rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5,881 Commits 8 Branches 96 Tags 37 MiB
361693e74b
Commit Graph

358 Commits

Author SHA1 Message Date
Lukas Vrabec
51dc83b2d4 Commit removes big SELinux policy patches against tresys refpolicy. 
We're quite diverted from upstream policy. This change will use tarballs
from github projects:
https://github.com/fedora-selinux/selinux-policy
https://github.com/fedora-selinux/selinux-policy-contrib
 2018-01-08 18:28:27 +01:00
Dan Walsh
164fa392ee Fix config.tgz to include lxc_contexts and systemd_contexts 2013-11-14 11:05:22 -05:00
Miroslav Grepl
0f9b0de389 Upload new upstream sources 2013-11-13 15:27:57 +01:00
Miroslav Grepl
e4104d9fc0 Upload updated config.tgz 2013-11-12 12:22:03 +01:00
Miroslav Grepl
e5e41801b0 Upload new upstream sources 2013-01-08 11:50:45 +01:00
Miroslav Grepl
a270091f19 Make rawhide == f18 2012-12-17 17:21:00 +01:00
Miroslav Grepl
46a9c6067c * Thu Aug 2 2012 Miroslav Grepl <mgrepl@redhat.com> 3.11.1-0 
- Update to upstream
 2012-08-02 07:43:02 +02:00
Miroslav Grepl
d68342900a fix sources 2012-06-07 13:40:47 +02:00
Miroslav Grepl
e392eca2af Upload new sources 2012-06-06 16:09:49 +02:00
Miroslav Grepl
3f8c0984d4 Upload the right source file 2011-06-27 18:20:35 +02:00
Miroslav Grepl
ade486af72 Update to upstream 2011-06-27 18:02:16 +02:00
Miroslav Grepl
6726024e43 Update to upstream 2011-03-08 18:28:56 +00:00
Miroslav Grepl
7288282fd4 - Update to upstream 2011-02-16 18:45:08 +00:00
Dan Walsh
812781becc - Update to ref policy 
- cgred needs chown capability
- Add /dev/crash crash_dev_t
 2011-02-08 17:50:40 -05:00
Miroslav Grepl
86b1f12f92 - Update to upstream 2011-01-17 18:42:12 +00:00
Miroslav Grepl
d6c5f3679b Update to upstream 2010-12-20 17:43:48 +00:00
Miroslav Grepl
0ba6b243f7 - Update to upstream 
- Fix version of policy in spec file
 2010-12-15 11:03:25 +00:00
Miroslav Grepl
05f913e88b - Update to upstream 
- Cleanup for sandbox
- Add attribute to be able to select sandbox types
 2010-11-25 12:21:34 +00:00
Dan Walsh
f4eab7417d Remove bad tar ball from src 2010-11-16 10:59:45 -05:00
Miroslav Grepl
582d2c5d2c - Update to upstream 
- Dontaudit leaked sockets from userdomains to user domains
- Fixes for mcelog to handle scripts
- Apply patch from Ruben Kerkhof
- Allow syslog to search spool dirs
 2010-11-16 09:46:19 +01:00
Dan Walsh
3e0b7834a6 - Update to upstream 
- Add vlock policy
 2010-11-05 14:22:36 -04:00
Dan Walsh
06262c1566 - Update to upstream 
- Add vlock policy
 2010-11-05 12:40:07 -04:00
Dan Walsh
7a208696f9 - Dontaudit sandbox sending sigkill to all user domains 
- Add policy for rssh_chroot_helper
- Add missing flask definitions
- Allow udev to relabelto removable_t
- Fix label on /var/log/wicd.log
- Transition to initrc_t from init when executing bin_t
