Chris PeBenito
|
2e0a880165
|
changed rules fixes
|
2005-11-10 21:37:54 +00:00 |
|
Chris PeBenito
|
725926c586
|
pile of sediff fixes
|
2005-11-08 22:00:30 +00:00 |
|
Chris PeBenito
|
8967bf8b89
|
merge in some of dan's old policy changes
|
2005-11-07 20:09:28 +00:00 |
|
Chris PeBenito
|
7afca0b4c1
|
user tty fixes
|
2005-11-03 19:33:53 +00:00 |
|
Don Miner
|
8f882ffcd9
|
Added rules so that tracepath, traceroute and ping work.
|
2005-11-02 20:44:17 +00:00 |
|
Chris PeBenito
|
73ef293bc5
|
fixes just so sediff is easier to handle
|
2005-11-01 21:15:11 +00:00 |
|
Chris PeBenito
|
31a1c2df88
|
fix filesystem associations
|
2005-11-01 15:45:00 +00:00 |
|
Chris PeBenito
|
30910b37c6
|
more fixes
|
2005-10-31 22:19:16 +00:00 |
|
Chris PeBenito
|
f0f18e0734
|
typo
|
2005-10-28 15:12:23 +00:00 |
|
Chris PeBenito
|
495a7026d9
|
add missing range transition
|
2005-10-28 15:09:03 +00:00 |
|
Chris PeBenito
|
005a9aa6e2
|
initrc fixes
|
2005-10-28 14:34:26 +00:00 |
|
Chris PeBenito
|
4614e83fbb
|
more fixing
|
2005-10-26 21:03:19 +00:00 |
|
Chris PeBenito
|
33acca55ce
|
pile o fixes
|
2005-10-26 16:00:13 +00:00 |
|
Chris PeBenito
|
c3cf6693c7
|
try to fix associations
|
2005-10-25 20:06:27 +00:00 |
|
Chris PeBenito
|
2aec1461b4
|
use our own interface to make maintenance easier
|
2005-10-25 18:13:47 +00:00 |
|
Chris PeBenito
|
7eec657c86
|
add default_t read back
|
2005-10-25 18:00:42 +00:00 |
|
Chris PeBenito
|
60789e16d0
|
fixes
|
2005-10-25 02:51:07 +00:00 |
|
Don Miner
|
c11417c4df
|
Reduced the number of differences in amanda between the targeted and the refpolicy
|
2005-10-24 21:35:50 +00:00 |
|
Chris PeBenito
|
67167371a5
|
fix most of samba
|
2005-10-24 21:33:46 +00:00 |
|
Chris PeBenito
|
7ebd6a9079
|
add proc_net lnk
|
2005-10-24 20:25:59 +00:00 |
|
Chris PeBenito
|
30705b6bc0
|
fixes
|
2005-10-24 19:50:21 +00:00 |
|
Chris PeBenito
|
9bbc757a76
|
more fix
|
2005-10-24 18:40:24 +00:00 |
|
Chris PeBenito
|
15fefa4958
|
remove bin policy and kern module assertions for now
|
2005-10-24 15:10:03 +00:00 |
|
Chris PeBenito
|
1480d3ad21
|
fix mls r_t
|
2005-10-24 14:22:13 +00:00 |
|
Chris PeBenito
|
34e722f3cd
|
more sediff
|
2005-10-24 14:15:29 +00:00 |
|
Chris PeBenito
|
710791f1a4
|
more missing types
|
2005-10-24 03:52:35 +00:00 |
|
Chris PeBenito
|
19b5555f77
|
more fixes
|
2005-10-24 03:21:26 +00:00 |
|
Chris PeBenito
|
43989f82f8
|
add rpc
|
2005-10-24 01:53:13 +00:00 |
|
Chris PeBenito
|
2db2c7d099
|
fixes from sediff
|
2005-10-24 00:54:39 +00:00 |
|
Chris PeBenito
|
f85544209a
|
nwmgr fixes
|
2005-10-23 22:46:06 +00:00 |
|
Chris PeBenito
|
ef5ca0fb79
|
add cups
|
2005-10-23 22:10:59 +00:00 |
|
Chris PeBenito
|
230838e117
|
add pegasus
|
2005-10-22 21:55:39 +00:00 |
|
Chris PeBenito
|
ad3b9d76dc
|
add lpd
|
2005-10-22 21:09:03 +00:00 |
|
Chris PeBenito
|
10b1f324d5
|
add amanda
|
2005-10-22 19:58:58 +00:00 |
|
Chris PeBenito
|
1f8a8bbbbd
|
more sediff fixes
|
2005-10-21 22:56:41 +00:00 |
|
Chris PeBenito
|
e6a2eaffdf
|
