Chris PeBenito
|
828e03f635
|
initial commit
|
2005-06-15 13:53:48 +00:00 |
|
Chris PeBenito
|
5e0da6a03e
|
finish renaming system/selinux to system/selinuxutil
|
2005-06-14 20:48:34 +00:00 |
|
Chris PeBenito
|
ff7bc148e4
|
move security_t to selinux module
|
2005-06-14 20:40:09 +00:00 |
|
Chris PeBenito
|
be4a8011d4
|
move selinux to selinuxutil
|
2005-06-14 20:12:46 +00:00 |
|
Chris PeBenito
|
8bd6789954
|
move constraints interfaces to domain module. move sysfs and usbfs to
devices module
|
2005-06-14 19:56:46 +00:00 |
|
Chris PeBenito
|
8ae194f629
|
when a generated file is already generated, it shows up in the generated_*
variable, and also the make wildcard, so use sort, since it removes
duplicates.
|
2005-06-14 18:39:55 +00:00 |
|
Chris PeBenito
|
810f2b7155
|
fix typo
|
2005-06-14 18:15:01 +00:00 |
|
Chris PeBenito
|
1beba1c654
|
fix up appconfig, and generate $(installdir)/booleans
|
2005-06-14 18:13:55 +00:00 |
|
Chris PeBenito
|
b57dd19400
|
stray renames in distro_redhat
|
2005-06-14 17:36:21 +00:00 |
|
Chris PeBenito
|
d2d6c8ce17
|
fix makefile to only rebuild modules.conf and tunables.conf explicitly
|
2005-06-14 15:54:55 +00:00 |
|
Chris PeBenito
|
e75f78666c
|
initial commit
|
2005-06-14 14:43:15 +00:00 |
|
Chris PeBenito
|
3eed10909e
|
convert relevant conditionals into tunable_policy
|
2005-06-14 14:43:04 +00:00 |
|
Chris PeBenito
|
92e928e1bd
|
start making genhomedircon work
|
2005-06-13 21:16:05 +00:00 |
|
Chris PeBenito
|
c24ac9c51c
|
rename requires_block_template to gen_require
|
2005-06-13 20:51:09 +00:00 |
|
Chris PeBenito
|
fa7bea8feb
|
rename requires_block_tempalte to gen_require
|
2005-06-13 20:47:04 +00:00 |
|
Chris PeBenito
|
34c8fabeeb
|
tunables work
|
2005-06-13 20:44:23 +00:00 |
|
Chris PeBenito
|
31908be07f
|
a few missed renames, and start fixing up tunables
|
2005-06-13 20:27:32 +00:00 |
|
Chris PeBenito
|
94670f292b
|
fix
|
2005-06-13 20:10:01 +00:00 |
|
Chris PeBenito
|
eec67390d7
|
make summary and description optional in interfaces until we can clean it up
|
2005-06-13 20:03:08 +00:00 |
|
Chris PeBenito
|
5a45e70177
|
rename setattr removable_device_t
|
2005-06-13 20:00:36 +00:00 |
|
Karl MacMillan
|
8700497fb1
|
Updates to documentation.
|
2005-06-13 19:22:00 +00:00 |
|
Chris PeBenito
|
61bbe5312e
|
add "this is a generated file!" comment to top of corenetwork.{te,if}
|
2005-06-13 18:40:08 +00:00 |
|
Chris PeBenito
|
3c6d78b920
|
ul end tag fix, and css tweak
|
2005-06-13 18:07:35 +00:00 |
|
Chris PeBenito
|
fae6ff9aab
|
update from method
|
2005-06-13 17:41:38 +00:00 |
|
Chris PeBenito
|
d9507b1874
|
fix xml
|
2005-06-13 17:40:51 +00:00 |
|
Chris PeBenito
|
c9428d33dc
|
renaming insanity
|
2005-06-13 17:35:46 +00:00 |
|
Chris PeBenito
|
b2bf0b5c98
|
overwrite the generated .te file instead of append
|
2005-06-13 17:32:40 +00:00 |
|
Karl MacMillan
|
f0c985ca80
|
Devices rename.
|
2005-06-13 16:22:32 +00:00 |
|
Chris PeBenito
|
12b559a402
|
move policy.xml to doc, so it doesnt get deleted on a make clean
|
2005-06-13 12:55:56 +00:00 |
|
Chris PeBenito
|
bec110090f
|
make module description optional and interface summary optional until
everything is updated
|
2005-06-10 21:12:55 +00:00 |
|
Chris PeBenito
|
e214f62733
|
html tag updates
|
2005-06-10 20:39:41 +00:00 |
|
Karl MacMillan
|
bef4f00aa9
|
Added missing interface.
|
2005-06-10 14:33:06 +00:00 |
|
Chris PeBenito
|
d46f023278
|
more updates from method
|
2005-06-10 01:35:43 +00:00 |
|
Chris PeBenito
|
0fd9dc55cf
|
renaming insanity
|
2005-06-10 01:01:13 +00:00 |
|
Chris PeBenito
|
24040829d0
|
fix can_exec
|
2005-06-10 01:00:48 +00:00 |
|
Chris PeBenito
|
e1db6e9d0d
|
policy.xml is now in tmp/
|
2005-06-09 23:06:49 +00:00 |
|
Chris PeBenito
|
cab7c00ff4
|
make macro work
|
2005-06-09 23:06:23 +00:00 |
|
Chris PeBenito
|
e3fd778b8f
|
add can_exec
|
2005-06-09 23:06:07 +00:00 |
|
Chris PeBenito
|
1b8d67d157
|
fix
|
2005-06-09 22:46:38 +00:00 |
|
Karl MacMillan
|
c75e65afad
|
Templates for menu ordering change.
|
2005-06-09 21:19:37 +00:00 |
|
Chris PeBenito
|
a154cd45f3
|
reorder
|
2005-06-09 21:07:58 +00:00 |
|
Karl MacMillan
|
d6b0f3712f
|
Fixed doc tool to order menus.
