Commit Graph

764 Commits

Author SHA1 Message Date
Daniel J Walsh
2fdb5fd7c6 - fix squid
- Fix rpm running as uid
2007-07-02 01:58:41 +00:00
Daniel J Walsh
b786a2b04a - Fix syslog declaration 2007-06-27 19:48:33 +00:00
Daniel J Walsh
7f44213c00 - Allow avahi to access inotify
- Remove a lot of bogus security_t:filesystem avcs
2007-06-27 18:12:03 +00:00
Daniel J Walsh
269acb5ee8 - Remove ifdef strict policy from upstream 2007-06-26 12:09:30 +00:00
Daniel J Walsh
a4ec9b75e1 - Remove ifdef strict policy from upstream 2007-06-22 19:21:00 +00:00
Daniel J Walsh
56187c2f8a - Remove ifdef strict policy from upstream 2007-05-31 18:40:35 +00:00
Daniel J Walsh
bdb830255c - Fix for amands
- Allow semanage to read pp files
- Allow rhgb to read xdm_xserver_tmp
2007-05-23 18:35:37 +00:00
Daniel J Walsh
346d2dccfd 2007-05-21 18:54:40 +00:00
Daniel J Walsh
9ffb88eba3 - allow alsactl to read kernel state 2007-05-17 17:16:26 +00:00
Daniel J Walsh
fc35770056 - More fixes for alsactl
- Transition from hal and modutils
- Fixes for suspend resume.
- insmod domtrans to alsactl
- insmod writes to hal log
2007-05-16 22:13:23 +00:00
Daniel J Walsh
88c8465c87 - More fixes for alsactl 2007-05-16 21:48:52 +00:00
Daniel J Walsh
cf806ebda9 - Fixes for suspend resume.
- insmod domtrans to alsactl
- insmod writes to hal log
2007-05-16 21:09:41 +00:00
Daniel J Walsh
7c3dcb3584 - Allow unconfined_t to transition to NetworkManager_t
- Fix netlabel policy
2007-05-16 19:31:34 +00:00
Daniel J Walsh
810e69636e - Update to latest from upstream 2007-05-14 19:54:57 +00:00
Daniel J Walsh
8cd496f1d6 - Update to latest from upstream 2007-05-14 18:10:58 +00:00
Daniel J Walsh
057603fbda - Update to latest from upstream 2007-05-07 18:07:26 +00:00
Daniel J Walsh
daa6abe9e1 - Update to latest from upstream 2007-05-04 17:30:10 +00:00
Daniel J Walsh
a615d5b893 - Update to latest from upstream 2007-05-02 02:53:14 +00:00
Daniel J Walsh
8fea836859 - Update to latest from upstream 2007-05-01 20:53:29 +00:00
Daniel J Walsh
6821c3df97 - 2007-04-27 17:23:49 +00:00
Daniel J Walsh
77d25ebf92 - Fixes for unix_update
- Fix logwatch to be able to search all dirs
2007-04-25 18:31:32 +00:00
Daniel J Walsh
8396b2dbd2 - Upstream bumped the version 2007-04-23 17:00:48 +00:00
Daniel J Walsh
61947fac0a - Allow consolekit to syslog
- Allow ntfs to work with hal
2007-04-20 20:13:07 +00:00
Daniel J Walsh
2db3c1e86a - Allow iptbales to read etc_runtime_t 2007-04-19 18:24:08 +00:00
Daniel J Walsh
4661767044 - MLS Fixes 2007-04-19 13:58:54 +00:00
Daniel J Walsh
53b22295eb - MLS Fixes 2007-04-19 13:40:31 +00:00
Daniel J Walsh
883a0252b0 - Fix path of /etc/lvm/cache directory
- Fixes for alsactl and pppd_t
- Fixes for consolekit
2007-04-18 21:00:52 +00:00
Daniel J Walsh
ab59becfc6 - Fixes for alsactl and pppd_t 2007-04-18 20:50:02 +00:00
Daniel J Walsh
32b18f8ae9 - Fixes for consolekit 2007-04-18 20:45:20 +00:00
Daniel J Walsh
7671cee047 - Allow insmod_t to mount kvmfs_t filesystems 2007-04-17 20:42:32 +00:00
Daniel J Walsh
9fc00bcbda - Rwho policy
- Fixes for consolekit
2007-04-17 19:28:14 +00:00
Daniel J Walsh
e6f3cfbe2d - fixes for fusefs 2007-04-16 17:11:45 +00:00
Daniel J Walsh
8c912ab526 - Fix samba_net to allow it to view samba_var_t 2007-04-12 21:09:34 +00:00
Daniel J Walsh
a3b1a2c522 - Update to upstream 2007-04-11 20:55:28 +00:00
Daniel J Walsh
5d5caebf83 - Fix Sonypic backlight
- Allow snmp to look at squid_conf_t
2007-04-10 15:20:50 +00:00
Daniel J Walsh
7f1bd869ee - Fixes for pyzor, cyrus, consoletype on everything installs 2007-04-09 20:47:56 +00:00
Daniel J Walsh
0b3279dee5 - Fix hald_acl_t to be able to getattr/setattr on usb devices
- Dontaudit write to unconfined_pipes for load_policy
2007-04-09 18:36:06 +00:00
Daniel J Walsh
21029bf045 - Allow bluetooth to read inotifyfs 2007-04-07 11:35:20 +00:00
Daniel J Walsh
e6b9e29195 - Fixes for samba domain controller.