more fixes
|
2005-10-21 21:35:25 +00:00 |
|
Chris PeBenito
|
da4fc9ce2b
|
sediff fixes
|
2005-10-21 19:36:49 +00:00 |
|
Chris PeBenito
|
23a4442bf1
|
add xdm
|
2005-10-21 17:55:15 +00:00 |
|
Chris PeBenito
|
cf6141a72e
|
fix corenetwork generation and add distcc
|
2005-10-21 13:11:17 +00:00 |
|
Chris PeBenito
|
12ae7557d3
|
piles of fixes for loadable modules
|
2005-10-18 18:25:33 +00:00 |
|
Chris PeBenito
|
c3812748c3
|
misc fixes
|
2005-10-18 15:07:11 +00:00 |
|
Chris PeBenito
|
e749cd12a6
|
wrap up almost all of apache
|
2005-10-17 17:55:38 +00:00 |
|
Chris PeBenito
|
e08118a52f
|
add ppp
|
2005-10-14 20:00:07 +00:00 |
|
Chris PeBenito
|
d8636fc937
|
more merging from 1.27.1-15
|
2005-10-14 17:55:40 +00:00 |
|
Chris PeBenito
|
77f6e2cd27
|
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
|
2005-10-13 20:59:36 +00:00 |
|
Chris PeBenito
|
c2b18fa1f3
|
more apache work
|
2005-10-12 16:23:22 +00:00 |
|
Chris PeBenito
|
4483ee849c
|
add apm and arpwatch. fix implementation error on fs_getattr_all_files,
splitting it up into correct interfaces.
|
2005-10-10 18:11:46 +00:00 |
|
Chris PeBenito
|
e02c61cfa4
|
rename context_template() to gen_context()
|
2005-10-06 19:33:06 +00:00 |
|
Chris PeBenito
|
a5ec7cb6c4
|
more pieces of ftp
|
2005-09-29 13:32:28 +00:00 |
|
Chris PeBenito
|
f0574fa9aa
|
add mls privileges
|
2005-09-26 20:26:32 +00:00 |
|
Chris PeBenito
|
6d788d87d1
|
comment fix
|
2005-09-26 20:24:44 +00:00 |
|
Chris PeBenito
|
842859260c
|
add kudzu
|
2005-09-23 19:38:34 +00:00 |
|
Chris PeBenito
|
0058418017
|
remove classes from gen_requires, and disable net_raw for now
|
2005-09-23 15:37:41 +00:00 |
|
Chris PeBenito
|
681c9a02e7
|
fixes from sediff
|
2005-09-22 21:59:50 +00:00 |
|
Chris PeBenito
|
25c6746156
|
loadable module compile fixes
|
2005-09-21 20:01:40 +00:00 |
|
Chris PeBenito
|
9210553ecb
|
add cpucontrol
|
2005-09-20 18:15:35 +00:00 |
|
Chris PeBenito
|
a1fcff33f2
|
final updates from nsa cvs
|
2005-09-19 21:17:45 +00:00 |
|
Chris PeBenito
|
41c4800de4
|
a few module compile fixes
|
2005-09-19 14:18:48 +00:00 |
|
Chris PeBenito
|
cf6a7d8993
|
more upstream merging
|
2005-09-16 21:20:37 +00:00 |
|
Chris PeBenito
|
cff75c90ca
|
more upstream merging
|
2005-09-16 19:36:10 +00:00 |
|
Chris PeBenito
|
ccc5978224
|
add snmp
|
2005-09-16 14:54:36 +00:00 |
|
Chris PeBenito
|
a0824843c2
|
more merging from nsa cvs
|
2005-09-16 13:36:26 +00:00 |
|
Chris PeBenito
|
98a8ead4c5
|
more updates
|
2005-09-15 21:03:29 +00:00 |
|
Chris PeBenito
|
605ba28540
|
more merging from nsa cvs
|
2005-09-15 15:34:31 +00:00 |
|
Chris PeBenito
|
84c92239d4
|
add samba
|
2005-09-14 18:33:53 +00:00 |
|
Chris PeBenito
|
71fe0fa4c5
|
fixes for module compiling
|
2005-09-14 00:30:10 +00:00 |
|
Chris PeBenito
|
0907bda1e0
|
more merging of NSA CVS policy
|
2005-09-13 13:06:07 +00:00 |
|
Chris PeBenito
|
2705f9a0f3
|
begin merging in upstream NSA CVS changes
|
2005-09-12 21:40:56 +00:00 |
|
Chris PeBenito
|
712566ee41
|
fixes to make base module compilable