|
2005-06-09 21:05:33 +00:00 |
|
Chris PeBenito
|
5d9417870c
|
speed improvement
|
2005-06-09 20:53:45 +00:00 |
|
Chris PeBenito
|
588ffaeb7f
|
kernel.if renaming
|
2005-06-09 20:50:17 +00:00 |
|
Chris PeBenito
|
eda201efe8
|
more renaming and xml
|
2005-06-09 19:52:50 +00:00 |
|
Chris PeBenito
|
eca5b2dd79
|
rename
|
2005-06-09 19:22:27 +00:00 |
|
Chris PeBenito
|
997bd99521
|
fix bracket display for optional parameters
|
2005-06-09 19:21:32 +00:00 |
|
Chris PeBenito
|
20030ef5d6
|
add back html page generation
|
2005-06-09 19:02:52 +00:00 |
|
Chris PeBenito
|
1601fb3738
|
fixes and remove debug code
|
2005-06-09 19:02:32 +00:00 |
|
Chris PeBenito
|
fe3bd5a557
|
more indentation for modules in the menu
|
2005-06-09 18:56:50 +00:00 |
|
Chris PeBenito
|
eb437dd092
|
initial commit
|
2005-06-09 18:17:25 +00:00 |
|
Chris PeBenito
|
5a3299bd30
|
updates
|
2005-06-09 18:16:51 +00:00 |
|
Chris PeBenito
|
cc41a97c99
|
aliases
|
2005-06-09 18:08:26 +00:00 |
|
Chris PeBenito
|
7591e83cba
|
fix layer in module tag
|
2005-06-09 17:56:38 +00:00 |
|
Chris PeBenito
|
c6ebefd2f2
|
rename
|
2005-06-09 17:51:40 +00:00 |
|
Chris PeBenito
|
d90b274e40
|
for now, drop infoflow tags
|
2005-06-09 17:23:53 +00:00 |
|
Chris PeBenito
|
16e1cf48cd
|
make policy.xml depend on all if's being generated
|
2005-06-09 17:23:23 +00:00 |
|
Chris PeBenito
|
dc67f782e4
|
aliases
|
2005-06-09 17:21:52 +00:00 |
|
Chris PeBenito
|
0a10b1fa12
|
aliases
|
2005-06-09 15:32:23 +00:00 |
|
Chris PeBenito
|
fe040c9777
|
renaming and xml
|
2005-06-09 15:20:31 +00:00 |
|
Chris PeBenito
|
dd822947d2
|
aliases
|
2005-06-09 14:50:48 +00:00 |
|
Chris PeBenito
|
80048ca5d2
|
aliases
|
2005-06-09 14:26:05 +00:00 |
|
Chris PeBenito
|
5d31560b4d
|
genhomedircon entries
|
2005-06-08 22:32:43 +00:00 |
|
Chris PeBenito
|
5552ed88f3
|
initial commit
|
2005-06-08 22:32:33 +00:00 |
|
Chris PeBenito
|
e12e573815
|
better handling of generated files
|
2005-06-08 22:14:26 +00:00 |
|
Chris PeBenito
|
f2e4ab3a99
|
make corenetwork generation explicit, rather then on-the-fly
|
2005-06-08 21:46:39 +00:00 |
|
Chris PeBenito
|
7edd02d4f1
|
aliasing
|
2005-06-08 21:07:03 +00:00 |
|
Chris PeBenito
|
0350b1dc7f
|
support_modules is finally gone, and modules.disable->modules.conf
|
2005-06-08 21:03:00 +00:00 |
|
Chris PeBenito
|
b29d23f315
|
initial commit
|
2005-06-08 20:49:16 +00:00 |
|
Chris PeBenito
|
c2c00bee05
|
add aliases
|
2005-06-08 20:28:45 +00:00 |
|
Karl MacMillan
|
72bdc60860
|
Moved and changed user_mls to gen_user.
|
2005-06-08 20:23:43 +00:00 |
|
Karl MacMillan
|
eb5e237573
|
Renamed support macros for consistency.
|
2005-06-08 20:23:12 +00:00 |
|
Chris PeBenito
|
eac7c31055
|
make infoflow optional
|
2005-06-08 20:08:24 +00:00 |
|
Chris PeBenito
|
dc5daf8b99
|
overhaul
|
2005-06-08 19:57:26 +00:00 |
|
Chris PeBenito
|
9f72a2655f
|
renaming
|
2005-06-08 18:40:30 +00:00 |
|
Chris PeBenito
|
0c5a288e98
|
interface renaming
|
2005-06-08 18:00:04 +00:00 |
|
Chris PeBenito
|
1694dee685
|
interface renaming
|
2005-06-08 16:18:08 +00:00 |
|
Chris PeBenito
|
066d463147
|
comment fix
|
2005-06-08 16:16:41 +00:00 |
|
Chris PeBenito
|
84eb353cd9
|
more fixes
|
2005-06-08 13:44:23 +00:00 |
|
Chris PeBenito
|
a7197232e8
|
add can_exec
|
2005-06-08 13:41:05 +00:00 |
|
Chris PeBenito
|
763c441e3b
|
start renaming filesystem interfaces
|
2005-06-08 13:12:00 +00:00 |
|
Chris PeBenito
|
a9ec5414d1
|
add interface macro
|
2005-06-08 13:11:47 +00:00 |
|
Chris PeBenito
|
b46609f09f
|
fix missing _socket in class
|
2005-06-08 13:08:01 +00:00 |
|
Chris PeBenito
|
3865d6b95e
|
add xml
|
2005-06-07 22:36:07 +00:00 |
|
Chris PeBenito
|
ddea18b0ad
|
more tunable work
|
2005-06-07 22:26:39 +00:00 |
|
Chris PeBenito
|
758618b1f3
|
initial commit
|
2005-06-07 22:26:11 +00:00 |
|
Karl MacMillan
|
6847e8295c
|
First cut at fixing fc_sort.