- Allow ConsoleKit to look at ttys
2007-04-04 20:46:07 +00:00
Daniel J Walsh
f9f9ddcde1 - Fix interface call 2007-04-04 19:44:58 +00:00
Daniel J Walsh
89d3de7112 - Allow syslog-ng to read /var
- Allow locate to getattr on all filesystems
- nscd needs setcap
2007-04-03 19:25:58 +00:00
Daniel J Walsh
2528fa0969 - Update to upstream 2007-04-02 21:06:47 +00:00
Daniel J Walsh
8e5289e20b - Update to upstream 2007-04-02 19:53:16 +00:00
Daniel J Walsh
ce7f30a258 - Update to upstream 2007-04-02 15:17:45 +00:00
Daniel J Walsh
f040ac5fd3 - Allow samba to run groupadd 2007-03-23 15:42:50 +00:00
Daniel J Walsh
f634733f95 - Update to upstream 2007-03-23 14:32:31 +00:00
Daniel J Walsh
281f5f5a50 - Fix labeling on udev.tbl dirs 2007-03-22 10:40:53 +00:00
Daniel J Walsh
552645bad0 - Fixes for logwatch 2007-03-21 03:39:06 +00:00
Daniel J Walsh
593fb16ef5 - Add fusermount and mount_ntfs policy 2007-03-20 20:45:45 +00:00
Daniel J Walsh
9d59ec430e - Update to upstream
- Allow saslauthd to use kerberos keytabs
2007-03-20 16:22:25 +00:00
Daniel J Walsh
d3aabaedb4 2007-03-20 15:01:28 +00:00
Daniel J Walsh
741e816e8e - Fixes for samba_var_t 2007-03-19 19:33:06 +00:00
Daniel J Walsh
db4f0ec7b9 - Remove disable_trans booleans
- hald_acl_t needs to talk to nscd
2007-03-19 14:51:28 +00:00
Daniel J Walsh
2823e28d58 - Remove enable_audit booleans
- hald_acl_t needs to talk to nscd
2007-03-19 14:42:08 +00:00
Daniel J Walsh
2f82eed685 - Fix prelink to be able to manage usr dirs. 2007-03-16 03:14:13 +00:00
Daniel J Walsh
9468a641a6 - Allow insmod to launch init scripts 2007-03-14 12:48:09 +00:00
Daniel J Walsh
271752a5ca - Remove setsebool policy 2007-03-13 17:46:34 +00:00
Daniel J Walsh
bdb7f99f00 - Fix handling of unlabled_t packets 2007-03-12 14:51:29 +00:00
Daniel J Walsh
2a9b648b37 - More of my patches from upstream 2007-03-11 05:19:36 +00:00
Daniel J Walsh
1fed4c745c - Update to latest from upstream
- Add fail2ban policy
2007-03-01 21:57:47 +00:00
Daniel J Walsh
9a8202d585 - Update to latest from upstream
- Add fail2ban policy
2007-03-01 16:30:20 +00:00
Daniel J Walsh
5ad70cf38c - Update to remove security_t:filesystem getattr problems 2007-02-28 21:23:19 +00:00
Daniel J Walsh
13893ed688 - Policy for consolekit 2007-02-27 18:34:08 +00:00
Daniel J Walsh
af8af9caee 2007-02-26 15:06:22 +00:00
Daniel J Walsh
cc1be2260f - Revert Nemiver change
- Set sudo as a corecmd so prelink will work, remove sudoedit mapping,
    since this will not work, it does not transition.
- Allow samba to execute useradd
2007-02-23 15:35:01 +00:00
Daniel J Walsh
b0861172ab - Add sepolgen support
- Add bugzilla policy
2007-02-20 21:37:52 +00:00
Daniel J Walsh
b7da3b9e3e - Add sepolgen support
- Add bugzilla policy
2007-02-20 17:35:59 +00:00
Daniel J Walsh
2fa5bb00e9 - Add sepolgen support
- Add bugzilla policy
2007-02-16 19:55:48 +00:00
Daniel J Walsh
e10e57a4a6 THu Feb 15 2007 Dan Walsh <dwalsh@redhat.com> 2.5.3-3
- Add sepolgen support
- Add bugzilla policy
2007-02-15 20:46:02 +00:00
Daniel J Walsh
07dcdf7654 - Fix file context for nemiver 2007-02-15 20:29:48 +00:00
Daniel J Walsh
1a24735d8f - Fix file context for nemiver 2007-02-15 00:19:30 +00:00
Daniel J Walsh
df0bef9ac0 - 2007-02-12 16:27:42 +00:00
Daniel J Walsh
9aff35b779 - 2007-02-12 16:18:31 +00:00
Daniel J Walsh
39b6cecaf2 - Allow mozilla, evolution and thunderbird to read dev_random. Resolves:
#227002
- Allow spamd to connect to smtp port Resolves: #227184
- Fixes to make ypxfr work Resolves: #227237
2007-02-06 16:54:13 +00:00
Daniel J Walsh
33501ce93f - Fix ssh_agent to be marked as an executable
- Allow Hal to rw sound device
2007-02-04 12:42:16 +00:00
Daniel J Walsh
de0b364127 - Fix spamassisin so crond can update spam files
- Fixes to allow kpasswd to work
- Fixes for bluetooth
2007-02-01 21:40:50 +00:00
Daniel J Walsh
3902fd87fd - Remove some targeted diffs in file context file 2007-01-31 22:18:10 +00:00
Daniel J Walsh
edd045d7c0 - Fix squid cachemgr labeling 2007-01-26 16:12:32 +00:00
Daniel J Walsh
e45f5d36d0 - Add ability to generate webadm_t policy
- Lots of new interfaces for httpd
- Allow sshd to login as unconfined_t
2007-01-25 19:07:00 +00:00
Daniel J Walsh
cc7c06a0d1 - Continue fixing, additional user domains 2007-01-23 01:08:45 +00:00
Daniel J Walsh
f86e42306e - Begin adding user confinement to targeted policy 2007-01-22 16:52:18 +00:00
Daniel J Walsh
45478192f4 - Fixes for prelink, ktalkd, netlabel 2007-01-17 19:58:32 +00:00
