Commit Graph

1103 Commits

Author SHA1 Message Date
Chris PeBenito
2ab07ebbf3 fixes for sorting 2005-11-09 18:29:03 +00:00
Chris PeBenito
4b9516c125 add avahi 2005-11-09 17:12:34 +00:00
Chris PeBenito
d3f715d228 more fix 2005-11-09 15:51:22 +00:00
Chris PeBenito
3e639ab08b tty fixes 2005-11-09 15:05:47 +00:00
Chris PeBenito
725926c586 pile of sediff fixes 2005-11-08 22:00:30 +00:00
Chris PeBenito
76febd2146 fix sendmail transition 2005-11-07 21:13:07 +00:00
Chris PeBenito
8967bf8b89 merge in some of dan's old policy changes 2005-11-07 20:09:28 +00:00
Chris PeBenito
cd508d4044 for now don't delete generated files. bring this back
after generated files are depended on correctly.
2005-11-07 16:14:55 +00:00
Don Miner
bc6dfa6778 Changed a { create rw_dir_perms } to a create_dir_perms since starting radius was getting a setattr denial and setattr was shown to be missing in sediff 2005-11-04 16:43:05 +00:00
Don Miner
45aa10abd7 Added signal_perms to nscd_t. 2005-11-04 14:13:24 +00:00
Chris PeBenito
307e11419a missing dir 2005-11-03 21:07:29 +00:00
Chris PeBenito
7afca0b4c1 user tty fixes 2005-11-03 19:33:53 +00:00
Chris PeBenito
9c6feb63de add stuff from distros.fc 2005-11-03 18:08:36 +00:00
Don Miner
8f882ffcd9 Added rules so that tracepath, traceroute and ping work. 2005-11-02 20:44:17 +00:00
Chris PeBenito
73ef293bc5 fixes just so sediff is easier to handle 2005-11-01 21:15:11 +00:00
Chris PeBenito
b488014fd7 hack 2005-11-01 20:52:48 +00:00
Chris PeBenito
b9ea0fed0f clean up last var_run_domain expansion errors 2005-11-01 19:52:37 +00:00
Chris PeBenito
ee08bc4c75 read certs 2005-11-01 16:11:32 +00:00
Chris PeBenito
35adb6f8d7 clean up socket 2005-11-01 15:57:15 +00:00
Chris PeBenito
31a1c2df88 fix filesystem associations 2005-11-01 15:45:00 +00:00
Chris PeBenito
7ac22585e3 tty and caps fixes 2005-11-01 15:34:00 +00:00
Chris PeBenito
0b12fa4bd0 more dbus cleanup 2005-11-01 15:19:48 +00:00
Chris PeBenito
dab808bde7 dbus obj class cleanup 2005-11-01 15:11:05 +00:00
Chris PeBenito
ce0ff19691 more of the same 2005-10-31 22:44:03 +00:00
Chris PeBenito
b422aa9b1e initrc couldn't create/use its own pty! 2005-10-31 22:27:45 +00:00
Chris PeBenito
30910b37c6 more fixes 2005-10-31 22:19:16 +00:00
Don Miner
305106ebb9 Added a rule to allow dmidecode to use locallogin_t fd to make it so it works. 2005-10-31 21:45:42 +00:00
Chris PeBenito
aba9c7a3cf add missing httpd_helper_t tty part 2005-10-31 20:58:44 +00:00
Chris PeBenito
9ca7e78a35 misc sediff fixes 2005-10-31 20:54:33 +00:00
Chris PeBenito
0500e01f2d * fixes uncovered by sediff
* fix disable_trans support so the daemon can be both
init and inet services, and not get dup bool decl
2005-10-31 20:32:53 +00:00
Chris PeBenito
bea7b4548e add missing tunable 2005-10-31 19:58:51 +00:00
Chris PeBenito
6ff85b5c84 fix perm set 2005-10-31 19:31:22 +00:00
Chris PeBenito
62841791a5 fixes uncovered by sediff 2005-10-31 14:55:34 +00:00
Chris PeBenito
f3936d3876 nicer te_trans conflict fix 2005-10-28 19:18:50 +00:00
Chris PeBenito
cac3eca0be fix te_trans conflict 2005-10-28 19:13:54 +00:00
Chris PeBenito
dc8f17037b fix up sendmail for targeted 2005-10-28 18:57:23 +00:00
Chris PeBenito
f1b0a8c55b fix 2005-10-28 18:46:46 +00:00
Chris PeBenito
2d13f72977 take care of missing types 2005-10-28 18:38:04 +00:00
Chris PeBenito
375c241556 ssh updates for targeted 2005-10-28 18:13:44 +00:00
Chris PeBenito
cbdb4ae6d3 clean up unused booleans 2005-10-28 17:31:53 +00:00
Chris PeBenito
bce06f1633 updated modules.conf from dan 2005-10-28 15:55:58 +00:00
Chris PeBenito
f0f18e0734 typo 2005-10-28 15:12:23 +00:00