|
2005-06-07 21:20:14 +00:00 |
|
Chris PeBenito
|
2224ed3aa5
|
remove java
|
2005-06-07 18:50:35 +00:00 |
|
Chris PeBenito
|
9c25fdd816
|
add updated dtd
|
2005-06-07 18:49:44 +00:00 |
|
Chris PeBenito
|
254bbc7bb3
|
start switching over to new tunable infrastructure
|
2005-06-07 18:45:47 +00:00 |
|
Chris PeBenito
|
3a80ec29c6
|
initial tunable tool fixes
|
2005-06-07 18:35:18 +00:00 |
|
Chris PeBenito
|
8fb301e9ab
|
32 is space. ascii <= 32 is all whitespace
|
2005-06-07 18:26:28 +00:00 |
|
Chris PeBenito
|
89ec2321b7
|
initial commit
|
2005-06-07 18:23:00 +00:00 |
|
Chris PeBenito
|
0fbe15dc8a
|
start adding module disable and tunable infrastructure
|
2005-06-07 15:11:47 +00:00 |
|
Chris PeBenito
|
02b584a174
|
initial commit
|
2005-06-07 15:10:43 +00:00 |
|
Chris PeBenito
|
43bc3906c5
|
initial commit
|
2005-06-07 14:46:31 +00:00 |
|
Chris PeBenito
|
2d68932a8d
|
fix broken macros
|
2005-06-07 14:46:20 +00:00 |
|
Chris PeBenito
|
a1d2e8ab29
|
add domain(_auto)_trans
|
2005-06-07 14:43:14 +00:00 |
|
Chris PeBenito
|
eb7f9a34cb
|
move audit to logging
|
2005-06-07 14:27:19 +00:00 |
|
Chris PeBenito
|
ef5e55c9fa
|
move to logging
|
2005-06-07 14:16:14 +00:00 |
|
Chris PeBenito
|
09693356ac
|
fix appconfig dir
|
2005-06-06 18:16:41 +00:00 |
|
Chris PeBenito
|
b67488e36a
|
rework policy build options
|
2005-06-06 18:13:38 +00:00 |
|
Chris PeBenito
|
0c73cd2526
|
change over to some perm set macros. add indentation
|
2005-06-03 12:25:14 +00:00 |
|
Chris PeBenito
|
36e54b81f7
|
initial commit of xml->html conversion
|
2005-06-02 20:39:32 +00:00 |
|
Chris PeBenito
|
4196997813
|
add some indentation
|
2005-06-02 20:26:48 +00:00 |
|
Chris PeBenito
|
d115660e3b
|
change network verb in corenetwork to sendrecv
|
2005-06-02 18:55:47 +00:00 |
|
Chris PeBenito
|
cabfa520aa
|
move fs_use and isids to respective modules
|
2005-06-02 15:39:10 +00:00 |
|
Chris PeBenito
|
ca83afe7e6
|
start breaking up support_macros into macros dir
|
2005-06-02 14:31:31 +00:00 |
|
Chris PeBenito
|
44cda51b4f
|
add some comments. make install target install appconfig files
|
2005-06-01 20:17:47 +00:00 |
|
Chris PeBenito
|
f5d4efd756
|
add missing system_crond_t transition pieces
|
2005-06-01 20:16:36 +00:00 |
|
Chris PeBenito
|
98af6c7763
|
remove extra whitespace
|
2005-06-01 19:18:54 +00:00 |
|
Chris PeBenito
|
de96491bda
|
move global.if to support_macros at top level
|
2005-06-01 19:17:13 +00:00 |
|
Chris PeBenito
|
6d9915d615
|
add missing pieces of crond_t -> $1_crond_t transition
|
2005-06-01 19:01:28 +00:00 |
|
Chris PeBenito
|
0447352aec
|
use variable for dtd. move policy type to variant section
|
2005-06-01 19:01:00 +00:00 |
|
Chris PeBenito
|
004db90d3f
|
do dtd verification on xml. fix current xml to be valid
|
2005-06-01 18:34:34 +00:00 |
|
Chris PeBenito
|
3c62aa31a9
|
fix policy.xml to not have templates for generated interfaces
|
2005-06-01 17:45:06 +00:00 |
|
Chris PeBenito
|
2fc84fd172
|
move user_u and root to users
|
2005-06-01 17:40:22 +00:00 |
|
Chris PeBenito
|
aa40608fbe
|
remove copyright until licensing issues are resolved
|
2005-06-01 17:34:13 +00:00 |
|
Chris PeBenito
|
2926f9c788
|
better handling of appconfig dir
|
2005-06-01 17:27:56 +00:00 |
|
Chris PeBenito
|
f267dfbb8b
|
fix module name in xml
|
2005-06-01 17:27:39 +00:00 |
|
Chris PeBenito
|
134191be67
|
move flask dir to top level, and update them from nsa cvs. move files in
misc to top level. make mls support work.
|
2005-06-01 15:40:37 +00:00 |
|
Chris PeBenito
|
7555aab027
|
initial commit
|
2005-06-01 14:37:51 +00:00 |
|
Chris PeBenito
|
e32d52ba47
|
fix xml
|
2005-06-01 14:17:43 +00:00 |
|
Chris PeBenito
|
1293184998
|
last fixes for cab
|
2005-06-01 13:51:54 +00:00 |
|
Chris PeBenito
|
d115b24712
|
more cab work
|
2005-05-31 23:02:11 +00:00 |
|
Chris PeBenito
|
3b857eae09
|
add some file_t interfaces, and console write
|
2005-05-31 21:25:45 +00:00 |
|
Chris PeBenito
|
b8fca44d3f
|
initial commit
|
2005-05-31 20:39:15 +00:00 |
|
Chris PeBenito
|
b4c3f54eca
|
initial commit
|
2005-05-31 19:53:54 +00:00 |
|
Chris PeBenito
|
4bf4ed9e68
|
permission set macro changes, plus more cab related work
|
2005-05-31 19:52:57 +00:00 |
|
Chris PeBenito
|
08eb9d1a33
|
fix tmpfs assoc call
|
2005-05-31 13:45:37 +00:00 |
|
Chris PeBenito
|
f5c42bd80b
|
many fixes from cab work
|
2005-05-30 21:17:20 +00:00 |
|
Chris PeBenito
|
32e53ac1b8
|
cleanup inspired by sediff
|
2005-05-27 21:56:01 +00:00 |
|
Chris PeBenito
|
16e9b0cb6b
|
rpmbuild_t is not a system domain. also mark it as most likely dead.