Daniel J Walsh
ee095f5817 - Fixes for prelink, ktalkd, netlabel 2007-01-11 22:43:22 +00:00
Daniel J Walsh
b6ed674a00 - Fixes for prelink, ktalkd, netlabel 2007-01-10 22:05:57 +00:00
Daniel J Walsh
ae5ace1a7e - Fixes for prelink, ktalkd, netlabel 2007-01-10 22:01:29 +00:00
Daniel J Walsh
9e0fa4fef3 - Allow prelink when run from rpm to create tmp files Resolves: #221865
- Remove file_context for exportfs Resolves: #221181
- Allow spamassassin to create ~/.spamassissin Resolves: #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves: #200110
- Fixes to run prelink in MLS machine Resolves: #221233
- Allow spamassassin to read var_lib_t dir Resolves: #219234
2007-01-09 15:26:56 +00:00
Daniel J Walsh
a384d73899 - Allow prelink when run from rpm to create tmp files Resolves: #221865
- Remove file_context for exportfs Resolves: #221181
- Allow spamassassin to create ~/.spamassissin Resolves: #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves: #200110
2007-01-09 15:24:41 +00:00
Daniel J Walsh
8a03d5e828 - Allow spamassassin to read var_lib_t dir Resolves: #219234 2007-01-02 16:40:08 +00:00
Daniel J Walsh
9bcfd16a2d - fix mplayer to work under strict policy
- Allow iptables to use nscd Resolves: #220794
2006-12-29 20:01:11 +00:00
Daniel J Walsh
8bacd8ed15 - Add gconf policy and make it work with strict 2006-12-28 17:39:12 +00:00
Daniel J Walsh
5db544f392 - Many fixes for strict policy and by extension mls. 2006-12-24 15:26:26 +00:00
Daniel J Walsh
135ea97ff1 - Many fixes for strict policy and by extension mls. 2006-12-24 07:31:09 +00:00
Daniel J Walsh
9051d60c06 - Fix to allow ftp to bind to ports > 1024 Resolves: #219349 2006-12-22 17:39:01 +00:00
Daniel J Walsh
5ded3c385e 2006-12-22 16:58:33 +00:00
Daniel J Walsh
4fd323b783 2006-12-22 16:56:53 +00:00
Daniel J Walsh
f9e32a004d - Allow semanage to exec it self. Label genhomedircon as semanage_exec_t
Resolves: #219421
- Allow sysadm_lpr_t to manage other print spool jobs Resolves: #220080
2006-12-20 20:40:30 +00:00
Daniel J Walsh
be9aefca3d - allow automount to setgid Resolves: #219999 2006-12-18 21:50:13 +00:00
Daniel J Walsh
5e01b4610b - Allow cron to polyinstatiate
- Fix creation of boot flags Resolves: #207433
2006-12-15 21:42:14 +00:00
Daniel J Walsh
272aa0b2e8 2006-12-14 20:06:00 +00:00
Daniel J Walsh
3a51847bd9 Resolves: #218978 2006-12-13 17:06:33 +00:00
Daniel J Walsh
422dcf1da8 Resolves: #218978 2006-12-13 17:03:55 +00:00
Daniel J Walsh
e3b143b243 - Allow initrc to create files in /var directories Resolves: #219227 2006-12-12 21:46:24 +00:00
Daniel J Walsh
6157a7e6e4 - More fixes for MLS 2006-12-11 12:35:45 +00:00
Daniel J Walsh
dd5d7e7583 - More Fixes polyinstatiation Resolves: #216184 2006-12-06 23:27:45 +00:00
Daniel J Walsh
a169fb7433 - Fix handling of keyrings 2006-12-06 19:38:32 +00:00
Daniel J Walsh
852ba6bb2f - Fix polyinstatiation
- Fix pcscd handling of terminal Resolves: #218149 Resolves: #218350
2006-12-05 23:05:39 +00:00
Daniel J Walsh
414ddd0de3 - More fixes for quota Resolves: #212957 2006-12-01 21:52:08 +00:00
Daniel J Walsh
9f388c1a78 - ncsd needs to use avahi sockets Resolves: #217640 Resolves: #218014 2006-12-01 17:58:00 +00:00
Daniel J Walsh
b6ffd7c2ae - Allow login programs to polyinstatiate homedirs Resolves: #216184
- Allow quotacheck to create database files Resolves: #212957
2006-11-30 22:06:22 +00:00
Daniel J Walsh
aba668f5f8 - Allow login programs to polyinstatiate homedirs Resolves: #216184 2006-11-30 20:55:33 +00:00
Daniel J Walsh
036c1c2fb6 - Dontaudit appending hal_var_lib files Resolves: #217452 Resolves: #217571
Resolves: #217611 Resolves: #217640 Resolves: #217725
2006-11-30 20:23:49 +00:00
Daniel J Walsh
cc1462b7d0 - Dontaudit appending hal_var_lib files Resolves: #217452 Resolves: #217571
Resolves: #217611 Resolves: #217640 Resolves: #217725
2006-11-29 20:11:02 +00:00
Daniel J Walsh
e4d46c95f3 - Fix context for helix players file_context #216942 2006-11-27 22:17:34 +00:00
Daniel J Walsh
02560dace3 - Fix load_policy to be able to mls_write_down so it can talk to the
terminal
2006-11-20 23:24:21 +00:00
Daniel J Walsh
4218645103 - Fixes for hwclock, clamav, ftp 2006-11-20 23:01:06 +00:00
Daniel J Walsh
9e4aeac9dd - Move to upstream version which accepted my patches 2006-11-17 19:21:40 +00:00
Daniel J Walsh
b28d0a788f - Fixes for nvidia driver 2006-11-16 19:25:03 +00:00
Daniel J Walsh
a3f2f571c0 - Fixes for nvidia driver 2006-11-15 22:34:04 +00:00
