Daniel J Walsh
5a576e06f0
- Allow passwd to communicate with user sockets to change gnome-keyring
2008-04-08 19:17:28 +00:00
Daniel J Walsh
7f851af8d9
- Fix initial install
2008-04-08 03:17:46 +00:00
Daniel J Walsh
c3c4a525c2
-
2008-04-06 12:06:47 +00:00
Daniel J Walsh
27943de6a0
- Allow radvd to use fifo_file
...
- dontaudit setfiles reading links
- allow semanage sys_resource
- add allow_httpd_mod_auth_ntlm_winbind boolean
- Allow privhome apps including dovecot read on nfs and cifs home dirs if
the boolean is set
2008-04-05 10:39:06 +00:00
Daniel J Walsh
c66f2bc425
- Allow nsplugin to read /etc/mozpluggerrc, user_fonts
...
- Allow syslog to manage innd logs.
- Allow procmail to ioctl spamd_exec_t
2008-04-01 09:21:21 +00:00
Daniel J Walsh
294ea7a213
- Allow initrc_t to dbus chat with consolekit.
2008-03-29 18:36:09 +00:00
Daniel J Walsh
e54cb216a8
- Additional access for nsplugin
...
- Allow xdm setcap/getcap until pulseaudio is fixed
2008-03-28 22:07:45 +00:00
Daniel J Walsh
f70afcdd9e
- Allow mount to mkdir on tmpfs
...
- Allow ifconfig to search debugfs
2008-03-26 06:17:27 +00:00
Daniel J Walsh
bf3d39e959
- Fix file context for MATLAB
...
- Fixes for xace
2008-03-21 23:24:11 +00:00
Daniel J Walsh
5ea3f10caf
- Allow stunnel to transition to inetd children domains
...
- Make unconfined_dbusd_t an unconfined domain
2008-03-20 16:11:16 +00:00
Daniel J Walsh
94b7be909e
2008-03-18 21:10:02 +00:00
Daniel J Walsh
ba9e5e8244
- Fixes for qemu/virtd
2008-03-17 21:42:05 +00:00
Daniel J Walsh
97081dcb9d
- Fix bug in mozilla policy to allow xguest transition
...
- This will fix the
2008-03-14 21:17:21 +00:00
Daniel J Walsh
a6e1280791
- Fix bug in mozilla policy to allow xguest transition
...
- This will fix the
2008-03-14 21:13:24 +00:00
Daniel J Walsh
d593d26c1d
- Allow nsplugin to run acroread
2008-03-14 15:59:07 +00:00
Daniel J Walsh
987b10f86d
- Add cups_pdf policy
...
- Add openoffice policy to run in xguest
2008-03-14 00:25:00 +00:00
Daniel J Walsh
7f811bf534
- prewika needs to contact mysql
...
- Allow syslog to read system_map files
2008-03-13 12:58:25 +00:00
Daniel J Walsh
ceda8feb68
- Change init_t to an unconfined_domain
2008-03-12 12:39:48 +00:00
Daniel J Walsh
0879f489ab
- Allow init to transition to initrc_t on shell exec.
...
- Fix init to be able to sendto init_t.
- Allow syslog to connect to mysql
- Allow lvm to manage its own fifo_files
- Allow bugzilla to use ldap
- More mls fixes
2008-03-12 01:10:44 +00:00
Bill Nottingham
110bce3a29
fixes for init, rhgb. also, fix the build
2008-03-11 22:46:00 +00:00
Daniel J Walsh
2041ac3d49
- Additional changes for MLS policy
2008-03-10 20:58:06 +00:00
Daniel J Walsh
1bf67d57ed
- Fix initrc_context generation for MLS
2008-03-06 22:25:06 +00:00
Daniel J Walsh
dc57e68eff
- Fixes for libvirt
2008-03-05 23:11:52 +00:00
Daniel J Walsh
5947905ef9
- Allow bitlebee to read locale_t
2008-03-04 21:38:18 +00:00
Daniel J Walsh
d8c160273b
- More xselinux rules
2008-02-29 22:33:22 +00:00
Daniel J Walsh
9a0f35b9ad
- Change httpd_$1_script_r*_t to httpd_$1_content_r*_t
2008-02-29 22:18:30 +00:00
Daniel J Walsh
338714fc7f
-
2008-02-28 21:51:10 +00:00
Daniel J Walsh
b7229ad8bb
- Prepare policy for beta release
...
- Change some of the system domains back to unconfined
- Turn on some of the booleans
2008-02-28 05:01:51 +00:00
Daniel J Walsh
40ce26840e
- Prepare policy for beta release
...
- Change some of the system domains back to unconfined
- Turn on some of the booleans
2008-02-28 04:35:56 +00:00
Daniel J Walsh
533c755e4d
- Allow nsplugin_config execstack/execmem
...
