Commit Graph

1026 Commits

Author SHA1 Message Date
Chris PeBenito
e81f0220b6 add template support, and add dummy parameters for interfaces that have no comments, so it is valid against the dtd 2005-06-24 13:36:22 +00:00
Chris PeBenito
414e415198 update for new documentation method 2005-06-23 21:30:57 +00:00
Chris PeBenito
aad5b98eba more updates 2005-06-23 20:35:48 +00:00
Chris PeBenito
c3a0754c23 a couple output fixes 2005-06-23 20:27:25 +00:00
Chris PeBenito
9916c694b4 update to new commenting style 2005-06-23 20:27:06 +00:00
Chris PeBenito
45239964e5 move ssh tunables into global_tunables 2005-06-23 19:57:15 +00:00
Chris PeBenito
95db422832 initial commit of segenxml. add support in Makefile 2005-06-23 19:55:23 +00:00
Chris PeBenito
19ea99d495 fix 2005-06-23 16:06:39 +00:00
Chris PeBenito
7c2b84e7a1 fix for shortened tags 2005-06-23 16:06:25 +00:00
Chris PeBenito
261e0e66ee shorten some xml tags 2005-06-23 16:00:05 +00:00
Chris PeBenito
d3b892e4fd convert a couple network macros 2005-06-23 15:44:18 +00:00
Chris PeBenito
007ca5600c more setcurrent stuff 2005-06-23 15:37:39 +00:00
Chris PeBenito
2a3478cf15 fixes pointed out by steve, plus fixes revealed by the added assertions 2005-06-23 14:19:56 +00:00
Chris PeBenito
9ccd96dfc6 more work on ssh, plus import ssh-agent 2005-06-22 21:14:48 +00:00
Chris PeBenito
199895e201 move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00
Chris PeBenito
cbc9d6951a remove remaining _depend macros to prep for switchover to interface declaration macro 2005-06-22 16:07:14 +00:00
Chris PeBenito
0404a3903a initial commit of ssh. 2005-06-21 21:07:46 +00:00
Chris PeBenito
21871a5cf6 work on newrole policy 2005-06-21 17:01:45 +00:00
Chris PeBenito
7fb9c1c72b change doctool to bring in line with the xml tag change (layers encapsulate
modules)
2005-06-20 20:31:58 +00:00
Chris PeBenito
e04b8e7832 initial commit 2005-06-20 18:43:14 +00:00
Chris PeBenito
57869a681e XML: encapsulate modules in layers, rather then layer being an attribute of
module tag
2005-06-20 18:40:44 +00:00
Chris PeBenito
7a2f20a315 more work to clean up and complete current modules 2005-06-20 17:41:29 +00:00
Chris PeBenito
2ba9a794db interface review, and remove net_raw from raw node sends. only give
capability for raw send on an interface
2005-06-17 19:17:57 +00:00
Chris PeBenito
bc1fbab472 interface review, and remove net_raw from raw node sends. only give
capability for raw send on an interface
2005-06-17 18:59:34 +00:00
Chris PeBenito
c9b7f1a28e add rw_term_perms 2005-06-17 18:56:23 +00:00
Chris PeBenito
5e6f9e5aac services interfaces review 2005-06-17 18:41:07 +00:00
Chris PeBenito
7f2e39b8e6 review of admin interfaces 2005-06-17 18:27:08 +00:00
Chris PeBenito
139520a233 review of system interfaces 2005-06-17 17:59:26 +00:00
Chris PeBenito
a7c3a1b920 eliminate _depend macros 2005-06-16 21:06:29 +00:00
Chris PeBenito
0e721690dc misc cleanup 2005-06-16 20:54:18 +00:00
Chris PeBenito
562cc2bd6c reorder gpg tunable for alpha sorting 2005-06-16 20:34:57 +00:00
Chris PeBenito
d35c621eb0 add a couple more nfs and cifs interfaces, to cover most of the
use_(nfs|cifs)_home_dirs tunable
2005-06-16 20:33:51 +00:00
Chris PeBenito
77c124c8cd eliminate _depend macros 2005-06-16 20:30:59 +00:00
Chris PeBenito
8c2f3ac695 have can_exec add a require block 2005-06-16 20:30:07 +00:00
Chris PeBenito
4ce9bdf0aa fix 2005-06-15 21:08:58 +00:00
Chris PeBenito
815ff39128 initialize description to None so missing descriptions dont show wrong data 2005-06-15 20:53:19 +00:00
Chris PeBenito
102a59ba77 add comments for clean and bare 2005-06-15 15:45:54 +00:00
Chris PeBenito
337e4afa22 for use until we have a full README 2005-06-15 15:34:44 +00:00
Chris PeBenito
c592e52e38 add install-src target 2005-06-15 14:14:20 +00:00
Chris PeBenito
f08f5a030e initial commit 2005-06-15 14:10:38 +00:00
Chris PeBenito
c7b41e9536 add CFLAGS, and drop -C from install since it doesn't exist in all distros,
and its function is useless
2005-06-15 14:08:18 +00:00
Chris PeBenito
8eaa723d28 put user line in col 1, since genhomedircon breaks otherwise 2005-06-15 14:07:20 +00:00
Chris PeBenito
828e03f635 initial commit 2005-06-15 13:53:48 +00:00
Chris PeBenito
5e0da6a03e finish renaming system/selinux to system/selinuxutil 2005-06-14 20:48:34 +00:00
Chris PeBenito
ff7bc148e4 move security_t to selinux module 2005-06-14 20:40:09 +00:00
Chris PeBenito
be4a8011d4 move selinux to selinuxutil 2005-06-14 20:12:46 +00:00
Chris PeBenito
8bd6789954 move constraints interfaces to domain module. move sysfs and usbfs to
devices module
2005-06-14 19:56:46 +00:00
Chris PeBenito
8ae194f629 when a generated file is already generated, it shows up in the generated_*
variable, and also the make wildcard, so use sort, since it removes
duplicates.