- Add audit_access permissions to file
- Make removable_t a device_node
- Fix label on /lib/systemd/*
 2010-10-28 15:55:48 -04:00
Dan Walsh
5a152bc135 - Update to upstream 2010-10-12 16:47:46 -04:00
Dan Walsh
6f934680a8 - Allow smbd to use sys_admin 
- Remove duplicate file context for tcfmgr
- Update to upstream
 2010-10-07 14:55:49 -04:00
Dan Walsh
a24e6a6700 - Update to upstream 2010-09-16 07:59:03 -04:00
Dan Walsh
a0e8efd42c - Update to upstream 2010-09-13 16:17:15 -04:00
Dan Walsh
64d84cf8ec Allow iptables to read shorewall tmp files 
Change chfn and passwd to use auth_use_pam so they can send dbus messages to fpr
intd
label vlc as an execmem_exec_t
Lots of fixes for mozilla_plugin to run google vidio chat
Allow telepath_msn to execute ldconfig and its own tmp files
Fix labels on hugepages
Allow mdadm to read files on /dev
Remove permissive domains and change back to unconfined
Allow freshclam to execute shell and bin_t
Allow devicekit_power to transition to dhcpc
Add boolean to allow icecast to connect to any port
 2010-09-08 14:17:07 -04:00
Dan Walsh
482c9f3ad9 - Merge upstream fix of mmap_zero 
- Allow mount to write files in debugfs_t
- Allow corosync to communicate with clvmd via tmpfs
- Allow certmaster to read usr_t files
- Allow dbus system services to search cgroup_t
- Define rlogind_t as a login pgm
 2010-09-02 13:43:28 -04:00
Dan Walsh
a7a2367a59 - Merge with upstream 2010-08-30 17:34:52 -04:00
Dan Walsh
6578cf7413 - More access needed for devicekit 
- Add dbadm policy
 2010-08-30 11:58:36 -04:00
Dan Walsh
ba77266a14 - Merge with upstream 2010-08-26 20:35:53 -04:00
Daniel J Walsh
7f5d8f30d0 - Update boinc policy 
- Fix sysstat policy to allow sys_admin
- Change failsafe_context to unconfined_r:unconfined_t:s0
 2010-07-27 17:28:04 +00:00
Daniel J Walsh
d66bec6356 - Update to latest policy 2010-07-20 17:48:36 +00:00
Daniel J Walsh
0f2ae00c61 - Update to upstream 2010-07-15 13:11:25 +00:00
Daniel J Walsh
6c42218d9d -Update to upstream 2010-06-28 17:19:34 +00:00
Daniel J Walsh
fa98e0ec52 -Update to upstream 2010-06-21 14:31:26 +00:00
Daniel J Walsh
5f371acada -Update to upstream 2010-06-18 20:14:28 +00:00
Daniel J Walsh
b39ccca147 - Update to upstream 2010-06-08 21:23:21 +00:00
Daniel J Walsh
632048ceb1 - Update to upstream 
- Allow prelink script to signal itself
- Cobbler fixes
 2010-06-07 21:15:35 +00:00
Daniel J Walsh
bc4089cfaa - Update to upstream 2010-05-26 21:15:42 +00:00
Daniel J Walsh
a72c31df34 - Update to upstream 2010-03-18 15:47:35 +00:00
Daniel J Walsh
add957370e - Merge with upstream 2010-02-16 22:10:14 +00:00
Daniel J Walsh
a62c6405cc - Lots of fixes found in F12 2010-02-02 16:41:03 +00:00
Daniel J Walsh
faec5c2a14 - Update to upstream 2010-01-18 22:40:25 +00:00
Daniel J Walsh
fc05ac0660 - Move users file to selection by spec file. 
