Chris PeBenito
08638af216
fix ordering of interface calls in clock.
2009-08-05 09:52:34 -04:00
Chris PeBenito
2acba7bbdb
fix ordering of interface calls in authlogin.
2009-08-05 09:51:47 -04:00
Chris PeBenito
4c92f08f75
openrc unfortunately mounts a tmpfs at /lib/rc
2009-07-30 08:57:15 -04:00
Chris PeBenito
cfdbf366cb
gentoo init script system uses tmpfs for state data
2009-07-30 08:33:43 -04:00
Chris PeBenito
efa0acccea
gentoo init script system sends audit messages.
2009-07-29 21:50:32 -04:00
Chris PeBenito
33322290f2
automount patch from dan.
2009-07-29 08:59:26 -04:00
Chris PeBenito
4083191c4b
add missing userdom interfaces
2009-07-28 09:35:46 -04:00
Chris PeBenito
09516cb4be
remove read_default_t tunable
2009-07-23 08:58:35 -04:00
Chris PeBenito
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
26410ddf54
trunk: remove unnecessary semicolons after interface/template calls.
2009-06-19 13:52:33 +00:00
Chris PeBenito
df28a0c444
trunk: Misc fixes for unix_update from Brandon Whalen.
2009-06-18 13:36:40 +00:00
Chris PeBenito
30425aa876
trunk: 1 patch from dan.
2009-06-12 15:30:15 +00:00
Chris PeBenito
22894e33c4
trunk: add libjackserver.so textrel fc.
2009-06-01 13:04:40 +00:00
Chris PeBenito
c0f5fa011a
trunk: whitespace fixes.
2009-05-06 14:44:57 +00:00
Chris PeBenito
3392356f36
trunk: 5 patches from dan.
2009-05-06 14:26:20 +00:00
Chris PeBenito
153fe24bdc
trunk: 5 patches from dan.
2009-04-07 14:09:43 +00:00
Chris PeBenito
09125ae411
trunk: module version bump for previous commit.
2009-04-03 14:15:53 +00:00
Chris PeBenito
d6605bc48b
trunk: 3 patches from dan.
2009-04-03 14:14:43 +00:00
Chris PeBenito
244b45d225
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
Chris PeBenito
3c9b2e9bc6
trunk: 6 patches from dan.
2009-03-19 17:56:10 +00:00
Chris PeBenito
81fa19ed73
trunk: remove unused udev_runtime_t type.
2009-02-24 19:31:08 +00:00
Chris PeBenito
c1e501136b
trunk: add context contains to setrans.
2009-02-09 13:58:22 +00:00
Chris PeBenito
f0435b1ac4
trunk: add support for labeled booleans.
2009-01-13 13:01:48 +00:00
Chris PeBenito
c1262146e0
trunk: Remove node definitions and change node usage to generic nodes.
2009-01-09 19:48:02 +00:00
Chris PeBenito
668b3093ff
trunk: change network interface access from all to generic network interfaces.
2009-01-06 20:24:10 +00:00
Chris PeBenito
17ec8c1f84
trunk: bump module versions for release.
2008-12-10 19:38:10 +00:00
Chris PeBenito
3196971ae8
trunk: Fix consistency of audioentropy and iscsi module naming.
2008-12-09 16:47:33 +00:00
Chris PeBenito
ff8f0a63f4
trunk: whitespace fixes in xml blocks.
2008-12-03 19:16:20 +00:00
Chris PeBenito
6073ea1e13
trunk: whitespace fix changing multiple spaces into tabs.
2008-12-03 18:33:19 +00:00
Chris PeBenito
b3eb124654
trunk: Debian file context fix for xen from Russell Coker.
2008-11-24 15:34:54 +00:00
Chris PeBenito
7a4c282536
trunk: fix logging admin interfaces.
2008-11-14 13:53:21 +00:00
Chris PeBenito
73c77e2c9b
trunk: 2 fixes from martin orr.
2008-11-13 18:44:23 +00:00
Chris PeBenito
27337d8c21
trunk: patch from Mike Edenfield to add udevadm fc entry.
2008-11-11 15:03:06 +00:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
932c3536f8
trunk: additional open fixes.