Daniel J Walsh
150bdfbc67 - Fixes for nvidia driver 2006-11-15 22:28:06 +00:00
Daniel J Walsh
b0ecaa962d - Allow semanage to signal mcstrans 2006-11-15 21:43:36 +00:00
Daniel J Walsh
73ea8c2e4d - Update to upstream 2006-11-15 15:22:30 +00:00
Daniel J Walsh
d925bd337d - Allow modstorage to edit /etc/fstab file 2006-11-14 18:33:09 +00:00
Daniel J Walsh
ec17438ae0 - Fix for qemu, /dev/
Mon Nov 13 2006 Dan Walsh <dwalsh@redhat.com> 2.4.3-11
- Fix path to realplayer.bin
2006-11-14 04:57:37 +00:00
Daniel J Walsh
32b91c9d1f - Fix path to realplayer.bin 2006-11-13 20:48:57 +00:00
Daniel J Walsh
06b64f8c21 - Allow xen to connect to xen port 2006-11-10 20:37:08 +00:00
Daniel J Walsh
1a986f04dc - Allow cups to search samba_etc_t directory
- Allow xend_t to list auto_mountpoints
2006-11-10 13:31:34 +00:00
Daniel J Walsh
2098c9bff2 - Allow xen to search automount 2006-11-09 20:12:53 +00:00
Daniel J Walsh
6ba4868651 - Fix spec of jre files 2006-11-09 18:57:53 +00:00
Daniel J Walsh
0806593363 - Fix unconfined access to shadow file 2006-11-08 20:21:53 +00:00
Daniel J Walsh
4d11495dab - Allow xend to create files in xen_image_t directories 2006-11-08 20:10:30 +00:00
Daniel J Walsh
0fcc493f96 - Fixes for /var/lib/hal 2006-11-08 13:28:28 +00:00
Daniel J Walsh
f08bf9299c - Remove ability for sysadm_t to look at audit.log 2006-11-07 21:16:47 +00:00
Daniel J Walsh
f3ecbbfcb9 - Fix rpc_port_types
- Add aide policy for mls
2006-11-07 20:38:46 +00:00
Daniel J Walsh
d7e0f9fa0d - Merge with upstream 2006-11-06 21:15:57 +00:00
Daniel J Walsh
0dae3b6d89 - Lots of fixes for ricci 2006-11-03 21:27:47 +00:00
Daniel J Walsh
d095a0e65b - Add perms for swat 2006-11-01 00:09:08 +00:00
Daniel J Walsh
6b97615edf - Allow daemons to dump core files to / 2006-10-30 21:18:40 +00:00
Daniel J Walsh
8fb79d40f4 - Fixes for ricci 2006-10-30 16:45:09 +00:00
Daniel J Walsh
6672fcfbdd - Allow mount.nfs to work 2006-10-27 19:16:43 +00:00
Daniel J Walsh
85659e704f - Allow ricci-modstorage to look at lvm_etc_t 2006-10-27 14:42:56 +00:00
Daniel J Walsh
08efeffbe5 - Fixes for ricci using saslauthd 2006-10-25 15:31:39 +00:00
Daniel J Walsh
dc804f3593 - Allow mountpoint on home_dir_t and home_t 2006-10-24 19:55:28 +00:00
Daniel J Walsh
8ff9d6e5a3 - Update xen to read nfs files 2006-10-24 16:12:29 +00:00
Daniel J Walsh
3d011ff2e8 Mon Oct 23 2006 Dan Walsh <dwalsh@redhat.com> 2.4-4
- Allow noxattrfs to associate with other noxattrfs
2006-10-23 20:54:50 +00:00
Daniel J Walsh
11d7ea1908 - Allow hal to use power_device_t 2006-10-23 17:26:25 +00:00
Daniel J Walsh
d6926f7f13 - Allow procemail to look at autofs_t
- Allow xen_image_t to work as a fixed device
2006-10-20 21:08:15 +00:00
Daniel J Walsh
e2eecb7a01 - Refupdate from upstream 2006-10-19 15:52:02 +00:00
Daniel J Walsh
302afb6db1 - Add lots of fixes for mls cups 2006-10-19 14:32:27 +00:00
Daniel J Walsh
6fa5ecef5d - Lots of fixes for ricci 2006-10-18 20:58:51 +00:00
Daniel J Walsh
2d1b4a450f - Fix number of cats 2006-10-17 19:59:07 +00:00
Daniel J Walsh
da08298372 - Update to upstream 2006-10-17 18:43:08 +00:00
jantill
a3698a1d5b - More iSCSI changes for #209854 2006-10-12 15:43:58 +00:00
jantill
cd0a0d2169 - Test ISCSI fixes for #209854 2006-10-12 15:24:06 +00:00
Daniel J Walsh
ed9a4ccc00 - allow semodule to rmdir selinux_config_t dir 2006-10-08 21:45:47 +00:00
Daniel J Walsh
70e2dbc497 - Fix boot_runtime_t problem on ppc. Should not be creating these files. 2006-10-06 20:38:14 +00:00
Daniel J Walsh
16c971a867 - Fix context mounts on reboot
- Fix ccs creation of directory in /var/log
2006-10-05 19:31:33 +00:00
Daniel J Walsh
7316db5b42 - Update for tallylog 2006-10-05 15:11:16 +00:00
Daniel J Walsh
bfcffeacff - Allow xend to rewrite dhcp conf files
- Allow mgetty sys_admin capability
2006-10-05 13:48:32 +00:00
Daniel J Walsh
160281be0a - Make xentapctrl work 2006-10-04 19:31:42 +00:00
Daniel J Walsh
46f098ac91 - Don't transition unconfined_t to bootloader_t
- Fix label in /dev/xen/blktap
2006-10-03 20:35:40 +00:00
Daniel J Walsh
f21d67baff - Patch for labeled networking 2006-10-03 18:47:06 +00:00
Daniel J Walsh
42dd742837 - Fix crond handling for mls 2006-10-02 19:45:00 +00:00
Daniel J Walsh
8fff699602 - Update to upstream 2006-09-29 19:19:18 +00:00
Daniel J Walsh
52ba98baf2 - Remove bluetooth-helper transition
- Add selinux_validate for semanage
- Require new version of libsemanage
2006-09-29 18:12:18 +00:00
Daniel J Walsh
