Chris PeBenito
5a2649cefd
cleanup
2005-09-14 19:27:30 +00:00
Chris PeBenito
84c92239d4
add samba
2005-09-14 18:33:53 +00:00
Chris PeBenito
4479b31614
require fix
2005-09-14 15:41:46 +00:00
Chris PeBenito
71fe0fa4c5
fixes for module compiling
2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0
more merging of NSA CVS policy
2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3
begin merging in upstream NSA CVS changes
2005-09-12 21:40:56 +00:00
Chris PeBenito
082dcd9eb2
add base mod changelog entry
2005-09-12 15:58:44 +00:00
Chris PeBenito
712566ee41
fixes to make base module compilable
2005-09-12 15:17:39 +00:00
Chris PeBenito
2e863f8ad0
add first part of changes to make base module compilable
2005-09-09 20:51:54 +00:00
Chris PeBenito
0fdf3ef75e
fix sshd to use initrc transition while typeattribute in conditionals is still broken
2005-09-09 20:49:59 +00:00
Chris PeBenito
9ff3003346
add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work
2005-09-09 13:24:11 +00:00
Chris PeBenito
eb3cb6820a
add portmap
2005-09-08 17:12:38 +00:00
Chris PeBenito
d17b4d2323
add ktalk
2005-09-08 13:42:13 +00:00
Chris PeBenito
9b06402eaf
add missing rules of other domains using inn
2005-09-08 13:23:11 +00:00
Chris PeBenito
541b7d57ff
new release
2005-09-07 16:15:51 +00:00
Chris PeBenito
763a5e30c6
misc fixes
2005-09-07 13:31:37 +00:00
Chris PeBenito
8d93523409
add inn
2005-09-06 18:37:27 +00:00
Chris PeBenito
603f90ab9d
misc fixes
2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3
add ntp
2005-09-05 16:47:19 +00:00
Chris PeBenito
ce1b44aac4
typo
2005-09-02 20:55:17 +00:00
Chris PeBenito
ac0483aefe
add dictd
2005-09-02 20:50:54 +00:00
Chris PeBenito
fdae8e755e
add hal
2005-09-02 20:29:52 +00:00
Chris PeBenito
f344c0f38e
move dhcpd to dhcp
2005-09-02 19:18:43 +00:00
Chris PeBenito
0f707d52ab
add squid
2005-09-02 19:11:07 +00:00
Chris PeBenito
7c8fc35b14
add dhcpd
2005-09-02 14:52:08 +00:00
Chris PeBenito
9d3bdc25af
fix bugs uncovered from sediff
2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13
move rhgb_domain into TODO so modules can compile as binary modules
2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf
finish remaining dbus bits
2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578
add dbus
2005-08-31 20:58:12 +00:00
Chris PeBenito
6af06cd8b6
fix typos
2005-08-31 16:54:19 +00:00
Chris PeBenito
768283ac46
cosmetics
2005-08-31 16:49:30 +00:00
Chris PeBenito
6e61566dba
add comsat. clean up kerberos and nscd interfaces
2005-08-31 15:25:12 +00:00
Chris PeBenito
246839f3d2
fix up most of mta attribute insanity
2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59
send user role to per userdomain templates. update templated interfaces
...