2008-11-04 14:37:05 +00:00
Chris PeBenito
82d2775c92
trunk: more open perm fixes.
2008-10-20 16:10:42 +00:00
Chris PeBenito
2cca6b79b4
trunk: remove redundant shared lib calls.
2008-10-17 17:31:04 +00:00
Chris PeBenito
2a98379a24
trunk: additional whitespace fixes.
2008-10-17 15:52:39 +00:00
Chris PeBenito
88cf0a9c2b
trunk: whitespace fix; collapse multiple blank lines into one.
2008-10-17 15:29:51 +00:00
Chris PeBenito
0b36a2146e
trunk: Enable open permission checks policy capability.
2008-10-16 16:09:20 +00:00
Chris PeBenito
5d4f4b5375
trunk: bump version numbers for release.
2008-10-14 15:46:36 +00:00
Chris PeBenito
aa7c463e5d
trunk: a pile of misc fixes.
2008-10-13 13:36:50 +00:00
Chris PeBenito
06099da657
trunk: 3 patches from dan.
2008-10-09 18:06:24 +00:00
Chris PeBenito
04d2861035
trunk: missing bits from dan's previous round of patches.
2008-10-09 14:01:53 +00:00
Chris PeBenito
88c02e0538
trunk: init script for setrans.
2008-09-18 18:20:31 +00:00
Chris PeBenito
64c5b9975b
trunk: add interface to transition to initrc_t on labeled init scripts.
2008-09-18 13:47:43 +00:00
Chris PeBenito
cfafe4a7a8
trunk: logging update from dan.
2008-09-18 13:20:57 +00:00
Chris PeBenito
36095d11ce
trunk: kudzu and mta patches from dan.
2008-09-12 14:18:20 +00:00
Chris PeBenito
8786916e8d
trunk: ntp and setrans update from dan.
2008-09-11 14:54:40 +00:00
Chris PeBenito
96851b1d63
trunk: fix bad require.
2008-09-03 15:37:24 +00:00
Chris PeBenito
e40fa634b2
trunk: Logrotate and Bind updates from Vaclav Ovsik.
2008-09-03 14:12:56 +00:00
Chris PeBenito
6cc3f35635
trunk: first part of init script labeling support.
2008-08-29 19:00:02 +00:00
Chris PeBenito
e4171e8048
trunk: fix unconfined mail sending out by postfix and qmail.
2008-08-29 12:50:31 +00:00
Chris PeBenito
c11057f7ae
trunk: fedora update cherry picked by david hardeman.
2008-08-22 15:17:01 +00:00
Chris PeBenito
770c015f88
trunk: 2 patches from dan.
2008-08-14 15:10:41 +00:00
Chris PeBenito
3e59876583
trunk: 6 patches from the fedora policy, cherry picked by david hardeman.
2008-08-14 14:19:50 +00:00
Chris PeBenito
6e328912ac
trunk: two small patches from dan.
2008-08-14 13:08:53 +00:00
Chris PeBenito
9acf481bd0
trunk: fix from fedora policy, cherry picked from David Hardeman.
2008-08-12 19:52:29 +00:00
Chris PeBenito
9c4500b2f4
trunk: Glibc 2.7 fix from Vaclav Ovsik.
2008-08-12 19:33:18 +00:00
Chris PeBenito
e0ed765c0e
trunk: 3 patches from the fedora policy, cherry picked by David Hardeman.
2008-08-11 14:03:36 +00:00
Chris PeBenito
8a948caf2b
trunk: 11 more cherry picks from fedora policy, by david hardeman.
2008-08-07 14:17:50 +00:00
Chris PeBenito
3338f231d5
trunk: Policy size optimization with a non-security file attribute from James Carter.
2008-07-31 14:05:46 +00:00
Chris PeBenito
556556cdd0
trunk: 3 more cherry picked Fedora fixes from David Hrdeman.
2008-07-25 12:11:14 +00:00
Chris PeBenito
dc1920b218
trunk: Database labeled networking update from KaiGai Kohei.
