Commit Graph

320 Commits

Author SHA1 Message Date
Chris PeBenito
4605adcba7 trunk: add postfixpolicyd from Jan-Frode Myklebust. 2007-11-07 20:17:44 +00:00
Chris PeBenito
eaed904cd5 trunk: 3 patches from dan. 2007-11-05 19:35:08 +00:00
Chris PeBenito
3ece11804e trunk: fix init_ranged_system_domain range_transition object class, from james carter. 2007-10-29 22:09:53 +00:00
Chris PeBenito
7d4161cdc9 trunk: 3 patches from dan. 2007-10-29 22:08:34 +00:00
Chris PeBenito
495df41602 trunk: 11 patches from dan. 2007-10-29 18:35:32 +00:00
Chris PeBenito
bd973e3e68 trunk: remove unused types from dbus. 2007-10-26 18:04:38 +00:00
Chris PeBenito
8e2fb69f88 trunk: filesystem patch from dan. 2007-10-24 18:37:26 +00:00
Chris PeBenito
6bf8bf4f5c trunk: add exim from dan. 2007-10-24 15:07:40 +00:00
Chris PeBenito
3c99e5989a trunk: add /var/lib search for system bus template. 2007-10-22 15:53:31 +00:00
Chris PeBenito
2f27163c1b trunk: 3 patches from dan. 2007-10-18 19:31:14 +00:00
Chris PeBenito
a334d2918f trunk: add infrastructure for managing user web content. 2007-10-18 19:23:33 +00:00
Chris PeBenito
e83edee5d2 trunk: fix do not userspace commons in kernel version of av_permissions.h. 2007-10-16 19:05:27 +00:00
Chris PeBenito
32c05ccbcd trunk: fix flask.py Flask class userspace dictionary usage. 2007-10-16 18:56:32 +00:00
Chris PeBenito
651df3ceb6 trunk: do not emit lines in the kernel version of av_inherit.h for commons that are only inherited by userspace object classes. 2007-10-16 18:30:23 +00:00
Chris PeBenito
3a9096d94f trunk: do not emit S_(0, 0, 0) in kernel headers for userspace classes that inherit commons. 2007-10-16 16:02:51 +00:00
Chris PeBenito
36627094e8 trunk: fix unconditional call to nscd from usermanage run interfaces. 2007-10-15 18:16:00 +00:00
Chris PeBenito
a27d1c6e84 trunk: gdm is in /usr/sbin on rawhide machines, from Eamon Walsh. 2007-10-15 17:50:07 +00:00
Chris PeBenito
f48782758e trunk: reorganize amanda and bind 2007-10-12 17:50:11 +00:00
Chris PeBenito
bc01b352f6 trunk: 2 patches from dan. 2007-10-12 17:35:56 +00:00
Chris PeBenito
cdf98fedc0 trunk: 10 patches from dan. 2007-10-11 18:12:29 +00:00
Chris PeBenito
ef659a476e Deprecate some old file and dir permission set macros in favor of the newer, more consistently-named macros. 2007-10-09 17:29:48 +00:00
Chris PeBenito
81d4c88f8c trunk: remove stale user_net_control reference in usernetctl.if. 2007-10-08 13:38:25 +00:00
Chris PeBenito
6c53a10e28 trunk: Patch to clean up unescaped periods in several file context entries from Jan-Frode Myklebust. 2007-10-05 18:00:55 +00:00
Chris PeBenito
12e9ea1ae3 trunk: module version bumps for previous commit. 2007-10-02 17:15:07 +00:00
Chris PeBenito
350b6ab767 trunk: merge strict and targeted policies. merge shlib_t into lib_t. 2007-10-02 16:04:50 +00:00
Chris PeBenito
3480f3f239 trunk: bump version numbers for release. 2007-09-28 13:58:24 +00:00
Chris PeBenito
aef93a760f trunk: one-liner from Shintaro Fujiwara 2007-09-26 14:28:20 +00:00
Chris PeBenito
4ddc7ba539 trunk: xml doc one-liner from Stefan Schulze Frielinghaus. 2007-09-24 13:01:17 +00:00
Chris PeBenito
ff4085dacc trunk: one-liner from Shintaro Fujiwara. 2007-09-18 19:49:35 +00:00
Chris PeBenito
6f49b490b8 trunk: Patch to add missing requirements in userdomain interfaces from Shintaro Fujiwara. 2007-09-17 18:04:35 +00:00
Chris PeBenito
0cf6df55e5 trunk: add awstats from Stefan Schulze Frielinghaus. 2007-09-17 17:25:40 +00:00
Chris PeBenito
8242f5a68d trunk: add bitlbee from devin carraway and add tcpd_wrapped_domain(). 2007-09-17 14:33:40 +00:00
Chris PeBenito
14add30d03 trunk: 3 patches from dan. 2007-09-12 14:53:39 +00:00
Chris PeBenito
134a799c75 trunk: 3 patches from dan. 2007-09-11 19:24:32 +00:00
Chris PeBenito