Chris PeBenito
495a7026d9 add missing range transition 2005-10-28 15:09:03 +00:00
Chris PeBenito
005a9aa6e2 initrc fixes 2005-10-28 14:34:26 +00:00
Chris PeBenito
7e1c14d1f6 fix quoting 2005-10-28 13:53:18 +00:00
Chris PeBenito
dd3544d1a5 fixes from testing 2005-10-28 13:33:25 +00:00
Chris PeBenito
2f33cd7dfb put all users back into the base module 2005-10-27 18:43:37 +00:00
Chris PeBenito
f1baed733f fix some /opt regexes 2005-10-27 18:32:16 +00:00
Chris PeBenito
05c6f04d2e dont remove home dir templates from base.fc 2005-10-27 17:48:16 +00:00
Chris PeBenito
08c22f4d17 more transition work 2005-10-27 15:16:42 +00:00
Chris PeBenito
b281bf6ed9 add some missing transitions from unconfined 2005-10-27 15:06:15 +00:00
Chris PeBenito
a525f293c3 sediff fixes 2005-10-27 14:52:37 +00:00
Chris PeBenito
fc6198ced0 fixes from sediff 2005-10-27 14:08:53 +00:00
Chris PeBenito
ce03837abe rpc fixes from testing 2005-10-27 14:08:47 +00:00
Chris PeBenito
5abea9818a fixes from testing 2005-10-27 13:37:36 +00:00
Chris PeBenito
4614e83fbb more fixing 2005-10-26 21:03:19 +00:00
Don Miner
f13da83f99 Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail process would be able to start through init 2005-10-26 18:31:09 +00:00
Chris PeBenito
d1b9d9228b another pile o fixes 2005-10-26 18:07:20 +00:00
Chris PeBenito
33acca55ce pile o fixes 2005-10-26 16:00:13 +00:00
Chris PeBenito
f5e4f795b6 fix rpm transition 2005-10-26 13:51:33 +00:00
Chris PeBenito
e8d0a659c3 fixes from arpwatch testing 2005-10-25 20:27:08 +00:00
Chris PeBenito
7a6d427eae a few more strays 2005-10-25 20:22:25 +00:00
Chris PeBenito
c3cf6693c7 try to fix associations 2005-10-25 20:06:27 +00:00
Chris PeBenito
b7e1825b68 privfd 2005-10-25 19:20:56 +00:00
Chris PeBenito
ccfd7b19cf easy fixes 2005-10-25 19:03:15 +00:00
Chris PeBenito
2526a44dea missing privloggers 2005-10-25 18:42:08 +00:00
Chris PeBenito
ee64ef496f typo 2005-10-25 18:34:46 +00:00
Chris PeBenito
d49d524d53 initrc also uses nscd 2005-10-25 18:33:13 +00:00
Chris PeBenito
e11d2e3bfd add missing nscd clients 2005-10-25 18:28:41 +00:00
Chris PeBenito
2aec1461b4 use our own interface to make maintenance easier 2005-10-25 18:13:47 +00:00
Chris PeBenito
7eec657c86 add default_t read back 2005-10-25 18:00:42 +00:00
Chris PeBenito
784a3bbcad privhome implementation 2005-10-25 17:50:00 +00:00
Chris PeBenito
7b90f2db5a testing fixes 2005-10-25 17:37:56 +00:00
Chris PeBenito
51f5c6a2ab add dontaudit 2005-10-25 15:56:28 +00:00
Chris PeBenito
467602f5d5 system_chkpwd can winbind 2005-10-25 15:53:36 +00:00
Chris PeBenito
b0bdeb0392 syslog logs to itself? 2005-10-25 15:52:08 +00:00
Chris PeBenito
2c216c09a8 use the right interface 2005-10-25 15:41:38 +00:00
Chris PeBenito
9aca490302 some home dir fixes 2005-10-25 15:36:45 +00:00
Chris PeBenito
240a3a9f64 appconfig side of su fix 2005-10-25 14:42:25 +00:00
Chris PeBenito
83e4512c33 fix up su 2005-10-25 14:31:53 +00:00
Chris PeBenito
a662d2b7f9 make implicit work 2005-10-25 03:20:16 +00:00
Chris PeBenito
2964dce11a new semodule_package cmdline args 2005-10-25 03:13:48 +00:00
Chris PeBenito
60789e16d0 fixes 2005-10-25 02:51:07 +00:00
Chris PeBenito
28e730b8e2 module build fixes 2005-10-25 01:17:55 +00:00
Chris PeBenito
9dd50026a0 homedir fixes 2005-10-25 01:08:10 +00:00
Chris PeBenito
88dd389695 more postfix work 2005-10-25 00:00:50 +00:00
Don Miner
2192d4baa1 Moved the dbus stuff inbetween networkmanager and bind to the bind policy 2005-10-24 23:14:39 +00:00
Chris PeBenito
3df88de0ba hide broken symptoms 2005-10-24 22:55:28 +00:00
Chris PeBenito
