Chris PeBenito
|
ac9aa26d2e
|
work on users
|
2005-11-29 15:49:18 +00:00 |
|
Chris PeBenito
|
574e63fabc
|
fix kerberos_use, which turned out to be a problem in dns_reslove
|
2005-11-29 15:36:53 +00:00 |
|
Chris PeBenito
|
70fb22d201
|
bump rev
|
2005-11-28 22:23:07 +00:00 |
|
Chris PeBenito
|
1504ff3e42
|
clean up most of the mta hacks
|
2005-11-28 22:19:08 +00:00 |
|
Chris PeBenito
|
08cd98b7c1
|
big cleanup of mta
|
2005-11-28 20:25:36 +00:00 |
|
Chris PeBenito
|
5d5ea8d002
|
add irqbalance
|
2005-11-28 19:06:22 +00:00 |
|
Chris PeBenito
|
f11f0c10ad
|
add timidity
|
2005-11-28 18:29:03 +00:00 |
|
Chris PeBenito
|
19ff64f83a
|
add rdisc
|
2005-11-28 17:46:29 +00:00 |
|
Chris PeBenito
|
131e573dcc
|
add yppasswdd to nis
|
2005-11-28 16:44:51 +00:00 |
|
Chris PeBenito
|
09741b1f0e
|
cleanup from sediff
|
2005-11-25 19:38:45 +00:00 |
|
Chris PeBenito
|
3f41889dae
|
add xfs
|
2005-11-25 19:09:08 +00:00 |
|
Chris PeBenito
|
f00434fae9
|
clean up rpc hack
|
2005-11-25 17:39:35 +00:00 |
|
Chris PeBenito
|
d828b5ca8f
|
clean up networkmanager hacks
|
2005-11-25 16:43:03 +00:00 |
|
Chris PeBenito
|
2629c6595a
|
patch from dan to remove rhgb and gph:fd use
|
2005-11-25 15:51:50 +00:00 |
|
Chris PeBenito
|
1328802a41
|
Change optional_policy() to refer to the module name rather than modulename.te.
|
2005-11-23 20:24:27 +00:00 |
|
Chris PeBenito
|
af23450c36
|
patch from dan
|
2005-11-23 19:02:40 +00:00 |
|
Chris PeBenito
|
9cc2ccc4ed
|
tweaks from dan
|
2005-11-22 17:56:53 +00:00 |
|
Chris PeBenito
|
95f82b0de8
|
fixes from dan
|
2005-11-21 22:15:11 +00:00 |
|
Chris PeBenito
|
c5c3066aa1
|
fix
|
2005-11-18 21:30:23 +00:00 |
|
Chris PeBenito
|
1d697ce7d2
|
add last bits from dan
|
2005-11-18 18:38:37 +00:00 |
|
Chris PeBenito
|
37ff8fe902
|
updates from dan
|
2005-11-18 16:12:30 +00:00 |
|
Chris PeBenito
|
1354ca04a6
|
fix superfluous network rules pointed out by dan walsh, and clean
|
2005-11-18 15:53:34 +00:00 |
|
Chris PeBenito
|
704327e8b2
|
fix transitions in and out of unconfined. fix bugs uncovered by rawhide testing
|
2005-11-16 21:08:52 +00:00 |
|
Chris PeBenito
|
1dad083d2c
|
stray procmail execs
|
2005-11-15 20:27:49 +00:00 |
|
Chris PeBenito
|
3e6c816ddd
|
add procmail
|
2005-11-15 20:17:18 +00:00 |
|
Chris PeBenito
|
c6d4c8f186
|
clean up some hacks
|
2005-11-15 18:47:20 +00:00 |
|
Chris PeBenito
|
7b062eac78
|
add patch from dan
|
2005-11-15 16:34:10 +00:00 |
|
Chris PeBenito
|
3ed2b69339
|
role hack for genhomedircon
|
2005-11-14 22:46:18 +00:00 |
|
Chris PeBenito
|
de0d2651a7
|
temp genhomedircon hack
|
2005-11-14 22:38:14 +00:00 |
|
Chris PeBenito
|
9e91381a26
|
change dmesg and loadkeys behavior to aliasing, and enable modules
|
2005-11-14 20:26:41 +00:00 |
|
Chris PeBenito
|
0d5d74e02b
|
remove extra rule
|
2005-11-14 19:33:09 +00:00 |
|
Chris PeBenito
|
15c235f75c
|
more broken symptoms
|
2005-11-11 22:21:32 +00:00 |
|
Chris PeBenito
|
af86646bfe
