Chris PeBenito
f508567646
trunk: 4 patches from dan.
2008-02-18 14:55:25 +00:00
Chris PeBenito
037fc0f4e6
trunk: label /proc/kallsyms with system_map_t.
2008-02-15 19:59:10 +00:00
Chris PeBenito
4f017813ab
trunk: fix pppd admin interface.
2008-02-14 16:03:24 +00:00
Chris PeBenito
6e7a1fc871
trunk: fix userdom_role_change_template() xml.
2008-02-13 20:26:18 +00:00
Chris PeBenito
f03433313a
trunk: labeled networking permission update from paul moore.
2008-02-12 14:46:29 +00:00
Chris PeBenito
8b9ffed517
trunk: add capability2 class, from Stephen Smalley.
2008-02-07 17:51:59 +00:00
Chris PeBenito
7a5e2d8a37
trunk: 12 patches from dan.
2008-02-07 16:37:47 +00:00
Chris PeBenito
12cf805e1c
trunk: add basic ubuntu support
2008-02-05 18:24:43 +00:00
Chris PeBenito
ce8a5299a8
trunk: 3 patches from dan.
2008-02-05 17:41:53 +00:00
Chris PeBenito
320ea98330
trunk: add 3rd party corenet interfaces for (secmark) packets.
2008-01-17 15:28:24 +00:00
Chris PeBenito
d4623f3d24
trunk: add setfcap capabiltiy, from Serge Hallyn.
2008-01-11 14:08:02 +00:00
Chris PeBenito
c8d4c38258
trunk: fix missing lo netif alias for standard and mcs configs.
2008-01-10 16:39:36 +00:00
Chris PeBenito
936f286c16
trunk: add mls constraints to dbus.
2008-01-03 20:37:25 +00:00
Chris PeBenito
9323a50bcc
trunk: add run_init domtrans to chk passwd.
2008-01-03 19:46:40 +00:00
Chris PeBenito
7cbfeb97cf
trunk: uncomment set loginuid for functional login programs under strict.
2008-01-03 18:30:45 +00:00
Chris PeBenito
f3da31d339
trunk: Labeled networking peer object class updates.
2008-01-03 16:20:01 +00:00
Chris PeBenito
f7925f25f7
trunk: bump module versions for release.
2007-12-14 14:23:18 +00:00
Chris PeBenito
1abafe3707
trunk: Patch for debian logrotate to handle syslogd-listfiles, from Vaclav Ovsik.
2007-12-12 16:18:50 +00:00
Chris PeBenito
02d968c581
trunk: several fc updates from dan.
2007-12-12 15:55:21 +00:00
Chris PeBenito
9f6e2db3ae
trunk: add openoffice locations in gentoo.
2007-12-10 15:59:01 +00:00
Chris PeBenito
dd9e1de35e
trunk: Improve several tunables descriptions from Dan Walsh.
2007-12-07 15:44:53 +00:00
Chris PeBenito
09e21686ea
trunk: another round of nsswitch from dan.
2007-12-06 16:04:14 +00:00
Chris PeBenito
74d920c3b5
trunk: add setrlimit to debian cron.
2007-12-06 14:35:44 +00:00
Chris PeBenito
5f63dd12a3
trunk: fix xconsole rw interface.
2007-12-04 15:11:53 +00:00
Chris PeBenito
c0cf6e0a6e
trunk: clean up nsswitch usage, from dan.
2007-12-04 15:05:55 +00:00
Chris PeBenito
08dccef215
trunk: add /dev symlink relabel since its not short circuited.
2007-11-30 15:56:48 +00:00
Chris PeBenito
f98cfb5a29
trunk: version bump for newrole fixes.
2007-11-28 20:20:49 +00:00
Chris PeBenito
c2b87f2af5
trunk: test fix 2 for newrole.
2007-11-28 19:06:07 +00:00
Chris PeBenito
6138d3da0e
trunk: test fix for newrole.
2007-11-28 18:39:47 +00:00
Chris PeBenito
1483be1fe5
trunk: handle early boot on debian, for /dev labeling.
2007-11-26 20:22:17 +00:00
Chris PeBenito
2f5c2f23da
trunk: remove duplicate init_system_domain() call for setfiles, from Vaclav Ovsik.