5096e7d5da - Fix prelink 2006-09-29 14:22:55 +00:00
Daniel J Walsh
3c4577002a - Fix rhgb 2006-09-29 05:33:37 +00:00
Daniel J Walsh
172c6c7dc9 - Fix setrans handling on MLS and useradd 2006-09-28 16:45:43 +00:00
Daniel J Walsh
afbab5a372 - Support for fuse
- fix vigr
2006-09-27 23:56:21 +00:00
Daniel J Walsh
bfd584d6c7 - Fix dovecot, amanda
- Fix mls
2006-09-27 20:59:46 +00:00
Daniel J Walsh
201e1d333f - Fix dovecot, amanda 2006-09-27 19:49:43 +00:00
Daniel J Walsh
d25a3eebb6 - Allow java execheap for itanium 2006-09-26 20:41:36 +00:00
Daniel J Walsh
a76cf8a10b - Update with upstream 2006-09-26 14:59:58 +00:00
Daniel J Walsh
857ce15e7f - mls fixes 2006-09-25 15:58:33 +00:00
Daniel J Walsh
85bd855811 - Update from upstream 2006-09-22 20:41:12 +00:00
Daniel J Walsh
8d52bdbe62 - More fixes for mls
- Revert change on automount transition to mount
2006-09-22 14:21:35 +00:00
Daniel J Walsh
5ec822a112 - Fix cron jobs to run under the correct context 2006-09-21 23:05:49 +00:00
Daniel J Walsh
cc9afdc096 - Fixes to make pppd work 2006-09-19 21:10:48 +00:00
Daniel J Walsh
b4815d027f - Fixes to make pppd work 2006-09-19 19:14:48 +00:00
Daniel J Walsh
c56aa106dc - Multiple policy fixes
- Change max categories to 1023
2006-09-19 14:59:46 +00:00
Daniel J Walsh
b8c78504ab - Fix transition on mcstransd 2006-09-16 12:06:36 +00:00
Daniel J Walsh
38b22ca261 - Add /dev/em8300 defs 2006-09-15 20:59:56 +00:00
Daniel J Walsh
3f1bb62fc8 - Upgrade to upstream 2006-09-15 18:28:09 +00:00
Daniel J Walsh
f511de4575 - Upgrade to upstream 2006-09-15 18:03:54 +00:00
Daniel J Walsh
60792f9cd0 - Fix ppp connections from network manager 2006-09-15 16:39:25 +00:00
Daniel J Walsh
588fb9dab1 - Fix ppp connections from network manager 2006-09-15 16:22:25 +00:00
Daniel J Walsh
5f2a4e5d4f - Fix ppp connections from network manager 2006-09-15 12:44:15 +00:00
Daniel J Walsh
861af1c0df - Add tty access to all domains boolean
- Fix gnome-pty-helper context for ia64
2006-09-13 12:00:21 +00:00
Daniel J Walsh
9fbb713e0e - Fixed typealias of firstboot_rw_t 2006-09-11 20:56:05 +00:00
Daniel J Walsh
8b6c3732d7 - Fix location of xel log files
- Fix handling of sysadm_r -> rpm_exec_t
2006-09-08 17:10:41 +00:00
Daniel J Walsh
1ef9d40e46 - Fixes for autofs, lp 2006-09-07 19:15:29 +00:00
Daniel J Walsh
937c1cc4df - Update from upstream 2006-09-06 18:29:35 +00:00
Daniel J Walsh
57075ee245 - Fixup for test6 2006-09-05 21:13:31 +00:00
Daniel J Walsh
66ca8d0003 - Fixup for test6 2006-09-05 20:19:56 +00:00
Daniel J Walsh
4bf7cf3e30 - Fixup for test6 2006-09-05 19:45:07 +00:00
Daniel J Walsh
efb08979c0 - Update to upstream 2006-09-05 12:03:37 +00:00
Daniel J Walsh
928af41d8b - Update to upstream 2006-09-01 19:45:39 +00:00
Daniel J Walsh
04dd122d14 - Fix suspend to disk problems 2006-09-01 14:58:36 +00:00
Daniel J Walsh
a1c3b4ef0a - Lots of fixes for restarting daemons at the console. 2006-08-31 21:39:01 +00:00
Daniel J Walsh
3723ca6f56 - Lots of fixes for restarting daemons at the console. 2006-08-31 19:32:34 +00:00
Daniel J Walsh
e4710b3b72 - Fix audit line
- Fix requires line
2006-08-31 12:13:31 +00:00
Daniel J Walsh
7f5a12d575 - Fix audit line
- Fix requires line
2006-08-30 21:44:22 +00:00
Daniel J Walsh
358adda620 - Fix requires line 2006-08-30 21:19:12 +00:00
Daniel J Walsh
06027c9ac0 - Upgrade to upstream 2006-08-30 20:59:51 +00:00
Daniel J Walsh
1616552ae2 - Fix install problems 2006-08-28 21:49:05 +00:00
Daniel J Walsh
9e88149b16 - Allow setroubleshoot to getattr on all dirs to gather RPM data 2006-08-25 20:06:07 +00:00
Daniel J Walsh
4c348582ff - Set /usr/lib/ia32el/ia32x_loader to unconfined_execmem_exec_t for ia32
platform
- Fix spec for /dev/adsp
2006-08-25 17:32:13 +00:00
Daniel J Walsh
b2d3ebd7a0 - Fix xen tty devices 2006-08-24 20:53:40 +00:00
Daniel J Walsh
8cd82cf62b - Fixes for setroubleshoot 2006-08-24 20:31:13 +00:00
Daniel J Walsh
a5dcfa874f - Update to upstream 2006-08-23 20:42:38 +00:00
Daniel J Walsh
3559b5314e - Fixes for stunnel and postgresql
- Update from upstream
2006-08-20 15:11:37 +00:00
Daniel J Walsh
6f77ee084f - Fixes for stunnel and postgresql 2006-08-20 14:54:47 +00:00
Daniel J Walsh
79b5c47536 - Update from upstream 2006-08-18 14:18:35 +00:00
Daniel J Walsh
256cfc628c - Update from upstream
- More java fixes
2006-08-12 11:54:51 +00:00
Daniel J Walsh
543bc335c1 - Change allow_execstack to default to on, for RHEL5 Beta. This is required
because of a Java compiler problem. Hope to turn off for next beta