ee7f66b003 hide broken symtoms 2005-10-24 22:49:26 +00:00
Chris PeBenito
52e1edb35b fix acct 2005-10-24 22:31:44 +00:00
Chris PeBenito
40a1f3db42 fix again 2005-10-24 22:29:30 +00:00
Don Miner
d2c57395ab Fixed an allow that should have been a dontaudit 2005-10-24 22:20:04 +00:00
Chris PeBenito
977b1d65f5 add nscd 2005-10-24 22:13:41 +00:00
Chris PeBenito
69dcd685ad fix most disable_trans errors 2005-10-24 22:08:13 +00:00
Don Miner
f470a1e329 Added a rule to allow apache to read httpd_sys_content_t so that it can show html error messages 2005-10-24 22:01:08 +00:00
Don Miner
c11417c4df Reduced the number of differences in amanda between the targeted and the refpolicy 2005-10-24 21:35:50 +00:00
Chris PeBenito
87ab639061 woops 2005-10-24 21:34:02 +00:00
Chris PeBenito
67167371a5 fix most of samba 2005-10-24 21:33:46 +00:00
Don Miner
bdfa8e72f0 Removed differences between refpolicy and targeted acct_t 2005-10-24 21:25:56 +00:00
Don Miner
9c4fcf666e Removed differences between refpolicy and targeted NetworkManager_t 2005-10-24 21:25:02 +00:00
Chris PeBenito
7ebd6a9079 add proc_net lnk 2005-10-24 20:25:59 +00:00
Chris PeBenito
b4e1ebc1f0 hopefully fix su 2005-10-24 20:01:03 +00:00
Chris PeBenito
30705b6bc0 fixes 2005-10-24 19:50:21 +00:00
Chris PeBenito
9bbc757a76 more fix 2005-10-24 18:40:24 +00:00
Don Miner
0354e306b7 Fixed a problem which was allowing processes to become unconfined from initrc 2005-10-24 18:10:47 +00:00
Don Miner
dd57ca3454 Added rules to the bind policy for the named server so that it would start 2005-10-24 18:06:31 +00:00
Don Miner
57d8e6c7a3 Added signal permissions to postgres so it can start 2005-10-24 17:28:17 +00:00
Chris PeBenito
162dfc3395 corenet fixes 2005-10-24 17:06:34 +00:00
Chris PeBenito
a3754ffe12 add configuration for testing 2005-10-24 16:01:26 +00:00
Chris PeBenito
37fe0ecd85 update ranges 2005-10-24 15:52:04 +00:00
Chris PeBenito
e64b338b35 fix 2005-10-24 15:29:27 +00:00
Chris PeBenito
9d343af57c fixes from chad 2005-10-24 15:15:25 +00:00
Chris PeBenito
88e5d70f52 add 2005-10-24 15:14:43 +00:00
Chris PeBenito
15fefa4958 remove bin policy and kern module assertions for now 2005-10-24 15:10:03 +00:00
Chris PeBenito
1480d3ad21 fix mls r_t 2005-10-24 14:22:13 +00:00
Chris PeBenito
34e722f3cd more sediff 2005-10-24 14:15:29 +00:00
Don Miner
fa16f25281 Added rules to the smbd_t and the nmbd_t domains so that they would start properly 2005-10-24 12:45:16 +00:00
Chris PeBenito
1dd86c43cd sediff fixes 2005-10-24 12:38:45 +00:00
Chris PeBenito
bb67633572 add initrc_su_t 2005-10-24 11:55:53 +00:00
Don Miner
3d37bca18f Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start 2005-10-24 11:21:28 +00:00
Chris PeBenito
710791f1a4 more missing types 2005-10-24 03:52:35 +00:00
Chris PeBenito
19b5555f77 more fixes 2005-10-24 03:21:26 +00:00
Chris PeBenito
43989f82f8 add rpc 2005-10-24 01:53:13 +00:00
Chris PeBenito
2db2c7d099 fixes from sediff 2005-10-24 00:54:39 +00:00
Don Miner
f8964c04ba Added a file context for httpd.pid so that it is correctly labeled
Added some rules to mysql to make it work
2005-10-24 00:23:12 +00:00
Chris PeBenito
f85544209a nwmgr fixes 2005-10-23 22:46:06 +00:00
Chris PeBenito
ef5ca0fb79 add cups 2005-10-23 22:10:59 +00:00
Chris PeBenito
04926d07a8 add postfix 2005-10-23 20:18:36 +00:00
Chris PeBenito
f932d8e3cb add spamassassin 2005-10-22 23:50:23 +00:00
Chris PeBenito
385dcd4e70 add radius 2005-10-22 22:51:14 +00:00
Chris PeBenito
44fc06b0cb add radius and amanda, which I forgot to ci 2005-10-22 22:51:01 +00:00
Chris PeBenito
230838e117 add pegasus 2005-10-22 21:55:39 +00:00