|
2005-09-12 15:17:39 +00:00 |
|
Chris PeBenito
|
603f90ab9d
|
misc fixes
|
2005-09-05 18:17:17 +00:00 |
|
Chris PeBenito
|
b11a75a5e3
|
add ntp
|
2005-09-05 16:47:19 +00:00 |
|
Chris PeBenito
|
fdae8e755e
|
add hal
|
2005-09-02 20:29:52 +00:00 |
|
Chris PeBenito
|
0f707d52ab
|
add squid
|
2005-09-02 19:11:07 +00:00 |
|
Chris PeBenito
|
9d3bdc25af
|
fix bugs uncovered from sediff
|
2005-09-01 20:13:42 +00:00 |
|
Chris PeBenito
|
6af06cd8b6
|
fix typos
|
2005-08-31 16:54:19 +00:00 |
|
Chris PeBenito
|
6e61566dba
|
add comsat. clean up kerberos and nscd interfaces
|
2005-08-31 15:25:12 +00:00 |
|
Chris PeBenito
|
246839f3d2
|
fix up most of mta attribute insanity
|
2005-08-30 20:47:41 +00:00 |
|
Chris PeBenito
|
d83fdad248
|
add bind
|
2005-08-23 17:26:19 +00:00 |
|
Chris PeBenito
|
f6e28abbab
|
moved to selinux module
|
2005-08-19 20:05:02 +00:00 |
|
Chris PeBenito
|
fb0a3a98c6
|
initial support for compiling loadable modules
|
2005-08-18 21:27:20 +00:00 |
|
Chris PeBenito
|
2d803edc73
|
more debian cleanup
|
2005-08-17 14:09:29 +00:00 |
|
Chris PeBenito
|
5f38a65aab
|
try to knock out more of the distro_debian bootloader stuff
|
2005-08-15 19:31:37 +00:00 |
|
Chris PeBenito
|
8843093607
|
more comments
|
2005-08-12 19:28:30 +00:00 |
|
Chris PeBenito
|
f0b1efa2a2
|
all dev nodes assoc to tmpfs, since most everyone is moving to udev
|
2005-08-12 19:28:15 +00:00 |
|
Chris PeBenito
|
35b494789d
|
fix some udev naming
|
2005-08-12 18:13:03 +00:00 |
|
Chris PeBenito
|
f7ebea06e3
|
finalize desc -> summary xml change
|
2005-08-11 17:46:39 +00:00 |
|
Chris PeBenito
|
052c953ae5
|
add quota
|
2005-08-11 14:49:58 +00:00 |
|
Chris PeBenito
|
9489149ec0
|
add su
|
2005-08-08 21:03:23 +00:00 |
|
Chris PeBenito
|
dce68dc48d
|
add updfstab
|
2005-08-08 15:51:15 +00:00 |
|
Chris PeBenito
|
e5590ea5ec
|
work on user transition
|
2005-07-28 20:52:55 +00:00 |
|
Chris PeBenito
|
022f61c0e3
|
add connect interface on ports to handle name_connect tcp perm
|
2005-07-22 15:38:01 +00:00 |
|
Chris PeBenito
|
50527cf581
|
make network_interface able to support multiple interfaces having the same type
|
2005-07-22 14:00:38 +00:00 |
|
Chris PeBenito
|
ef424c14d4
|
name_connect only on tcp_sockets
|
2005-07-20 17:10:07 +00:00 |
|
Chris PeBenito
|
9496fd5119
|
unconfined can name_connect to all ports
|
2005-07-20 17:08:07 +00:00 |
|
Chris PeBenito
|
d250634311
|
reorder kernel policy, add attributes for sysctl and proc entries. fix unconfined interface
|
2005-07-20 17:06:10 +00:00 |
|
Chris PeBenito
|
f82c6ac64c
|
bah typo
|
2005-07-20 15:08:33 +00:00 |
|
Chris PeBenito
|
1e3f610b3b
|
add missing dir and file perms for selinuxfs in unconfined
|
2005-07-20 14:57:13 +00:00 |
|
Chris PeBenito
|
2ec4c9d38f
|
more cleanup
|
2005-07-19 18:40:31 +00:00 |
|
Chris PeBenito
|
a5f339f134
|
more cleanup in system
|
2005-07-18 18:31:49 +00:00 |
|
Chris PeBenito
|
50aca6d2f9
|
add raid (mdadm)
|
2005-07-15 20:45:26 +00:00 |
|
Chris PeBenito
|
d9fd8e7562