2006-08-11 15:39:50 +00:00
Daniel J Walsh
5974f40b57 - Misc fixes 2006-08-11 03:16:13 +00:00
Daniel J Walsh
c22acae47c Th Aug 10 2006 Dan Walsh <dwalsh@redhat.com> 2.3.6-3
- Misc fixes
2006-08-11 03:11:59 +00:00
Daniel J Walsh
d0ed11a83d - More fixes for strict policy 2006-08-09 19:14:24 +00:00
Daniel J Walsh
8da541a5e6 - Quiet down anaconda audit messages 2006-08-08 20:40:36 +00:00
Daniel J Walsh
932c79f792 - Fix setroubleshootd 2006-08-08 00:26:46 +00:00
Daniel J Walsh
26202062d0 - Update to the latest from upstream 2006-08-04 22:58:10 +00:00
Daniel J Walsh
7505584432 - More fixes for xen 2006-08-03 16:50:26 +00:00
Daniel J Walsh
1c92c78eba - Fix anaconda transitions 2006-08-03 14:47:22 +00:00
Daniel J Walsh
5dc8b14fd5 - yet more xen rules
Tue Aug 1 2006 Dan Walsh <dwalsh@redhat.com> 2.3.3-17
- more xen rules
2006-08-02 19:36:17 +00:00
Daniel J Walsh
031e1ae2f7 - more xen rules 2006-08-01 21:38:02 +00:00
Daniel J Walsh
1b1dad04fb - Fixes for Samba 2006-07-31 21:25:08 +00:00
Daniel J Walsh
be45a2bf98 - Fixes for xen 2006-07-29 08:32:43 +00:00
Daniel J Walsh
9782db9573 - Allow setroubleshootd to send mail 2006-07-28 19:13:13 +00:00
Daniel J Walsh
1f20939ac3 - Add nagios policy 2006-07-28 17:44:17 +00:00
Daniel J Walsh
90c4086837 - fixes for setroubleshoot 2006-07-26 20:17:15 +00:00
Daniel J Walsh
9554c945c3 - Added Paul Howorth patch to only load policy packages shipped with this
package
- Allow pidof from initrc to ptrace higher level domains
- Allow firstboot to communicate with hal via dbus
2006-07-26 17:58:28 +00:00
Daniel J Walsh
9d77b6b4f0 - Allow pidof from initrc to ptrace higher level domains 2006-07-25 18:24:28 +00:00
Daniel J Walsh
8555e0e0d0 - Add policy for /var/run/ldapi 2006-07-24 16:23:16 +00:00
Daniel J Walsh
b14e13366e - Fix setroubleshoot policy 2006-07-22 19:00:47 +00:00
Daniel J Walsh
7b4c787492 - Fixes for mls use of ssh
- named has a new conf file
2006-07-22 03:11:32 +00:00
Daniel J Walsh
efa5f596d7 - Fixes to make setroubleshoot work 2006-07-21 13:28:12 +00:00
Daniel J Walsh
1c15e38b82 - Cups needs to be able to read domain state off of printer client 2006-07-19 20:27:22 +00:00
Daniel J Walsh
c7b7392126 - add boolean to allow zebra to write config files 2006-07-19 20:06:35 +00:00
Daniel J Walsh
31c47be0fe - setroubleshootd fixes 2006-07-19 18:39:31 +00:00
Daniel J Walsh
2bf148e90a - Allow prelink to read bin_t symlink
- allow xfs to read random devices
- Change gfs to support xattr
2006-07-18 15:51:21 +00:00
Daniel J Walsh
c62a78555a - Remove spamassassin_can_network boolean 2006-07-17 17:14:27 +00:00
Daniel J Walsh
2107557a81 - Update to upstream
- Fix lpr domain for mls
2006-07-14 21:22:36 +00:00
Daniel J Walsh
8a7ef5ec99 - Add setroubleshoot policy 2006-07-14 20:09:54 +00:00
Daniel J Walsh
317bd2fd17 - Turn off auditallow on setting booleans 2006-07-13 14:24:05 +00:00
Daniel J Walsh
d819090e1f - Multiple fixes 2006-07-12 02:50:30 +00:00
Daniel J Walsh
8bee3a4a58 - Update to upstream 2006-07-09 09:51:33 +00:00
Daniel J Walsh
4a291ab8b9 - Update to upstream
- Add new class for kernel key ring
2006-06-22 19:16:49 +00:00
Daniel J Walsh
9e7fd17a0c - Update to upstream 2006-06-21 20:33:38 +00:00
Daniel J Walsh
1065b18b06 - Update to upstream 2006-06-20 21:17:11 +00:00
Daniel J Walsh
446e9b443f - Fix requires 2006-06-20 21:15:11 +00:00
Daniel J Walsh
2b87b02daa - Update to upstream 2006-06-20 21:06:31 +00:00
Daniel J Walsh
63e20b9a82 - Break out selinux-devel package 2006-06-20 12:59:02 +00:00
Daniel J Walsh
77dc77cc7c - Break out selinux-devel package 2006-06-20 12:58:27 +00:00
Daniel J Walsh
af203b67d1 - Add ibmasmfs 2006-06-16 17:54:35 +00:00
Daniel J Walsh
cc073e7495 - Fix policygentool gen_requires 2006-06-16 03:10:44 +00:00
Daniel J Walsh
4ef386fa65 - Fix policygentool gen_requires 2006-06-15 14:45:40 +00:00
Daniel J Walsh
358335b9db - Update from Upstream 2006-06-14 15:48:59 +00:00
Daniel J Walsh
0fe5c73fe8 - Fix spec of realplay 2006-06-13 19:39:56 +00:00
Daniel J Walsh
2616c66ff4 - Update to upstream 2006-06-13 18:26:00 +00:00
Daniel J Walsh
b637d98325 - Allow useradd to create_home_dir in MLS environment 2006-06-12 14:51:08 +00:00
Daniel J Walsh
3004d53f75 - Update from upstream 2006-06-09 03:03:22 +00:00
Daniel J Walsh
c54f60d6ea - Update from upstream 2006-06-09 02:55:43 +00:00
Daniel J Walsh
cfc04db0db - Update from upstream 2006-06-08 14:03:38 +00:00
Daniel J Walsh