Chris PeBenito
a636210ef8 add dbskk 2005-10-22 21:18:03 +00:00
Chris PeBenito
ad3b9d76dc add lpd 2005-10-22 21:09:03 +00:00
Chris PeBenito
ae1d9afb5b simplify since alias take care of it 2005-10-22 20:06:51 +00:00
Chris PeBenito
10b1f324d5 add amanda 2005-10-22 19:58:58 +00:00
Chris PeBenito
239db5e20c add networkmanager 2005-10-22 17:44:04 +00:00
Chris PeBenito
ebed41b5aa woops, radius wasn't actually completed 2005-10-22 16:47:17 +00:00
Chris PeBenito
ae90172c41 expand gen_context() in file contexts 2005-10-22 16:31:56 +00:00
Chris PeBenito
1f8a8bbbbd more sediff fixes 2005-10-21 22:56:41 +00:00
Chris PeBenito
e6a2eaffdf more fixes 2005-10-21 21:35:25 +00:00
Chris PeBenito
da4fc9ce2b sediff fixes 2005-10-21 19:36:49 +00:00
Chris PeBenito
23a4442bf1 add xdm 2005-10-21 17:55:15 +00:00
Chris PeBenito
3509484c6f add canna 2005-10-21 16:39:28 +00:00
Chris PeBenito
fe7b943240 fix 2005-10-21 16:19:26 +00:00
Chris PeBenito
ea557a85df add cyrus 2005-10-21 16:18:11 +00:00
Chris PeBenito
06a5362f93 add all target to build base and modules 2005-10-21 16:00:24 +00:00
Chris PeBenito
29ce0009bc add dovecot 2005-10-21 15:38:22 +00:00
Chris PeBenito
cf6141a72e fix corenetwork generation and add distcc 2005-10-21 13:11:17 +00:00
Chris PeBenito
4e69c1c423 obj class typo for certs 2005-10-20 19:28:27 +00:00
Chris PeBenito
2b01ae7e20 make DISTRO=redhat imply DIRECT_INITRC=y 2005-10-20 18:08:31 +00:00
Chris PeBenito
a4e8b79d8a release 2005-10-19 21:18:25 +00:00
Chris PeBenito
61feb222ae add missing entry 2005-10-19 20:18:21 +00:00
Chris PeBenito
de764944d8 targeted policy fixes 2005-10-19 19:45:20 +00:00
Chris PeBenito
af4752bcb9 targeted and distro fixes for loadable modules 2005-10-19 16:44:24 +00:00
Chris PeBenito
0efe52ae99 fix last loadable module problems 2005-10-19 14:36:04 +00:00
Chris PeBenito
90c3ddefe3 fix requires 2005-10-19 13:11:49 +00:00
Chris PeBenito
12ae7557d3 piles of fixes for loadable modules 2005-10-18 18:25:33 +00:00
Chris PeBenito
c3812748c3 misc fixes 2005-10-18 15:07:11 +00:00
Chris PeBenito
84313262d7 error out if trying to build a module thats off or base 2005-10-17 21:31:30 +00:00
Chris PeBenito
97749e2a2e add more docs 2005-10-17 20:00:33 +00:00
Chris PeBenito
c3a05c9f5a fix error uncovered by sechecker 2005-10-17 20:00:20 +00:00
Chris PeBenito
e749cd12a6 wrap up almost all of apache 2005-10-17 17:55:38 +00:00
Chris PeBenito
e08118a52f add ppp 2005-10-14 20:00:07 +00:00
Chris PeBenito
fe9d17fe14 more merging from 1.27.1-15 2005-10-14 18:42:42 +00:00
Chris PeBenito
d8636fc937 more merging from 1.27.1-15 2005-10-14 17:55:40 +00:00
Chris PeBenito
77f6e2cd27 partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15 2005-10-13 20:59:36 +00:00
Chris PeBenito
b1421d8712 add some docs, do some reordering 2005-10-12 21:25:16 +00:00
Chris PeBenito
8df65f137f add sechecker targets 2005-10-12 19:13:49 +00:00
Chris PeBenito
c4bf979302 start adding perm sets with refpol names 2005-10-12 18:17:10 +00:00
Chris PeBenito
4c71994852 add missing interface 2005-10-12 17:32:41 +00:00
Chris PeBenito
be4690a5ae add in last bits of webalizer 2005-10-12 17:22:25 +00:00
Chris PeBenito
c2b18fa1f3 more apache work 2005-10-12 16:23:22 +00:00
Chris PeBenito
799a0b43cd add mailman 2005-10-11 15:36:53 +00:00
Chris PeBenito
fedd3cafbd update INSTALL and start work on README 2005-10-10 21:02:49 +00:00
Chris PeBenito
f33561f560 add webalizer and sasl 2005-10-10 18:50:08 +00:00
Chris PeBenito
4483ee849c add apm and arpwatch. fix implementation error on fs_getattr_all_files,
splitting it up into correct interfaces.
