Daniel J Walsh
867473ac62
- Add kdump policy for Miroslav Grepl
...
- Turn off execstack boolean
2009-08-10 18:22:10 +00:00
Bill Nottingham
ac7bbfa65a
- Turn on execstack on a temporary basis ( #512845 )
2009-08-07 19:36:54 +00:00
Daniel J Walsh
9160520a0e
- Allow certmaster to override dac permissions
2009-07-27 22:09:57 +00:00
Daniel J Walsh
d982e7e091
- Fixes for podsleuth
2009-04-18 12:13:36 +00:00
Daniel J Walsh
1d1c058a4e
- Add git web policy
2009-02-10 16:08:36 +00:00
Daniel J Walsh
6a09cfb688
- Allow hal/pm-utils to look at /var/run/video.rom
...
- Add ulogd policy
2008-11-05 18:26:36 +00:00
Daniel J Walsh
d8e5d05b6e
- Allow openoffice execstack/execmem privs
2008-10-28 20:06:14 +00:00
Daniel J Walsh
4450ddb039
- Fixes for logrotate, alsa
2008-07-30 13:44:15 +00:00
Daniel J Walsh
fbea0df606
add init_upstart boolean
2008-05-19 17:48:06 +00:00
Daniel J Walsh
2d8ff5157a
- Remove old booleans from targeted-booleans.conf file
2008-04-28 21:24:59 +00:00
Daniel J Walsh
5a576e06f0
- Allow passwd to communicate with user sockets to change gnome-keyring
2008-04-08 19:17:28 +00:00
Daniel J Walsh
27943de6a0
- Allow radvd to use fifo_file
...
- dontaudit setfiles reading links
- allow semanage sys_resource
- add allow_httpd_mod_auth_ntlm_winbind boolean
- Allow privhome apps including dovecot read on nfs and cifs home dirs if
the boolean is set
2008-04-05 10:39:06 +00:00
Daniel J Walsh
b7229ad8bb
- Prepare policy for beta release
...
- Change some of the system domains back to unconfined
- Turn on some of the booleans
2008-02-28 05:01:51 +00:00
Daniel J Walsh
8d4af9d064
- Fixes from yum-cron
...
- Update to latest upstream
2008-02-20 22:44:00 +00:00
Daniel J Walsh
7c2be34d14
- Allow usertypes to read/write noxattr file systems
2008-01-28 16:48:49 +00:00
Daniel J Walsh
7330e86b90
- Update to upstream
2007-11-10 14:14:41 +00:00
Daniel J Walsh
cd8aa3b448
- Update to upstream
2007-10-24 19:31:28 +00:00
Daniel J Walsh
d50690ad8f
- Update to upstream
2007-10-24 03:29:53 +00:00
Daniel J Walsh
fa0d1c8884
- Update to upstream
2007-10-23 23:13:09 +00:00
Daniel J Walsh
8fd9df6414
- Remove homedir_template
2007-10-05 19:47:10 +00:00
Daniel J Walsh
922f646a26
- Remove homedir_template
2007-10-05 11:43:46 +00:00
Daniel J Walsh
0f8f545d1a
- Fix prelink to handle execmod
2007-07-24 14:39:01 +00:00
Daniel J Walsh
a4ec9b75e1
- Remove ifdef strict policy from upstream
2007-06-22 19:21:00 +00:00
Daniel J Walsh
057603fbda
- Update to latest from upstream
2007-05-07 18:07:26 +00:00
Daniel J Walsh
cc1be2260f
- Revert Nemiver change
...
- Set sudo as a corecmd so prelink will work, remove sudoedit mapping,
since this will not work, it does not transition.
- Allow samba to execute useradd
2007-02-23 15:35:01 +00:00
Daniel J Walsh
1a24735d8f
- Fix file context for nemiver
2007-02-15 00:19:30 +00:00
Daniel J Walsh
a384d73899
- Allow prelink when run from rpm to create tmp files Resolves : #221865
...
- Remove file_context for exportfs Resolves : #221181
- Allow spamassassin to create ~/.spamassissin Resolves : #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves : #200110
2007-01-09 15:24:41 +00:00
Daniel J Walsh
6157a7e6e4
- More fixes for MLS
2006-12-11 12:35:45 +00:00
Daniel J Walsh
06b64f8c21
- Allow xen to connect to xen port
2006-11-10 20:37:08 +00:00
Daniel J Walsh
d095a0e65b
- Add perms for swat
2006-11-01 00:09:08 +00:00
Daniel J Walsh
6b97615edf
- Allow daemons to dump core files to /
2006-10-30 21:18:40 +00:00
Daniel J Walsh
201e1d333f
- Fix dovecot, amanda
2006-09-27 19:49:43 +00:00
Daniel J Walsh
861af1c0df
- Add tty access to all domains boolean
...
- Fix gnome-pty-helper context for ia64
2006-09-13 12:00:21 +00:00
Daniel J Walsh
543bc335c1
- Change allow_execstack to default to on, for RHEL5 Beta. This is required
...
because of a Java compiler problem. Hope to turn off for next beta
2006-08-11 15:39:50 +00:00
Daniel J Walsh
c7b7392126
- add boolean to allow zebra to write config files
2006-07-19 20:06:35 +00:00
Daniel J Walsh
31c47be0fe
- setroubleshootd fixes
2006-07-19 18:39:31 +00:00
Daniel J Walsh
d819090e1f
- Multiple fixes
2006-07-12 02:50:30 +00:00
Daniel J Walsh
8bee3a4a58
- Update to upstream
2006-07-09 09:51:33 +00:00
Daniel J Walsh
2616c66ff4
- Update to upstream
2006-06-13 18:26:00 +00:00
Daniel J Walsh
c54f60d6ea
- Update from upstream
2006-06-09 02:55:43 +00:00
Daniel J Walsh
43fe713171
- Update to upstream
2006-05-28 10:56:26 +00:00
Daniel J Walsh
89e397d026
- Turn off allow_execmem boolean
...
- Allow ftp dac_override when allowed to access users homedirs
2006-05-12 02:39:30 +00:00
Daniel J Walsh
5ff36d645b
- Update to latest from upstream
...
- Allow selinux-policy to be removed and kernel not to crash
2006-04-19 17:37:38 +00:00
Daniel J Walsh
67bc5ebb6c
- More textrel_shlib_t file path fixes
...
- Add ada support
2006-04-06 19:08:54 +00:00
Daniel J Walsh
6e9bcb4a8d
*** empty log message ***
2006-02-19 12:17:15 +00:00
Daniel J Walsh
7171df22fe
- Turn back on execmem since we need it for java, firefox, ooffice
2005-12-12 20:59:35 +00:00
Daniel J Walsh
d4da533c32
- Update to upstream
...
- Turn off allow_execmem and allow_execmod booleans
- Add tcpd and automount policies
2005-12-10 05:19:29 +00:00
Daniel J Walsh
e1ccb6fe66
- Add two new httpd booleans, turned off by default
...
httpd_can_network_relay
httpd_can_network_connect_db
2005-12-09 20:59:20 +00:00
Daniel J Walsh
6f5a3bc6a7
- Update to upstream
...
- Turn off boolean allow_execstack
2005-12-08 21:56:50 +00:00
Daniel J Walsh
e568731790
- Update to upstream
2005-11-21 21:49:31 +00:00