2008-07-25 04:07:09 +00:00
Chris PeBenito
2b592aa495
trunk: pam_mount fix for local login from Stefan Schulze Frielinghaus
2008-07-18 13:25:31 +00:00
Chris PeBenito
4459a7c086
trunk: update init_telinit() for upstart's datagram socket usage instead of pipe useage.
2008-07-15 15:33:51 +00:00
Chris PeBenito
cfcf5004e5
trunk: bump versions for release.
2008-07-02 14:07:57 +00:00
Chris PeBenito
f7eaeebbae
trunk: more xml doc fixes.
2008-06-24 14:43:47 +00:00
Chris PeBenito
c5cfd2d405
trunk: Add unused interface/template parameter metadata in XML.
2008-06-24 14:23:40 +00:00
Chris PeBenito
b1a903654f
trunk: add missing requires.
2008-06-24 12:53:30 +00:00
Chris PeBenito
fe5618edf5
trunk: add /usr/lib32 symlink labeling for debian.
2008-06-13 13:55:22 +00:00
Chris PeBenito
e8cb08aefa
trunk: add sepostgresql policy from kaigai kohei.
2008-06-10 15:33:18 +00:00
Chris PeBenito
d87efeec73
trunk: fixes for gentoo targeted systems.
2008-05-27 12:07:03 +00:00
Chris PeBenito
7d8fbdc062
trunk: fix bad cifs interface.
2008-05-23 14:41:36 +00:00
Chris PeBenito
b34db7a8ec
trunk: another pile of misc fixes.
2008-05-22 15:24:52 +00:00
Chris PeBenito
8f3a0a95e0
trunk: a pile of misc fixes, mainly sync xml docs with interface implementation.
2008-05-15 13:10:34 +00:00
Chris PeBenito
e9c6cda7da
trunk: Move user roles into individual modules.
2008-04-29 13:58:34 +00:00
Chris PeBenito
2083db2e40
trunk: Cryptsetup runs shell scripts. Patch from Martin Orr.
2008-04-18 15:32:03 +00:00
Chris PeBenito
0a14f3ae09
trunk: bump module version numbers for release.
2008-04-02 16:04:43 +00:00
Chris PeBenito
2c12b471ad
trunk: add core xselinux support.
2008-04-01 20:23:23 +00:00
Chris PeBenito
e828954c63
trunk: 4 patches from dan.
2008-03-27 15:20:16 +00:00
Chris PeBenito
2ed4f5aedf
trunk: small fixes for gentoo system.
2008-03-20 14:55:17 +00:00
Chris PeBenito
91d6c92160
trunk: a pair of tweaks from gentoo systems.
2008-03-14 14:55:34 +00:00
Chris PeBenito
47333d8246
trunk: Revise upstart support in init module to use a tunable, as upstart is now used in Fedora too.
2008-03-10 19:29:47 +00:00
Chris PeBenito
e065ac8ab5
trunk: Apt updates for ptys and logs, from Martin Orr.
2008-03-04 19:48:58 +00:00
Chris PeBenito
834401ff97
trunk: dovecot fix from Stefan Schulze Frielinghaus.
2008-02-25 19:31:03 +00:00
Chris PeBenito
90c3c561ef
trunk: fc fix and if addtion from Stefan Schulze Frielinghaus.
2008-02-25 14:20:56 +00:00
Chris PeBenito
9fa023ff58
trunk: Pam and samba updates from Stefan Schulze Frielinghaus.
2008-02-19 19:33:48 +00:00
Chris PeBenito
ee6608baeb
trunk: 8 patches from dan.
2008-02-18 18:44:40 +00:00
Chris PeBenito
6e7a1fc871
trunk: fix userdom_role_change_template() xml.
2008-02-13 20:26:18 +00:00
Chris PeBenito
12cf805e1c
trunk: add basic ubuntu support
2008-02-05 18:24:43 +00:00
Chris PeBenito
9323a50bcc
trunk: add run_init domtrans to chk passwd.
2008-01-03 19:46:40 +00:00
Chris PeBenito
7cbfeb97cf
trunk: uncomment set loginuid for functional login programs under strict.
2008-01-03 18:30:45 +00:00
Chris PeBenito
f7925f25f7
trunk: bump module versions for release.