2005-10-10 18:11:46 +00:00
Chris PeBenito
d4dca58511 add finger and bluetooth 2005-10-07 21:45:04 +00:00
Chris PeBenito
9d3e339e82 partial mailman merge 2005-10-07 19:35:36 +00:00
Chris PeBenito
99505c1c89 fix files_exec_usr_src_files 2005-10-07 18:48:43 +00:00
Chris PeBenito
4f9f30c8df * Updated to sedoctool to read bool files and tunable
files separately.
* Changed the xml tag of <boolean> to <bool> to be consistent
  with gen_bool().
* Modified the implementation of segenxml to use regular
  expressions.
2005-10-07 18:08:50 +00:00
Chris PeBenito
e02c61cfa4 rename context_template() to gen_context() 2005-10-06 19:33:06 +00:00
Chris PeBenito
6e99a6cfd1 more apache work 2005-10-05 21:17:22 +00:00
Chris PeBenito
fc6524d746 add ftp 2005-10-05 19:52:53 +00:00
Chris PeBenito
5bc9f3061b fix comment 2005-10-05 19:10:31 +00:00
Chris PeBenito
f4d7fdcfaf add interfaces used in old anonymous_domain() 2005-10-05 19:09:42 +00:00
Chris PeBenito
a996bdf4ad add most of apache 2005-09-29 20:59:00 +00:00
Chris PeBenito
a5ec7cb6c4 more pieces of ftp 2005-09-29 13:32:28 +00:00
Chris PeBenito
a2868f6eae start adding secure_file_type implementation 2005-09-28 19:07:22 +00:00
Chris PeBenito
79cde317df add winbind 2005-09-28 18:22:58 +00:00
Chris PeBenito
6942484b6f add in a couple missing rules 2005-09-28 18:10:48 +00:00
Chris PeBenito
246a604273 add in a few parts of ftp 2005-09-27 22:29:45 +00:00
Chris PeBenito
20e306e2de add dmidecode 2005-09-27 21:24:01 +00:00
Chris PeBenito
b03f960ece add disable_trans support 2005-09-27 20:17:50 +00:00
Chris PeBenito
1f91e1bfe5 a few conditional cleanups 2005-09-27 19:40:44 +00:00
Chris PeBenito
f0574fa9aa add mls privileges 2005-09-26 20:26:32 +00:00
Chris PeBenito
6d788d87d1 comment fix 2005-09-26 20:24:44 +00:00
Chris PeBenito
9edc289521 add anaconda 2005-09-23 22:15:04 +00:00
Chris PeBenito
b9ae3aab39 rework nis_use_ypbind since optionals dont work in conditionals 2005-09-23 22:14:54 +00:00
Chris PeBenito
fa67570d9a add radvd, plus a few cleanups from sediff 2005-09-23 21:20:03 +00:00
Chris PeBenito
842859260c add kudzu 2005-09-23 19:38:34 +00:00
Chris PeBenito
0058418017 remove classes from gen_requires, and disable net_raw for now 2005-09-23 15:37:41 +00:00
Chris PeBenito
681c9a02e7 fixes from sediff 2005-09-22 21:59:50 +00:00
Chris PeBenito
48558667c0 update for release 2005-09-22 19:05:26 +00:00
Chris PeBenito
f7ba4a8963 add uucp 2005-09-22 16:27:52 +00:00
Chris PeBenito
b53f93a41f testing fixes 2005-09-22 15:32:53 +00:00
Chris PeBenito
fb2817da70 make system.users look nicer 2005-09-22 14:42:49 +00:00
Chris PeBenito
90e497f586 fix regex 2005-09-22 14:33:38 +00:00
Chris PeBenito
1fb83a764b fix system.users now that the gen_user macro is in support 2005-09-22 14:31:30 +00:00
Chris PeBenito
08c5c972cf fix for targeted 2005-09-22 14:14:25 +00:00
Chris PeBenito
996ae37b69 fix for removed example targeted config 2005-09-22 13:35:13 +00:00
Chris PeBenito
25c6746156 loadable module compile fixes 2005-09-21 20:01:40 +00:00
Chris PeBenito
6e0542eb27 fix error with file common being output, not file class (unique perms were missing) 2005-09-21 20:01:21 +00:00
Chris PeBenito
142e9f40ea targeted and redhat cleanups 2005-09-21 14:49:41 +00:00
Chris PeBenito
0e15cdfb50 change monolithic_policy to self_contained_policy for clarity 2005-09-21 13:26:30 +00:00
Chris PeBenito
3774e4eb28 todo cleanup 2005-09-20 20:48:17 +00:00
Chris PeBenito
93070cbaed add cvs 2005-09-20 18:49:13 +00:00
Chris PeBenito
9210553ecb add cpucontrol 2005-09-20 18:15:35 +00:00
Chris PeBenito
4fd5201a59 add rlogin and telnet 2005-09-20 17:11:53 +00:00
Chris PeBenito
c0e4fe2c9c add appconfig for mls and mcs 2005-09-20 14:20:02 +00:00
Chris PeBenito
200f453ff5 add stunnel 2005-09-20 13:47:36 +00:00
Chris PeBenito
a1fcff33f2 final updates from nsa cvs 2005-09-19 21:17:45 +00:00
Chris PeBenito
41c4800de4 a few module compile fixes 2005-09-19 14:18:48 +00:00