- Allow nsplugin_t to read alsa config
- Change apache to use user content
2008-02-28 03:32:23 +00:00
Daniel J Walsh
c092cc1478
- Add cyphesis policy
2008-02-26 23:02:51 +00:00
Daniel J Walsh
063999dd85
2008-02-26 19:24:53 +00:00
Daniel J Walsh
27b2b09ffe
-
2008-02-26 16:15:00 +00:00
Daniel J Walsh
f75033d612
- Update to upstream fixes
2008-02-26 13:45:23 +00:00
Daniel J Walsh
5ca2ff99b6
- Add xace support
2008-02-22 20:32:52 +00:00
Daniel J Walsh
8bd036a289
- Add fusectl file system
2008-02-21 19:43:52 +00:00
Daniel J Walsh
541ba8edec
- Fixes from yum-cron
...
- Update to latest upstream
2008-02-20 18:52:50 +00:00
Daniel J Walsh
e5acebe58c
2008-02-20 18:30:31 +00:00
Daniel J Walsh
306393505f
- Fix userdom_list_user_files
2008-02-19 22:20:15 +00:00
Daniel J Walsh
eb3e9fbc68
- Merge with upstream
2008-02-18 21:31:18 +00:00
Daniel J Walsh
7e1e7bed89
- Allow udev to send audit messages
2008-02-14 21:05:32 +00:00
Daniel J Walsh
9870c64ba7
- Add additional login users interfaces
...
- userdom_admin_login_user_template(staff)
2008-02-13 22:13:58 +00:00
Daniel J Walsh
49295b262f
- More fixes for polkit
2008-02-12 18:41:35 +00:00
Daniel J Walsh
ebe074be56
- More fixes for polkit
2008-02-11 22:53:26 +00:00
Daniel J Walsh
57ac1cab83
- Update to upstream
2008-02-06 21:47:42 +00:00
Daniel J Walsh
4637b67d50
- Fixes for staff_t
2008-02-05 21:25:09 +00:00
Daniel J Walsh
b53db53c9f
- Add policy for kerneloops
...
- Add policy for gnomeclock
2008-02-05 18:31:25 +00:00
Daniel J Walsh
881d64a16e
- Fixes for libvirt
2008-02-04 21:41:59 +00:00
Daniel J Walsh
60c693e546
- Fixes for nsplugin
2008-02-03 13:39:47 +00:00
Daniel J Walsh
11ac4bcde1
- Additional ports for vnc and allow qemu and libvirt to search all
...
directories
2008-02-02 15:42:44 +00:00
Daniel J Walsh
b19d470cd4
- Update to upstream
...
- Add libvirt policy
- add qemu policy
2008-02-02 06:30:04 +00:00
Daniel J Walsh
e1060e24d5
- Allow fail2ban to create a socket in /var/run
2008-02-01 13:49:05 +00:00
Daniel J Walsh
59d6fbb642
- Allow allow_httpd_mod_auth_pam to work
2008-01-31 20:59:05 +00:00
Daniel J Walsh
7c124f5e42
- Allow allow_httpd_mod_auth_pam to work
2008-01-31 19:32:51 +00:00
Daniel J Walsh
f18a882ba5
- Add audisp policy and prelude
2008-01-30 21:34:13 +00:00
Daniel J Walsh
0f70114e58
- Allow all user roles to executae samba net command
2008-01-30 13:56:22 +00:00
Daniel J Walsh
7c2be34d14
- Allow usertypes to read/write noxattr file systems
2008-01-28 16:48:49 +00:00
Daniel J Walsh
7c7d59935b
- Fix nsplugin to allow flashplugin to work in enforcing mode
2008-01-24 18:12:25 +00:00
Daniel J Walsh
0939872058
- Allow pam_selinux_permit to kill all processes
2008-01-23 18:24:12 +00:00
Daniel J Walsh
cc5bb89ef0
- Allow ptrace or user processes by users of same type
...
- Add boolean for transition to nsplugin
2008-01-22 19:46:50 +00:00
Daniel J Walsh
ef19b75773
- Allow nsplugin sys_nice, getsched, setsched
2008-01-22 17:35:34 +00:00
Daniel J Walsh
b3c8a04083
- Allow login programs to talk dbus to oddjob
2008-01-21 21:42:26 +00:00
Daniel J Walsh
98f84cb0ed
- Add procmail_log support
...
- Lots of fixes for munin
2008-01-21 15:57:25 +00:00
Daniel J Walsh
e26fef9ac3
- Allow setroubleshoot to read policy config and send audit messages
2008-01-15 20:43:04 +00:00
Daniel J Walsh
8a40d69539
- Allow users to execute all files in homedir, if boolean set
...