2007-11-26 19:32:51 +00:00
Chris PeBenito
0aa18d9fd5
trunk: version bumps for previous commit.
2007-11-26 16:46:38 +00:00
Chris PeBenito
0b6acad1bb
trunk: More complete labeled networking infrastructure from KaiGai Kohei.
2007-11-26 16:44:57 +00:00
Chris PeBenito
8d1f9d9e14
trunk: add missing tcp_socket rules for xfs.
2007-11-19 20:36:33 +00:00
Chris PeBenito
6ab634a512
trunk: fix dup specification for /var/spool/cups/*
2007-11-16 20:03:18 +00:00
Chris PeBenito
ccf6611bdd
trunk: add unconfined_run_to().
2007-11-16 19:50:34 +00:00
Chris PeBenito
013783b2b1
trunk: switch newrole and run_init over to use nsswitch.
2007-11-16 15:58:23 +00:00
Chris PeBenito
53da70cdaa
trunk: deprecate seutil_manage_selinux_config() in favor of correctly named seutil_manage_config().
2007-11-16 15:39:55 +00:00
Chris PeBenito
389ad7b48d
trunk: reorganize selinuxutil.
2007-11-16 15:39:09 +00:00
Chris PeBenito
eeef8dc451
trunk: Add interface for libselinux constructor, for libselinux-linked SELinux-enabled programs.
2007-11-16 14:58:17 +00:00
Chris PeBenito
226c06969c
trunk: 9 patches from dan.
2007-11-15 20:10:26 +00:00
Chris PeBenito
6c91189762
trunk: 8 patches from dan.
2007-11-15 16:54:18 +00:00
Chris PeBenito
2999cea1f2
trunk: remove duplicate specifiction for /usr/lib/devices on debian.
2007-11-14 20:12:44 +00:00
Chris PeBenito
9820351703
trunk: add in polmatch for default spd.
2007-11-14 15:53:18 +00:00
Chris PeBenito
bdccbacdd6
trunk: add labeled networking support to unconfined.
2007-11-14 14:38:45 +00:00
Chris PeBenito
a56055e362
trunk: rearrange the bottom of domain.if and fix domain_ipsec_labels().
2007-11-14 13:40:25 +00:00
Chris PeBenito
847937da7d
trunk: Patch to restructure user role templates to create restricted user roles from Dan Walsh.
2007-11-13 19:31:43 +00:00
Chris PeBenito
3b498a9105
trunk: add gentoo hal fc entry.
2007-11-12 14:17:39 +00:00
Chris PeBenito
4605adcba7
trunk: add postfixpolicyd from Jan-Frode Myklebust.
2007-11-07 20:17:44 +00:00
Chris PeBenito
eaed904cd5
trunk: 3 patches from dan.
2007-11-05 19:35:08 +00:00
Chris PeBenito
3ece11804e
trunk: fix init_ranged_system_domain range_transition object class, from james carter.
2007-10-29 22:09:53 +00:00
Chris PeBenito
7d4161cdc9
trunk: 3 patches from dan.
2007-10-29 22:08:34 +00:00
Chris PeBenito
495df41602
trunk: 11 patches from dan.
2007-10-29 18:35:32 +00:00
Chris PeBenito
bd973e3e68
trunk: remove unused types from dbus.
2007-10-26 18:04:38 +00:00
Chris PeBenito
8e2fb69f88
trunk: filesystem patch from dan.
2007-10-24 18:37:26 +00:00
Chris PeBenito
6bf8bf4f5c
trunk: add exim from dan.
2007-10-24 15:07:40 +00:00
Chris PeBenito
3c99e5989a
trunk: add /var/lib search for system bus template.
2007-10-22 15:53:31 +00:00
Chris PeBenito
2f27163c1b
trunk: 3 patches from dan.
2007-10-18 19:31:14 +00:00
Chris PeBenito
a334d2918f
trunk: add infrastructure for managing user web content.
2007-10-18 19:23:33 +00:00
Chris PeBenito
e83edee5d2
trunk: fix do not userspace commons in kernel version of av_permissions.h.
2007-10-16 19:05:27 +00:00
Chris PeBenito
32c05ccbcd
trunk: fix flask.py Flask class userspace dictionary usage.