2005-06-14 18:39:55 +00:00
Chris PeBenito
810f2b7155 fix typo 2005-06-14 18:15:01 +00:00
Chris PeBenito
1beba1c654 fix up appconfig, and generate $(installdir)/booleans 2005-06-14 18:13:55 +00:00
Chris PeBenito
b57dd19400 stray renames in distro_redhat 2005-06-14 17:36:21 +00:00
Chris PeBenito
d2d6c8ce17 fix makefile to only rebuild modules.conf and tunables.conf explicitly 2005-06-14 15:54:55 +00:00
Chris PeBenito
e75f78666c initial commit 2005-06-14 14:43:15 +00:00
Chris PeBenito
3eed10909e convert relevant conditionals into tunable_policy 2005-06-14 14:43:04 +00:00
Chris PeBenito
92e928e1bd start making genhomedircon work 2005-06-13 21:16:05 +00:00
Chris PeBenito
c24ac9c51c rename requires_block_template to gen_require 2005-06-13 20:51:09 +00:00
Chris PeBenito
fa7bea8feb rename requires_block_tempalte to gen_require 2005-06-13 20:47:04 +00:00
Chris PeBenito
34c8fabeeb tunables work 2005-06-13 20:44:23 +00:00
Chris PeBenito
31908be07f a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00
Chris PeBenito
94670f292b fix 2005-06-13 20:10:01 +00:00
Chris PeBenito
eec67390d7 make summary and description optional in interfaces until we can clean it up 2005-06-13 20:03:08 +00:00
Chris PeBenito
5a45e70177 rename setattr removable_device_t 2005-06-13 20:00:36 +00:00
Karl MacMillan
8700497fb1 Updates to documentation. 2005-06-13 19:22:00 +00:00
Chris PeBenito
61bbe5312e add "this is a generated file!" comment to top of corenetwork.{te,if} 2005-06-13 18:40:08 +00:00
Chris PeBenito
3c6d78b920 ul end tag fix, and css tweak 2005-06-13 18:07:35 +00:00
Chris PeBenito
fae6ff9aab update from method 2005-06-13 17:41:38 +00:00
Chris PeBenito
d9507b1874 fix xml 2005-06-13 17:40:51 +00:00
Chris PeBenito
c9428d33dc renaming insanity 2005-06-13 17:35:46 +00:00
Chris PeBenito
b2bf0b5c98 overwrite the generated .te file instead of append 2005-06-13 17:32:40 +00:00
Karl MacMillan
f0c985ca80 Devices rename. 2005-06-13 16:22:32 +00:00
Chris PeBenito
12b559a402 move policy.xml to doc, so it doesnt get deleted on a make clean 2005-06-13 12:55:56 +00:00
Chris PeBenito
bec110090f make module description optional and interface summary optional until
everything is updated
2005-06-10 21:12:55 +00:00
Chris PeBenito
e214f62733 html tag updates 2005-06-10 20:39:41 +00:00
Karl MacMillan
bef4f00aa9 Added missing interface. 2005-06-10 14:33:06 +00:00
Chris PeBenito
d46f023278 more updates from method 2005-06-10 01:35:43 +00:00
Chris PeBenito
0fd9dc55cf renaming insanity 2005-06-10 01:01:13 +00:00
Chris PeBenito
24040829d0 fix can_exec 2005-06-10 01:00:48 +00:00
Chris PeBenito
e1db6e9d0d policy.xml is now in tmp/ 2005-06-09 23:06:49 +00:00
Chris PeBenito
cab7c00ff4 make macro work 2005-06-09 23:06:23 +00:00
Chris PeBenito
e3fd778b8f add can_exec 2005-06-09 23:06:07 +00:00
Chris PeBenito
1b8d67d157 fix 2005-06-09 22:46:38 +00:00
Karl MacMillan
c75e65afad Templates for menu ordering change. 2005-06-09 21:19:37 +00:00
Chris PeBenito
a154cd45f3 reorder 2005-06-09 21:07:58 +00:00
Karl MacMillan
d6b0f3712f Fixed doc tool to order menus. 2005-06-09 21:05:33 +00:00
Chris PeBenito
5d9417870c speed improvement 2005-06-09 20:53:45 +00:00
Chris PeBenito
588ffaeb7f kernel.if renaming 2005-06-09 20:50:17 +00:00
Chris PeBenito
eda201efe8 more renaming and xml 2005-06-09 19:52:50 +00:00
Chris PeBenito
eca5b2dd79 rename 2005-06-09 19:22:27 +00:00
Chris PeBenito
997bd99521 fix bracket display for optional parameters 2005-06-09 19:21:32 +00:00
Chris PeBenito
20030ef5d6 add back html page generation 2005-06-09 19:02:52 +00:00
Chris PeBenito
1601fb3738 fixes and remove debug code 2005-06-09 19:02:32 +00:00
Chris PeBenito
fe3bd5a557 more indentation for modules in the menu 2005-06-09 18:56:50 +00:00
Chris PeBenito
eb437dd092 initial commit 2005-06-09 18:17:25 +00:00
Chris PeBenito
5a3299bd30 updates 2005-06-09 18:16:51 +00:00
Chris PeBenito
cc41a97c99 aliases 2005-06-09 18:08:26 +00:00
Chris PeBenito
7591e83cba fix layer in module tag 2005-06-09 17:56:38 +00:00
Chris PeBenito
c6ebefd2f2 rename 2005-06-09 17:51:40 +00:00
