Commit Graph

258 Commits

Author SHA1 Message Date
Chris PeBenito
daff1dc5af fix missing role statements 2005-11-11 15:33:38 +00:00
Chris PeBenito
2e0a880165 changed rules fixes 2005-11-10 21:37:54 +00:00
Chris PeBenito
c6825e980c missing matches 2005-11-10 16:53:50 +00:00
Chris PeBenito
725926c586 pile of sediff fixes 2005-11-08 22:00:30 +00:00
Chris PeBenito
307e11419a missing dir 2005-11-03 21:07:29 +00:00
Don Miner
8f882ffcd9 Added rules so that tracepath, traceroute and ping work. 2005-11-02 20:44:17 +00:00
Chris PeBenito
73ef293bc5 fixes just so sediff is easier to handle 2005-11-01 21:15:11 +00:00
Chris PeBenito
0b12fa4bd0 more dbus cleanup 2005-11-01 15:19:48 +00:00
Chris PeBenito
30910b37c6 more fixes 2005-10-31 22:19:16 +00:00
Don Miner
305106ebb9 Added a rule to allow dmidecode to use locallogin_t fd to make it so it works. 2005-10-31 21:45:42 +00:00
Chris PeBenito
b281bf6ed9 add some missing transitions from unconfined 2005-10-27 15:06:15 +00:00
Chris PeBenito
a525f293c3 sediff fixes 2005-10-27 14:52:37 +00:00
Chris PeBenito
4614e83fbb more fixing 2005-10-26 21:03:19 +00:00
Chris PeBenito
d1b9d9228b another pile o fixes 2005-10-26 18:07:20 +00:00
Chris PeBenito
33acca55ce pile o fixes 2005-10-26 16:00:13 +00:00
Chris PeBenito
7a6d427eae a few more strays 2005-10-25 20:22:25 +00:00
Chris PeBenito
2c216c09a8 use the right interface 2005-10-25 15:41:38 +00:00
Chris PeBenito
9aca490302 some home dir fixes 2005-10-25 15:36:45 +00:00
Chris PeBenito
83e4512c33 fix up su 2005-10-25 14:31:53 +00:00
Chris PeBenito
52e1edb35b fix acct 2005-10-24 22:31:44 +00:00
Don Miner
c11417c4df Reduced the number of differences in amanda between the targeted and the refpolicy 2005-10-24 21:35:50 +00:00
Chris PeBenito
67167371a5 fix most of samba 2005-10-24 21:33:46 +00:00
Don Miner
bdfa8e72f0 Removed differences between refpolicy and targeted acct_t 2005-10-24 21:25:56 +00:00
Chris PeBenito
b4e1ebc1f0 hopefully fix su 2005-10-24 20:01:03 +00:00
Chris PeBenito
30705b6bc0 fixes 2005-10-24 19:50:21 +00:00
Chris PeBenito
9bbc757a76 more fix 2005-10-24 18:40:24 +00:00
Chris PeBenito
e64b338b35 fix 2005-10-24 15:29:27 +00:00
Chris PeBenito
bb67633572 add initrc_su_t 2005-10-24 11:55:53 +00:00
Chris PeBenito
2db2c7d099 fixes from sediff 2005-10-24 00:54:39 +00:00
Chris PeBenito
44fc06b0cb add radius and amanda, which I forgot to ci 2005-10-22 22:51:01 +00:00
Chris PeBenito
0efe52ae99 fix last loadable module problems 2005-10-19 14:36:04 +00:00
Chris PeBenito
c3812748c3 misc fixes 2005-10-18 15:07:11 +00:00
Chris PeBenito
fe9d17fe14 more merging from 1.27.1-15 2005-10-14 18:42:42 +00:00
Chris PeBenito
d8636fc937 more merging from 1.27.1-15 2005-10-14 17:55:40 +00:00
Chris PeBenito
77f6e2cd27 partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15 2005-10-13 20:59:36 +00:00
Chris PeBenito
799a0b43cd add mailman 2005-10-11 15:36:53 +00:00
Chris PeBenito
4483ee849c add apm and arpwatch. fix implementation error on fs_getattr_all_files,
splitting it up into correct interfaces.