|
2005-05-27 21:29:54 +00:00 |
|
Chris PeBenito
|
c6fd1f85ba
|
restructure users, and add signalling
|
2005-05-27 20:44:05 +00:00 |
|
Chris PeBenito
|
07da0af7bd
|
tmpfs associate for redhat
|
2005-05-27 20:43:37 +00:00 |
|
Chris PeBenito
|
dd31631500
|
fix ordering and put in var_lib_t
|
2005-05-27 20:29:17 +00:00 |
|
Chris PeBenito
|
d490eb6b5c
|
fixes from cab
|
2005-05-26 20:38:45 +00:00 |
|
Chris PeBenito
|
c220381539
|
initial commit
|
2005-05-26 15:50:53 +00:00 |
|
Chris PeBenito
|
efd8ede34d
|
many fixes from cab testing
|
2005-05-25 20:58:21 +00:00 |
|
Chris PeBenito
|
c9a26b3e95
|
add in appconfig files
|
2005-05-25 20:58:09 +00:00 |
|
Chris PeBenito
|
10abae75d9
|
initial commit
|
2005-05-25 19:52:21 +00:00 |
|
Chris PeBenito
|
cbeef67c1c
|
cleanup
|
2005-05-24 22:22:26 +00:00 |
|
Chris PeBenito
|
3b3bf871a7
|
cleanup
|
2005-05-24 21:41:29 +00:00 |
|
Chris PeBenito
|
6f3dab294e
|
initial commit
|
2005-05-24 21:32:34 +00:00 |
|
Chris PeBenito
|
7d7a36af98
|
initial commit
|
2005-05-24 21:23:39 +00:00 |
|
Chris PeBenito
|
e7fcdc6d2f
|
fix the object class in process transition interfaces
|
2005-05-24 20:45:27 +00:00 |
|
Chris PeBenito
|
547283e29a
|
more fixes
|
2005-05-24 20:44:31 +00:00 |
|
Chris PeBenito
|
c907b3e2c7
|
cleanup for corenetwork interface generation
|
2005-05-24 17:34:29 +00:00 |
|
Chris PeBenito
|
88c72f4408
|
a few touchups
|
2005-05-24 17:31:39 +00:00 |
|
Chris PeBenito
|
dc771ff40e
|
another cleanup pass
|
2005-05-24 15:55:57 +00:00 |
|
Chris PeBenito
|
6276f10155
|
instead of using macros to drop out non-macro calls during corenetwork
interface generation, use grep to get the macro calls and feed to m4
|
2005-05-24 15:52:57 +00:00 |
|
Chris PeBenito
|
992aba5f15
|
initial commit
|
2005-05-23 17:56:47 +00:00 |
|
Chris PeBenito
|
6b48fd013c
|
stuff from rpm
|
2005-05-23 17:56:35 +00:00 |
|
Chris PeBenito
|
57440fb076
|
add dontaudit shadow_t getattr
|
2005-05-23 17:56:26 +00:00 |
|
Chris PeBenito
|
957e269eb2
|
fix tmpfs associate infoflow
|
2005-05-23 17:56:00 +00:00 |
|
Chris PeBenito
|
39255175ca
|
move in stuff from rpm
|
2005-05-23 17:01:51 +00:00 |
|
Chris PeBenito
|
15a9613ca4
|
add ldconfig and rpm transitions
|
2005-05-23 15:51:33 +00:00 |
|
Chris PeBenito
|
162a57e583
|
add missing xml
|
2005-05-23 15:50:12 +00:00 |
|
Chris PeBenito
|
46410fd2b9
|
add tmpfsfile support
|
2005-05-23 15:49:31 +00:00 |
|
Chris PeBenito
|
1c9f9a50df
|
add signull all domains
|
2005-05-23 15:49:03 +00:00 |
|
Chris PeBenito
|
3000a31552
|
make transition on shell work
|
2005-05-23 15:48:45 +00:00 |
|
Chris PeBenito
|
c4309768f1
|
add transitions
|
2005-05-23 15:47:13 +00:00 |
|
Chris PeBenito
|
48e0dbd63e
|
add ldconfig
|
2005-05-23 15:45:53 +00:00 |
|
Chris PeBenito
|
e32c0d3b86
|
add mls sensitivity to genfscon, initial sids and fs_use
|
2005-05-20 20:43:18 +00:00 |
|
Chris PeBenito
|
0d0d2bafd6
|
add mls port support
|
2005-05-20 20:23:25 +00:00 |
|
Chris PeBenito
|
085faa06ff
|
add xml comments to generated sections, and add mls support to interfaces
and nodes
|
2005-05-20 20:07:42 +00:00 |
|
Chris PeBenito
|
daa0e0b01f
|
add xml comments to interfaces, convert over userdomain stuff
|
2005-05-19 21:06:06 +00:00 |
|
Chris PeBenito
|
bee546bfd4
|
add context template to support mls
|
2005-05-18 21:02:15 +00:00 |
|
Chris PeBenito
|
26c87e0c42
|
add userdomain:fd use
|
2005-05-18 21:00:56 +00:00 |
|
Chris PeBenito
|
490639cd57
|
add a xml comment
|
2005-05-18 21:00:30 +00:00 |
|
Chris PeBenito
|
2e77b29e67
|
add xml
|
2005-05-18 21:00:00 +00:00 |
|
Chris PeBenito
|
494e988f80
|
fix xml
|
2005-05-18 20:59:38 +00:00 |
|
Chris PeBenito
|
6d314fd3c1
|
add xml doc generation
|
2005-05-18 20:58:13 +00:00 |
|
Chris PeBenito
|
8623d5b854
|
move run_init to selinux, as it is part of policycoreutils
|
2005-05-18 16:03:54 +00:00 |
|
Chris PeBenito
|
1786071159
|
rename some selinuxfs interfaces for more clarity
|
2005-05-18 13:22:37 +00:00 |
|
Chris PeBenito