a4c7090921 - Add oprofilefs 2006-06-06 21:33:13 +00:00
Daniel J Walsh
a55870f781 - Fix for hplip and Picasa 2006-05-28 14:30:02 +00:00
Daniel J Walsh
43fe713171 - Update to upstream 2006-05-28 10:56:26 +00:00
Daniel J Walsh
7580a10c69 - fixes for java, openldap and webalizer 2006-05-26 10:09:26 +00:00
Daniel J Walsh
d065eef7e9 - Xen fixes 2006-05-24 03:12:56 +00:00
Daniel J Walsh
e30da942d7 - Xen fixes 2006-05-24 02:35:38 +00:00
Daniel J Walsh
e5e5095da5 - Upgrade to upstream 2006-05-20 12:01:14 +00:00
Daniel J Walsh
75d0fe4f47 - allow hal to read boot_t files
- Upgrade to upstream
2006-05-18 16:07:35 +00:00
Daniel J Walsh
4aae36507b - allow hal to read boot_t files 2006-05-18 15:42:55 +00:00
Daniel J Walsh
f4d170770a - Update from upstream 2006-05-17 01:40:53 +00:00
Daniel J Walsh
82d40f4e47 - Fixes for amavis 2006-05-15 20:48:00 +00:00
Daniel J Walsh
52288bc69c - Update from upstream 2006-05-15 16:20:58 +00:00
Daniel J Walsh
a97d1fe713 - Allow auditctl to search all directories 2006-05-12 18:59:26 +00:00
Daniel J Walsh
f08aca0783 - Add acquire service for mono. 2006-05-12 03:12:32 +00:00
Daniel J Walsh
89e397d026 - Turn off allow_execmem boolean
- Allow ftp dac_override when allowed to access users homedirs
2006-05-12 02:39:30 +00:00
Daniel J Walsh
ca8bc2df6e - Clean up spec file
- Transition from unconfined_t to prelink_t
2006-05-10 20:00:43 +00:00
Daniel J Walsh
539ba8aee6 - Allow execution of cvs command 2006-05-09 21:50:36 +00:00
Daniel J Walsh
a52275425c - Update to upstream 2006-05-08 19:26:49 +00:00
Daniel J Walsh
529f12c952 - Update to upstream 2006-05-04 17:39:16 +00:00
Daniel J Walsh
49dfee4ffa - Fix libjvm spec 2006-05-01 21:24:26 +00:00
Daniel J Walsh
ea725ce70c - Update to upstream 2006-04-29 04:47:05 +00:00
jantill
684125a0be - Add xm policy
- Fix policygentool
2006-04-25 15:19:51 +00:00
Daniel J Walsh
bbaa1f26d1 - Update to upstream
- Fix postun to only disable selinux on full removal of the packages
2006-04-25 11:03:12 +00:00
Daniel J Walsh
e847c84988 - Allow mono to chat with unconfined 2006-04-21 10:57:09 +00:00
Daniel J Walsh
d2fe1b1403 - Allow procmail to sendmail
- Allow nfs to share dosfs
2006-04-20 19:32:44 +00:00
Daniel J Walsh
5ff36d645b - Update to latest from upstream
- Allow selinux-policy to be removed and kernel not to crash
2006-04-19 17:37:38 +00:00
Daniel J Walsh
c74f145e08 - Update to latest from upstream
- Add James Antill patch for xen
- Many fixes for pegasus
2006-04-19 12:10:10 +00:00
Daniel J Walsh
3c584c7edb - Add unconfined_mount_t 2006-04-17 11:27:44 +00:00
Daniel J Walsh
ca0597162d - Update to latest from upstream 2006-04-14 19:50:03 +00:00
Daniel J Walsh
c4826d0271 - Update to latest from upstream
- Allow mono and unconfined to talk to initrc_t dbus objects
2006-04-13 21:28:19 +00:00
Daniel J Walsh
c7b01adddf - Change libraries.fc to stop shlib_t form overriding texrel_shlib_t 2006-04-11 21:58:53 +00:00
Daniel J Walsh
5cbfde1710 - Allow secadm_t ability to relabel all files
- Allow ftp to search xferlog_t directories
- Allow mysql to communicate with ldap
- Allow rsync to bind to rsync_port_t
2006-04-11 20:59:57 +00:00
Daniel J Walsh
c53f3b88ff - Allow secadm_t ability to relabel all files
- Allow ftp to search xferlog_t directories
- Allow mysql to communicate with ldap
- Allow rsync to bind to rsync_port_t
2006-04-10 21:10:33 +00:00
rcoker
a442ed4616 Change file contexts and several minor policy changes. 2006-04-10 12:15:07 +00:00
Daniel J Walsh
67bc5ebb6c - More textrel_shlib_t file path fixes
- Add ada support
2006-04-06 19:08:54 +00:00
Daniel J Walsh
4fd214b03b - Get auditctl working in MLS policy 2006-04-04 10:07:53 +00:00
Daniel J Walsh
2ad4f12eff - Add mono dbus support
- Lots of file_context fixes for textrel_shlib_t in FC5
- Turn off execmem auditallow since they are filling log files
2006-04-03 17:17:13 +00:00
Daniel J Walsh
da5d600a11 - Update to upstream 2006-03-31 20:57:44 +00:00
Daniel J Walsh
d2bd4f4f3d - Allow automount and dbus to read cert files 2006-03-30 22:27:52 +00:00
Daniel J Walsh
58ec7a5124 - Fix ftp policy
- Fix secadm running of auditctl
2006-03-30 19:57:31 +00:00
Daniel J Walsh
5c1cd7105c - Update to upstream 2006-03-29 20:21:25 +00:00
Daniel J Walsh
bbe0ad9e91 - Update to upstream 2006-03-27 22:47:14 +00:00
Daniel J Walsh
5a014310cd - Update to upstream 2006-03-27 22:07:37 +00:00
Daniel J Walsh
bd3f0ea368 - Fix policyhelp 2006-03-24 16:44:06 +00:00
Daniel J Walsh