8a9d6f6449 trunk: 6 patches from dan. 2007-09-07 13:41:20 +00:00
Chris PeBenito
abc89340c4 trunk: two tiny patches from Stefan Schulze Frielinghaus 2007-09-06 19:29:54 +00:00
Chris PeBenito
72f82c47c2 trunk: six patches from dan. 2007-09-06 18:34:40 +00:00
Chris PeBenito
8241b538af trunk: udev update and brctl module from dan. 2007-09-05 17:55:57 +00:00
Chris PeBenito
016e5c5cdc trunk: 4 patches from dan. 2007-09-05 14:48:21 +00:00
Chris PeBenito
0a0b8078ca trunk: 5 patches from dan. 2007-09-04 18:57:58 +00:00
Chris PeBenito
ce2c80f3c6 trunk: make coda nfs_t, ticket #39. 2007-09-04 13:38:39 +00:00
Chris PeBenito
4922765ec6 trunk: fix certwatch_run() interface, which had a typo in the name. 2007-08-30 15:01:48 +00:00
Chris PeBenito
6dd721a686 trunk: 7 patches from dan, slocate, games, amavis, radius, sendmail, rshd, logrotate. 2007-08-27 17:57:36 +00:00
Chris PeBenito
a2f444884b trunk: patch to allow sendmail to read ssl/tls certificates from Stefan Schulze Frielinghaus. 2007-08-27 17:00:18 +00:00
Chris PeBenito
752ddf588f trunk: add missing commas in can_exec in daemontools that worked by luck. 2007-08-24 15:55:06 +00:00
Chris PeBenito
d62c0881e2 Update MLS constraints from LSPP evaluated policy. 2007-08-24 14:14:29 +00:00
Chris PeBenito
2af7b42a06 trunk: switch daemons from inheriting from all levels to initrc_t sharing to all levels. 2007-08-22 20:21:52 +00:00
Chris PeBenito
8d2c34195e trunk: updates from dan on 9 modules 2007-08-22 20:02:41 +00:00
Chris PeBenito
80d5e02c81 trunk: Files and radvd updates from Stefan Schulze Frielinghaus. 2007-08-21 19:03:34 +00:00
Chris PeBenito
1779bef032 trunk: fix gdm xsession scripts on redhat machines. 2007-08-20 18:54:29 +00:00
Chris PeBenito
f8233ab7b0 trunk: Deprecate mls_file_write_down() and mls_file_read_up(), replaced with mls_write_all_levels() and mls_read_all_levels(), for consistency. 2007-08-20 18:26:08 +00:00
Chris PeBenito
2d0c9cecaf trunk: several MLS enhancements. 2007-08-20 15:15:03 +00:00
Chris PeBenito
9760cbec2d trunk: Database userspace object manager classes from KaiGai Kohei. 2007-08-09 13:15:07 +00:00
Chris PeBenito
3d6e962dfa trunk: filesystem patch from dan 2007-08-08 20:04:28 +00:00
Chris PeBenito
939a4287b3 trunk: 3 patches from dan 2007-08-07 17:06:32 +00:00
Chris PeBenito
c040ea12b2 trunk: several support macro fixes. 2007-07-31 15:11:22 +00:00
Chris PeBenito
371d11ec04 trunk: add 3rd party interface for apache cgi. 2007-07-26 19:48:40 +00:00
Chris PeBenito
63acaf59d7 trunk: fix pipe permission set in domtrans_pattern(). 2007-07-26 19:41:15 +00:00
Chris PeBenito
924f3cc2cb trunk: add getserv and shmemserv nscd permissions. 2007-07-24 19:52:18 +00:00
Chris PeBenito
708aab1393 trunk: fix targeted sshd. When the domain was unaliased from unconfined_t, a transition to unconfined_t was not added. 2007-07-20 18:25:26 +00:00
Chris PeBenito
d46cfe45cd trunk: add application module 2007-07-19 18:57:48 +00:00
Chris PeBenito
6929521e0a trunk: fix missed netlabel deprecation 2007-07-19 15:11:19 +00:00
Chris PeBenito
f80a0e4f25 trunk: Add debian apcupsd binary location, from Stefan Schulze Frielinghaus. 2007-07-02 15:25:46 +00:00
Chris PeBenito
116c1da330 trunk: update module version numbers for release. 2007-06-29 14:48:13 +00:00
Chris PeBenito
113b4fc4a2 Fix incorrectly named files_lib_filetrans_shared_lib() interface in the libraries module. 2007-06-28 17:25:46 +00:00
Chris PeBenito
e5e55ace89 trunk, strict-targeted-merge: add mmap_zero to xserver domains. 2007-06-28 12:34:08 +00:00
Chris PeBenito
f5842c1fa5 trunk: minor amanda update from dan 2007-06-27 19:19:20 +00:00
Chris PeBenito
7b61fe506d trunk: add rpcbind from dan 2007-06-27 16:31:55 +00:00
Chris PeBenito
1900668638 trunk: Unified labeled networking policy from Paul Moore.