Chris PeBenito
d90b274e40 for now, drop infoflow tags 2005-06-09 17:23:53 +00:00
Chris PeBenito
16e1cf48cd make policy.xml depend on all if's being generated 2005-06-09 17:23:23 +00:00
Chris PeBenito
dc67f782e4 aliases 2005-06-09 17:21:52 +00:00
Chris PeBenito
0a10b1fa12 aliases 2005-06-09 15:32:23 +00:00
Chris PeBenito
fe040c9777 renaming and xml 2005-06-09 15:20:31 +00:00
Chris PeBenito
dd822947d2 aliases 2005-06-09 14:50:48 +00:00
Chris PeBenito
80048ca5d2 aliases 2005-06-09 14:26:05 +00:00
Chris PeBenito
5d31560b4d genhomedircon entries 2005-06-08 22:32:43 +00:00
Chris PeBenito
5552ed88f3 initial commit 2005-06-08 22:32:33 +00:00
Chris PeBenito
e12e573815 better handling of generated files 2005-06-08 22:14:26 +00:00
Chris PeBenito
f2e4ab3a99 make corenetwork generation explicit, rather then on-the-fly 2005-06-08 21:46:39 +00:00
Chris PeBenito
7edd02d4f1 aliasing 2005-06-08 21:07:03 +00:00
Chris PeBenito
0350b1dc7f support_modules is finally gone, and modules.disable->modules.conf 2005-06-08 21:03:00 +00:00
Chris PeBenito
b29d23f315 initial commit 2005-06-08 20:49:16 +00:00
Chris PeBenito
c2c00bee05 add aliases 2005-06-08 20:28:45 +00:00
Karl MacMillan
72bdc60860 Moved and changed user_mls to gen_user. 2005-06-08 20:23:43 +00:00
Karl MacMillan
eb5e237573 Renamed support macros for consistency. 2005-06-08 20:23:12 +00:00
Chris PeBenito
eac7c31055 make infoflow optional 2005-06-08 20:08:24 +00:00
Chris PeBenito
dc5daf8b99 overhaul 2005-06-08 19:57:26 +00:00
Chris PeBenito
9f72a2655f renaming 2005-06-08 18:40:30 +00:00
Chris PeBenito
0c5a288e98 interface renaming 2005-06-08 18:00:04 +00:00
Chris PeBenito
1694dee685 interface renaming 2005-06-08 16:18:08 +00:00
Chris PeBenito
066d463147 comment fix 2005-06-08 16:16:41 +00:00
Chris PeBenito
84eb353cd9 more fixes 2005-06-08 13:44:23 +00:00
Chris PeBenito
a7197232e8 add can_exec 2005-06-08 13:41:05 +00:00
Chris PeBenito
763c441e3b start renaming filesystem interfaces 2005-06-08 13:12:00 +00:00
Chris PeBenito
a9ec5414d1 add interface macro 2005-06-08 13:11:47 +00:00
Chris PeBenito
b46609f09f fix missing _socket in class 2005-06-08 13:08:01 +00:00
Chris PeBenito
3865d6b95e add xml 2005-06-07 22:36:07 +00:00
Chris PeBenito
ddea18b0ad more tunable work 2005-06-07 22:26:39 +00:00
Chris PeBenito
758618b1f3 initial commit 2005-06-07 22:26:11 +00:00
Karl MacMillan
6847e8295c First cut at fixing fc_sort. 2005-06-07 21:20:14 +00:00
Chris PeBenito
2224ed3aa5 remove java 2005-06-07 18:50:35 +00:00
Chris PeBenito
9c25fdd816 add updated dtd 2005-06-07 18:49:44 +00:00
Chris PeBenito
254bbc7bb3 start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00
Chris PeBenito
3a80ec29c6 initial tunable tool fixes 2005-06-07 18:35:18 +00:00
Chris PeBenito
8fb301e9ab 32 is space. ascii <= 32 is all whitespace 2005-06-07 18:26:28 +00:00
Chris PeBenito
89ec2321b7 initial commit 2005-06-07 18:23:00 +00:00
Chris PeBenito
0fbe15dc8a start adding module disable and tunable infrastructure 2005-06-07 15:11:47 +00:00
Chris PeBenito
02b584a174 initial commit 2005-06-07 15:10:43 +00:00
Chris PeBenito
43bc3906c5 initial commit 2005-06-07 14:46:31 +00:00
Chris PeBenito
2d68932a8d fix broken macros 2005-06-07 14:46:20 +00:00
Chris PeBenito
a1d2e8ab29 add domain(_auto)_trans 2005-06-07 14:43:14 +00:00
Chris PeBenito
eb7f9a34cb move audit to logging 2005-06-07 14:27:19 +00:00
Chris PeBenito
ef5e55c9fa move to logging 2005-06-07 14:16:14 +00:00
Chris PeBenito
09693356ac fix appconfig dir 2005-06-06 18:16:41 +00:00
Chris PeBenito
b67488e36a rework policy build options 2005-06-06 18:13:38 +00:00
Chris PeBenito
0c73cd2526 change over to some perm set macros. add indentation 2005-06-03 12:25:14 +00:00
Chris PeBenito
36e54b81f7 initial commit of xml->html conversion 2005-06-02 20:39:32 +00:00
Chris PeBenito
4196997813 add some indentation 2005-06-02 20:26:48 +00:00
Chris PeBenito
d115660e3b change network verb in corenetwork to sendrecv 2005-06-02 18:55:47 +00:00
Chris PeBenito
cabfa520aa move fs_use and isids to respective modules 2005-06-02 15:39:10 +00:00