|
ef373408a6
|
add source policy interfaces
|
2005-05-18 13:21:28 +00:00 |
|
Chris PeBenito
|
5817e3a820
|
add renice all domains
|
2005-05-18 13:21:00 +00:00 |
|
Chris PeBenito
|
759ba0a459
|
add get all filesystems quotas
|
2005-05-18 13:20:38 +00:00 |
|
Chris PeBenito
|
76bff31d96
|
add admin template
|
2005-05-18 13:20:16 +00:00 |
|
Chris PeBenito
|
c3dff2e0a2
|
add device_node:{ chr_file blk_file } getattr;
|
2005-05-18 13:19:51 +00:00 |
|
Chris PeBenito
|
4d8ddf9a4f
|
start adding admin template
|
2005-05-18 13:18:49 +00:00 |
|
Chris PeBenito
|
dd14d0d892
|
change read_shared_libraries to use_shared_libraries, since the execute
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
|
2005-05-17 15:32:52 +00:00 |
|
Chris PeBenito
|
650e75c57d
|
initial commit
|
2005-05-16 21:11:26 +00:00 |
|
Chris PeBenito
|
b16c6b8c32
|
start adding user domains. fix ttynode and ptynode handling, as they're
more then user terminals (at least ptynode is). start adding XML comments
|
2005-05-16 21:10:33 +00:00 |
|
Chris PeBenito
|
c6a3a22457
|
add more parts to send_mail and drop transition since its more then a transition
|
2005-05-13 20:52:28 +00:00 |
|
Chris PeBenito
|
ff31386090
|
move make_{daemon,init,system}_domain to init to fix type_transition'ing
|
2005-05-13 20:21:50 +00:00 |
|
Chris PeBenito
|
24a7ae1a5a
|
add lvm.fc, and move relevant entries to devices.fc and storage.fc
|
2005-05-13 15:03:19 +00:00 |
|
Chris PeBenito
|
7bba9d317a
|
pile of updates
|
2005-05-13 14:37:13 +00:00 |
|
Chris PeBenito
|
1bde8321dd
|
initial commit
|
2005-05-13 14:36:35 +00:00 |
|
Chris PeBenito
|
075c4fdaf1
|
additions for cron and mta
|
2005-05-12 20:50:09 +00:00 |
|
Chris PeBenito
|
fd9deeb8ee
|
reorg and a fix
|
2005-05-12 20:49:39 +00:00 |
|
Chris PeBenito
|
d18e3d73bb
|
add crontab
|
2005-05-11 20:55:40 +00:00 |
|
Chris PeBenito
|
fb1aee72f4
|
add iface creating private logs
|
2005-05-11 20:54:14 +00:00 |
|
Chris PeBenito
|
d25dd9c1c2
|
add make temporary_file and daemon_runtime_file
|
2005-05-11 19:36:36 +00:00 |
|
Chris PeBenito
|
38e24ae49e
|
add files_make_temporary_file and remove type attribute from
create_private_tmp
|
2005-05-11 19:21:40 +00:00 |
|
Chris PeBenito
|
0b1af28713
|
fix logging_make_log_file use
|
2005-05-11 19:11:14 +00:00 |
|
Chris PeBenito
|
23caa6d147
|
initial commit
|
2005-05-11 19:05:50 +00:00 |
|
Chris PeBenito
|
24280a524d
|
updates needed for cron
|
2005-05-11 19:05:15 +00:00 |
|
Chris PeBenito
|
3ec805f7e5
|
add read and search for etc_t:dir
|
2005-05-11 16:48:10 +00:00 |
|
Chris PeBenito
|
118186e3dc
|
make a reasonable lib_t interface
|
2005-05-11 15:46:51 +00:00 |
|
Chris PeBenito
|
1832271029
|
reorder for more consistency
|
2005-05-11 15:22:28 +00:00 |
|
Chris PeBenito
|
dec1686f0b
|
oops
|
2005-05-10 20:25:20 +00:00 |
|
Chris PeBenito
|
6b674012fc
|
reorder for more consistency
|
2005-05-10 20:24:26 +00:00 |
|
Chris PeBenito
|
b3416a3762
|
initial commit
|
2005-05-10 20:06:19 +00:00 |
|
Chris PeBenito
|
eeb2558418
|
leftover from netutils
|
2005-05-10 20:06:04 +00:00 |
|
Chris PeBenito
|
f8ec0ad43b
|
initial commit
|
2005-05-10 19:51:00 +00:00 |
|
Chris PeBenito
|
63a310c8cf
|
leftover from modutils
|
2005-05-10 19:50:41 +00:00 |
|
Chris PeBenito
|
279b555ae3
|
reorder to fit file context style rules
|
2005-05-10 19:47:37 +00:00 |
|
Chris PeBenito
|
0f3be6dbbb
|
initial commit
|
2005-05-10 15:31:48 +00:00 |
|
Chris PeBenito
|
6f50b57665
|
use ptys
|
2005-05-10 15:03:56 +00:00 |
|
Chris PeBenito
|
2812bfac86
|
fix hotplug optional
|
2005-05-10 15:00:54 +00:00 |
|
Chris PeBenito
|
35b2fb4d41
|
add v4l_device_t
|
2005-05-10 14:12:10 +00:00 |
|
Chris PeBenito
|
46be1f32ca
|
add printer_device_t
|
2005-05-10 13:59:10 +00:00 |
|
Chris PeBenito
|
13e94c09e4
|
more authlogin handling
|
2005-05-09 21:07:53 +00:00 |
|
Chris PeBenito
|
5c162193b7
|
move system_chkpwd to .te rather then using template, so that the
ifelse(system,..) can be eliminated
|