The latest revision of the labeled policy patches which enable both labeled 
and unlabeled policy support for NetLabel.  This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access.  The older, transport layer specific interfaces, are still  
present for use by third-party modules but are not used in the default policy
modules.

trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.

This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
2007-06-27 15:23:21 +00:00
Chris PeBenito
2c3ac47d45 trunk: pyzor and clamav updates from dan 2007-06-26 18:43:11 +00:00
Chris PeBenito
22bff65f4d trunk: fix typo in vmware.fc 2007-06-26 14:31:31 +00:00
Chris PeBenito
02f2c3e979 trunk: nagios update from dan 2007-06-21 17:23:19 +00:00
Chris PeBenito
a90a256f64 trunk: procmail tweak from dan. 2007-06-21 14:54:34 +00:00
Chris PeBenito
7f089782ae trunk: xen updates from dan 2007-06-21 13:36:05 +00:00
Chris PeBenito
92d1ade254 trunk: trivial gentoo tweaks 2007-06-20 20:08:26 +00:00
Chris PeBenito
5bf9deb5bb trunk: 3 patches from dan 2007-06-20 19:47:10 +00:00
Chris PeBenito
99b5a56cb6 trunk: radius one-liner from dan 2007-06-20 15:03:55 +00:00
Chris PeBenito
40df56772f trunk: big samba update from dan 2007-06-19 19:11:35 +00:00
Chris PeBenito
788d88c923 trunk: drop snmpd_etc_t. 2007-06-19 17:39:35 +00:00
Chris PeBenito
6c8aba7b31 trunk: confine sendmail and logrotate on targeted 2007-06-19 17:01:39 +00:00
Chris PeBenito
cb10a2d5bf trunk: Tunable connection to postgresql for users from KaiGai Kohei. 2007-06-19 14:30:06 +00:00
Chris PeBenito
41337aa8b9 Memprotect support patch from Stephen Smalley. 2007-06-19 13:02:26 +00:00
Chris PeBenito
d139413c64 trunk: 2 patches from dan 2007-06-13 13:54:56 +00:00
Chris PeBenito
a74d1ad7cd trunk: add amtu from dan 2007-06-12 18:58:36 +00:00
Chris PeBenito
d5b81a81ff trunk: Add logging_send_audit_msgs() interface and deprecate send_audit_msgs_pattern(). 2007-06-12 18:46:14 +00:00
Chris PeBenito
262def165a trunk: version bumps for previous commit. 2007-06-12 13:08:19 +00:00
Chris PeBenito
f7101c5430 trunk: 7 simple patches from dan. 2007-06-12 13:06:13 +00:00
Chris PeBenito
6649aec9d0 trunk: 3 patches from dan 2007-06-11 15:43:37 +00:00
Chris PeBenito
d534d35a7e trunk: 5 patches from dan 2007-06-11 15:01:10 +00:00
Chris PeBenito
f6a590d7b4 six simple patches from dan 2007-06-11 14:09:09 +00:00
Chris PeBenito
7782966db1 add fc entry for make_reiser4 2007-06-08 20:01:34 +00:00
Chris PeBenito
17b9cb7dda trunk: fix line in evolution to be strict-only; was being covered up by genhomedircon. 2007-05-22 17:01:38 +00:00
Chris PeBenito
a39a931362 trunk: snmp tweak from dan 2007-05-15 18:06:31 +00:00
Chris PeBenito
c412be6bef trunk: remaining pieces for apcupsd module 2007-05-15 15:43:00 +00:00
Chris PeBenito
38d0cf1b8a trunk: long overdue cleanup from when range_transitions were only in the base module 2007-05-14 15:35:47 +00:00
Chris PeBenito
762d2cb989 merge restorecon into setfiles 2007-05-11 17:10:43 +00:00
Chris PeBenito
12217cc286 Patch to begin separating out hald helper programs from Dan Walsh. 2007-05-07 17:57:48 +00:00
Chris PeBenito
78f17e6d6c add apcupsd from dan 2007-05-07 14:55:54 +00:00
Chris PeBenito
b129e2001c Fixes for squid, dovecot, and snmp from Dan Walsh. 2007-05-07 13:45:17 +00:00
Chris PeBenito
4967aaa320 Miscellaneous consolekit fixes from Dan Walsh. 2007-05-03 14:15:38 +00:00