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
e5d45268fd
make corecommands required
2005-08-30 14:41:52 +00:00
Chris PeBenito
a19e346437
doctool display for no interfaces or templates
2005-08-29 19:55:00 +00:00
Chris PeBenito
37aa3ff267
update for release
2005-08-26 15:02:23 +00:00
Chris PeBenito
9439a25899
update config, switch most to module
2005-08-26 13:30:59 +00:00
Chris PeBenito
2a94561a89
start adding in templated interfaces
2005-08-25 20:27:20 +00:00
Chris PeBenito
d4df0aa62c
remove bad changelog date
2005-08-25 14:49:31 +00:00
Chris PeBenito
c6299b2a1b
add rpm spec skeleton
2005-08-24 20:42:15 +00:00
Chris PeBenito
6d12276bf5
fix quoting
2005-08-24 20:18:28 +00:00
Chris PeBenito
e28aa682c7
reformat for use in rpm
2005-08-24 20:18:06 +00:00
Chris PeBenito
3110dec4f3
fix tunables
2005-08-24 20:00:10 +00:00
Chris PeBenito
82024f9942
do bools until loadable modules support tunables
2005-08-24 18:30:47 +00:00
Chris PeBenito
d83fdad248
add bind
2005-08-23 17:26:19 +00:00
Chris PeBenito
902be0ae21
add privoxy
2005-08-22 21:49:27 +00:00
Chris PeBenito
35ecf83839
add rsync
2005-08-22 21:17:10 +00:00
Chris PeBenito
f9b11e9615
add howl
2005-08-22 20:43:20 +00:00
Chris PeBenito
4b8c5489ec
move require to right position, for modular policy
2005-08-22 20:18:42 +00:00
Chris PeBenito
a6df70c11a
more comments
2005-08-22 20:05:40 +00:00
Chris PeBenito
8b75b07055
remove comment about monolithic only supported
2005-08-22 18:28:45 +00:00
Chris PeBenito
c04f2abe88
complete infrastructure support for building modules
2005-08-22 17:07:17 +00:00
Chris PeBenito
db93d707c5
mark userpace object classes
2005-08-22 14:13:19 +00:00
Chris PeBenito
f6e28abbab
moved to selinux module
2005-08-19 20:05:02 +00:00
Chris PeBenito
28f0329c78
for base module, only enable modules actually in it
2005-08-19 20:00:05 +00:00
Chris PeBenito
fb0a3a98c6
initial support for compiling loadable modules
2005-08-18 21:27:20 +00:00
Chris PeBenito
f862c35c37
add gpm
2005-08-17 21:28:31 +00:00
Chris PeBenito
2961e79b55
add ldap
2005-08-17 18:33:43 +00:00
Chris PeBenito
23ca91f8bb
cleanup
2005-08-17 17:31:57 +00:00
Chris PeBenito
545b0c9176
add rshd
2005-08-17 15:23:24 +00:00
Chris PeBenito
886907ccef
add firstboot
2005-08-17 15:08:12 +00:00
Chris PeBenito
57a96cbd0b
add firstboot
2005-08-17 14:14:07 +00:00
Chris PeBenito
2d803edc73
more debian cleanup
2005-08-17 14:09:29 +00:00
Chris PeBenito
a573790b4d
make default for optional modules to module instead of base
2005-08-15 20:31:37 +00:00
Chris PeBenito
4806a05cfb
fix broken xml of previous commit
2005-08-15 19:35:20 +00:00
Chris PeBenito
5f38a65aab
try to knock out more of the distro_debian bootloader stuff
2005-08-15 19:31:37 +00:00
Chris PeBenito
21468a6076
add loadkeys
2005-08-15 14:46:17 +00:00
Chris PeBenito
8843093607
more comments
2005-08-12 19:28:30 +00:00
Chris PeBenito
f0b1efa2a2
all dev nodes assoc to tmpfs, since most everyone is moving to udev
2005-08-12 19:28:15 +00:00
Chris PeBenito
c5a6dcbc3e
quiet file context validation
2005-08-12 18:15:00 +00:00
Chris PeBenito
35b494789d
fix some udev naming
2005-08-12 18:13:03 +00:00
Chris PeBenito
aae06c1306
fix system spool file problem
2005-08-12 17:54:55 +00:00
Chris PeBenito
d06f3c3752
remove secdesc since desc is sufficient
2005-08-11 17:55:47 +00:00
Chris PeBenito
f7ebea06e3
finalize desc -> summary xml change
2005-08-11 17:46:39 +00:00
Chris PeBenito
4aa0dc20b4
add tcpd
2005-08-11 15:17:13 +00:00
Chris PeBenito
e694b51e6b
fix no interface module handling in segenxml
2005-08-11 14:55:41 +00:00
Chris PeBenito
052c953ae5
add quota
2005-08-11 14:49:58 +00:00
Chris PeBenito
5a3895a9f6
tabbing fix
2005-08-11 14:35:52 +00:00
Chris PeBenito
e784300a62
add sudo
2005-08-09 19:30:43 +00:00
Chris PeBenito
b9d7d70b33
add template xml
2005-08-09 19:21:25 +00:00
Chris PeBenito
9489149ec0
add su
2005-08-08 21:03:23 +00:00
Chris PeBenito
9465452eec
fix gen_user comment for more clarity
2005-08-08 18:13:56 +00:00
Chris PeBenito
dce68dc48d
add updfstab
2005-08-08 15:51:15 +00:00
Chris PeBenito
f5e321b0f0
fix xml tags
2005-08-08 15:43:20 +00:00
Chris PeBenito
7057c18db0
a few more ssh touchups
2005-08-05 18:49:23 +00:00
Chris PeBenito
ed78ea0034
add tmpreaper
2005-08-05 15:32:27 +00:00
Chris PeBenito
9a66d4e562
add acct
2005-08-05 14:32:12 +00:00
Chris PeBenito
3fd8336882
misc cleanup
2005-08-04 20:54:51 +00:00
Chris PeBenito
42be7c214d
add mysql
2005-08-03 17:56:26 +00:00
Chris PeBenito
046a21da80
search sbin dirs to find the pgms
2005-08-03 17:43:41 +00:00
Chris PeBenito
81343a6f90
* Rename ipsec connect interface for consistency.
