Chris PeBenito
|
37c85212a1
|
use role dominance in targeted for compatability with strict
|
2005-11-10 16:55:56 +00:00 |
|
Chris PeBenito
|
1904b01047
|
fix changed rules
|
2005-11-10 16:54:18 +00:00 |
|
Chris PeBenito
|
c6825e980c
|
missing matches
|
2005-11-10 16:53:50 +00:00 |
|
Chris PeBenito
|
c2e35b815a
|
fc fixes
|
2005-11-10 14:47:02 +00:00 |
|
Chris PeBenito
|
c646a9f838
|
add missing bin_t aliases
|
2005-11-09 22:18:15 +00:00 |
|
Chris PeBenito
|
51f3744773
|
add missing /var/yp match
|
2005-11-09 21:32:55 +00:00 |
|
Chris PeBenito
|
33faf59e07
|
correct shlib_t alias
|
2005-11-09 20:48:20 +00:00 |
|
Chris PeBenito
|
e3d21df8ad
|
fix to use real type rather than alias
|
2005-11-09 19:13:08 +00:00 |
|
Chris PeBenito
|
2ab07ebbf3
|
fixes for sorting
|
2005-11-09 18:29:03 +00:00 |
|
Chris PeBenito
|
4b9516c125
|
add avahi
|
2005-11-09 17:12:34 +00:00 |
|
Chris PeBenito
|
d3f715d228
|
more fix
|
2005-11-09 15:51:22 +00:00 |
|
Chris PeBenito
|
3e639ab08b
|
tty fixes
|
2005-11-09 15:05:47 +00:00 |
|
Chris PeBenito
|
725926c586
|
pile of sediff fixes
|
2005-11-08 22:00:30 +00:00 |
|
Chris PeBenito
|
76febd2146
|
fix sendmail transition
|
2005-11-07 21:13:07 +00:00 |
|
Chris PeBenito
|
8967bf8b89
|
merge in some of dan's old policy changes
|
2005-11-07 20:09:28 +00:00 |
|
Don Miner
|
bc6dfa6778
|
Changed a { create rw_dir_perms } to a create_dir_perms since starting radius was getting a setattr denial and setattr was shown to be missing in sediff
|
2005-11-04 16:43:05 +00:00 |
|
Don Miner
|
45aa10abd7
|
Added signal_perms to nscd_t.
|
2005-11-04 14:13:24 +00:00 |
|
Chris PeBenito
|
307e11419a
|
missing dir
|
2005-11-03 21:07:29 +00:00 |
|
Chris PeBenito
|
7afca0b4c1
|
user tty fixes
|
2005-11-03 19:33:53 +00:00 |
|
Chris PeBenito
|
9c6feb63de
|
add stuff from distros.fc
|
2005-11-03 18:08:36 +00:00 |
|
Don Miner
|
8f882ffcd9
|
Added rules so that tracepath, traceroute and ping work.
|
2005-11-02 20:44:17 +00:00 |
|
Chris PeBenito
|
73ef293bc5
|
fixes just so sediff is easier to handle
|
2005-11-01 21:15:11 +00:00 |
|
Chris PeBenito
|
b488014fd7
|
hack
|
2005-11-01 20:52:48 +00:00 |
|
Chris PeBenito
|
b9ea0fed0f
|
clean up last var_run_domain expansion errors
|
2005-11-01 19:52:37 +00:00 |
|
Chris PeBenito
|
ee08bc4c75
|
read certs
|
2005-11-01 16:11:32 +00:00 |
|
Chris PeBenito
|
35adb6f8d7
|
clean up socket
|
2005-11-01 15:57:15 +00:00 |
|
Chris PeBenito
|
31a1c2df88
|
fix filesystem associations
|
2005-11-01 15:45:00 +00:00 |
|
Chris PeBenito
|
7ac22585e3
|
tty and caps fixes
|
2005-11-01 15:34:00 +00:00 |
|
Chris PeBenito
|
0b12fa4bd0
|
more dbus cleanup
|
2005-11-01 15:19:48 +00:00 |
|
Chris PeBenito
|
dab808bde7
|
dbus obj class cleanup
|
2005-11-01 15:11:05 +00:00 |
|
Chris PeBenito
|
ce0ff19691
|
more of the same
|
2005-10-31 22:44:03 +00:00 |
|
Chris PeBenito
|
b422aa9b1e
|
initrc couldn't create/use its own pty!