2007-10-16 18:56:32 +00:00
Chris PeBenito
651df3ceb6
trunk: do not emit lines in the kernel version of av_inherit.h for commons that are only inherited by userspace object classes.
2007-10-16 18:30:23 +00:00
Chris PeBenito
3a9096d94f
trunk: do not emit S_(0, 0, 0) in kernel headers for userspace classes that inherit commons.
2007-10-16 16:02:51 +00:00
Chris PeBenito
36627094e8
trunk: fix unconditional call to nscd from usermanage run interfaces.
2007-10-15 18:16:00 +00:00
Chris PeBenito
a27d1c6e84
trunk: gdm is in /usr/sbin on rawhide machines, from Eamon Walsh.
2007-10-15 17:50:07 +00:00
Chris PeBenito
f48782758e
trunk: reorganize amanda and bind
2007-10-12 17:50:11 +00:00
Chris PeBenito
bc01b352f6
trunk: 2 patches from dan.
2007-10-12 17:35:56 +00:00
Chris PeBenito
cdf98fedc0
trunk: 10 patches from dan.
2007-10-11 18:12:29 +00:00
Chris PeBenito
ef659a476e
Deprecate some old file and dir permission set macros in favor of the newer, more consistently-named macros.
2007-10-09 17:29:48 +00:00
Chris PeBenito
81d4c88f8c
trunk: remove stale user_net_control reference in usernetctl.if.
2007-10-08 13:38:25 +00:00
Chris PeBenito
6c53a10e28
trunk: Patch to clean up unescaped periods in several file context entries from Jan-Frode Myklebust.
2007-10-05 18:00:55 +00:00
Chris PeBenito
12e9ea1ae3
trunk: module version bumps for previous commit.
2007-10-02 17:15:07 +00:00
Chris PeBenito
350b6ab767
trunk: merge strict and targeted policies. merge shlib_t into lib_t.
2007-10-02 16:04:50 +00:00
Chris PeBenito
3480f3f239
trunk: bump version numbers for release.
2007-09-28 13:58:24 +00:00
Chris PeBenito
aef93a760f
trunk: one-liner from Shintaro Fujiwara
2007-09-26 14:28:20 +00:00
Chris PeBenito
4ddc7ba539
trunk: xml doc one-liner from Stefan Schulze Frielinghaus.
2007-09-24 13:01:17 +00:00
Chris PeBenito
ff4085dacc
trunk: one-liner from Shintaro Fujiwara.
2007-09-18 19:49:35 +00:00
Chris PeBenito
6f49b490b8
trunk: Patch to add missing requirements in userdomain interfaces from Shintaro Fujiwara.
2007-09-17 18:04:35 +00:00
Chris PeBenito
0cf6df55e5
trunk: add awstats from Stefan Schulze Frielinghaus.
2007-09-17 17:25:40 +00:00
Chris PeBenito
8242f5a68d
trunk: add bitlbee from devin carraway and add tcpd_wrapped_domain().
2007-09-17 14:33:40 +00:00
Chris PeBenito
14add30d03
trunk: 3 patches from dan.
2007-09-12 14:53:39 +00:00
Chris PeBenito
134a799c75
trunk: 3 patches from dan.
2007-09-11 19:24:32 +00:00
Chris PeBenito
8a9d6f6449
trunk: 6 patches from dan.
2007-09-07 13:41:20 +00:00
Chris PeBenito
abc89340c4
trunk: two tiny patches from Stefan Schulze Frielinghaus
2007-09-06 19:29:54 +00:00
Chris PeBenito
72f82c47c2
trunk: six patches from dan.
2007-09-06 18:34:40 +00:00
Chris PeBenito
8241b538af
trunk: udev update and brctl module from dan.
2007-09-05 17:55:57 +00:00
Chris PeBenito
016e5c5cdc
trunk: 4 patches from dan.
2007-09-05 14:48:21 +00:00
Chris PeBenito
0a0b8078ca
trunk: 5 patches from dan.
2007-09-04 18:57:58 +00:00
Chris PeBenito
ce2c80f3c6
trunk: make coda nfs_t, ticket #39 .
2007-09-04 13:38:39 +00:00
Chris PeBenito
4922765ec6
trunk: fix certwatch_run() interface, which had a typo in the name.