...
* Add missing parts of unix stream socket connect interface
of ipsec.
* Rename inetd connect interface for consistency.
2005-08-03 15:16:33 +00:00
Chris PeBenito
52a902b803
new release
2005-08-02 14:54:30 +00:00
Chris PeBenito
6db8e52a8f
new release
2005-08-02 14:51:50 +00:00
Chris PeBenito
60abb5fdab
add missing
2005-08-01 15:58:14 +00:00
Chris PeBenito
cd8fa41253
fix comparison bug
2005-08-01 15:49:05 +00:00
Chris PeBenito
96a150deac
move file context validation to install
2005-07-29 20:49:52 +00:00
Chris PeBenito
bbdbdb9edf
fix stray line that got out of TODO
2005-07-29 15:07:15 +00:00
Chris PeBenito
e5590ea5ec
work on user transition
2005-07-28 20:52:55 +00:00
Chris PeBenito
c13146d97a
update
2005-07-27 21:01:19 +00:00
Chris PeBenito
78d30cb1f4
Fix handling of ordered and unordered HTML lists.
2005-07-22 19:15:49 +00:00
Chris PeBenito
022f61c0e3
add connect interface on ports to handle name_connect tcp perm
2005-07-22 15:38:01 +00:00
Chris PeBenito
50527cf581
make network_interface able to support multiple interfaces having the same type
2005-07-22 14:00:38 +00:00
Chris PeBenito
953541a918
update from privmail
2005-07-21 20:34:57 +00:00
Chris PeBenito
80526ccbdd
add an example module config for a targeted policy
2005-07-20 20:11:49 +00:00
Chris PeBenito
ea7d571bd7
/var/lib is now a mountpoint
2005-07-20 17:36:48 +00:00
Chris PeBenito
53857c8c05
unconfined can pass all constraints
2005-07-20 17:24:23 +00:00
Chris PeBenito
ef424c14d4
name_connect only on tcp_sockets
2005-07-20 17:10:07 +00:00
Chris PeBenito
9496fd5119
unconfined can name_connect to all ports
2005-07-20 17:08:07 +00:00
Chris PeBenito
d250634311
reorder kernel policy, add attributes for sysctl and proc entries. fix unconfined interface
2005-07-20 17:06:10 +00:00
Chris PeBenito
f82c6ac64c
bah typo
2005-07-20 15:08:33 +00:00
Chris PeBenito
0b28a23114
user home dirs were missing file type in targ policy
2005-07-20 15:06:49 +00:00
Chris PeBenito
1e3f610b3b
add missing dir and file perms for selinuxfs in unconfined
2005-07-20 14:57:13 +00:00
Chris PeBenito
689f6ddb35
fix typos and import some rules from NSA cvs to make targeted policy work
2005-07-20 14:25:24 +00:00
Chris PeBenito
474f43d13d
should actually try compiling first :x
2005-07-20 13:39:10 +00:00
Chris PeBenito
bd7e7a6417
missed a line
2005-07-20 13:37:18 +00:00
Chris PeBenito
a28f6db576
add in some rules from NSA CVS to make targeted policy work
2005-07-20 13:30:06 +00:00
Chris PeBenito
8c3f438f75
corenet was missing from unconfined
2005-07-19 20:38:26 +00:00
Chris PeBenito
892266ca76
more targeted policy fixes
2005-07-19 20:26:02 +00:00
Chris PeBenito
21f47732b1
add new netlink socket class
2005-07-19 20:25:42 +00:00
Chris PeBenito
ec848d247f
more fixes for targeted
2005-07-19 19:37:43 +00:00
Chris PeBenito
2ec4c9d38f
more cleanup
2005-07-19 18:40:31 +00:00
Chris PeBenito
8b0bbdda34
fixes for targeted policy