2007-12-14 14:23:18 +00:00
Chris PeBenito
1abafe3707
trunk: Patch for debian logrotate to handle syslogd-listfiles, from Vaclav Ovsik.
2007-12-12 16:18:50 +00:00
Chris PeBenito
02d968c581
trunk: several fc updates from dan.
2007-12-12 15:55:21 +00:00
Chris PeBenito
9f6e2db3ae
trunk: add openoffice locations in gentoo.
2007-12-10 15:59:01 +00:00
Chris PeBenito
dd9e1de35e
trunk: Improve several tunables descriptions from Dan Walsh.
2007-12-07 15:44:53 +00:00
Chris PeBenito
09e21686ea
trunk: another round of nsswitch from dan.
2007-12-06 16:04:14 +00:00
Chris PeBenito
c0cf6e0a6e
trunk: clean up nsswitch usage, from dan.
2007-12-04 15:05:55 +00:00
Chris PeBenito
08dccef215
trunk: add /dev symlink relabel since its not short circuited.
2007-11-30 15:56:48 +00:00
Chris PeBenito
f98cfb5a29
trunk: version bump for newrole fixes.
2007-11-28 20:20:49 +00:00
Chris PeBenito
c2b87f2af5
trunk: test fix 2 for newrole.
2007-11-28 19:06:07 +00:00
Chris PeBenito
6138d3da0e
trunk: test fix for newrole.
2007-11-28 18:39:47 +00:00
Chris PeBenito
1483be1fe5
trunk: handle early boot on debian, for /dev labeling.
2007-11-26 20:22:17 +00:00
Chris PeBenito
2f5c2f23da
trunk: remove duplicate init_system_domain() call for setfiles, from Vaclav Ovsik.
2007-11-26 19:32:51 +00:00
Chris PeBenito
0aa18d9fd5
trunk: version bumps for previous commit.
2007-11-26 16:46:38 +00:00
Chris PeBenito
0b6acad1bb
trunk: More complete labeled networking infrastructure from KaiGai Kohei.
2007-11-26 16:44:57 +00:00
Chris PeBenito
ccf6611bdd
trunk: add unconfined_run_to().
2007-11-16 19:50:34 +00:00
Chris PeBenito
013783b2b1
trunk: switch newrole and run_init over to use nsswitch.
2007-11-16 15:58:23 +00:00
Chris PeBenito
53da70cdaa
trunk: deprecate seutil_manage_selinux_config() in favor of correctly named seutil_manage_config().
2007-11-16 15:39:55 +00:00
Chris PeBenito
389ad7b48d
trunk: reorganize selinuxutil.
2007-11-16 15:39:09 +00:00
Chris PeBenito
eeef8dc451
trunk: Add interface for libselinux constructor, for libselinux-linked SELinux-enabled programs.
2007-11-16 14:58:17 +00:00
Chris PeBenito
226c06969c
trunk: 9 patches from dan.
2007-11-15 20:10:26 +00:00
Chris PeBenito
6c91189762
trunk: 8 patches from dan.
2007-11-15 16:54:18 +00:00
Chris PeBenito
9820351703
trunk: add in polmatch for default spd.
2007-11-14 15:53:18 +00:00
Chris PeBenito
bdccbacdd6
trunk: add labeled networking support to unconfined.
2007-11-14 14:38:45 +00:00
Chris PeBenito
847937da7d
trunk: Patch to restructure user role templates to create restricted user roles from Dan Walsh.
2007-11-13 19:31:43 +00:00
Chris PeBenito
eaed904cd5
trunk: 3 patches from dan.
2007-11-05 19:35:08 +00:00
Chris PeBenito
3ece11804e
trunk: fix init_ranged_system_domain range_transition object class, from james carter.
2007-10-29 22:09:53 +00:00
Chris PeBenito
7d4161cdc9
trunk: 3 patches from dan.
2007-10-29 22:08:34 +00:00
Chris PeBenito
bd973e3e68
trunk: remove unused types from dbus.
2007-10-26 18:04:38 +00:00
Chris PeBenito
cdf98fedc0
trunk: 10 patches from dan.