|
hack
|
2005-11-11 21:39:09 +00:00 |
|
Chris PeBenito
|
3be48fa4e1
|
fix type transition conflicts
|
2005-11-11 21:33:54 +00:00 |
|
Chris PeBenito
|
17da253e65
|
fix ordering problem
|
2005-11-11 21:25:45 +00:00 |
|
Chris PeBenito
|
7fefc1d956
|
fix rpm
|
2005-11-11 21:25:31 +00:00 |
|
Chris PeBenito
|
175b1cb551
|
reverse last change
|
2005-11-11 21:00:00 +00:00 |
|
Chris PeBenito
|
5ae908113d
|
fix ordering
|
2005-11-11 20:50:23 +00:00 |
|
Chris PeBenito
|
4fe05f2055
|
add debugging symbols
|
2005-11-11 19:40:31 +00:00 |
|
Chris PeBenito
|
33ff9b8cf2
|
missing fc's
|
2005-11-11 19:03:44 +00:00 |
|
Chris PeBenito
|
3ad26d1c7a
|
update rh broken symptoms
|
2005-11-11 16:13:04 +00:00 |
|
Chris PeBenito
|
a6e32d615f
|
add initrc_tmp_t mountpoint
|
2005-11-11 16:08:03 +00:00 |
|
Chris PeBenito
|
daff1dc5af
|
fix missing role statements
|
2005-11-11 15:33:38 +00:00 |
|
Chris PeBenito
|
55290adf28
|
small fixes
|
2005-11-11 14:12:23 +00:00 |
|
Chris PeBenito
|
2e0a880165
|
changed rules fixes
|
2005-11-10 21:37:54 +00:00 |
|
Chris PeBenito
|
3797efb0ce
|
work around role dominance breakage in module compiler
|
2005-11-10 20:37:31 +00:00 |
|
Chris PeBenito
|
65b9361c0a
|
missing matches
|
2005-11-10 20:36:59 +00:00 |
|
Chris PeBenito
|
672a1570c8
|
reorder to work around module compiler bug
|
2005-11-10 19:41:23 +00:00 |
|
Chris PeBenito
|
37c85212a1
|
use role dominance in targeted for compatability with strict
|
2005-11-10 16:55:56 +00:00 |
|
Chris PeBenito
|
1904b01047
|
fix changed rules
|
2005-11-10 16:54:18 +00:00 |
|
Chris PeBenito
|
c6825e980c
|
missing matches
|
2005-11-10 16:53:50 +00:00 |
|
Chris PeBenito
|
c2e35b815a
|
fc fixes
|
2005-11-10 14:47:02 +00:00 |
|
Chris PeBenito
|
c646a9f838
|
add missing bin_t aliases
|
2005-11-09 22:18:15 +00:00 |
|
Chris PeBenito
|
51f3744773
|
add missing /var/yp match
|
2005-11-09 21:32:55 +00:00 |
|
Chris PeBenito
|
33faf59e07
|
correct shlib_t alias
|
2005-11-09 20:48:20 +00:00 |
|
Chris PeBenito
|
e3d21df8ad
|
fix to use real type rather than alias
|
2005-11-09 19:13:08 +00:00 |
|
Chris PeBenito
|
2ab07ebbf3
|
fixes for sorting
|
2005-11-09 18:29:03 +00:00 |
|
Chris PeBenito
|
4b9516c125
|
add avahi
|
2005-11-09 17:12:34 +00:00 |
|
Chris PeBenito
|
d3f715d228
|
more fix
|
2005-11-09 15:51:22 +00:00 |
|
Chris PeBenito
|
3e639ab08b
|
tty fixes
|
2005-11-09 15:05:47 +00:00 |
|
Chris PeBenito
|
725926c586
|
pile of sediff fixes
|
2005-11-08 22:00:30 +00:00 |
|
Chris PeBenito
|
76febd2146
|
fix sendmail transition
|
2005-11-07 21:13:07 +00:00 |
|
Chris PeBenito
|
8967bf8b89
|
merge in some of dan's old policy changes
|
2005-11-07 20:09:28 +00:00 |
|
Don Miner
|
bc6dfa6778
|
Changed a { create rw_dir_perms } to a create_dir_perms since starting radius was getting a setattr denial and setattr was shown to be missing in sediff
|
2005-11-04 16:43:05 +00:00 |
|
Don Miner
|
45aa10abd7
|
Added signal_perms to nscd_t.