Chris PeBenito
cf6a7d8993 more upstream merging 2005-09-16 21:20:37 +00:00
Chris PeBenito
cff75c90ca more upstream merging 2005-09-16 19:36:10 +00:00
Chris PeBenito
40adb57f47 add tftp 2005-09-16 15:18:09 +00:00
Chris PeBenito
ccc5978224 add snmp 2005-09-16 14:54:36 +00:00
Chris PeBenito
a0824843c2 more merging from nsa cvs 2005-09-16 13:36:26 +00:00
Chris PeBenito
98a8ead4c5 more updates 2005-09-15 21:03:29 +00:00
Chris PeBenito
605ba28540 more merging from nsa cvs 2005-09-15 15:34:31 +00:00
Chris PeBenito
5a2649cefd cleanup 2005-09-14 19:27:30 +00:00
Chris PeBenito
84c92239d4 add samba 2005-09-14 18:33:53 +00:00
Chris PeBenito
4479b31614 require fix 2005-09-14 15:41:46 +00:00
Chris PeBenito
71fe0fa4c5 fixes for module compiling 2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0 more merging of NSA CVS policy 2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3 begin merging in upstream NSA CVS changes 2005-09-12 21:40:56 +00:00
Chris PeBenito
082dcd9eb2 add base mod changelog entry 2005-09-12 15:58:44 +00:00
Chris PeBenito
712566ee41 fixes to make base module compilable 2005-09-12 15:17:39 +00:00
Chris PeBenito
2e863f8ad0 add first part of changes to make base module compilable 2005-09-09 20:51:54 +00:00
Chris PeBenito
0fdf3ef75e fix sshd to use initrc transition while typeattribute in conditionals is still broken 2005-09-09 20:49:59 +00:00
Chris PeBenito
9ff3003346 add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work 2005-09-09 13:24:11 +00:00
Chris PeBenito
eb3cb6820a add portmap 2005-09-08 17:12:38 +00:00
Chris PeBenito
d17b4d2323 add ktalk 2005-09-08 13:42:13 +00:00
Chris PeBenito
9b06402eaf add missing rules of other domains using inn 2005-09-08 13:23:11 +00:00
Chris PeBenito
541b7d57ff new release 2005-09-07 16:15:51 +00:00
Chris PeBenito
763a5e30c6 misc fixes 2005-09-07 13:31:37 +00:00
Chris PeBenito
8d93523409 add inn 2005-09-06 18:37:27 +00:00
Chris PeBenito
603f90ab9d misc fixes 2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3 add ntp 2005-09-05 16:47:19 +00:00
Chris PeBenito
ce1b44aac4 typo 2005-09-02 20:55:17 +00:00
Chris PeBenito
ac0483aefe add dictd 2005-09-02 20:50:54 +00:00
Chris PeBenito
fdae8e755e add hal 2005-09-02 20:29:52 +00:00
Chris PeBenito
f344c0f38e move dhcpd to dhcp 2005-09-02 19:18:43 +00:00
Chris PeBenito
0f707d52ab add squid 2005-09-02 19:11:07 +00:00
Chris PeBenito
7c8fc35b14 add dhcpd 2005-09-02 14:52:08 +00:00
Chris PeBenito
9d3bdc25af fix bugs uncovered from sediff 2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13 move rhgb_domain into TODO so modules can compile as binary modules 2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf finish remaining dbus bits 2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578 add dbus 2005-08-31 20:58:12 +00:00
Chris PeBenito
6af06cd8b6 fix typos 2005-08-31 16:54:19 +00:00
Chris PeBenito
768283ac46 cosmetics 2005-08-31 16:49:30 +00:00
Chris PeBenito
6e61566dba add comsat. clean up kerberos and nscd interfaces 2005-08-31 15:25:12 +00:00
Chris PeBenito
246839f3d2 fix up most of mta attribute insanity 2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59 send user role to per userdomain templates. update templated interfaces
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
e5d45268fd make corecommands required 2005-08-30 14:41:52 +00:00
Chris PeBenito
a19e346437 doctool display for no interfaces or templates 2005-08-29 19:55:00 +00:00
Chris PeBenito
37aa3ff267 update for release 2005-08-26 15:02:23 +00:00
Chris PeBenito
9439a25899 update config, switch most to module 2005-08-26 13:30:59 +00:00
Chris PeBenito
2a94561a89 start adding in templated interfaces 2005-08-25 20:27:20 +00:00
Chris PeBenito
d4df0aa62c remove bad changelog date 2005-08-25 14:49:31 +00:00
Chris PeBenito
c6299b2a1b add rpm spec skeleton 2005-08-24 20:42:15 +00:00
Chris PeBenito
6d12276bf5 fix quoting 2005-08-24 20:18:28 +00:00