Chris PeBenito
ca83afe7e6 start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00
Chris PeBenito
44cda51b4f add some comments. make install target install appconfig files 2005-06-01 20:17:47 +00:00
Chris PeBenito
f5d4efd756 add missing system_crond_t transition pieces 2005-06-01 20:16:36 +00:00
Chris PeBenito
98af6c7763 remove extra whitespace 2005-06-01 19:18:54 +00:00
Chris PeBenito
de96491bda move global.if to support_macros at top level 2005-06-01 19:17:13 +00:00
Chris PeBenito
6d9915d615 add missing pieces of crond_t -> $1_crond_t transition 2005-06-01 19:01:28 +00:00
Chris PeBenito
0447352aec use variable for dtd. move policy type to variant section 2005-06-01 19:01:00 +00:00
Chris PeBenito
004db90d3f do dtd verification on xml. fix current xml to be valid 2005-06-01 18:34:34 +00:00
Chris PeBenito
3c62aa31a9 fix policy.xml to not have templates for generated interfaces 2005-06-01 17:45:06 +00:00
Chris PeBenito
2fc84fd172 move user_u and root to users 2005-06-01 17:40:22 +00:00
Chris PeBenito
aa40608fbe remove copyright until licensing issues are resolved 2005-06-01 17:34:13 +00:00
Chris PeBenito
2926f9c788 better handling of appconfig dir 2005-06-01 17:27:56 +00:00
Chris PeBenito
f267dfbb8b fix module name in xml 2005-06-01 17:27:39 +00:00
Chris PeBenito
134191be67 move flask dir to top level, and update them from nsa cvs. move files in
misc to top level.  make mls support work.
2005-06-01 15:40:37 +00:00
Chris PeBenito
7555aab027 initial commit 2005-06-01 14:37:51 +00:00
Chris PeBenito
e32d52ba47 fix xml 2005-06-01 14:17:43 +00:00
Chris PeBenito
1293184998 last fixes for cab 2005-06-01 13:51:54 +00:00
Chris PeBenito
d115b24712 more cab work 2005-05-31 23:02:11 +00:00
Chris PeBenito
3b857eae09 add some file_t interfaces, and console write 2005-05-31 21:25:45 +00:00
Chris PeBenito
b8fca44d3f initial commit 2005-05-31 20:39:15 +00:00
Chris PeBenito
b4c3f54eca initial commit 2005-05-31 19:53:54 +00:00
Chris PeBenito
4bf4ed9e68 permission set macro changes, plus more cab related work 2005-05-31 19:52:57 +00:00
Chris PeBenito
08eb9d1a33 fix tmpfs assoc call 2005-05-31 13:45:37 +00:00
Chris PeBenito
f5c42bd80b many fixes from cab work 2005-05-30 21:17:20 +00:00
Chris PeBenito
32e53ac1b8 cleanup inspired by sediff 2005-05-27 21:56:01 +00:00
Chris PeBenito
16e9b0cb6b rpmbuild_t is not a system domain. also mark it as most likely dead. 2005-05-27 21:29:54 +00:00
Chris PeBenito
c6fd1f85ba restructure users, and add signalling 2005-05-27 20:44:05 +00:00
Chris PeBenito
07da0af7bd tmpfs associate for redhat 2005-05-27 20:43:37 +00:00
Chris PeBenito
dd31631500 fix ordering and put in var_lib_t 2005-05-27 20:29:17 +00:00
Chris PeBenito
d490eb6b5c fixes from cab 2005-05-26 20:38:45 +00:00
Chris PeBenito
c220381539 initial commit 2005-05-26 15:50:53 +00:00
Chris PeBenito
efd8ede34d many fixes from cab testing 2005-05-25 20:58:21 +00:00
Chris PeBenito
c9a26b3e95 add in appconfig files 2005-05-25 20:58:09 +00:00
Chris PeBenito
10abae75d9 initial commit 2005-05-25 19:52:21 +00:00
Chris PeBenito
cbeef67c1c cleanup 2005-05-24 22:22:26 +00:00
Chris PeBenito
3b3bf871a7 cleanup 2005-05-24 21:41:29 +00:00
Chris PeBenito
6f3dab294e initial commit 2005-05-24 21:32:34 +00:00
Chris PeBenito
7d7a36af98 initial commit 2005-05-24 21:23:39 +00:00
Chris PeBenito
e7fcdc6d2f fix the object class in process transition interfaces 2005-05-24 20:45:27 +00:00
Chris PeBenito
547283e29a more fixes 2005-05-24 20:44:31 +00:00
Chris PeBenito
c907b3e2c7 cleanup for corenetwork interface generation 2005-05-24 17:34:29 +00:00
Chris PeBenito
88c72f4408 a few touchups 2005-05-24 17:31:39 +00:00
Chris PeBenito
dc771ff40e another cleanup pass 2005-05-24 15:55:57 +00:00
Chris PeBenito
6276f10155 instead of using macros to drop out non-macro calls during corenetwork
interface generation, use grep to get the macro calls and feed to m4
2005-05-24 15:52:57 +00:00
Chris PeBenito
992aba5f15 initial commit 2005-05-23 17:56:47 +00:00
Chris PeBenito