|
2005-10-31 22:27:45 +00:00 |
|
Chris PeBenito
|
30910b37c6
|
more fixes
|
2005-10-31 22:19:16 +00:00 |
|
Don Miner
|
305106ebb9
|
Added a rule to allow dmidecode to use locallogin_t fd to make it so it works.
|
2005-10-31 21:45:42 +00:00 |
|
Chris PeBenito
|
aba9c7a3cf
|
add missing httpd_helper_t tty part
|
2005-10-31 20:58:44 +00:00 |
|
Chris PeBenito
|
9ca7e78a35
|
misc sediff fixes
|
2005-10-31 20:54:33 +00:00 |
|
Chris PeBenito
|
0500e01f2d
|
* fixes uncovered by sediff
* fix disable_trans support so the daemon can be both
init and inet services, and not get dup bool decl
|
2005-10-31 20:32:53 +00:00 |
|
Chris PeBenito
|
bea7b4548e
|
add missing tunable
|
2005-10-31 19:58:51 +00:00 |
|
Chris PeBenito
|
6ff85b5c84
|
fix perm set
|
2005-10-31 19:31:22 +00:00 |
|
Chris PeBenito
|
62841791a5
|
fixes uncovered by sediff
|
2005-10-31 14:55:34 +00:00 |
|
Chris PeBenito
|
f3936d3876
|
nicer te_trans conflict fix
|
2005-10-28 19:18:50 +00:00 |
|
Chris PeBenito
|
cac3eca0be
|
fix te_trans conflict
|
2005-10-28 19:13:54 +00:00 |
|
Chris PeBenito
|
dc8f17037b
|
fix up sendmail for targeted
|
2005-10-28 18:57:23 +00:00 |
|
Chris PeBenito
|
f1b0a8c55b
|
fix
|
2005-10-28 18:46:46 +00:00 |
|
Chris PeBenito
|
2d13f72977
|
take care of missing types
|
2005-10-28 18:38:04 +00:00 |
|
Chris PeBenito
|
375c241556
|
ssh updates for targeted
|
2005-10-28 18:13:44 +00:00 |
|
Chris PeBenito
|
f0f18e0734
|
typo
|
2005-10-28 15:12:23 +00:00 |
|
Chris PeBenito
|
495a7026d9
|
add missing range transition
|
2005-10-28 15:09:03 +00:00 |
|
Chris PeBenito
|
005a9aa6e2
|
initrc fixes
|
2005-10-28 14:34:26 +00:00 |
|
Chris PeBenito
|
7e1c14d1f6
|
fix quoting
|
2005-10-28 13:53:18 +00:00 |
|
Chris PeBenito
|
dd3544d1a5
|
fixes from testing
|
2005-10-28 13:33:25 +00:00 |
|
Chris PeBenito
|
f1baed733f
|
fix some /opt regexes
|
2005-10-27 18:32:16 +00:00 |
|
Chris PeBenito
|
08c22f4d17
|
more transition work
|
2005-10-27 15:16:42 +00:00 |
|
Chris PeBenito
|
b281bf6ed9
|
add some missing transitions from unconfined
|
2005-10-27 15:06:15 +00:00 |
|
Chris PeBenito
|
a525f293c3
|
sediff fixes
|
2005-10-27 14:52:37 +00:00 |
|
Chris PeBenito
|
fc6198ced0
|
fixes from sediff
|
2005-10-27 14:08:53 +00:00 |
|
Chris PeBenito
|
ce03837abe
|
rpc fixes from testing
|
2005-10-27 14:08:47 +00:00 |
|
Chris PeBenito
|
5abea9818a
|
fixes from testing
|
2005-10-27 13:37:36 +00:00 |
|
Chris PeBenito
|
4614e83fbb
|
more fixing
|
2005-10-26 21:03:19 +00:00 |
|
Don Miner
|
f13da83f99
|
Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail process would be able to start through init
|
2005-10-26 18:31:09 +00:00 |
|
Chris PeBenito
|
d1b9d9228b