|
2005-11-04 14:13:24 +00:00 |
|
Chris PeBenito
|
307e11419a
|
missing dir
|
2005-11-03 21:07:29 +00:00 |
|
Chris PeBenito
|
7afca0b4c1
|
user tty fixes
|
2005-11-03 19:33:53 +00:00 |
|
Chris PeBenito
|
9c6feb63de
|
add stuff from distros.fc
|
2005-11-03 18:08:36 +00:00 |
|
Don Miner
|
8f882ffcd9
|
Added rules so that tracepath, traceroute and ping work.
|
2005-11-02 20:44:17 +00:00 |
|
Chris PeBenito
|
73ef293bc5
|
fixes just so sediff is easier to handle
|
2005-11-01 21:15:11 +00:00 |
|
Chris PeBenito
|
b488014fd7
|
hack
|
2005-11-01 20:52:48 +00:00 |
|
Chris PeBenito
|
b9ea0fed0f
|
clean up last var_run_domain expansion errors
|
2005-11-01 19:52:37 +00:00 |
|
Chris PeBenito
|
ee08bc4c75
|
read certs
|
2005-11-01 16:11:32 +00:00 |
|
Chris PeBenito
|
35adb6f8d7
|
clean up socket
|
2005-11-01 15:57:15 +00:00 |
|
Chris PeBenito
|
31a1c2df88
|
fix filesystem associations
|
2005-11-01 15:45:00 +00:00 |
|
Chris PeBenito
|
7ac22585e3
|
tty and caps fixes
|
2005-11-01 15:34:00 +00:00 |
|
Chris PeBenito
|
0b12fa4bd0
|
more dbus cleanup
|
2005-11-01 15:19:48 +00:00 |
|
Chris PeBenito
|
dab808bde7
|
dbus obj class cleanup
|
2005-11-01 15:11:05 +00:00 |
|
Chris PeBenito
|
ce0ff19691
|
more of the same
|
2005-10-31 22:44:03 +00:00 |
|
Chris PeBenito
|
b422aa9b1e
|
initrc couldn't create/use its own pty!
|
2005-10-31 22:27:45 +00:00 |
|
Chris PeBenito
|
30910b37c6
|
more fixes
|
2005-10-31 22:19:16 +00:00 |
|
Don Miner
|
305106ebb9
|
Added a rule to allow dmidecode to use locallogin_t fd to make it so it works.
|
2005-10-31 21:45:42 +00:00 |
|
Chris PeBenito
|
aba9c7a3cf
|
add missing httpd_helper_t tty part
|
2005-10-31 20:58:44 +00:00 |
|
Chris PeBenito
|
9ca7e78a35
|
misc sediff fixes
|
2005-10-31 20:54:33 +00:00 |
|
Chris PeBenito
|
0500e01f2d
|
* fixes uncovered by sediff
* fix disable_trans support so the daemon can be both
init and inet services, and not get dup bool decl
|
2005-10-31 20:32:53 +00:00 |
|
Chris PeBenito
|
bea7b4548e
|
add missing tunable
|
2005-10-31 19:58:51 +00:00 |
|
Chris PeBenito
|
6ff85b5c84
|
fix perm set
|
2005-10-31 19:31:22 +00:00 |
|
Chris PeBenito
|
62841791a5
|
fixes uncovered by sediff
|
2005-10-31 14:55:34 +00:00 |
|
Chris PeBenito
|
f3936d3876
|
nicer te_trans conflict fix
|
2005-10-28 19:18:50 +00:00 |
|
Chris PeBenito
|
cac3eca0be
|
fix te_trans conflict
|
2005-10-28 19:13:54 +00:00 |
|
Chris PeBenito
|
dc8f17037b
|
fix up sendmail for targeted
|
2005-10-28 18:57:23 +00:00 |
|
Chris PeBenito
|
f1b0a8c55b
|
fix
|
2005-10-28 18:46:46 +00:00 |
|
Chris PeBenito
|
2d13f72977
|
take care of missing types
|
2005-10-28 18:38:04 +00:00 |
|
Chris PeBenito
|
375c241556
|
ssh updates for targeted
|
2005-10-28 18:13:44 +00:00 |
|
Chris PeBenito
|
f0f18e0734
|
typo
|