6b48fd013c stuff from rpm 2005-05-23 17:56:35 +00:00
Chris PeBenito
57440fb076 add dontaudit shadow_t getattr 2005-05-23 17:56:26 +00:00
Chris PeBenito
957e269eb2 fix tmpfs associate infoflow 2005-05-23 17:56:00 +00:00
Chris PeBenito
39255175ca move in stuff from rpm 2005-05-23 17:01:51 +00:00
Chris PeBenito
15a9613ca4 add ldconfig and rpm transitions 2005-05-23 15:51:33 +00:00
Chris PeBenito
162a57e583 add missing xml 2005-05-23 15:50:12 +00:00
Chris PeBenito
46410fd2b9 add tmpfsfile support 2005-05-23 15:49:31 +00:00
Chris PeBenito
1c9f9a50df add signull all domains 2005-05-23 15:49:03 +00:00
Chris PeBenito
3000a31552 make transition on shell work 2005-05-23 15:48:45 +00:00
Chris PeBenito
c4309768f1 add transitions 2005-05-23 15:47:13 +00:00
Chris PeBenito
48e0dbd63e add ldconfig 2005-05-23 15:45:53 +00:00
Chris PeBenito
e32c0d3b86 add mls sensitivity to genfscon, initial sids and fs_use 2005-05-20 20:43:18 +00:00
Chris PeBenito
0d0d2bafd6 add mls port support 2005-05-20 20:23:25 +00:00
Chris PeBenito
085faa06ff add xml comments to generated sections, and add mls support to interfaces
and nodes
2005-05-20 20:07:42 +00:00
Chris PeBenito
daa0e0b01f add xml comments to interfaces, convert over userdomain stuff 2005-05-19 21:06:06 +00:00
Chris PeBenito
bee546bfd4 add context template to support mls 2005-05-18 21:02:15 +00:00
Chris PeBenito
26c87e0c42 add userdomain:fd use 2005-05-18 21:00:56 +00:00
Chris PeBenito
490639cd57 add a xml comment 2005-05-18 21:00:30 +00:00
Chris PeBenito
2e77b29e67 add xml 2005-05-18 21:00:00 +00:00
Chris PeBenito
494e988f80 fix xml 2005-05-18 20:59:38 +00:00
Chris PeBenito
6d314fd3c1 add xml doc generation 2005-05-18 20:58:13 +00:00
Chris PeBenito
8623d5b854 move run_init to selinux, as it is part of policycoreutils 2005-05-18 16:03:54 +00:00
Chris PeBenito
1786071159 rename some selinuxfs interfaces for more clarity 2005-05-18 13:22:37 +00:00
Chris PeBenito
ef373408a6 add source policy interfaces 2005-05-18 13:21:28 +00:00
Chris PeBenito
5817e3a820 add renice all domains 2005-05-18 13:21:00 +00:00
Chris PeBenito
759ba0a459 add get all filesystems quotas 2005-05-18 13:20:38 +00:00
Chris PeBenito
76bff31d96 add admin template 2005-05-18 13:20:16 +00:00
Chris PeBenito
c3dff2e0a2 add device_node:{ chr_file blk_file } getattr; 2005-05-18 13:19:51 +00:00
Chris PeBenito
4d8ddf9a4f start adding admin template 2005-05-18 13:18:49 +00:00
Chris PeBenito
dd14d0d892 change read_shared_libraries to use_shared_libraries, since the execute
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
2005-05-17 15:32:52 +00:00
Chris PeBenito
650e75c57d initial commit 2005-05-16 21:11:26 +00:00
Chris PeBenito
b16c6b8c32 start adding user domains. fix ttynode and ptynode handling, as they're
more then user terminals (at least ptynode is).  start adding XML comments
2005-05-16 21:10:33 +00:00
Chris PeBenito
c6a3a22457 add more parts to send_mail and drop transition since its more then a transition 2005-05-13 20:52:28 +00:00
Chris PeBenito
ff31386090 move make_{daemon,init,system}_domain to init to fix type_transition'ing 2005-05-13 20:21:50 +00:00
Chris PeBenito
24a7ae1a5a add lvm.fc, and move relevant entries to devices.fc and storage.fc 2005-05-13 15:03:19 +00:00
Chris PeBenito
7bba9d317a pile of updates 2005-05-13 14:37:13 +00:00
Chris PeBenito
1bde8321dd initial commit 2005-05-13 14:36:35 +00:00
Chris PeBenito
075c4fdaf1 additions for cron and mta 2005-05-12 20:50:09 +00:00
Chris PeBenito
fd9deeb8ee reorg and a fix 2005-05-12 20:49:39 +00:00
Chris PeBenito
d18e3d73bb add crontab 2005-05-11 20:55:40 +00:00
Chris PeBenito
fb1aee72f4 add iface creating private logs 2005-05-11 20:54:14 +00:00
Chris PeBenito
d25dd9c1c2 add make temporary_file and daemon_runtime_file 2005-05-11 19:36:36 +00:00
Chris PeBenito
38e24ae49e add files_make_temporary_file and remove type attribute from
create_private_tmp
2005-05-11 19:21:40 +00:00
Chris PeBenito
0b1af28713 fix logging_make_log_file use 2005-05-11 19:11:14 +00:00
Chris PeBenito
23caa6d147 initial commit 2005-05-11 19:05:50 +00:00