2005-07-19 18:40:19 +00:00
Chris PeBenito
391edeb577
fix assertions for framework
2005-07-18 20:17:21 +00:00
Chris PeBenito
a5f339f134
more cleanup in system
2005-07-18 18:31:49 +00:00
Chris PeBenito
9f103ce14b
fix to use context_template()
2005-07-18 14:25:05 +00:00
Chris PeBenito
3b6174a142
add missing context template
2005-07-15 20:54:24 +00:00
Chris PeBenito
50aca6d2f9
add raid (mdadm)
2005-07-15 20:45:26 +00:00
Chris PeBenito
d9fd8e7562
more pcmcia cleanup
2005-07-15 19:18:55 +00:00
Chris PeBenito
157c69416f
add macro to expand object class sets for use in require blocks
2005-07-15 15:53:54 +00:00
Chris PeBenito
50f6503452
* break up files_getattr_all_files into correct interfaces
...
* move stuff out of pcmcia into the appropriate modules
2005-07-15 15:17:57 +00:00
Chris PeBenito
f136a944c5
reorder in alpha order of type, for sanity purposes
2005-07-15 14:30:19 +00:00
Chris PeBenito
316553a275
add pcmcia
2005-07-14 20:58:57 +00:00
Chris PeBenito
e0d57fbcb1
add pcmcia
2005-07-14 20:57:17 +00:00
Chris PeBenito
c429cb5e26
fix up the xml
2005-07-14 20:02:53 +00:00
Chris PeBenito
11633bbaa8
add ipsec
2005-07-14 18:15:47 +00:00
Chris PeBenito
493d6c4adc
add nscd
2005-07-13 20:48:51 +00:00
Chris PeBenito
df00b2e235
* fix chroot exec interface
...
* more TODO cleanup
* move IPC out of generic domtrans interfaces
2005-07-13 18:29:08 +00:00
Chris PeBenito
25a0c61ffc
add distro tunables. expand on a few comments
2005-07-13 18:08:12 +00:00
Chris PeBenito
b24f35d8a3
more cleanup of current TODOs
2005-07-12 20:34:24 +00:00
Chris PeBenito
20a22759a7
fix comments for templates to have same number of # as interfaces
2005-07-12 20:33:42 +00:00
Chris PeBenito
4051d15b62
fix xml
2005-07-11 19:15:54 +00:00
Chris PeBenito
ae9e2716c3
fix more TODOs. fix selinux.te to selinuxutil.te in optionals
2005-07-11 19:02:50 +00:00
Chris PeBenito
34bbe50d50
improve display of tunables and booleans
2005-07-11 14:41:21 +00:00
Chris PeBenito
4d7511ba57
add tun and bool descriptions
2005-07-11 13:49:15 +00:00
Chris PeBenito
249d461f23
initial global booleans and tunables support. also fix index
...
building, as it was being rebuilt for every module, rather then
once after all modules are loaded.
2005-07-08 21:02:59 +00:00
Chris PeBenito
a42ca7ebec
another round of TODO cleanup
2005-07-08 20:44:57 +00:00
Chris PeBenito
4d0d4157f4
silly formatting fix
2005-07-08 19:44:12 +00:00
Chris PeBenito
c11958bd0f
support for global booleans
2005-07-08 14:22:17 +00:00
Chris PeBenito
acb668edf1
* Added support for layer summaries.
...
* Added a "Index" link on the menu to link to index.html
* Added links from the master interface & template lists
to their respective documentation in their module.
* Added links to "Interfaces" and "Templates" in modules
that have both.
* Added "Return" links after the "Interfaces" and "Templates"
section that go to the top of the module site.
2005-07-07 20:56:27 +00:00