- Allow vncserver to run as unconfined_u:unconfined_r:unconfined_t
 2010-01-11 22:06:55 +00:00
Daniel J Walsh
468fe0b647 - Update to upstream 2010-01-08 22:03:53 +00:00
Daniel J Walsh
b2ccd1a9c8 Update packages 2009-12-18 21:09:01 +00:00
Daniel J Walsh
9eef358da0 - Update to upstream release 2009-12-10 19:20:14 +00:00
Daniel J Walsh
f2a1dcd3d4 - Add asterisk policy back in 
- Update to upstream release 2.20091117
 2009-11-25 20:19:12 +00:00
Daniel J Walsh
ee88b050c5 - Add asterisk policy back in 2009-11-20 16:55:54 +00:00
Daniel J Walsh
55acbfd715 - Update to upstream release 2.20091117 2009-11-18 22:22:56 +00:00
Daniel J Walsh
5e44eb8657 - Update to upstream 2009-11-14 05:18:01 +00:00
Daniel J Walsh
69290fd9df - Update to upstream 
- Dontaudit nsplugin search /root
- Dontaudit nsplugin sys_nice
 2009-09-16 17:50:32 +00:00
Daniel J Walsh
ab8f807545 - More fixes 2009-09-09 21:08:02 +00:00
Daniel J Walsh
65c3f9a0a8 - Update to upsteam 2009-08-31 21:27:50 +00:00
Daniel J Walsh
faf9cbbc4b - Update to upstream 2009-08-28 20:55:16 +00:00
Daniel J Walsh
40243d944f - Allow cupsd_config_t to be started by dbus 
- Add smoltclient policy
 2009-08-18 22:43:34 +00:00
Daniel J Walsh
9c270225e5 - Add policycoreutils-python to pre install 2009-08-18 12:34:26 +00:00
Daniel J Walsh
43fb726b4b - More fixes from upstream 2009-07-30 21:38:54 +00:00
Daniel J Walsh
c6e2224c70 - Fix polkit label 
- Remove hidebrokensymptoms for nss_ldap fix
- Add modemmanager policy
- Lots of merges from upstream
- Begin removing textrel_shlib_t labels, from fixed libraries
 2009-07-30 04:31:53 +00:00
Daniel J Walsh
3750561a72 - Update to upstream 2009-07-28 19:08:17 +00:00
Daniel J Walsh
df7055d5b3 - Update to upstream 2009-07-23 21:47:41 +00:00
Daniel J Walsh
2360ff9f3f - Update to upstream 2009-07-15 19:12:04 +00:00
Daniel J Walsh
d9676a6ada - Update to upstream 2009-07-06 21:16:26 +00:00
Daniel J Walsh
7b16d569d8 - Update to upstream 
- Fix nlscd_stream_connect
 2009-06-26 20:13:04 +00:00
Daniel J Walsh
a9f0953822 - Update to upstream 
add sssd
 2009-06-22 22:27:58 +00:00
Daniel J Walsh
8866315d40 - Update to upstream 
cleanup
Fri Jun 19 2009 Dan Walsh <dwalsh@redhat.com> 3.6.17-1
- Update to upstream
- Additional mail ports
- Add virt_use_usb boolean for svirt
 2009-06-20 13:59:00 +00:00
Daniel J Walsh
6071093529 - Update to upstream 
- Additional mail ports
- Add virt_use_usb boolean for svirt
 2009-06-19 11:41:44 +00:00
Daniel J Walsh
d54def1c6f - New version for upstream 2009-06-15 17:59:49 +00:00
Daniel J Walsh
d3ae977ab7 - New version for upstream 2009-06-12 18:59:09 +00:00
Daniel J Walsh
f3d2889157 - Update to upstream 2009-06-09 02:15:29 +00:00
Daniel J Walsh
ef7416c2b8 - Upgrade to upstream 2009-05-22 14:37:43 +00:00
Daniel J Walsh
2e917624ad - Upgrade to latest upstream 
- Allow devicekit_disk sys_rawio
 2009-04-08 11:58:59 +00:00
Daniel J Walsh
0e78af1c39 - Dontaudit binds to ports < 1024 for named 
- Upgrade to latest upstream
 2009-04-06 19:27:19 +00:00
Daniel J Walsh
9ca87fc9d8 - Fixes to allow svirt read iso files in homedir 2009-03-24 19:45:02 +00:00
Daniel J Walsh
5dce3c12f7 - Add xenner and wine fixes from mgrepl 2009-03-20 18:42:38 +00:00