faffd3afe5 - Fix pam_console handling of usb_device
- dontaudit logwatch reading /mnt dir
2006-03-22 15:56:09 +00:00
Daniel J Walsh
414d6d811a - Update to upstream 2006-03-21 19:46:10 +00:00
Daniel J Walsh
ad73e86386 - Update to upstream 2006-03-21 15:42:38 +00:00
Daniel J Walsh
727bb2e4d1 - Update to upstream 2006-03-18 04:09:10 +00:00
Daniel J Walsh
9f8b0589bf - Get transition rules to create policy.20 at SystemHigh 2006-03-16 14:41:17 +00:00
Daniel J Walsh
5b46764cba - Allow secadmin to shutdown system
- Allow sendmail to exec newalias
2006-03-14 22:43:44 +00:00
Daniel J Walsh
6d42754555 - MLS Fixes dmidecode needs mls_file_read_up
- add ypxfr_t
- run init needs access to nscd
- udev needs setuid
- another xen log file
- Dontaudit mount getattr proc_kcore_t
2006-03-14 20:15:31 +00:00
Daniel J Walsh
0a74a26d18 - MLS Fixes dmidecode needs mls_file_read_up
- add ypxfr_t
- run init needs access to nscd
- udev needs setuid
- another xen log file
- Dontaudit mount getattr proc_kcore_t
2006-03-14 20:13:28 +00:00
Karsten Hopp
4e431cfdce - remove mkdir /usr/share/selinux/, it's not required and even wrong
without a prepended $RPM_BUILD_ROOT (#185391)
2006-03-14 10:37:14 +00:00
Daniel J Walsh
4c9f08fbba - Get rid of mount/fsdisk scan of /dev messages
- Additional fixes for suspend/resume
2006-03-09 21:50:18 +00:00
Daniel J Walsh
54b0b5869e - Fake make to rebuild enableaudit.pp 2006-03-09 18:30:56 +00:00
Daniel J Walsh
6d2388955d - Get xen networking running. 2006-03-09 18:12:23 +00:00
Daniel J Walsh
23a177b7c3 - Fixes for Xen
- enableaudit should not be the same as base.pp
- Allow ps to work for all process
2006-03-09 15:34:49 +00:00
Jeremy Katz
b33ec3c21d - more xen policy fixups 2006-03-09 05:09:46 +00:00
Jeremy Katz
1b07552d67 - more xen fixage (#184393) 2006-03-09 00:18:57 +00:00
Daniel J Walsh
060041b7bf - Fix blkid specification
- Allow postfix to execute mailman_que
2006-03-08 22:11:17 +00:00
Daniel J Walsh
9c64bb6f27 - Blkid changes
- Allow udev access to usb_device_t
- Fix post script to create targeted policy config file
2006-03-08 20:40:43 +00:00
Daniel J Walsh
4c9f658bb2 - Allow lvm tools to create drevice dir 2006-03-08 17:02:01 +00:00
Daniel J Walsh
020477271b - Add Xen support 2006-03-07 22:22:14 +00:00
Daniel J Walsh
72a1365426 - Fixes for cups
- Make cryptosetup work with hal
2006-03-06 23:05:10 +00:00
Daniel J Walsh
0296aff141 - Fixes for cups
- Make cryptosetup work with hal
2006-03-06 21:33:51 +00:00
Daniel J Walsh
76d7c52ccf - Load Policy needs translock 2006-03-06 02:00:43 +00:00
Daniel J Walsh
ef0cb15960 - Fix cups html interface 2006-03-04 23:24:54 +00:00
Daniel J Walsh
21277d9d7a - Add hal changes suggested by Jeremy
- add policyhelp to point at policy html pages
2006-03-04 14:49:35 +00:00
Daniel J Walsh
d2c2609f8c - add policyhelp to point at policy html pages 2006-03-04 05:10:54 +00:00
Daniel J Walsh
8254bb0ce6 - Additional fixes for nvidia and cups 2006-02-27 23:23:06 +00:00
Daniel J Walsh
575aa98fb7 - Update to upstream
- Merged my latest fixes
- Fix cups policy to handle unix domain sockets
2006-02-27 23:00:40 +00:00
Daniel J Walsh
fbec4b5191 *** empty log message *** 2006-02-25 20:50:53 +00:00
Daniel J Walsh
290aa68ca4 *** empty log message *** 2006-02-24 20:50:49 +00:00
Daniel J Walsh
dd2612b757 *** empty log message *** 2006-02-24 18:39:09 +00:00
Daniel J Walsh
e135c767ec *** empty log message *** 2006-02-24 16:45:01 +00:00
Daniel J Walsh
7716868268 *** empty log message *** 2006-02-24 16:43:26 +00:00
Daniel J Walsh
c126996365 *** empty log message *** 2006-02-24 15:50:38 +00:00
Daniel J Walsh
7dca0e2e81 *** empty log message *** 2006-02-23 22:28:34 +00:00
Daniel J Walsh
5d5343f8cc *** empty log message *** 2006-02-23 21:02:49 +00:00
Daniel J Walsh
d19b685646 *** empty log message *** 2006-02-23 18:56:17 +00:00
Daniel J Walsh
701455e3c5 *** empty log message *** 2006-02-23 15:12:37 +00:00
Daniel J Walsh
585f827b55 *** empty log message *** 2006-02-22 22:46:02 +00:00
Daniel J Walsh
d4d1f2b10a *** empty log message *** 2006-02-22 18:48:03 +00:00
Daniel J Walsh
4dab27663b *** empty log message *** 2006-02-22 18:41:25 +00:00
Daniel J Walsh
a57054e5e9 *** empty log message *** 2006-02-22 00:53:12 +00:00
Daniel J Walsh
d5ae27dcc7 *** empty log message *** 2006-02-21 20:39:54 +00:00
Daniel J Walsh
28c4257a6b *** empty log message *** 2006-02-21 19:17:26 +00:00
Daniel J Walsh
46bd65b6cf *** empty log message *** 2006-02-21 19:16:52 +00:00