Chris PeBenito
e28aa682c7 reformat for use in rpm 2005-08-24 20:18:06 +00:00
Chris PeBenito
3110dec4f3 fix tunables 2005-08-24 20:00:10 +00:00
Chris PeBenito
82024f9942 do bools until loadable modules support tunables 2005-08-24 18:30:47 +00:00
Chris PeBenito
d83fdad248 add bind 2005-08-23 17:26:19 +00:00
Chris PeBenito
902be0ae21 add privoxy 2005-08-22 21:49:27 +00:00
Chris PeBenito
35ecf83839 add rsync 2005-08-22 21:17:10 +00:00
Chris PeBenito
f9b11e9615 add howl 2005-08-22 20:43:20 +00:00
Chris PeBenito
4b8c5489ec move require to right position, for modular policy 2005-08-22 20:18:42 +00:00
Chris PeBenito
a6df70c11a more comments 2005-08-22 20:05:40 +00:00
Chris PeBenito
8b75b07055 remove comment about monolithic only supported 2005-08-22 18:28:45 +00:00
Chris PeBenito
c04f2abe88 complete infrastructure support for building modules 2005-08-22 17:07:17 +00:00
Chris PeBenito
db93d707c5 mark userpace object classes 2005-08-22 14:13:19 +00:00
Chris PeBenito
f6e28abbab moved to selinux module 2005-08-19 20:05:02 +00:00
Chris PeBenito
28f0329c78 for base module, only enable modules actually in it 2005-08-19 20:00:05 +00:00
Chris PeBenito
fb0a3a98c6 initial support for compiling loadable modules 2005-08-18 21:27:20 +00:00
Chris PeBenito
f862c35c37 add gpm 2005-08-17 21:28:31 +00:00
Chris PeBenito
2961e79b55 add ldap 2005-08-17 18:33:43 +00:00
Chris PeBenito
23ca91f8bb cleanup 2005-08-17 17:31:57 +00:00
Chris PeBenito
545b0c9176 add rshd 2005-08-17 15:23:24 +00:00
Chris PeBenito
886907ccef add firstboot 2005-08-17 15:08:12 +00:00
Chris PeBenito
57a96cbd0b add firstboot 2005-08-17 14:14:07 +00:00
Chris PeBenito
2d803edc73 more debian cleanup 2005-08-17 14:09:29 +00:00
Chris PeBenito
a573790b4d make default for optional modules to module instead of base 2005-08-15 20:31:37 +00:00
Chris PeBenito
4806a05cfb fix broken xml of previous commit 2005-08-15 19:35:20 +00:00
Chris PeBenito
5f38a65aab try to knock out more of the distro_debian bootloader stuff 2005-08-15 19:31:37 +00:00
Chris PeBenito
21468a6076 add loadkeys 2005-08-15 14:46:17 +00:00
Chris PeBenito
8843093607 more comments 2005-08-12 19:28:30 +00:00
Chris PeBenito
f0b1efa2a2 all dev nodes assoc to tmpfs, since most everyone is moving to udev 2005-08-12 19:28:15 +00:00
Chris PeBenito
c5a6dcbc3e quiet file context validation 2005-08-12 18:15:00 +00:00
Chris PeBenito
35b494789d fix some udev naming 2005-08-12 18:13:03 +00:00
Chris PeBenito
aae06c1306 fix system spool file problem 2005-08-12 17:54:55 +00:00
Chris PeBenito
d06f3c3752 remove secdesc since desc is sufficient 2005-08-11 17:55:47 +00:00
Chris PeBenito
f7ebea06e3 finalize desc -> summary xml change 2005-08-11 17:46:39 +00:00
Chris PeBenito
4aa0dc20b4 add tcpd 2005-08-11 15:17:13 +00:00
Chris PeBenito
e694b51e6b fix no interface module handling in segenxml 2005-08-11 14:55:41 +00:00
Chris PeBenito
052c953ae5 add quota 2005-08-11 14:49:58 +00:00
Chris PeBenito
5a3895a9f6 tabbing fix 2005-08-11 14:35:52 +00:00
Chris PeBenito
e784300a62 add sudo 2005-08-09 19:30:43 +00:00
Chris PeBenito
b9d7d70b33 add template xml 2005-08-09 19:21:25 +00:00
Chris PeBenito
9489149ec0 add su 2005-08-08 21:03:23 +00:00
Chris PeBenito
9465452eec fix gen_user comment for more clarity 2005-08-08 18:13:56 +00:00
Chris PeBenito
dce68dc48d add updfstab 2005-08-08 15:51:15 +00:00
Chris PeBenito
f5e321b0f0 fix xml tags 2005-08-08 15:43:20 +00:00
Chris PeBenito
7057c18db0 a few more ssh touchups 2005-08-05 18:49:23 +00:00
Chris PeBenito
ed78ea0034 add tmpreaper 2005-08-05 15:32:27 +00:00
Chris PeBenito
9a66d4e562 add acct 2005-08-05 14:32:12 +00:00
Chris PeBenito
3fd8336882 misc cleanup 2005-08-04 20:54:51 +00:00
Chris PeBenito
42be7c214d add mysql 2005-08-03 17:56:26 +00:00
Chris PeBenito
046a21da80 search sbin dirs to find the pgms 2005-08-03 17:43:41 +00:00
Chris PeBenito
81343a6f90 * Rename ipsec connect interface for consistency.