|
another pile o fixes
|
2005-10-26 18:07:20 +00:00 |
|
Chris PeBenito
|
33acca55ce
|
pile o fixes
|
2005-10-26 16:00:13 +00:00 |
|
Chris PeBenito
|
f5e4f795b6
|
fix rpm transition
|
2005-10-26 13:51:33 +00:00 |
|
Chris PeBenito
|
e8d0a659c3
|
fixes from arpwatch testing
|
2005-10-25 20:27:08 +00:00 |
|
Chris PeBenito
|
7a6d427eae
|
a few more strays
|
2005-10-25 20:22:25 +00:00 |
|
Chris PeBenito
|
c3cf6693c7
|
try to fix associations
|
2005-10-25 20:06:27 +00:00 |
|
Chris PeBenito
|
b7e1825b68
|
privfd
|
2005-10-25 19:20:56 +00:00 |
|
Chris PeBenito
|
ccfd7b19cf
|
easy fixes
|
2005-10-25 19:03:15 +00:00 |
|
Chris PeBenito
|
2526a44dea
|
missing privloggers
|
2005-10-25 18:42:08 +00:00 |
|
Chris PeBenito
|
ee64ef496f
|
typo
|
2005-10-25 18:34:46 +00:00 |
|
Chris PeBenito
|
d49d524d53
|
initrc also uses nscd
|
2005-10-25 18:33:13 +00:00 |
|
Chris PeBenito
|
e11d2e3bfd
|
add missing nscd clients
|
2005-10-25 18:28:41 +00:00 |
|
Chris PeBenito
|
2aec1461b4
|
use our own interface to make maintenance easier
|
2005-10-25 18:13:47 +00:00 |
|
Chris PeBenito
|
7eec657c86
|
add default_t read back
|
2005-10-25 18:00:42 +00:00 |
|
Chris PeBenito
|
784a3bbcad
|
privhome implementation
|
2005-10-25 17:50:00 +00:00 |
|
Chris PeBenito
|
7b90f2db5a
|
testing fixes
|
2005-10-25 17:37:56 +00:00 |
|
Chris PeBenito
|
51f5c6a2ab
|
add dontaudit
|
2005-10-25 15:56:28 +00:00 |
|
Chris PeBenito
|
467602f5d5
|
system_chkpwd can winbind
|
2005-10-25 15:53:36 +00:00 |
|
Chris PeBenito
|
b0bdeb0392
|
syslog logs to itself?
|
2005-10-25 15:52:08 +00:00 |
|
Chris PeBenito
|
2c216c09a8
|
use the right interface
|
2005-10-25 15:41:38 +00:00 |
|
Chris PeBenito
|
9aca490302
|
some home dir fixes
|
2005-10-25 15:36:45 +00:00 |
|
Chris PeBenito
|
83e4512c33
|
fix up su
|
2005-10-25 14:31:53 +00:00 |
|
Chris PeBenito
|
60789e16d0
|
fixes
|
2005-10-25 02:51:07 +00:00 |
|
Chris PeBenito
|
28e730b8e2
|
module build fixes
|
2005-10-25 01:17:55 +00:00 |
|
Chris PeBenito
|
9dd50026a0
|
homedir fixes
|
2005-10-25 01:08:10 +00:00 |
|
Chris PeBenito
|
88dd389695
|
more postfix work
|
2005-10-25 00:00:50 +00:00 |
|
Don Miner
|
2192d4baa1
|
Moved the dbus stuff inbetween networkmanager and bind to the bind policy
|
2005-10-24 23:14:39 +00:00 |
|
Chris PeBenito
|
3df88de0ba
|
hide broken symptoms
|
2005-10-24 22:55:28 +00:00 |
|
Chris PeBenito
|
52e1edb35b
|
fix acct
|
2005-10-24 22:31:44 +00:00 |
|
Don Miner
|
d2c57395ab
|
Fixed an allow that should have been a dontaudit
|
2005-10-24 22:20:04 +00:00 |
|
Chris PeBenito
|
977b1d65f5
|
add nscd
|
2005-10-24 22:13:41 +00:00 |
|
Chris PeBenito
|
69dcd685ad
|
fix most disable_trans errors
|