2007-08-30 15:01:48 +00:00
Chris PeBenito
6dd721a686
trunk: 7 patches from dan, slocate, games, amavis, radius, sendmail, rshd, logrotate.
2007-08-27 17:57:36 +00:00
Chris PeBenito
a2f444884b
trunk: patch to allow sendmail to read ssl/tls certificates from Stefan Schulze Frielinghaus.
2007-08-27 17:00:18 +00:00
Chris PeBenito
752ddf588f
trunk: add missing commas in can_exec in daemontools that worked by luck.
2007-08-24 15:55:06 +00:00
Chris PeBenito
d62c0881e2
Update MLS constraints from LSPP evaluated policy.
2007-08-24 14:14:29 +00:00
Chris PeBenito
2af7b42a06
trunk: switch daemons from inheriting from all levels to initrc_t sharing to all levels.
2007-08-22 20:21:52 +00:00
Chris PeBenito
8d2c34195e
trunk: updates from dan on 9 modules
2007-08-22 20:02:41 +00:00
Chris PeBenito
80d5e02c81
trunk: Files and radvd updates from Stefan Schulze Frielinghaus.
2007-08-21 19:03:34 +00:00
Chris PeBenito
1779bef032
trunk: fix gdm xsession scripts on redhat machines.
2007-08-20 18:54:29 +00:00
Chris PeBenito
f8233ab7b0
trunk: Deprecate mls_file_write_down() and mls_file_read_up(), replaced with mls_write_all_levels() and mls_read_all_levels(), for consistency.
2007-08-20 18:26:08 +00:00
Chris PeBenito
2d0c9cecaf
trunk: several MLS enhancements.
2007-08-20 15:15:03 +00:00
Chris PeBenito
9760cbec2d
trunk: Database userspace object manager classes from KaiGai Kohei.
2007-08-09 13:15:07 +00:00
Chris PeBenito
3d6e962dfa
trunk: filesystem patch from dan
2007-08-08 20:04:28 +00:00
Chris PeBenito
939a4287b3
trunk: 3 patches from dan
2007-08-07 17:06:32 +00:00
Chris PeBenito
c040ea12b2
trunk: several support macro fixes.
2007-07-31 15:11:22 +00:00
Chris PeBenito
371d11ec04
trunk: add 3rd party interface for apache cgi.
2007-07-26 19:48:40 +00:00
Chris PeBenito
63acaf59d7
trunk: fix pipe permission set in domtrans_pattern().
2007-07-26 19:41:15 +00:00
Chris PeBenito
924f3cc2cb
trunk: add getserv and shmemserv nscd permissions.
2007-07-24 19:52:18 +00:00
Chris PeBenito
708aab1393
trunk: fix targeted sshd. When the domain was unaliased from unconfined_t, a transition to unconfined_t was not added.
2007-07-20 18:25:26 +00:00
Chris PeBenito
d46cfe45cd
trunk: add application module
2007-07-19 18:57:48 +00:00
Chris PeBenito
6929521e0a
trunk: fix missed netlabel deprecation
2007-07-19 15:11:19 +00:00
Chris PeBenito
f80a0e4f25
trunk: Add debian apcupsd binary location, from Stefan Schulze Frielinghaus.
2007-07-02 15:25:46 +00:00
Chris PeBenito
116c1da330
trunk: update module version numbers for release.
2007-06-29 14:48:13 +00:00
Chris PeBenito
113b4fc4a2
Fix incorrectly named files_lib_filetrans_shared_lib() interface in the libraries module.
2007-06-28 17:25:46 +00:00
Chris PeBenito
e5e55ace89
trunk, strict-targeted-merge: add mmap_zero to xserver domains.
2007-06-28 12:34:08 +00:00
Chris PeBenito
f5842c1fa5
trunk: minor amanda update from dan
2007-06-27 19:19:20 +00:00
Chris PeBenito
7b61fe506d
trunk: add rpcbind from dan
2007-06-27 16:31:55 +00:00
Chris PeBenito
1900668638
trunk: Unified labeled networking policy from Paul Moore.
...
The latest revision of the labeled policy patches which enable both labeled
and unlabeled policy support for NetLabel. This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access. The older, transport layer specific interfaces, are still
present for use by third-party modules but are not used in the default policy
modules.
trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.