* Add missing parts of unix stream socket connect interface
  of ipsec.
* Rename inetd connect interface for consistency.
2005-08-03 15:16:33 +00:00
Chris PeBenito
52a902b803 new release 2005-08-02 14:54:30 +00:00
Chris PeBenito
6db8e52a8f new release 2005-08-02 14:51:50 +00:00
Chris PeBenito
60abb5fdab add missing 2005-08-01 15:58:14 +00:00
Chris PeBenito
cd8fa41253 fix comparison bug 2005-08-01 15:49:05 +00:00
Chris PeBenito
96a150deac move file context validation to install 2005-07-29 20:49:52 +00:00
Chris PeBenito
bbdbdb9edf fix stray line that got out of TODO 2005-07-29 15:07:15 +00:00
Chris PeBenito
e5590ea5ec work on user transition 2005-07-28 20:52:55 +00:00
Chris PeBenito
c13146d97a update 2005-07-27 21:01:19 +00:00
Chris PeBenito
78d30cb1f4 Fix handling of ordered and unordered HTML lists. 2005-07-22 19:15:49 +00:00
Chris PeBenito
022f61c0e3 add connect interface on ports to handle name_connect tcp perm 2005-07-22 15:38:01 +00:00
Chris PeBenito
50527cf581 make network_interface able to support multiple interfaces having the same type 2005-07-22 14:00:38 +00:00
Chris PeBenito
953541a918 update from privmail 2005-07-21 20:34:57 +00:00
Chris PeBenito
80526ccbdd add an example module config for a targeted policy 2005-07-20 20:11:49 +00:00
Chris PeBenito
ea7d571bd7 /var/lib is now a mountpoint 2005-07-20 17:36:48 +00:00
Chris PeBenito
53857c8c05 unconfined can pass all constraints 2005-07-20 17:24:23 +00:00
Chris PeBenito
ef424c14d4 name_connect only on tcp_sockets 2005-07-20 17:10:07 +00:00
Chris PeBenito
9496fd5119 unconfined can name_connect to all ports 2005-07-20 17:08:07 +00:00
Chris PeBenito
d250634311 reorder kernel policy, add attributes for sysctl and proc entries. fix unconfined interface 2005-07-20 17:06:10 +00:00
Chris PeBenito
f82c6ac64c bah typo 2005-07-20 15:08:33 +00:00
Chris PeBenito
0b28a23114 user home dirs were missing file type in targ policy 2005-07-20 15:06:49 +00:00
Chris PeBenito
1e3f610b3b add missing dir and file perms for selinuxfs in unconfined 2005-07-20 14:57:13 +00:00
Chris PeBenito
689f6ddb35 fix typos and import some rules from NSA cvs to make targeted policy work 2005-07-20 14:25:24 +00:00
Chris PeBenito
474f43d13d should actually try compiling first :x 2005-07-20 13:39:10 +00:00
Chris PeBenito
bd7e7a6417 missed a line 2005-07-20 13:37:18 +00:00
Chris PeBenito
a28f6db576 add in some rules from NSA CVS to make targeted policy work 2005-07-20 13:30:06 +00:00
Chris PeBenito
8c3f438f75 corenet was missing from unconfined 2005-07-19 20:38:26 +00:00
Chris PeBenito
892266ca76 more targeted policy fixes 2005-07-19 20:26:02 +00:00
Chris PeBenito
21f47732b1 add new netlink socket class 2005-07-19 20:25:42 +00:00