2005-05-09 21:06:51 +00:00 |
|
Chris PeBenito
|
cb28738d20
|
priv* attribute fixes for sulogin
|
2005-05-09 21:05:01 +00:00 |
|
Chris PeBenito
|
c18e825f57
|
unexpand can_kerberos
|
2005-05-09 21:03:38 +00:00 |
|
Chris PeBenito
|
a9a20ddaae
|
allow all domains to use /dev/{zero,null,tty}
|
2005-05-09 19:55:01 +00:00 |
|
Chris PeBenito
|
e843cc89fd
|
reorder restorecon and setfiles relabel rules for consistency
|
2005-05-09 19:06:56 +00:00 |
|
Chris PeBenito
|
a1f94a3441
|
clean up authentication attributes
|
2005-05-09 18:50:20 +00:00 |
|
Chris PeBenito
|
96b0000f1b
|
start adding infrastructure for the constraint exceptions
|
2005-05-09 17:47:57 +00:00 |
|
Chris PeBenito
|
18f25afdf6
|
start adding infrastructure for the constraint exceptions
|
2005-05-09 17:41:29 +00:00 |
|
Chris PeBenito
|
c5b5a7479a
|
cleanup
|
2005-05-09 15:40:56 +00:00 |
|
Chris PeBenito
|
5d7e8ba6fb
|
add sulogin
|
2005-05-09 15:38:06 +00:00 |
|
Chris PeBenito
|
15e3d8e8bc
|
initial commit
|
2005-05-09 13:26:33 +00:00 |
|
Chris PeBenito
|
8e02803ce3
|
add lvm_vg interfaces and do a little cleanup
|
2005-05-06 21:36:11 +00:00 |
|
Chris PeBenito
|
b2b38c78d4
|
initial commit
|
2005-05-05 21:40:32 +00:00 |
|
Chris PeBenito
|
ec81ecb30c
|
add read fonts
|
2005-05-05 21:36:53 +00:00 |
|
Chris PeBenito
|
44a43b680b
|
interfaces needed for clock
|
2005-05-05 21:19:18 +00:00 |
|
Chris PeBenito
|
2274f9ae4a
|
initial commit
|
2005-05-05 21:18:27 +00:00 |
|
Chris PeBenito
|
0fef98c405
|
add legacy read locale
|
2005-05-05 20:33:35 +00:00 |
|
Chris PeBenito
|
0634b6e77e
|
fix per_userdomain_templates macro generation
|
2005-05-05 19:38:22 +00:00 |
|
Chris PeBenito
|
ebf7600f20
|
cleanup
|
2005-05-05 19:04:51 +00:00 |
|
Chris PeBenito
|
bbd6a62111
|
convert over to system_domain, plus a couple init cleanups
|
2005-05-05 18:30:00 +00:00 |
|
Chris PeBenito
|
4fc91539f6
|
initial commit
|
2005-05-05 17:44:36 +00:00 |
|
Chris PeBenito
|
d0eddb6b0d
|
add in system_domain
|
2005-05-05 17:44:11 +00:00 |
|
Chris PeBenito
|
f66a1af94b
|
move type delcarations after attribute delcarations to fix a typeattribute
ordering issue. comment out the TODO types with a # so they don't get moved
|
2005-05-05 14:08:26 +00:00 |
|
Chris PeBenito
|
23af43bfef
|
fix depends
|
2005-05-05 14:02:32 +00:00 |
|
Chris PeBenito
|
df431c87fb
|
add missing copyright and policy_module lines
|
2005-05-05 14:01:59 +00:00 |
|
Chris PeBenito
|
f1470e5ede
|
rules picked up from sediff
|
2005-05-04 21:44:51 +00:00 |
|
Chris PeBenito
|
849380bd9a
|
add usermanage
|
2005-05-04 19:15:13 +00:00 |
|
Chris PeBenito
|
1e5c2a416a
|
more conversion
|
2005-05-04 17:01:46 +00:00 |
|
Chris PeBenito
|
bd202fe157
|
clean up interfaces for new binary module optional structure
|
2005-05-04 13:19:47 +00:00 |
|
Chris PeBenito
|
f1578d05a9
|
stuff from sysnetwork
|
2005-05-04 13:16:34 +00:00 |
|
Chris PeBenito
|
0bc32e04de
|
a few more copied over
|
2005-05-04 13:16:09 +00:00 |
|
Chris PeBenito
|
0d7ad32935
|
start moving in dhcpc and ifconfig
|
2005-05-04 13:14:48 +00:00 |
|
Chris PeBenito
|
75a10baf44
|
add in pam console
|
2005-05-03 21:04:20 +00:00 |
|
Chris PeBenito
|
b2e0625ca1
|
more conversion due to new interfaces
|
2005-05-03 20:44:35 +00:00 |
|
Chris PeBenito
|
3ce6cb4a45
|
fill pam and utempter authlogin policy and fix up interfaces
|
2005-05-03 20:23:33 +00:00 |
|
Chris PeBenito
|
07d6e32f44
|
reorg run_init a little, and add a convert to a few new interfaces
|
2005-05-02 21:02:14 +00:00 |
|
Chris PeBenito
|
ab64c30fc3
|
add newrole:fd use
|
2005-05-02 21:01:31 +00:00 |
|
Chris PeBenito
|
3a9aef9246
|
updates
|
2005-05-02 21:01:08 +00:00 |
|
Chris PeBenito
|
6b93833ba0
|
initial commit
|
2005-05-02 19:24:29 +00:00 |
|
Chris PeBenito
|
25baab18d1
|
switch over to tunable_policy and optional_policy
|
2005-05-02 19:22:58 +00:00 |
|
Chris PeBenito
|
f360f82f54
|
fix stupid _depend define errors (s/ifdef/define/g)
|
2005-05-02 19:19:06 +00:00 |
|
Chris PeBenito