This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
2007-06-27 15:23:21 +00:00
Chris PeBenito
2c3ac47d45
trunk: pyzor and clamav updates from dan
2007-06-26 18:43:11 +00:00
Chris PeBenito
22bff65f4d
trunk: fix typo in vmware.fc
2007-06-26 14:31:31 +00:00
Chris PeBenito
02f2c3e979
trunk: nagios update from dan
2007-06-21 17:23:19 +00:00
Chris PeBenito
a90a256f64
trunk: procmail tweak from dan.
2007-06-21 14:54:34 +00:00
Chris PeBenito
7f089782ae
trunk: xen updates from dan
2007-06-21 13:36:05 +00:00
Chris PeBenito
92d1ade254
trunk: trivial gentoo tweaks
2007-06-20 20:08:26 +00:00
Chris PeBenito
5bf9deb5bb
trunk: 3 patches from dan
2007-06-20 19:47:10 +00:00
Chris PeBenito
99b5a56cb6
trunk: radius one-liner from dan
2007-06-20 15:03:55 +00:00
Chris PeBenito
40df56772f
trunk: big samba update from dan
2007-06-19 19:11:35 +00:00
Chris PeBenito
788d88c923
trunk: drop snmpd_etc_t.
2007-06-19 17:39:35 +00:00
Chris PeBenito
6c8aba7b31
trunk: confine sendmail and logrotate on targeted
2007-06-19 17:01:39 +00:00
Chris PeBenito
cb10a2d5bf
trunk: Tunable connection to postgresql for users from KaiGai Kohei.
2007-06-19 14:30:06 +00:00
Chris PeBenito
41337aa8b9
Memprotect support patch from Stephen Smalley.
2007-06-19 13:02:26 +00:00
Chris PeBenito
d139413c64
trunk: 2 patches from dan
2007-06-13 13:54:56 +00:00
Chris PeBenito
a74d1ad7cd
trunk: add amtu from dan
2007-06-12 18:58:36 +00:00
Chris PeBenito
d5b81a81ff
trunk: Add logging_send_audit_msgs() interface and deprecate send_audit_msgs_pattern().
2007-06-12 18:46:14 +00:00
Chris PeBenito
262def165a
trunk: version bumps for previous commit.
2007-06-12 13:08:19 +00:00
Chris PeBenito
f7101c5430
trunk: 7 simple patches from dan.
2007-06-12 13:06:13 +00:00
Chris PeBenito
6649aec9d0
trunk: 3 patches from dan
2007-06-11 15:43:37 +00:00
Chris PeBenito
d534d35a7e
trunk: 5 patches from dan
2007-06-11 15:01:10 +00:00
Chris PeBenito
f6a590d7b4
six simple patches from dan
2007-06-11 14:09:09 +00:00
Chris PeBenito
7782966db1
add fc entry for make_reiser4
2007-06-08 20:01:34 +00:00
Chris PeBenito
17b9cb7dda
trunk: fix line in evolution to be strict-only; was being covered up by genhomedircon.
2007-05-22 17:01:38 +00:00
Chris PeBenito
a39a931362
trunk: snmp tweak from dan
2007-05-15 18:06:31 +00:00
Chris PeBenito
c412be6bef
trunk: remaining pieces for apcupsd module
2007-05-15 15:43:00 +00:00
Chris PeBenito
38d0cf1b8a
trunk: long overdue cleanup from when range_transitions were only in the base module
2007-05-14 15:35:47 +00:00
Chris PeBenito
762d2cb989
merge restorecon into setfiles
2007-05-11 17:10:43 +00:00
Chris PeBenito
12217cc286
Patch to begin separating out hald helper programs from Dan Walsh.
2007-05-07 17:57:48 +00:00
Chris PeBenito
78f17e6d6c
add apcupsd from dan
2007-05-07 14:55:54 +00:00
Chris PeBenito
b129e2001c
Fixes for squid, dovecot, and snmp from Dan Walsh.
2007-05-07 13:45:17 +00:00
Chris PeBenito
4967aaa320
Miscellaneous consolekit fixes from Dan Walsh.
2007-05-03 14:15:38 +00:00
Chris PeBenito
0ef5d66468
textrel lib update from dan
2007-05-03 13:43:44 +00:00
Chris PeBenito
7f819d806d
add missing rename_dir_perms
2007-05-03 13:15:48 +00:00