Daniel J Walsh
b12011f2ab - Upgrade to latest upstream 2009-03-12 15:48:51 +00:00
Daniel J Walsh
a67a1c12aa - Upgrade to latest patches 2009-03-05 21:05:47 +00:00
Daniel J Walsh
8c3a31a48a - Update to Latest upstream 2009-03-03 20:10:30 +00:00
Daniel J Walsh
2eec438a0b - Re-add corenet_in_generic_if(unlabeled_t) 2009-02-16 22:54:22 +00:00
Daniel J Walsh
bd0db4f147 - Add setrans contains from upstream 2009-02-09 22:07:20 +00:00
Daniel J Walsh
c957c38343 - Upgrade to latest upstream 2009-02-04 04:02:17 +00:00
Daniel J Walsh
1d72fb031f - Update to upstream 2009-01-19 17:35:43 +00:00
Daniel J Walsh
292c49cacc - Update to upstream 2009-01-05 22:55:20 +00:00
Daniel J Walsh
b3f084a8c7 - Update to upstream 2009-01-05 22:35:32 +00:00
Daniel J Walsh
fce9b71022 - Fix labeling on /var/spool/rsyslog 2008-11-25 21:08:25 +00:00
Daniel J Walsh
02d888c766 - Fix labeling on /var/spool/rsyslog 2008-11-25 19:18:01 +00:00
Daniel J Walsh
49f48f4a99 - Policy cleanup 2008-10-17 22:03:34 +00:00
Daniel J Walsh
4125702a20 - Update to upstream 2008-10-14 23:50:08 +00:00
Daniel J Walsh
b6cc6a84e9 - Update to upstream 2008-10-11 23:57:43 +00:00
Daniel J Walsh
e0b9b8d38f - Update to upstream policy 2008-10-09 10:48:56 +00:00
Daniel J Walsh
f1a8278899 - Allow NetworkManager to transition to avahi and iptables 
- Allow domains to search other domains keys, coverup kernel bug
 2008-10-03 15:49:44 +00:00
Daniel J Walsh
d611f1191a - Upgrade to upstream 2008-09-26 12:38:56 +00:00
Daniel J Walsh
59571abd0d - Merge upstream changes 
- Add Xavier Toth patches
 2008-09-16 13:57:15 +00:00
Daniel J Walsh
8a482d67b3 - Merge upstream changes 
- Add Xavier Toth patches
 2008-09-12 20:36:21 +00:00
Daniel J Walsh
aca77a6f2d - Remove gamin policy 2008-09-08 21:01:42 +00:00
Daniel J Walsh
0a219fe07b - Update to upstream 
- New handling of init scripts
 2008-09-03 20:16:35 +00:00
Daniel J Walsh
7638e78556 - Allow ifconfig_t to read dhcpc_state_t 2008-08-26 14:46:43 +00:00
Daniel J Walsh
1a0f642074 - Update to upstream 2008-08-11 21:19:25 +00:00
Daniel J Walsh
b5d09d1532 - Update to upstream 2008-08-07 20:05:57 +00:00
Daniel J Walsh
0f1bd620e5 - Allow system-config-selinux to work with policykit 2008-08-07 12:22:07 +00:00
Daniel J Walsh
feefeee019 - Fix xguest -> xguest_mozilla_t -> xguest_openiffice_t 2008-07-17 19:53:32 +00:00
Daniel J Walsh
af0f735167 - Update to upstream 2008-06-12 14:50:00 +00:00
Daniel J Walsh
9ed55bda90 - Merge Upstream 2008-05-30 20:27:06 +00:00
Daniel J Walsh
7fd4585229 - Merge Upstream 2008-05-23 20:05:34 +00:00
Daniel J Walsh
4b7f030014 Update for rawhide 2008-05-19 13:02:56 +00:00
Daniel J Walsh
c43b447f6f Update for rawhide 2008-05-19 13:01:59 +00:00
Daniel J Walsh
f75033d612 - Update to upstream fixes 2008-02-26 13:45:23 +00:00
Daniel J Walsh
5ca2ff99b6 - Add xace support 2008-02-22 20:32:52 +00:00
Daniel J Walsh
541ba8edec - Fixes from yum-cron 
- Update to latest upstream
 2008-02-20 18:52:50 +00:00
Daniel J Walsh
eb3e9fbc68 - Merge with upstream 2008-02-18 21:31:18 +00:00
Daniel J Walsh
57ac1cab83 - Update to upstream 2008-02-06 21:47:42 +00:00
Daniel J Walsh
b19d470cd4 - Update to upstream 
- Add libvirt policy