|
67484fced4
|
add ignore read system state
|
2005-05-02 18:42:33 +00:00 |
|
Chris PeBenito
|
de2cee6817
|
add tty_device_t and devpts_t chr_file interfaces
|
2005-05-02 18:42:10 +00:00 |
|
Chris PeBenito
|
dfaf6c2ad8
|
add authlogin_read_pam_runtime_data and cleanup interfaces
|
2005-05-02 18:41:20 +00:00 |
|
Chris PeBenito
|
9f2f9e6dfe
|
add ignore read rootfs file
|
2005-05-02 18:40:42 +00:00 |
|
Chris PeBenito
|
d0b6abebb9
|
add in use and ignore use init control channel interfaces
|
2005-05-02 18:40:05 +00:00 |
|
Chris PeBenito
|
ba7740d145
|
handful of changes
|
2005-05-02 18:38:02 +00:00 |
|
Chris PeBenito
|
c3c58c5d8e
|
move in rule from hotplug
|
2005-05-02 18:37:24 +00:00 |
|
Chris PeBenito
|
1b909968df
|
add in missing policy_module line
|
2005-05-02 18:36:51 +00:00 |
|
Chris PeBenito
|
fc83dba9a0
|
domains not needed for execute interface
|
2005-05-02 18:36:11 +00:00 |
|
Chris PeBenito
|
85bd7f1ffa
|
add in transition and execute interfaces, and newrole sigchld interface
|
2005-05-02 18:18:45 +00:00 |
|
Chris PeBenito
|
5eafc37492
|
add append to /dev/null write
|
2005-05-02 15:42:20 +00:00 |
|
Chris PeBenito
|
e9a6fcb8f1
|
fix privfd
|
2005-04-29 21:00:40 +00:00 |
|
Chris PeBenito
|
4472f3ec01
|
doh
|
2005-04-29 21:00:29 +00:00 |
|
Chris PeBenito
|
7009881cc0
|
add in missing devices
|
2005-04-29 20:35:49 +00:00 |
|
Chris PeBenito
|
05a5cdccc3
|
add a few missing ports, and ppp_device_t
|
2005-04-29 20:22:04 +00:00 |
|
Chris PeBenito
|
a7ed44d531
|
initial commit
|
2005-04-29 20:16:38 +00:00 |
|
Chris PeBenito
|
a2d8246bf6
|
make mountpoints work, plus misc
|
2005-04-28 21:41:09 +00:00 |
|
Chris PeBenito
|
07efe969fe
|
initial local login commit
|
2005-04-28 19:50:58 +00:00 |
|
Chris PeBenito
|
ee5772e455
|
add bulk of selinux module policy, and add required interfaces
|
2005-04-28 18:59:01 +00:00 |
|
Chris PeBenito
|
f9cfa192a4
|
minor fixes
|
2005-04-28 18:58:39 +00:00 |
|
Chris PeBenito
|
b5860610b4
|
missed that sysctl_dev is a dir too
|
2005-04-28 15:52:42 +00:00 |
|
Chris PeBenito
|
3009816bcd
|
convert over optional policy to optional_policy macro
|
2005-04-28 15:48:27 +00:00 |
|
Chris PeBenito
|
55a46da18a
|
add console setattr if
|
2005-04-28 15:47:50 +00:00 |
|
Chris PeBenito
|
4fbd2ee111
|
remove entrypoint assertion
|
2005-04-28 15:46:53 +00:00 |
|
Chris PeBenito
|
4600e08867
|
reorganize the policy
|
2005-04-28 15:46:23 +00:00 |
|
Chris PeBenito
|
dfb86adde5
|
initial commit
|
2005-04-28 15:45:32 +00:00 |
|
Chris PeBenito
|
b5ab18b3f1
|
initial commit
|
2005-04-28 13:41:37 +00:00 |
|
Chris PeBenito
|
55f4564e31
|
start merging in rules from daemon domain
|
2005-04-27 21:56:41 +00:00 |
|
Chris PeBenito
|
889c9a9789
|
add init_t:fd use interface and initrc pty rw interface
|
2005-04-27 21:56:12 +00:00 |
|
Chris PeBenito
|
bcd35991d1
|
daemon domain allows noatsecure siginh rlimitinh, not dontaudit
|
2005-04-27 21:55:18 +00:00 |
|
Chris PeBenito
|
8119850297
|
add console dontaudit
|
2005-04-27 21:54:39 +00:00 |
|
Chris PeBenito
|
3016a9ff95
|
initial commit
|
2005-04-26 21:12:52 +00:00 |
|
Chris PeBenito
|
f9438fdfd1
|
add search all dirs
|
2005-04-26 21:12:32 +00:00 |
|
Chris PeBenito
|
e064a64b0e
|
move system_chkpwd to fix ordering issue with checkpolicy
|
2005-04-26 21:10:11 +00:00 |
|
Chris PeBenito
|
8beec89d27
|
add legacy lib use
|
2005-04-26 19:10:29 +00:00 |
|
Chris PeBenito
|
960373dddd
|
add module statement macro and entrypoint executable attribute to replicate
can_exec($1,exec_type)
|
2005-04-26 17:00:25 +00:00 |
|
Chris PeBenito
|
94edcc5c83
|
fix tmp_domain
|
2005-04-25 21:44:48 +00:00 |
|
Chris PeBenito
|
5f75f56066
|
move modules_object_t back to bootloader
|
2005-04-25 21:32:09 +00:00 |
|
Chris PeBenito
|
91a7ab6cb3
|
add sysnetwork
|
2005-04-25 21:28:25 +00:00 |
|
Chris PeBenito
|
b303042477
|
add missing transition dontaudits
|
2005-04-25 21:07:59 +00:00 |
|
Chris PeBenito
|
549180e874
|
initial commit
|