2005-10-10 18:11:46 +00:00
Chris PeBenito
e02c61cfa4 rename context_template() to gen_context() 2005-10-06 19:33:06 +00:00
Chris PeBenito
5bc9f3061b fix comment 2005-10-05 19:10:31 +00:00
Chris PeBenito
a996bdf4ad add most of apache 2005-09-29 20:59:00 +00:00
Chris PeBenito
20e306e2de add dmidecode 2005-09-27 21:24:01 +00:00
Chris PeBenito
1f91e1bfe5 a few conditional cleanups 2005-09-27 19:40:44 +00:00
Chris PeBenito
f0574fa9aa add mls privileges 2005-09-26 20:26:32 +00:00
Chris PeBenito
9edc289521 add anaconda 2005-09-23 22:15:04 +00:00
Chris PeBenito
fa67570d9a add radvd, plus a few cleanups from sediff 2005-09-23 21:20:03 +00:00
Chris PeBenito
842859260c add kudzu 2005-09-23 19:38:34 +00:00
Chris PeBenito
681c9a02e7 fixes from sediff 2005-09-22 21:59:50 +00:00
Chris PeBenito
25c6746156 loadable module compile fixes 2005-09-21 20:01:40 +00:00
Chris PeBenito
142e9f40ea targeted and redhat cleanups 2005-09-21 14:49:41 +00:00
Chris PeBenito
3774e4eb28 todo cleanup 2005-09-20 20:48:17 +00:00
Chris PeBenito
a1fcff33f2 final updates from nsa cvs 2005-09-19 21:17:45 +00:00
Chris PeBenito
41c4800de4 a few module compile fixes 2005-09-19 14:18:48 +00:00
Chris PeBenito
cf6a7d8993 more upstream merging 2005-09-16 21:20:37 +00:00
Chris PeBenito
cff75c90ca more upstream merging 2005-09-16 19:36:10 +00:00
Chris PeBenito
ccc5978224 add snmp 2005-09-16 14:54:36 +00:00
Chris PeBenito
a0824843c2 more merging from nsa cvs 2005-09-16 13:36:26 +00:00
Chris PeBenito
98a8ead4c5 more updates 2005-09-15 21:03:29 +00:00
Chris PeBenito
605ba28540 more merging from nsa cvs 2005-09-15 15:34:31 +00:00
Chris PeBenito
5a2649cefd cleanup 2005-09-14 19:27:30 +00:00
Chris PeBenito
84c92239d4 add samba 2005-09-14 18:33:53 +00:00
Chris PeBenito
71fe0fa4c5 fixes for module compiling 2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0 more merging of NSA CVS policy 2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3 begin merging in upstream NSA CVS changes 2005-09-12 21:40:56 +00:00
Chris PeBenito
603f90ab9d misc fixes 2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3 add ntp 2005-09-05 16:47:19 +00:00
Chris PeBenito
0f707d52ab add squid 2005-09-02 19:11:07 +00:00
Chris PeBenito
9d3bdc25af fix bugs uncovered from sediff 2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13 move rhgb_domain into TODO so modules can compile as binary modules 2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf finish remaining dbus bits 2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578 add dbus 2005-08-31 20:58:12 +00:00
Chris PeBenito
246839f3d2 fix up most of mta attribute insanity 2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59 send user role to per userdomain templates. update templated interfaces
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
2a94561a89 start adding in templated interfaces 2005-08-25 20:27:20 +00:00
Chris PeBenito
57a96cbd0b add firstboot 2005-08-17 14:14:07 +00:00
Chris PeBenito
f7ebea06e3 finalize desc -> summary xml change 2005-08-11 17:46:39 +00:00
Chris PeBenito
052c953ae5 add quota 2005-08-11 14:49:58 +00:00
Chris PeBenito
e784300a62 add sudo 2005-08-09 19:30:43 +00:00
Chris PeBenito
b9d7d70b33 add template xml 2005-08-09 19:21:25 +00:00
Chris PeBenito