- add qemu policy
 2008-02-02 06:30:04 +00:00
Daniel J Walsh
2587107071 - Fix definiton of admin_home_t 2007-12-19 18:00:58 +00:00
Daniel J Walsh
f14d51e840 - Update to upstream 2007-12-13 21:40:00 +00:00
Daniel J Walsh
7dfe3eb3ef - Add polkit policy 
- Symplify userdom context, remove automatic per_role changes
 2007-12-11 06:08:33 +00:00
Daniel J Walsh
02654b8fb4 - Update to upstream 
- Allow httpd_sys_script_t to search users homedirs
 2007-12-05 03:19:13 +00:00
Daniel J Walsh
9186dc57d9 - Remove user based home directory separation 2007-11-30 22:33:18 +00:00
Daniel J Walsh
6e70d63f52 - Remove user based home directory separation 2007-11-30 22:08:19 +00:00
Daniel J Walsh
965b62cceb - Merge with upstream 
- Allow xsever to read hwdata_t
- Allow login programs to setkeycreate
 2007-11-27 04:11:10 +00:00
Daniel J Walsh
7330e86b90 - Update to upstream 2007-11-10 14:14:41 +00:00
Daniel J Walsh
fa0d1c8884 - Update to upstream 2007-10-23 23:13:09 +00:00
Daniel J Walsh
bf76748359 - Allow cron to search nfs and samba homedirs 2007-09-18 15:09:11 +00:00
Daniel J Walsh
e8b5993e52 - Update an readd modules 2007-08-27 21:43:05 +00:00
Daniel J Walsh
77a22067be - Add setransd for mls policy 2007-08-22 14:46:21 +00:00
Daniel J Walsh
f9778219aa - Update from upstream 2007-08-03 19:53:44 +00:00
Daniel J Walsh
2fac1d6655 - Update with latest changes from upstream 2007-07-26 17:54:24 +00:00
Daniel J Walsh
297dd1a900 - Allow execution of gconf 2007-07-19 14:45:16 +00:00
Daniel J Walsh
af677794a8 - Default to user_u:system_r:unconfined_t 2007-07-03 19:20:47 +00:00
Daniel J Walsh
269acb5ee8 - Remove ifdef strict policy from upstream 2007-06-26 12:09:30 +00:00
Daniel J Walsh
56187c2f8a - Remove ifdef strict policy from upstream 2007-05-31 18:40:35 +00:00
Daniel J Walsh
346d2dccfd 2007-05-21 18:54:40 +00:00
Daniel J Walsh
8cd496f1d6 - Update to latest from upstream 2007-05-14 18:10:58 +00:00
Daniel J Walsh
daa6abe9e1 - Update to latest from upstream 2007-05-04 17:30:10 +00:00
Daniel J Walsh
8a3cefc9a6 - Update to latest from upstream 2007-05-04 17:14:04 +00:00
Daniel J Walsh
a615d5b893 - Update to latest from upstream 2007-05-02 02:53:14 +00:00
Daniel J Walsh
8fea836859 - Update to latest from upstream 2007-05-01 20:53:29 +00:00
Daniel J Walsh
8396b2dbd2 - Upstream bumped the version 2007-04-23 17:00:48 +00:00
Daniel J Walsh
a3b1a2c522 - Update to upstream 2007-04-11 20:55:28 +00:00
Daniel J Walsh
e441a1b48b - Update to upstream 2007-04-11 20:23:53 +00:00
Daniel J Walsh
8e5289e20b - Update to upstream 2007-04-02 19:53:16 +00:00
Daniel J Walsh
ce7f30a258 - Update to upstream 2007-04-02 15:17:45 +00:00
Daniel J Walsh
145e8d73ba - Allow samba to run groupadd 2007-03-23 17:31:13 +00:00
Daniel J Walsh
d3aabaedb4 2007-03-20 15:01:28 +00:00
Daniel J Walsh
2a9b648b37 - More of my patches from upstream 2007-03-11 05:19:36 +00:00
Daniel J Walsh
1fed4c745c - Update to latest from upstream 
- Add fail2ban policy
 2007-03-01 21:57:47 +00:00
Daniel J Walsh
5ad70cf38c - Update to remove security_t:filesystem getattr problems 2007-02-28 21:23:19 +00:00
Daniel J Walsh
b2ca43f5ca 2007-02-26 22:15:47 +00:00
Daniel J Walsh
fd5c324a94 2007-02-26 16:09:11 +00:00