463147 comment fix 2005-06-08 16:16:41 +00:00
Chris PeBenito
a7197232e8 add can_exec 2005-06-08 13:41:05 +00:00
Chris PeBenito
763c441e3b start renaming filesystem interfaces 2005-06-08 13:12:00 +00:00
Chris PeBenito
a9ec5414d1 add interface macro 2005-06-08 13:11:47 +00:00
Chris PeBenito
b46609f09f fix missing _socket in class 2005-06-08 13:08:01 +00:00
Chris PeBenito
3865d6b95e add xml 2005-06-07 22:36:07 +00:00
Chris PeBenito
ddea18b0ad more tunable work 2005-06-07 22:26:39 +00:00
Chris PeBenito
758618b1f3 initial commit 2005-06-07 22:26:11 +00:00
Chris PeBenito
254bbc7bb3 start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00
Chris PeBenito
02b584a174 initial commit 2005-06-07 15:10:43 +00:00
Chris PeBenito
43bc3906c5 initial commit 2005-06-07 14:46:31 +00:00
Chris PeBenito
2d68932a8d fix broken macros 2005-06-07 14:46:20 +00:00
Chris PeBenito
a1d2e8ab29 add domain(_auto)_trans 2005-06-07 14:43:14 +00:00
Chris PeBenito
eb7f9a34cb move audit to logging 2005-06-07 14:27:19 +00:00
Chris PeBenito
ef5e55c9fa move to logging 2005-06-07 14:16:14 +00:00
Chris PeBenito
0c73cd2526 change over to some perm set macros. add indentation 2005-06-03 12:25:14 +00:00
Chris PeBenito
4196997813 add some indentation 2005-06-02 20:26:48 +00:00