2005-10-24 22:08:13 +00:00 |
|
Don Miner
|
f470a1e329
|
Added a rule to allow apache to read httpd_sys_content_t so that it can show html error messages
|
2005-10-24 22:01:08 +00:00 |
|
Don Miner
|
c11417c4df
|
Reduced the number of differences in amanda between the targeted and the refpolicy
|
2005-10-24 21:35:50 +00:00 |
|
Chris PeBenito
|
67167371a5
|
fix most of samba
|
2005-10-24 21:33:46 +00:00 |
|
Don Miner
|
bdfa8e72f0
|
Removed differences between refpolicy and targeted acct_t
|
2005-10-24 21:25:56 +00:00 |
|
Don Miner
|
9c4fcf666e
|
Removed differences between refpolicy and targeted NetworkManager_t
|
2005-10-24 21:25:02 +00:00 |
|
Chris PeBenito
|
7ebd6a9079
|
add proc_net lnk
|
2005-10-24 20:25:59 +00:00 |
|
Chris PeBenito
|
b4e1ebc1f0
|
hopefully fix su
|
2005-10-24 20:01:03 +00:00 |
|
Chris PeBenito
|
30705b6bc0
|
fixes
|
2005-10-24 19:50:21 +00:00 |
|
Chris PeBenito
|
9bbc757a76
|
more fix
|
2005-10-24 18:40:24 +00:00 |
|
Don Miner
|
0354e306b7
|
Fixed a problem which was allowing processes to become unconfined from initrc
|
2005-10-24 18:10:47 +00:00 |
|
Don Miner
|
dd57ca3454
|
Added rules to the bind policy for the named server so that it would start
|
2005-10-24 18:06:31 +00:00 |
|
Don Miner
|
57d8e6c7a3
|
Added signal permissions to postgres so it can start
|
2005-10-24 17:28:17 +00:00 |
|
Chris PeBenito
|
162dfc3395
|
corenet fixes
|
2005-10-24 17:06:34 +00:00 |
|
Chris PeBenito
|
e64b338b35
|
fix
|
2005-10-24 15:29:27 +00:00 |
|
Chris PeBenito
|
15fefa4958
|
remove bin policy and kern module assertions for now
|
2005-10-24 15:10:03 +00:00 |
|
Chris PeBenito
|
1480d3ad21
|
fix mls r_t
|
2005-10-24 14:22:13 +00:00 |
|
Chris PeBenito
|
34e722f3cd
|
more sediff
|
2005-10-24 14:15:29 +00:00 |
|
Don Miner
|
fa16f25281
|
Added rules to the smbd_t and the nmbd_t domains so that they would start properly
|
2005-10-24 12:45:16 +00:00 |
|
Chris PeBenito
|
1dd86c43cd
|
sediff fixes
|
2005-10-24 12:38:45 +00:00 |
|
Chris PeBenito
|
bb67633572
|
add initrc_su_t
|
2005-10-24 11:55:53 +00:00 |
|
Don Miner
|
3d37bca18f
|
Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start
|
2005-10-24 11:21:28 +00:00 |
|
Chris PeBenito
|
710791f1a4
|
more missing types
|
2005-10-24 03:52:35 +00:00 |
|
Chris PeBenito
|
19b5555f77
|
more fixes
|
2005-10-24 03:21:26 +00:00 |
|
Chris PeBenito
|
43989f82f8
|
add rpc
|
2005-10-24 01:53:13 +00:00 |
|
Chris PeBenito
|
2db2c7d099
|
fixes from sediff
|
2005-10-24 00:54:39 +00:00 |
|
Don Miner
|
f8964c04ba
|
Added a file context for httpd.pid so that it is correctly labeled
Added some rules to mysql to make it work
|
2005-10-24 00:23:12 +00:00 |
|
Chris PeBenito