Chris PeBenito
24280a524d updates needed for cron 2005-05-11 19:05:15 +00:00
Chris PeBenito
3ec805f7e5 add read and search for etc_t:dir 2005-05-11 16:48:10 +00:00
Chris PeBenito
118186e3dc make a reasonable lib_t interface 2005-05-11 15:46:51 +00:00
Chris PeBenito
1832271029 reorder for more consistency 2005-05-11 15:22:28 +00:00
Chris PeBenito
dec1686f0b oops 2005-05-10 20:25:20 +00:00
Chris PeBenito
6b674012fc reorder for more consistency 2005-05-10 20:24:26 +00:00
Chris PeBenito
b3416a3762 initial commit 2005-05-10 20:06:19 +00:00
Chris PeBenito
eeb2558418 leftover from netutils 2005-05-10 20:06:04 +00:00
Chris PeBenito
f8ec0ad43b initial commit 2005-05-10 19:51:00 +00:00
Chris PeBenito
63a310c8cf leftover from modutils 2005-05-10 19:50:41 +00:00
Chris PeBenito
279b555ae3 reorder to fit file context style rules 2005-05-10 19:47:37 +00:00
Chris PeBenito
0f3be6dbbb initial commit 2005-05-10 15:31:48 +00:00
Chris PeBenito
6f50b57665 use ptys 2005-05-10 15:03:56 +00:00
Chris PeBenito
2812bfac86 fix hotplug optional 2005-05-10 15:00:54 +00:00
Chris PeBenito
35b2fb4d41 add v4l_device_t 2005-05-10 14:12:10 +00:00
Chris PeBenito
46be1f32ca add printer_device_t 2005-05-10 13:59:10 +00:00
Chris PeBenito
13e94c09e4 more authlogin handling 2005-05-09 21:07:53 +00:00
Chris PeBenito
5c162193b7 move system_chkpwd to .te rather then using template, so that the
ifelse(system,..) can be eliminated
2005-05-09 21:06:51 +00:00
Chris PeBenito
cb28738d20 priv* attribute fixes for sulogin 2005-05-09 21:05:01 +00:00
Chris PeBenito
c18e825f57 unexpand can_kerberos 2005-05-09 21:03:38 +00:00
Chris PeBenito
a9a20ddaae allow all domains to use /dev/{zero,null,tty} 2005-05-09 19:55:01 +00:00
Chris PeBenito
e843cc89fd reorder restorecon and setfiles relabel rules for consistency 2005-05-09 19:06:56 +00:00
Chris PeBenito
a1f94a3441 clean up authentication attributes 2005-05-09 18:50:20 +00:00
Chris PeBenito
96b0000f1b start adding infrastructure for the constraint exceptions 2005-05-09 17:47:57 +00:00
Chris PeBenito
18f25afdf6 start adding infrastructure for the constraint exceptions 2005-05-09 17:41:29 +00:00
Chris PeBenito
c5b5a7479a cleanup 2005-05-09 15:40:56 +00:00
Chris PeBenito
5d7e8ba6fb add sulogin 2005-05-09 15:38:06 +00:00
Chris PeBenito
15e3d8e8bc initial commit 2005-05-09 13:26:33 +00:00
Chris PeBenito
8e02803ce3 add lvm_vg interfaces and do a little cleanup 2005-05-06 21:36:11 +00:00
Chris PeBenito
b2b38c78d4 initial commit 2005-05-05 21:40:32 +00:00
Chris PeBenito
ec81ecb30c add read fonts 2005-05-05 21:36:53 +00:00
Chris PeBenito
44a43b680b interfaces needed for clock 2005-05-05 21:19:18 +00:00
Chris PeBenito
2274f9ae4a initial commit 2005-05-05 21:18:27 +00:00
Chris PeBenito
0fef98c405 add legacy read locale 2005-05-05 20:33:35 +00:00
Chris PeBenito
0634b6e77e fix per_userdomain_templates macro generation 2005-05-05 19:38:22 +00:00
Chris PeBenito
ebf7600f20 cleanup 2005-05-05 19:04:51 +00:00
Chris PeBenito
bbd6a62111 convert over to system_domain, plus a couple init cleanups 2005-05-05 18:30:00 +00:00
Chris PeBenito
4fc91539f6 initial commit 2005-05-05 17:44:36 +00:00
Chris PeBenito
d0eddb6b0d add in system_domain 2005-05-05 17:44:11 +00:00
Chris PeBenito
f66a1af94b move type delcarations after attribute delcarations to fix a typeattribute
ordering issue. comment out the TODO types with a # so they don't get moved
2005-05-05 14:08:26 +00:00
Chris PeBenito
23af43bfef fix depends 2005-05-05 14:02:32 +00:00
Chris PeBenito
df431c87fb add missing copyright and policy_module lines 2005-05-05 14:01:59 +00:00
Chris PeBenito
f1470e5ede rules picked up from sediff 2005-05-04 21:44:51 +00:00
Chris PeBenito
849380bd9a add usermanage 2005-05-04 19:15:13 +00:00
Chris PeBenito
1e5c2a416a more conversion 2005-05-04 17:01:46 +00:00
Chris PeBenito
bd202fe157 clean up interfaces for new binary module optional structure 2005-05-04 13:19:47 +00:00
Chris PeBenito
f1578d05a9 stuff from sysnetwork 2005-05-04 13:16:34 +00:00
Chris PeBenito