|
more pcmcia cleanup
|
2005-07-15 19:18:55 +00:00 |
|
Chris PeBenito
|
50f6503452
|
* break up files_getattr_all_files into correct interfaces
* move stuff out of pcmcia into the appropriate modules
|
2005-07-15 15:17:57 +00:00 |
|
Chris PeBenito
|
f136a944c5
|
reorder in alpha order of type, for sanity purposes
|
2005-07-15 14:30:19 +00:00 |
|
Chris PeBenito
|
11633bbaa8
|
add ipsec
|
2005-07-14 18:15:47 +00:00 |
|
Chris PeBenito
|
df00b2e235
|
* fix chroot exec interface
* more TODO cleanup
* move IPC out of generic domtrans interfaces
|
2005-07-13 18:29:08 +00:00 |
|
Chris PeBenito
|
b24f35d8a3
|
more cleanup of current TODOs
|
2005-07-12 20:34:24 +00:00 |
|
Chris PeBenito
|
4051d15b62
|
fix xml
|
2005-07-11 19:15:54 +00:00 |
|
Chris PeBenito
|
ae9e2716c3
|
fix more TODOs. fix selinux.te to selinuxutil.te in optionals
|
2005-07-11 19:02:50 +00:00 |
|
Chris PeBenito
|
a42ca7ebec
|
another round of TODO cleanup
|
2005-07-08 20:44:57 +00:00 |
|
Chris PeBenito
|
1aa526281b
|
missing rules uncovered by sediff
|
2005-07-07 15:20:24 +00:00 |
|
Chris PeBenito
|
c98340cfeb
|
support for targeted policy
|
2005-07-06 20:28:29 +00:00 |
|
Chris PeBenito
|
9726b31857
|
add unconfined
|
2005-07-05 20:59:51 +00:00 |
|
Chris PeBenito
|
2745476e4a
|
add required tags
|
2005-07-05 17:47:15 +00:00 |
|
Chris PeBenito
|
fd89e19f12
|
more work on current modules
|
2005-06-30 18:54:08 +00:00 |
|
Chris PeBenito
|
ebdc3b7902
|
clean up more todos
|
2005-06-29 20:53:53 +00:00 |
|
Chris PeBenito
|
d233bfce3f
|
make layer summary required
|
2005-06-29 16:54:13 +00:00 |
|
Chris PeBenito
|
8fd3673225
|
another round of renaming, for consistency
|
2005-06-29 14:26:41 +00:00 |
|
Chris PeBenito
|
cbca03f513
|
add lost_found_t manage, rename fs_type attribute to filesystem_type and rename fs_make_fs to fs_type
|
2005-06-28 17:48:59 +00:00 |
|
Chris PeBenito
|
783b38347e
|
more low hanging fruit cleanup
|
2005-06-28 17:32:57 +00:00 |
|
Chris PeBenito
|
58c3da55f3
|
add fstools, and more cleanup
|
2005-06-27 20:59:28 +00:00 |
|
Chris PeBenito
|
ab940a4cc1
|
autofs_t and ypbind cleanup
|
2005-06-27 16:30:55 +00:00 |
|
Chris PeBenito
|
62a7b02c5b
|
add/update comments
|
2005-06-24 13:36:57 +00:00 |
|
Chris PeBenito
|
414e415198
|
update for new documentation method
|
2005-06-23 21:30:57 +00:00 |
|
Chris PeBenito
|
261e0e66ee
|
shorten some xml tags
|
2005-06-23 16:00:05 +00:00 |
|
Chris PeBenito
|
2a3478cf15
|
fixes pointed out by steve, plus fixes revealed by the added assertions
|
2005-06-23 14:19:56 +00:00 |
|
Chris PeBenito
|
9ccd96dfc6
|
more work on ssh, plus import ssh-agent
|
2005-06-22 21:14:48 +00:00 |
|
Chris PeBenito
|
199895e201
|
move all interfaces over to the interface macro. add traceback debugging info
|
2005-06-22 19:21:31 +00:00 |
|
Chris PeBenito
|
cbc9d6951a
|
remove remaining _depend macros to prep for switchover to interface declaration macro
|
2005-06-22 16:07:14 +00:00 |
|
Chris PeBenito
|
0404a3903a
|
initial commit of ssh.