9489149ec0 add su 2005-08-08 21:03:23 +00:00
Chris PeBenito
dce68dc48d add updfstab 2005-08-08 15:51:15 +00:00
Chris PeBenito
f5e321b0f0 fix xml tags 2005-08-08 15:43:20 +00:00
Chris PeBenito
ed78ea0034 add tmpreaper 2005-08-05 15:32:27 +00:00
Chris PeBenito
9a66d4e562 add acct 2005-08-05 14:32:12 +00:00
Chris PeBenito
42be7c214d add mysql 2005-08-03 17:56:26 +00:00
Chris PeBenito
9f103ce14b fix to use context_template() 2005-07-18 14:25:05 +00:00
Chris PeBenito
50aca6d2f9 add raid (mdadm) 2005-07-15 20:45:26 +00:00
Chris PeBenito
493d6c4adc add nscd 2005-07-13 20:48:51 +00:00
Chris PeBenito
df00b2e235 * fix chroot exec interface
* more TODO cleanup
* move IPC out of generic domtrans interfaces
2005-07-13 18:29:08 +00:00
Chris PeBenito
b24f35d8a3 more cleanup of current TODOs 2005-07-12 20:34:24 +00:00
Chris PeBenito
ae9e2716c3 fix more TODOs. fix selinux.te to selinuxutil.te in optionals 2005-07-11 19:02:50 +00:00
Chris PeBenito
fd89e19f12 more work on current modules 2005-06-30 18:54:08 +00:00
Chris PeBenito
ebdc3b7902 clean up more todos 2005-06-29 20:53:53 +00:00
Chris PeBenito
d233bfce3f make layer summary required 2005-06-29 16:54:13 +00:00
Chris PeBenito
8fd3673225 another round of renaming, for consistency 2005-06-29 14:26:41 +00:00
Chris PeBenito
96ce00afcc add logrotate, more low-hanging fruit 2005-06-28 20:54:49 +00:00
Chris PeBenito
ceebe3b4b0 change desc to summary 2005-06-28 19:51:46 +00:00
Chris PeBenito
783b38347e more low hanging fruit cleanup 2005-06-28 17:32:57 +00:00
Chris PeBenito
ab940a4cc1 autofs_t and ypbind cleanup 2005-06-27 16:30:55 +00:00
Chris PeBenito
62a7b02c5b add/update comments 2005-06-24 13:36:57 +00:00
Chris PeBenito
414e415198 update for new documentation method 2005-06-23 21:30:57 +00:00
Chris PeBenito
261e0e66ee shorten some xml tags 2005-06-23 16:00:05 +00:00
Chris PeBenito
2a3478cf15 fixes pointed out by steve, plus fixes revealed by the added assertions 2005-06-23 14:19:56 +00:00
Chris PeBenito
199895e201 move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00
Chris PeBenito
e04b8e7832 initial commit 2005-06-20 18:43:14 +00:00
Chris PeBenito
57869a681e XML: encapsulate modules in layers, rather then layer being an attribute of
module tag
2005-06-20 18:40:44 +00:00
Chris PeBenito
7f2e39b8e6 review of admin interfaces 2005-06-17 18:27:08 +00:00
Chris PeBenito
139520a233 review of system interfaces 2005-06-17 17:59:26 +00:00
Chris PeBenito
d35c621eb0 add a couple more nfs and cifs interfaces, to cover most of the
use_(nfs|cifs)_home_dirs tunable
2005-06-16 20:33:51 +00:00
Chris PeBenito
5e0da6a03e finish renaming system/selinux to system/selinuxutil 2005-06-14 20:48:34 +00:00
Chris PeBenito
8bd6789954 move constraints interfaces to domain module. move sysfs and usbfs to
devices module
2005-06-14 19:56:46 +00:00
Chris PeBenito
3eed10909e convert relevant conditionals into tunable_policy 2005-06-14 14:43:04 +00:00
Chris PeBenito
fa7bea8feb rename requires_block_tempalte to gen_require 2005-06-13 20:47:04 +00:00
Chris PeBenito
31908be07f a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00
Chris PeBenito
c9428d33dc renaming insanity 2005-06-13 17:35:46 +00:00
Karl MacMillan
f0c985ca80 Devices rename. 2005-06-13 16:22:32 +00:00
Chris PeBenito