|
f85544209a
|
nwmgr fixes
|
2005-10-23 22:46:06 +00:00 |
|
Chris PeBenito
|
ef5ca0fb79
|
add cups
|
2005-10-23 22:10:59 +00:00 |
|
Chris PeBenito
|
04926d07a8
|
add postfix
|
2005-10-23 20:18:36 +00:00 |
|
Chris PeBenito
|
f932d8e3cb
|
add spamassassin
|
2005-10-22 23:50:23 +00:00 |
|
Chris PeBenito
|
44fc06b0cb
|
add radius and amanda, which I forgot to ci
|
2005-10-22 22:51:01 +00:00 |
|
Chris PeBenito
|
230838e117
|
add pegasus
|
2005-10-22 21:55:39 +00:00 |
|
Chris PeBenito
|
a636210ef8
|
add dbskk
|
2005-10-22 21:18:03 +00:00 |
|
Chris PeBenito
|
ad3b9d76dc
|
add lpd
|
2005-10-22 21:09:03 +00:00 |
|
Chris PeBenito
|
ae1d9afb5b
|
simplify since alias take care of it
|
2005-10-22 20:06:51 +00:00 |
|
Chris PeBenito
|
10b1f324d5
|
add amanda
|
2005-10-22 19:58:58 +00:00 |
|
Chris PeBenito
|
239db5e20c
|
add networkmanager
|
2005-10-22 17:44:04 +00:00 |
|
Chris PeBenito
|
1f8a8bbbbd
|
more sediff fixes
|
2005-10-21 22:56:41 +00:00 |
|
Chris PeBenito
|
e6a2eaffdf
|
more fixes
|
2005-10-21 21:35:25 +00:00 |
|
Chris PeBenito
|
da4fc9ce2b
|
sediff fixes
|
2005-10-21 19:36:49 +00:00 |
|
Chris PeBenito
|
23a4442bf1
|
add xdm
|
2005-10-21 17:55:15 +00:00 |
|
Chris PeBenito
|
3509484c6f
|
add canna
|
2005-10-21 16:39:28 +00:00 |
|
Chris PeBenito
|
fe7b943240
|
fix
|
2005-10-21 16:19:26 +00:00 |
|
Chris PeBenito
|
ea557a85df
|
add cyrus
|
2005-10-21 16:18:11 +00:00 |
|
Chris PeBenito
|
29ce0009bc
|
add dovecot
|
2005-10-21 15:38:22 +00:00 |
|
Chris PeBenito
|
cf6141a72e
|
fix corenetwork generation and add distcc
|
2005-10-21 13:11:17 +00:00 |
|
Chris PeBenito
|
4e69c1c423
|
obj class typo for certs
|
2005-10-20 19:28:27 +00:00 |
|
Chris PeBenito
|
de764944d8
|
targeted policy fixes
|
2005-10-19 19:45:20 +00:00 |
|
Chris PeBenito
|
af4752bcb9
|
targeted and distro fixes for loadable modules
|
2005-10-19 16:44:24 +00:00 |
|
Chris PeBenito
|
0efe52ae99
|
fix last loadable module problems
|
2005-10-19 14:36:04 +00:00 |
|
Chris PeBenito
|
90c3ddefe3
|
fix requires
|
2005-10-19 13:11:49 +00:00 |
|
Chris PeBenito
|
12ae7557d3
|
piles of fixes for loadable modules
|
2005-10-18 18:25:33 +00:00 |
|
Chris PeBenito
|
c3812748c3
|
misc fixes
|
2005-10-18 15:07:11 +00:00 |
|
Chris PeBenito
|
c3a05c9f5a
|
fix error uncovered by sechecker
|
2005-10-17 20:00:20 +00:00 |
|
Chris PeBenito
|
e749cd12a6
|
wrap up almost all of apache
|
2005-10-17 17:55:38 +00:00 |
|
Chris PeBenito
|
e08118a52f
|
add ppp
|
2005-10-14 20:00:07 +00:00 |
|
Chris PeBenito
|
fe9d17fe14
|
more merging from 1.27.1-15
|
2005-10-14 18:42:42 +00:00 |
|
Chris PeBenito
|
d8636fc937
|
more merging from 1.27.1-15
|
2005-10-14 17:55:40 +00:00 |
|