0bc32e04de a few more copied over 2005-05-04 13:16:09 +00:00
Chris PeBenito
0d7ad32935 start moving in dhcpc and ifconfig 2005-05-04 13:14:48 +00:00
Chris PeBenito
75a10baf44 add in pam console 2005-05-03 21:04:20 +00:00
Chris PeBenito
b2e0625ca1 more conversion due to new interfaces 2005-05-03 20:44:35 +00:00
Chris PeBenito
3ce6cb4a45 fill pam and utempter authlogin policy and fix up interfaces 2005-05-03 20:23:33 +00:00
Chris PeBenito
07d6e32f44 reorg run_init a little, and add a convert to a few new interfaces 2005-05-02 21:02:14 +00:00
Chris PeBenito
ab64c30fc3 add newrole:fd use 2005-05-02 21:01:31 +00:00
Chris PeBenito
3a9aef9246 updates 2005-05-02 21:01:08 +00:00
Chris PeBenito
6b93833ba0 initial commit 2005-05-02 19:24:29 +00:00
Chris PeBenito
25baab18d1 switch over to tunable_policy and optional_policy 2005-05-02 19:22:58 +00:00
Chris PeBenito
f360f82f54 fix stupid _depend define errors (s/ifdef/define/g) 2005-05-02 19:19:06 +00:00
Chris PeBenito
67484fced4 add ignore read system state 2005-05-02 18:42:33 +00:00
Chris PeBenito
de2cee6817 add tty_device_t and devpts_t chr_file interfaces 2005-05-02 18:42:10 +00:00
Chris PeBenito
dfaf6c2ad8 add authlogin_read_pam_runtime_data and cleanup interfaces 2005-05-02 18:41:20 +00:00
Chris PeBenito
9f2f9e6dfe add ignore read rootfs file 2005-05-02 18:40:42 +00:00
Chris PeBenito
d0b6abebb9 add in use and ignore use init control channel interfaces 2005-05-02 18:40:05 +00:00
Chris PeBenito
ba7740d145 handful of changes 2005-05-02 18:38:02 +00:00
Chris PeBenito
c3c58c5d8e move in rule from hotplug 2005-05-02 18:37:24 +00:00
Chris PeBenito
1b909968df add in missing policy_module line 2005-05-02 18:36:51 +00:00
Chris PeBenito
fc83dba9a0 domains not needed for execute interface 2005-05-02 18:36:11 +00:00
Chris PeBenito
85bd7f1ffa add in transition and execute interfaces, and newrole sigchld interface 2005-05-02 18:18:45 +00:00
Chris PeBenito
5eafc37492 add append to /dev/null write 2005-05-02 15:42:20 +00:00
Chris PeBenito
e9a6fcb8f1 fix privfd 2005-04-29 21:00:40 +00:00
Chris PeBenito
4472f3ec01 doh 2005-04-29 21:00:29 +00:00
Chris PeBenito
7009881cc0 add in missing devices 2005-04-29 20:35:49 +00:00
Chris PeBenito
05a5cdccc3 add a few missing ports, and ppp_device_t 2005-04-29 20:22:04 +00:00
Chris PeBenito
a7ed44d531 initial commit 2005-04-29 20:16:38 +00:00
Chris PeBenito
a2d8246bf6 make mountpoints work, plus misc 2005-04-28 21:41:09 +00:00
Chris PeBenito
07efe969fe initial local login commit 2005-04-28 19:50:58 +00:00
Chris PeBenito
ee5772e455 add bulk of selinux module policy, and add required interfaces 2005-04-28 18:59:01 +00:00
Chris PeBenito
f9cfa192a4 minor fixes 2005-04-28 18:58:39 +00:00
Chris PeBenito
b5860610b4 missed that sysctl_dev is a dir too 2005-04-28 15:52:42 +00:00
Chris PeBenito
3009816bcd convert over optional policy to optional_policy macro 2005-04-28 15:48:27 +00:00
Chris PeBenito
55a46da18a add console setattr if 2005-04-28 15:47:50 +00:00
Chris PeBenito
4fbd2ee111 remove entrypoint assertion 2005-04-28 15:46:53 +00:00
Chris PeBenito
4600e08867 reorganize the policy 2005-04-28 15:46:23 +00:00
Chris PeBenito
dfb86adde5 initial commit 2005-04-28 15:45:32 +00:00
Chris PeBenito
b5ab18b3f1 initial commit 2005-04-28 13:41:37 +00:00
Chris PeBenito
55f4564e31 start merging in rules from daemon domain 2005-04-27 21:56:41 +00:00
Chris PeBenito
889c9a9789 add init_t:fd use interface and initrc pty rw interface 2005-04-27 21:56:12 +00:00
Chris PeBenito
bcd35991d1 daemon domain allows noatsecure siginh rlimitinh, not dontaudit 2005-04-27 21:55:18 +00:00
Chris PeBenito
8119850297 add console dontaudit 2005-04-27 21:54:39 +00:00
Chris PeBenito
3016a9ff95 initial commit 2005-04-26 21:12:52 +00:00
Chris PeBenito
f9438fdfd1 add search all dirs 2005-04-26 21:12:32 +00:00
Chris PeBenito
e064a64b0e move system_chkpwd to fix ordering issue with checkpolicy 2005-04-26 21:10:11 +00:00
Chris PeBenito
8beec89d27 add legacy lib use 2005-04-26 19:10:29 +00:00
Chris PeBenito
960373dddd add module statement macro and entrypoint executable attribute to replicate