|
2005-06-21 21:07:46 +00:00 |
|
Chris PeBenito
|
21871a5cf6
|
work on newrole policy
|
2005-06-21 17:01:45 +00:00 |
|
Chris PeBenito
|
e04b8e7832
|
initial commit
|
2005-06-20 18:43:14 +00:00 |
|
Chris PeBenito
|
57869a681e
|
XML: encapsulate modules in layers, rather then layer being an attribute of
module tag
|
2005-06-20 18:40:44 +00:00 |
|
Chris PeBenito
|
7a2f20a315
|
more work to clean up and complete current modules
|
2005-06-20 17:41:29 +00:00 |
|
Chris PeBenito
|
2ba9a794db
|
interface review, and remove net_raw from raw node sends. only give
capability for raw send on an interface
|
2005-06-17 19:17:57 +00:00 |
|
Chris PeBenito
|
bc1fbab472
|
interface review, and remove net_raw from raw node sends. only give
capability for raw send on an interface
|
2005-06-17 18:59:34 +00:00 |
|
Chris PeBenito
|
a7c3a1b920
|
eliminate _depend macros
|
2005-06-16 21:06:29 +00:00 |
|
Chris PeBenito
|
0e721690dc
|
misc cleanup
|
2005-06-16 20:54:18 +00:00 |
|
Chris PeBenito
|
d35c621eb0
|
add a couple more nfs and cifs interfaces, to cover most of the
use_(nfs|cifs)_home_dirs tunable
|
2005-06-16 20:33:51 +00:00 |
|
Chris PeBenito
|
828e03f635
|
initial commit
|
2005-06-15 13:53:48 +00:00 |
|
Chris PeBenito
|
5e0da6a03e
|
finish renaming system/selinux to system/selinuxutil
|
2005-06-14 20:48:34 +00:00 |
|
Chris PeBenito
|
ff7bc148e4
|
move security_t to selinux module
|
2005-06-14 20:40:09 +00:00 |
|
Chris PeBenito
|
8bd6789954
|
move constraints interfaces to domain module. move sysfs and usbfs to
devices module
|
2005-06-14 19:56:46 +00:00 |
|
Chris PeBenito
|
b57dd19400
|
stray renames in distro_redhat
|
2005-06-14 17:36:21 +00:00 |
|
Chris PeBenito
|
c24ac9c51c
|
rename requires_block_template to gen_require
|
2005-06-13 20:51:09 +00:00 |
|
Chris PeBenito
|
fa7bea8feb
|
rename requires_block_tempalte to gen_require
|
2005-06-13 20:47:04 +00:00 |
|
Chris PeBenito
|
5a45e70177
|
rename setattr removable_device_t
|
2005-06-13 20:00:36 +00:00 |
|
Karl MacMillan
|
8700497fb1
|
Updates to documentation.
|
2005-06-13 19:22:00 +00:00 |
|
Chris PeBenito
|
d9507b1874
|
fix xml
|
2005-06-13 17:40:51 +00:00 |
|
Chris PeBenito
|
c9428d33dc
|
renaming insanity
|
2005-06-13 17:35:46 +00:00 |
|
Karl MacMillan
|
f0c985ca80
|
Devices rename.
|
2005-06-13 16:22:32 +00:00 |
|