2005-10-28 15:12:23 +00:00 |
|
Chris PeBenito
|
495a7026d9
|
add missing range transition
|
2005-10-28 15:09:03 +00:00 |
|
Chris PeBenito
|
005a9aa6e2
|
initrc fixes
|
2005-10-28 14:34:26 +00:00 |
|
Chris PeBenito
|
7e1c14d1f6
|
fix quoting
|
2005-10-28 13:53:18 +00:00 |
|
Chris PeBenito
|
dd3544d1a5
|
fixes from testing
|
2005-10-28 13:33:25 +00:00 |
|
Chris PeBenito
|
f1baed733f
|
fix some /opt regexes
|
2005-10-27 18:32:16 +00:00 |
|
Chris PeBenito
|
08c22f4d17
|
more transition work
|
2005-10-27 15:16:42 +00:00 |
|
Chris PeBenito
|
b281bf6ed9
|
add some missing transitions from unconfined
|
2005-10-27 15:06:15 +00:00 |
|
Chris PeBenito
|
a525f293c3
|
sediff fixes
|
2005-10-27 14:52:37 +00:00 |
|
Chris PeBenito
|
fc6198ced0
|
fixes from sediff
|
2005-10-27 14:08:53 +00:00 |
|
Chris PeBenito
|
ce03837abe
|
rpc fixes from testing
|
2005-10-27 14:08:47 +00:00 |
|
Chris PeBenito
|
5abea9818a
|
fixes from testing
|
2005-10-27 13:37:36 +00:00 |
|
Chris PeBenito
|
4614e83fbb
|
more fixing
|
2005-10-26 21:03:19 +00:00 |
|
Don Miner
|
f13da83f99
|
Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail process would be able to start through init
|
2005-10-26 18:31:09 +00:00 |
|
Chris PeBenito
|
d1b9d9228b
|
another pile o fixes
|
2005-10-26 18:07:20 +00:00 |
|
Chris PeBenito
|
33acca55ce
|
pile o fixes
|
2005-10-26 16:00:13 +00:00 |
|
Chris PeBenito
|
f5e4f795b6
|
fix rpm transition
|
2005-10-26 13:51:33 +00:00 |
|
Chris PeBenito
|
e8d0a659c3
|
fixes from arpwatch testing
|
2005-10-25 20:27:08 +00:00 |
|
Chris PeBenito
|
7a6d427eae
|
a few more strays
|
2005-10-25 20:22:25 +00:00 |
|
Chris PeBenito
|
c3cf6693c7
|
try to fix associations
|
2005-10-25 20:06:27 +00:00 |
|
Chris PeBenito
|
b7e1825b68
|
privfd
|
2005-10-25 19:20:56 +00:00 |
|
Chris PeBenito
|
ccfd7b19cf
|
easy fixes
|
2005-10-25 19:03:15 +00:00 |
|
Chris PeBenito
|
2526a44dea
|
missing privloggers
|
2005-10-25 18:42:08 +00:00 |
|
Chris PeBenito
|
ee64ef496f
|
typo
|
2005-10-25 18:34:46 +00:00 |
|
Chris PeBenito
|
d49d524d53
|
initrc also uses nscd
|
2005-10-25 18:33:13 +00:00 |
|
Chris PeBenito
|
e11d2e3bfd
|
add missing nscd clients
|
2005-10-25 18:28:41 +00:00 |
|
Chris PeBenito
|
2aec1461b4
|
use our own interface to make maintenance easier
|
2005-10-25 18:13:47 +00:00 |
|
Chris PeBenito
|
7eec657c86
|
add default_t read back
|
2005-10-25 18:00:42 +00:00 |
|
Chris PeBenito
|
784a3bbcad
|
privhome implementation
|
2005-10-25 17:50:00 +00:00 |
|
Chris PeBenito
|
7b90f2db5a
|
testing fixes
|
2005-10-25 17:37:56 +00:00 |
|
Chris PeBenito
|
51f5c6a2ab
|
add dontaudit
|
2005-10-25 15:56:28 +00:00 |
|
Chris PeBenito
|
467602f5d5
|
system_chkpwd can winbind
|
2005-10-25 15:53:36 +00:00 |
|
Chris PeBenito
|
b0bdeb0392
|
syslog logs to itself?