2005-04-25 20:13:45 +00:00 |
|
Chris PeBenito
|
219bcf7a8f
|
attack with sediff, make fs:getattr interfaces consistent, create init and
daemon domains
|
2005-04-25 19:54:27 +00:00 |
|
Chris PeBenito
|
a266e3cc83
|
restructure kernel module to be consistent with other module ordering. put
in missing rules. fix naming problems
|
2005-04-25 16:11:21 +00:00 |
|
Chris PeBenito
|
343a231d5f
|
reorg
|
2005-04-22 22:00:09 +00:00 |
|
Chris PeBenito
|
22e1131e23
|
fix te trans error
|
2005-04-22 22:00:02 +00:00 |
|
Chris PeBenito
|
8a0da1086c
|
make getattr and setattr interfaces and make naming consistent
|
2005-04-22 19:31:32 +00:00 |
|
Chris PeBenito
|
33bc0dd994
|
clean up some filesystem assoc
|
2005-04-21 22:46:49 +00:00 |
|
Chris PeBenito
|
0e730cc8e1
|
complete corenetwork
|
2005-04-21 21:53:15 +00:00 |
|
Chris PeBenito
|
1f7b37c585
|
insmod can be run directly from kernel; fix update_modules errors
|
2005-04-21 21:35:45 +00:00 |
|
Chris PeBenito
|
9eb5e812fe
|
exec and transition interfaces, plus include mod object symlinks in reading modules
|
2005-04-21 21:34:47 +00:00 |
|
Chris PeBenito
|
32b5029cc5
|
uncomment test file
|
2005-04-21 21:34:08 +00:00 |
|
Chris PeBenito
|
5a95221115
|
add devlog_t symlink to loggers
|
2005-04-21 21:33:50 +00:00 |
|
Chris PeBenito
|
bf9e1e3f72
|
logging and modutils updates
|
2005-04-21 21:32:54 +00:00 |
|
Chris PeBenito
|
033c80e683
|
rename files_manage_general_lock_files() to more appropriate files_manage_system_lock_files()
|
2005-04-21 13:35:01 +00:00 |
|
Chris PeBenito
|
7c5d78fbca
|
more insmod work, bring in depmod and update_modules
|
2005-04-20 21:00:01 +00:00 |
|
Chris PeBenito
|
bd76460f61
|
more comments
|
2005-04-20 19:14:56 +00:00 |
|
Chris PeBenito
|
099c8b2475
|
remove unneeded genfs_contexts
|
2005-04-20 19:10:59 +00:00 |
|
Chris PeBenito
|
e181fe05d8
|
add copyright statement
|
2005-04-20 19:07:16 +00:00 |
|
Chris PeBenito
|
0154356271
|
initial commit
|
2005-04-20 13:24:10 +00:00 |
|
Chris PeBenito
|
879b00fe60
|
initial commit
|
2005-04-19 21:08:13 +00:00 |
|
Chris PeBenito
|
67e2ff428c
|
initial commit
|
2005-04-19 20:51:05 +00:00 |
|
Chris PeBenito
|
f0872d22b4
|
add cap sys_rawio to raw memory access interfaces
|
2005-04-19 20:47:29 +00:00 |
|
Chris PeBenito
|
c4890efc00
|
add per-userdomain template, and shadow_t interfaces
|
2005-04-19 20:45:54 +00:00 |
|
Chris PeBenito
|
3ba13bbf03
|
add all types for this module
|
2005-04-19 20:45:24 +00:00 |
|
Chris PeBenito
|
4ddc1abd78
|
add all types for this module, and add klogd policy
|
2005-04-19 20:44:52 +00:00 |
|
Chris PeBenito
|
8c77177b75
|
add interface to send syslog messages
|
2005-04-19 20:44:07 +00:00 |
|
Chris PeBenito
|
5050e500fe
|
use interface to send syslog messages
|
2005-04-19 20:43:44 +00:00 |
|
Chris PeBenito
|
b470e3896b
|
initial commit
|
2005-04-19 20:42:32 +00:00 |
|
Chris PeBenito
|
f0578249d1
|
reorganize and add rootfs dontaudits
|
2005-04-19 18:58:16 +00:00 |
|
Chris PeBenito
|
7aebdb853d
|
add rootfs dontaudits for use in init.te
|
2005-04-19 18:57:13 +00:00 |
|
Chris PeBenito
|
053f6a200a
|
add dontaudit fs getattr
|
2005-04-19 18:56:47 +00:00 |
|
Chris PeBenito
|
88d14a22b6
|
bring over more targets from strict policy, and add more checking
|
2005-04-19 13:53:51 +00:00 |
|
Chris PeBenito
|
5496553038
|
kernel can load modules
|
2005-04-19 13:52:45 +00:00 |
|
Chris PeBenito
|
7f89c7efc6
|
hold off on improving
|
2005-04-19 13:46:06 +00:00 |
|
Chris PeBenito
|
1ea98d0407
|
remove relabeling privilege for now
|
2005-04-18 20:27:16 +00:00 |
|
Chris PeBenito
|
57d236548b
|
move assert.te here
|
2005-04-18 20:17:25 +00:00 |
|
Chris PeBenito
|
5d78128fda
|
add interface to associate to filesystems w/o xattr. allow regular files to
associate to no xattr filesystems
|
2005-04-16 17:20:59 +00:00 |
|
Chris PeBenito
|
70dcf798e9
|
add boot_runtime_t
|
2005-04-16 17:18:34 +00:00 |
|
Chris PeBenito
|
b4cd153394
|
initial commit
|
2005-04-14 20:18:17 +00:00 |
|