can_exec($1,exec_type)
2005-04-26 17:00:25 +00:00
Chris PeBenito
94edcc5c83 fix tmp_domain 2005-04-25 21:44:48 +00:00
Chris PeBenito
5f75f56066 move modules_object_t back to bootloader 2005-04-25 21:32:09 +00:00
Chris PeBenito
91a7ab6cb3 add sysnetwork 2005-04-25 21:28:25 +00:00
Chris PeBenito
b303042477 add missing transition dontaudits 2005-04-25 21:07:59 +00:00
Chris PeBenito
549180e874 initial commit 2005-04-25 20:13:45 +00:00
Chris PeBenito
219bcf7a8f attack with sediff, make fs:getattr interfaces consistent, create init and
daemon domains
2005-04-25 19:54:27 +00:00
Chris PeBenito
a266e3cc83 restructure kernel module to be consistent with other module ordering. put
in missing rules.  fix naming problems
2005-04-25 16:11:21 +00:00
Chris PeBenito
343a231d5f reorg 2005-04-22 22:00:09 +00:00
Chris PeBenito
22e1131e23 fix te trans error 2005-04-22 22:00:02 +00:00
Chris PeBenito
8a0da1086c make getattr and setattr interfaces and make naming consistent 2005-04-22 19:31:32 +00:00
Chris PeBenito
33bc0dd994 clean up some filesystem assoc 2005-04-21 22:46:49 +00:00
Chris PeBenito
0e730cc8e1 complete corenetwork 2005-04-21 21:53:15 +00:00
Chris PeBenito
1f7b37c585 insmod can be run directly from kernel; fix update_modules errors 2005-04-21 21:35:45 +00:00
Chris PeBenito
9eb5e812fe exec and transition interfaces, plus include mod object symlinks in reading modules 2005-04-21 21:34:47 +00:00
Chris PeBenito
32b5029cc5 uncomment test file 2005-04-21 21:34:08 +00:00
Chris PeBenito
5a95221115 add devlog_t symlink to loggers 2005-04-21 21:33:50 +00:00
Chris PeBenito
bf9e1e3f72 logging and modutils updates 2005-04-21 21:32:54 +00:00
Chris PeBenito
033c80e683 rename files_manage_general_lock_files() to more appropriate files_manage_system_lock_files() 2005-04-21 13:35:01 +00:00
Chris PeBenito
7c5d78fbca more insmod work, bring in depmod and update_modules 2005-04-20 21:00:01 +00:00
Chris PeBenito
bd76460f61 more comments 2005-04-20 19:14:56 +00:00
Chris PeBenito
099c8b2475 remove unneeded genfs_contexts 2005-04-20 19:10:59 +00:00
Chris PeBenito
e181fe05d8 add copyright statement 2005-04-20 19:07:16 +00:00
Chris PeBenito
0154356271 initial commit 2005-04-20 13:24:10 +00:00
Chris PeBenito
879b00fe60 initial commit 2005-04-19 21:08:13 +00:00
Chris PeBenito
67e2ff428c initial commit 2005-04-19 20:51:05 +00:00
Chris PeBenito
f0872d22b4 add cap sys_rawio to raw memory access interfaces 2005-04-19 20:47:29 +00:00
Chris PeBenito
c4890efc00 add per-userdomain template, and shadow_t interfaces 2005-04-19 20:45:54 +00:00
Chris PeBenito
3ba13bbf03 add all types for this module 2005-04-19 20:45:24 +00:00
Chris PeBenito
4ddc1abd78 add all types for this module, and add klogd policy 2005-04-19 20:44:52 +00:00
Chris PeBenito
8c77177b75 add interface to send syslog messages 2005-04-19 20:44:07 +00:00
Chris PeBenito
5050e500fe use interface to send syslog messages 2005-04-19 20:43:44 +00:00
Chris PeBenito
b470e3896b initial commit 2005-04-19 20:42:32 +00:00
Chris PeBenito
f0578249d1 reorganize and add rootfs dontaudits 2005-04-19 18:58:16 +00:00
Chris PeBenito
7aebdb853d add rootfs dontaudits for use in init.te 2005-04-19 18:57:13 +00:00
Chris PeBenito
053f6a200a add dontaudit fs getattr 2005-04-19 18:56:47 +00:00
Chris PeBenito
88d14a22b6 bring over more targets from strict policy, and add more checking 2005-04-19 13:53:51 +00:00
Chris PeBenito
5496553038 kernel can load modules 2005-04-19 13:52:45 +00:00
Chris PeBenito
7f89c7efc6 hold off on improving 2005-04-19 13:46:06 +00:00
Chris PeBenito
1ea98d0407 remove relabeling privilege for now 2005-04-18 20:27:16 +00:00
Chris PeBenito
57d236548b move assert.te here 2005-04-18 20:17:25 +00:00
Chris PeBenito
5d78128fda add interface to associate to filesystems w/o xattr. allow regular files to
associate to no xattr filesystems
2005-04-16 17:20:59 +00:00
Chris PeBenito
70dcf798e9 add boot_runtime_t 2005-04-16 17:18:34 +00:00
Chris PeBenito
b4cd153394 initial commit 2005-04-14 20:18:17 +00:00