|
2005-10-25 15:52:08 +00:00 |
|
Chris PeBenito
|
2c216c09a8
|
use the right interface
|
2005-10-25 15:41:38 +00:00 |
|
Chris PeBenito
|
9aca490302
|
some home dir fixes
|
2005-10-25 15:36:45 +00:00 |
|
Chris PeBenito
|
83e4512c33
|
fix up su
|
2005-10-25 14:31:53 +00:00 |
|
Chris PeBenito
|
60789e16d0
|
fixes
|
2005-10-25 02:51:07 +00:00 |
|
Chris PeBenito
|
28e730b8e2
|
module build fixes
|
2005-10-25 01:17:55 +00:00 |
|
Chris PeBenito
|
9dd50026a0
|
homedir fixes
|
2005-10-25 01:08:10 +00:00 |
|
Chris PeBenito
|
88dd389695
|
more postfix work
|
2005-10-25 00:00:50 +00:00 |
|
Don Miner
|
2192d4baa1
|
Moved the dbus stuff inbetween networkmanager and bind to the bind policy
|
2005-10-24 23:14:39 +00:00 |
|
Chris PeBenito
|
3df88de0ba
|
hide broken symptoms
|
2005-10-24 22:55:28 +00:00 |
|
Chris PeBenito
|
52e1edb35b
|
fix acct
|
2005-10-24 22:31:44 +00:00 |
|
Don Miner
|
d2c57395ab
|
Fixed an allow that should have been a dontaudit
|
2005-10-24 22:20:04 +00:00 |
|
Chris PeBenito
|
977b1d65f5
|
add nscd
|
2005-10-24 22:13:41 +00:00 |
|
Chris PeBenito
|
69dcd685ad
|
fix most disable_trans errors
|
2005-10-24 22:08:13 +00:00 |
|
Don Miner
|
f470a1e329
|
Added a rule to allow apache to read httpd_sys_content_t so that it can show html error messages
|
2005-10-24 22:01:08 +00:00 |
|
Don Miner
|
c11417c4df
|
Reduced the number of differences in amanda between the targeted and the refpolicy
|
2005-10-24 21:35:50 +00:00 |
|
Chris PeBenito
|
67167371a5
|
fix most of samba
|
2005-10-24 21:33:46 +00:00 |
|
Don Miner
|
bdfa8e72f0
|
Removed differences between refpolicy and targeted acct_t
|
2005-10-24 21:25:56 +00:00 |
|
Don Miner
|
9c4fcf666e
|
Removed differences between refpolicy and targeted NetworkManager_t
|
2005-10-24 21:25:02 +00:00 |
|
Chris PeBenito
|
7ebd6a9079
|
add proc_net lnk
|
2005-10-24 20:25:59 +00:00 |
|
Chris PeBenito
|
b4e1ebc1f0
|
hopefully fix su
|
2005-10-24 20:01:03 +00:00 |
|
Chris PeBenito
|
30705b6bc0
|
fixes
|
2005-10-24 19:50:21 +00:00 |
|
Chris PeBenito
|
9bbc757a76
|
more fix
|
2005-10-24 18:40:24 +00:00 |
|
Don Miner
|
0354e306b7
|
Fixed a problem which was allowing processes to become unconfined from initrc
|
2005-10-24 18:10:47 +00:00 |
|
Don Miner
|
dd57ca3454
|
Added rules to the bind policy for the named server so that it would start
|
2005-10-24 18:06:31 +00:00 |
|
Don Miner
|
57d8e6c7a3
|
Added signal permissions to postgres so it can start
|
2005-10-24 17:28:17 +00:00 |
|
Chris PeBenito
|
162dfc3395
|
corenet fixes
|
2005-10-24 17:06:34 +00:00 |
|
Chris PeBenito
|
e64b338b35
|
fix
|
2005-10-24 15:29:27 +00:00 |
|
Chris PeBenito
|
15fefa4958
|
remove bin policy and kern module assertions for now
|
2005-10-24 15:10:03 +00:00 |
|
Chris PeBenito
|
1480d3ad21
|
fix mls r_t
|
2005-10-24 14:22:13 +00:00 |
|
Chris PeBenito
|
34e722f3cd
|
more sediff
|
2005-10-24 14:15:29 +00:00 |
|
Don Miner
|
fa16f25281
|
Added rules to the smbd_t and the nmbd_t domains so that they would start properly