2007-10-11 18:12:29 +00:00
Chris PeBenito
ef659a476e
Deprecate some old file and dir permission set macros in favor of the newer, more consistently-named macros.
2007-10-09 17:29:48 +00:00
Chris PeBenito
6c53a10e28
trunk: Patch to clean up unescaped periods in several file context entries from Jan-Frode Myklebust.
2007-10-05 18:00:55 +00:00
Chris PeBenito
12e9ea1ae3
trunk: module version bumps for previous commit.
2007-10-02 17:15:07 +00:00
Chris PeBenito
350b6ab767
trunk: merge strict and targeted policies. merge shlib_t into lib_t.
2007-10-02 16:04:50 +00:00
Chris PeBenito
3480f3f239
trunk: bump version numbers for release.
2007-09-28 13:58:24 +00:00
Chris PeBenito
aef93a760f
trunk: one-liner from Shintaro Fujiwara
2007-09-26 14:28:20 +00:00
Chris PeBenito
6f49b490b8
trunk: Patch to add missing requirements in userdomain interfaces from Shintaro Fujiwara.
2007-09-17 18:04:35 +00:00
Chris PeBenito
14add30d03
trunk: 3 patches from dan.
2007-09-12 14:53:39 +00:00
Chris PeBenito
134a799c75
trunk: 3 patches from dan.
2007-09-11 19:24:32 +00:00
Chris PeBenito
abc89340c4
trunk: two tiny patches from Stefan Schulze Frielinghaus
2007-09-06 19:29:54 +00:00
Chris PeBenito
72f82c47c2
trunk: six patches from dan.
2007-09-06 18:34:40 +00:00
Chris PeBenito
8241b538af
trunk: udev update and brctl module from dan.
2007-09-05 17:55:57 +00:00
Chris PeBenito
0a0b8078ca
trunk: 5 patches from dan.
2007-09-04 18:57:58 +00:00
Chris PeBenito
4922765ec6
trunk: fix certwatch_run() interface, which had a typo in the name.
2007-08-30 15:01:48 +00:00
Chris PeBenito
752ddf588f
trunk: add missing commas in can_exec in daemontools that worked by luck.
2007-08-24 15:55:06 +00:00
Chris PeBenito
2af7b42a06
trunk: switch daemons from inheriting from all levels to initrc_t sharing to all levels.
2007-08-22 20:21:52 +00:00
Chris PeBenito
8d2c34195e
trunk: updates from dan on 9 modules
2007-08-22 20:02:41 +00:00
Chris PeBenito
f8233ab7b0
trunk: Deprecate mls_file_write_down() and mls_file_read_up(), replaced with mls_write_all_levels() and mls_read_all_levels(), for consistency.
2007-08-20 18:26:08 +00:00
Chris PeBenito
2d0c9cecaf
trunk: several MLS enhancements.
2007-08-20 15:15:03 +00:00
Chris PeBenito
d46cfe45cd
trunk: add application module
2007-07-19 18:57:48 +00:00
Chris PeBenito
6929521e0a
trunk: fix missed netlabel deprecation
2007-07-19 15:11:19 +00:00
Chris PeBenito
116c1da330
trunk: update module version numbers for release.
2007-06-29 14:48:13 +00:00
Chris PeBenito
113b4fc4a2
Fix incorrectly named files_lib_filetrans_shared_lib() interface in the libraries module.
2007-06-28 17:25:46 +00:00
Chris PeBenito
1900668638
trunk: Unified labeled networking policy from Paul Moore.
...
The latest revision of the labeled policy patches which enable both labeled
and unlabeled policy support for NetLabel. This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access. The older, transport layer specific interfaces, are still
present for use by third-party modules but are not used in the default policy
modules.
trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.
This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
2007-06-27 15:23:21 +00:00
Chris PeBenito
7f089782ae
trunk: xen updates from dan
2007-06-21 13:36:05 +00:00
Chris PeBenito
92d1ade254
trunk: trivial gentoo tweaks
2007-06-20 20:08:26 +00:00
Chris PeBenito
cb10a2d5bf
trunk: Tunable connection to postgresql for users from KaiGai Kohei.
2007-06-19 14:30:06 +00:00