Commit Graph

89 Commits

Author SHA1 Message Date
Chris PeBenito
7f089782ae trunk: xen updates from dan 2007-06-21 13:36:05 +00:00
Chris PeBenito
92d1ade254 trunk: trivial gentoo tweaks 2007-06-20 20:08:26 +00:00
Chris PeBenito
cb10a2d5bf trunk: Tunable connection to postgresql for users from KaiGai Kohei. 2007-06-19 14:30:06 +00:00
Chris PeBenito
d5b81a81ff trunk: Add logging_send_audit_msgs() interface and deprecate send_audit_msgs_pattern(). 2007-06-12 18:46:14 +00:00
Chris PeBenito
6649aec9d0 trunk: 3 patches from dan 2007-06-11 15:43:37 +00:00
Chris PeBenito
d534d35a7e trunk: 5 patches from dan 2007-06-11 15:01:10 +00:00
Chris PeBenito
7782966db1 add fc entry for make_reiser4 2007-06-08 20:01:34 +00:00
Chris PeBenito
38d0cf1b8a trunk: long overdue cleanup from when range_transitions were only in the base module 2007-05-14 15:35:47 +00:00
Chris PeBenito
762d2cb989 merge restorecon into setfiles 2007-05-11 17:10:43 +00:00
Chris PeBenito
0ef5d66468 textrel lib update from dan 2007-05-03 13:43:44 +00:00
Chris PeBenito
882186c933 - Patch to allow insmod to mount kvmfs and dontaudit rw unconfined_t pipes
to handle usage from userhelper.
2007-05-02 17:31:38 +00:00
Chris PeBenito
d28e528b0d Fixes for RHEL4 from the CLIP project. 2007-04-27 15:08:15 +00:00
Chris PeBenito
b4dfdc7d30 Move program admin template usage out of userdom_admin_user_template() to sysadm policy in userdomain.te to fix usage of the template for third parties. 2007-04-19 14:30:57 +00:00
Chris PeBenito
0251df3e39 bump module versions for release 2007-04-17 13:28:09 +00:00
Chris PeBenito
697489040e 5 patches from dan. confine insmod and udev on targeted, misc fc fixes, sasl kerberos use, and samba port fixes 2007-04-11 17:56:03 +00:00
Chris PeBenito
82e284bb89 last piece of dan's previous patch 2007-04-11 13:31:10 +00:00
Chris PeBenito
19b2dee3cc confine ldconfig in targeted, from dan 2007-04-10 19:39:22 +00:00
Chris PeBenito
98faba122c gentoo /lib can be a symlink on x86-64 systems 2007-04-02 13:33:18 +00:00
Chris PeBenito
a26923c32e Two patches from Paul Moore to for ipsec to remove redundant rules and have setkey read the config file. 2007-03-28 18:47:45 +00:00
Chris PeBenito
9e8f65c83e six trivial patches from dan for iptables, netutils, ipsec, devices, filesystem and cpuspeed 2007-03-26 20:47:29 +00:00
Chris PeBenito
56e1b3d207 - Move booleans and tunables to modules when it is only used in a single
module.
- Add support for tunables and booleans local to a module.
2007-03-26 18:41:45 +00:00
Chris PeBenito
8021cb4f63 Merge sbin_t and ls_exec_t into bin_t. 2007-03-23 23:24:59 +00:00
Chris PeBenito
ab514d6a89 remove disable_trans booleans 2007-03-23 21:01:49 +00:00
Chris PeBenito
5f5b7a1ec6 network fix from dan 2007-03-22 14:33:00 +00:00
Chris PeBenito
cc9130b90a one-liner from dan 2007-03-22 14:01:55 +00:00
Chris PeBenito
a5f5eba459 Add dontaudits for init fds and console to init_daemon_domain(). 2007-03-20 18:47:18 +00:00
Chris PeBenito
c224d91c7b from Dan:
This is a new policy for the User Switching capability coming in gnome.

consolekit is a daemon that communicates with xdm_t and hal through dbus to change the
ownership/access on certain devices when the login session changes from one user to another
2007-03-19 18:01:15 +00:00
Chris PeBenito
c5561c777d patches for lvm and ricci fixes from Dan Walsh. 2007-03-06 15:35:02 +00:00
Chris PeBenito
ecc98e19e3 patches for file contexts in networkmanager, miscfiles, corecommands, devices, and java from Dan Walsh. 2007-03-01 15:43:39 +00:00
Chris PeBenito
ca448bd66c add init_exec() to init_telinit(). 2007-02-26 20:19:53 +00:00
Chris PeBenito
5c45eaede1 On Tue, 2007-02-20 at 12:28 -0500, Daniel J Walsh wrote:
> audit needs fsetid
> 
> syslog needs to be able to create a tcp_socket for off machine logging.
2007-02-23 20:19:29 +00:00
Chris PeBenito
6b19be3360 patch from dan, Thu, 2007-01-25 at 08:12 -0500 2007-02-16 23:01:42 +00:00
Chris PeBenito
42c5c5f612 bump versions for release. 2006-12-12 21:22:47 +00:00
Chris PeBenito
c0868a7a3b merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
Chris PeBenito
d6d16b9796 patch from dan Wed, 29 Nov 2006 17:06:40 -0500 2006-12-04 20:10:56 +00:00
Chris PeBenito
563e58e863 patch from dan for some missing gen_require()s 2006-11-29 13:44:40 +00:00
Chris PeBenito
c6a60bb28d On Tue, 2006-11-07 at 16:51 -0500, James Antill wrote:
> Here is the policy changes needed for the context contains security
> checking in PAM and cron.
2006-11-14 13:38:52 +00:00
Chris PeBenito
ed38ca9f3d fixes from gentoo strict testing:
- Allow semanage to read from /root on strict non-MLS for
  local policy modules.
- Gentoo init script fixes for udev.
- Allow udev to read kernel modules.inputmap.
- Dnsmasq fixes from testing.
- Allow kernel NFS server to getattr filesystems so df can work
  on clients.
2006-11-13 03:24:07 +00:00
Chris PeBenito
0f9a2be65d add missing gentoo file contexts for initrc and lvm 2006-11-07 19:38:10 +00:00
Chris PeBenito
d9845ae92a patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
Chris PeBenito
582438054d fix up corecommands perm sets, add seutil_manage_config_dirs() 2006-10-27 13:55:35 +00:00
Chris PeBenito
d5ae683e2b add seutil_rw_config() 2006-10-25 20:48:04 +00:00
Chris PeBenito
a8671ae5b2 enhanced setransd support from darrel goeddel 2006-10-20 14:44:23 +00:00
Chris PeBenito
a52b4d4f23 bump versions to release numbers 2006-10-18 19:25:27 +00:00
Chris PeBenito
b04eccd87b fix duplicate /usr/bin/mplayer fc match for targeted 2006-10-18 17:31:14 +00:00
Chris PeBenito
130f8a4aa5 merge netlabel stuff from labeled-networking branch 2006-10-17 16:58:17 +00:00
Chris PeBenito
aeaae5185e fix ticket #16 2006-10-16 16:51:57 +00:00
Chris PeBenito
e45324d1ee gentoo integrated run_init rules in wrong build option. 2006-10-15 00:23:06 +00:00
Chris PeBenito
009b377174 more realplayer entries 2006-10-14 23:31:33 +00:00
Chris PeBenito
14b1684aae gentoo testing fixes. 2006-10-13 21:44:02 +00:00