0fd9dc55cf renaming insanity 2005-06-10 01:01:13 +00:00
Chris PeBenito
7591e83cba fix layer in module tag 2005-06-09 17:56:38 +00:00
Chris PeBenito
d90b274e40 for now, drop infoflow tags 2005-06-09 17:23:53 +00:00
Chris PeBenito
dc67f782e4 aliases 2005-06-09 17:21:52 +00:00
Chris PeBenito
763c441e3b start renaming filesystem interfaces 2005-06-08 13:12:00 +00:00
Chris PeBenito
254bbc7bb3 start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00
Chris PeBenito
0c73cd2526 change over to some perm set macros. add indentation 2005-06-03 12:25:14 +00:00
Chris PeBenito
d115660e3b change network verb in corenetwork to sendrecv 2005-06-02 18:55:47 +00:00
Chris PeBenito
aa40608fbe remove copyright until licensing issues are resolved 2005-06-01 17:34:13 +00:00
Chris PeBenito
e32d52ba47 fix xml 2005-06-01 14:17:43 +00:00
Chris PeBenito
3b857eae09 add some file_t interfaces, and console write 2005-05-31 21:25:45 +00:00
Chris PeBenito
b8fca44d3f initial commit 2005-05-31 20:39:15 +00:00
Chris PeBenito
4bf4ed9e68 permission set macro changes, plus more cab related work 2005-05-31 19:52:57 +00:00
Chris PeBenito
32e53ac1b8 cleanup inspired by sediff 2005-05-27 21:56:01 +00:00
Chris PeBenito
16e9b0cb6b rpmbuild_t is not a system domain. also mark it as most likely dead. 2005-05-27 21:29:54 +00:00
Chris PeBenito
d490eb6b5c fixes from cab 2005-05-26 20:38:45 +00:00
Chris PeBenito
c220381539 initial commit 2005-05-26 15:50:53 +00:00
Chris PeBenito
efd8ede34d many fixes from cab testing 2005-05-25 20:58:21 +00:00
Chris PeBenito
10abae75d9 initial commit 2005-05-25 19:52:21 +00:00
Chris PeBenito
6f3dab294e initial commit 2005-05-24 21:32:34 +00:00
Chris PeBenito
e7fcdc6d2f fix the object class in process transition interfaces 2005-05-24 20:45:27 +00:00
Chris PeBenito
dc771ff40e another cleanup pass 2005-05-24 15:55:57 +00:00
Chris PeBenito
992aba5f15 initial commit 2005-05-23 17:56:47 +00:00
Chris PeBenito
daa0e0b01f add xml comments to interfaces, convert over userdomain stuff 2005-05-19 21:06:06 +00:00
Chris PeBenito
bee546bfd4 add context template to support mls 2005-05-18 21:02:15 +00:00
Chris PeBenito
1786071159 rename some selinuxfs interfaces for more clarity 2005-05-18 13:22:37 +00:00
Chris PeBenito
dd14d0d892 change read_shared_libraries to use_shared_libraries, since the execute
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
2005-05-17 15:32:52 +00:00
Chris PeBenito
b16c6b8c32 start adding user domains. fix ttynode and ptynode handling, as they're
more then user terminals (at least ptynode is).  start adding XML comments
2005-05-16 21:10:33 +00:00
Chris PeBenito
ff31386090 move make_{daemon,init,system}_domain to init to fix type_transition'ing 2005-05-13 20:21:50 +00:00
Chris PeBenito
fd9deeb8ee reorg and a fix 2005-05-12 20:49:39 +00:00
Chris PeBenito
38e24ae49e add files_make_temporary_file and remove type attribute from
create_private_tmp
2005-05-11 19:21:40 +00:00
Chris PeBenito
b3416a3762 initial commit 2005-05-10 20:06:19 +00:00
Chris PeBenito
f8ec0ad43b initial commit 2005-05-10 19:51:00 +00:00
Chris PeBenito
13e94c09e4 more authlogin handling 2005-05-09 21:07:53 +00:00
Chris PeBenito
a9a20ddaae allow all domains to use /dev/{zero,null,tty} 2005-05-09 19:55:01 +00:00