- Allow mount to read samba config
2008-01-14 19:47:11 +00:00
Daniel J Walsh
27c7d85aab
- Fixes for xguest to run java plugin
2008-01-13 14:01:50 +00:00
Daniel J Walsh
4be3ba520d
- dontaudit pam_t and dbusd writing to user_home_t
2008-01-11 19:45:47 +00:00
Daniel J Walsh
5baf53aabd
- Update gpg to allow reading of inotify
2008-01-08 19:58:56 +00:00
Daniel J Walsh
a502c55197
- Change user and staff roles to work correctly with varied perms
2008-01-03 22:13:09 +00:00
Daniel J Walsh
c64ec27caa
- Fix munin log,
...
- Eliminate duplicate mozilla file context
- fix wpa_supplicant spec
2007-12-31 21:47:39 +00:00
Daniel J Walsh
88ae3f5e0c
- Fix role transition from unconfined_r to system_r when running rpm
...
- Allow unconfined_domains to communicate with user dbus instances
2007-12-30 15:12:11 +00:00
Daniel J Walsh
5d13344539
- Fix role transition fro unconfined_r to system_r when running rpm
2007-12-24 12:01:17 +00:00
Daniel J Walsh
0ec33db4ff
- Let all uncofined domains communicate with dbus unconfined
2007-12-21 07:58:04 +00:00
Daniel J Walsh
673eaaeafb
- Run rpm in system_r
2007-12-20 21:26:31 +00:00
Daniel J Walsh
5615fe1b3d
- Zero out customizable types
2007-12-19 21:45:51 +00:00
Daniel J Walsh
9a2cf87457
- Fix definiton of admin_home_t
2007-12-19 10:42:06 +00:00
Daniel J Walsh
2f257cb996
- Fix munin file context
2007-12-19 09:27:15 +00:00
Daniel J Walsh
91c2fa9d31
- Allow cron to run unconfined apps
2007-12-18 13:59:31 +00:00
Daniel J Walsh
99d3676891
- Modify default login to unconfined_u
2007-12-17 22:49:08 +00:00
Daniel J Walsh
4d59c29e33
- Dontaudit dbus user client search of /root
2007-12-14 12:40:39 +00:00
Daniel J Walsh
5928688f61
- Dontaudit dbus user client search of /root
2007-12-13 22:42:22 +00:00
Daniel J Walsh
76e3401243
- Update to upstream
2007-12-13 18:44:18 +00:00
Daniel J Walsh
4c6f2dd6a3
- Fixes for polkit
...
- Allow xserver to ptrace
2007-12-12 14:53:07 +00:00
Daniel J Walsh
7dfe3eb3ef
- Add polkit policy
...
- Symplify userdom context, remove automatic per_role changes
2007-12-11 06:08:33 +00:00
Daniel J Walsh
a1341a85df
- Update to upstream
...
- Allow httpd_sys_script_t to search users homedirs
2007-12-06 21:37:36 +00:00
Daniel J Walsh
02654b8fb4
- Update to upstream
...
- Allow httpd_sys_script_t to search users homedirs
2007-12-05 03:19:13 +00:00
Daniel J Walsh
d195fc7e87
- Update to upstreamddddddddddddd
...
- Allow httpd_sys_script_t to search users homedirs
2007-12-05 03:11:46 +00:00
Daniel J Walsh
320f3e6459
- Allow rpm_script to transition to unconfined_execmem_t
2007-12-04 00:15:27 +00:00
Daniel J Walsh
3b47cb03b7
Fri Nov 30 2007 Dan Walsh <dwalsh@redhat.com> 3.2.1-1
...
- Remove user based home directory separation
2007-12-03 00:15:23 +00:00
Daniel J Walsh
9186dc57d9
- Remove user based home directory separation
2007-11-30 22:33:18 +00:00
Daniel J Walsh
3a54e4809f
- Remove user specific crond_t
2007-11-28 16:56:57 +00:00
Daniel J Walsh
0fffbad8de
- Merge with upstream
...
- Allow xsever to read hwdata_t
- Allow login programs to setkeycreate
2007-11-26 15:40:45 +00:00
Daniel J Walsh
ddf4ec413f
- Update to upstream
2007-11-19 20:09:32 +00:00
Daniel J Walsh
7330e86b90
- Update to upstream
2007-11-10 14:14:41 +00:00
Daniel J Walsh
36404444a8
- Update to upstream
2007-11-07 19:42:24 +00:00
Daniel J Walsh
fa0d1c8884
- Update to upstream
2007-10-23 23:13:09 +00:00
Daniel J Walsh
d0649e9167
- Allow XServer to read /proc/self/cmdline
2007-10-22 14:27:29 +00:00
Daniel J Walsh
30dfdc7f05
- Fixes for hald_mac
...
- Treat unconfined_home_dir_t as a home dir
- dontaudit rhgb writes to fonts and root
2007-10-19 21:21:40 +00:00
Daniel J Walsh
3375c34d9a
- Fix dnsmasq
...
- Allow rshd full login privs
2007-10-19 15:01:30 +00:00
Daniel J Walsh
6455c9d6b5
- Allow rshd to connect to ports > 1023
2007-10-18 22:33:41 +00:00