|
2005-10-24 12:45:16 +00:00 |
|
Chris PeBenito
|
1dd86c43cd
|
sediff fixes
|
2005-10-24 12:38:45 +00:00 |
|
Chris PeBenito
|
bb67633572
|
add initrc_su_t
|
2005-10-24 11:55:53 +00:00 |
|
Don Miner
|
3d37bca18f
|
Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start
|
2005-10-24 11:21:28 +00:00 |
|
Chris PeBenito
|
710791f1a4
|
more missing types
|
2005-10-24 03:52:35 +00:00 |
|
Chris PeBenito
|
19b5555f77
|
more fixes
|
2005-10-24 03:21:26 +00:00 |
|
Chris PeBenito
|
43989f82f8
|
add rpc
|
2005-10-24 01:53:13 +00:00 |
|
Chris PeBenito
|
2db2c7d099
|
fixes from sediff
|
2005-10-24 00:54:39 +00:00 |
|
Don Miner
|
f8964c04ba
|
Added a file context for httpd.pid so that it is correctly labeled
Added some rules to mysql to make it work
|
2005-10-24 00:23:12 +00:00 |
|
Chris PeBenito
|
f85544209a
|
nwmgr fixes
|
2005-10-23 22:46:06 +00:00 |
|
Chris PeBenito
|
ef5ca0fb79
|
add cups
|
2005-10-23 22:10:59 +00:00 |
|
Chris PeBenito
|
04926d07a8
|
add postfix
|
2005-10-23 20:18:36 +00:00 |
|
Chris PeBenito
|
f932d8e3cb
|
add spamassassin
|
2005-10-22 23:50:23 +00:00 |
|
Chris PeBenito
|
44fc06b0cb
|
add radius and amanda, which I forgot to ci
|
2005-10-22 22:51:01 +00:00 |
|
Chris PeBenito
|
230838e117
|
add pegasus
|
2005-10-22 21:55:39 +00:00 |
|
Chris PeBenito
|
a636210ef8
|
add dbskk
|
2005-10-22 21:18:03 +00:00 |
|
Chris PeBenito
|
ad3b9d76dc
|
add lpd
|
2005-10-22 21:09:03 +00:00 |
|
Chris PeBenito
|
ae1d9afb5b
|
simplify since alias take care of it
|
2005-10-22 20:06:51 +00:00 |
|
Chris PeBenito
|
10b1f324d5
|
add amanda
|
2005-10-22 19:58:58 +00:00 |
|
Chris PeBenito
|
239db5e20c
|
add networkmanager
|
2005-10-22 17:44:04 +00:00 |
|
Chris PeBenito
|
1f8a8bbbbd
|
more sediff fixes
|
2005-10-21 22:56:41 +00:00 |
|
Chris PeBenito
|
e6a2eaffdf
|
more fixes
|
2005-10-21 21:35:25 +00:00 |
|
Chris PeBenito
|
da4fc9ce2b
|
sediff fixes
|
2005-10-21 19:36:49 +00:00 |
|
Chris PeBenito
|
23a4442bf1
|
add xdm
|
2005-10-21 17:55:15 +00:00 |
|
Chris PeBenito
|
3509484c6f
|
add canna
|
2005-10-21 16:39:28 +00:00 |
|
Chris PeBenito
|
fe7b943240
|
fix
|
2005-10-21 16:19:26 +00:00 |
|
Chris PeBenito
|
ea557a85df
|
add cyrus
|
2005-10-21 16:18:11 +00:00 |
|
Chris PeBenito
|
29ce0009bc
|
add dovecot
|
2005-10-21 15:38:22 +00:00 |
|
Chris PeBenito
|
cf6141a72e
|
fix corenetwork generation and add distcc
|
2005-10-21 13:11:17 +00:00 |
|
Chris PeBenito
|
4e69c1c423
|
obj class typo for certs
|
2005-10-20 19:28:27 +00:00 |
|
Chris PeBenito
|
de764944d8
|
targeted policy fixes
|
2005-10-19 19:45:20 +00:00 |
|
Chris PeBenito
|
af4752bcb9
|
targeted and distro fixes for loadable modules
|
2005-10-19 16:44:24 +00:00 |
|
Chris PeBenito
|
0efe52ae99
|
fix last loadable module problems
|
2005-10-19 14:36:04 +00:00 |
|
Chris PeBenito
|
90c3ddefe3
|
fix requires
|
2005-10-19 13:11:49 +00:00 |
|
Chris PeBenito
|
12ae7557d3
|
piles of fixes for loadable modules
|
2005-10-18 18:25:33 +00:00 |
|
Chris PeBenito
|
c3812748c3
|
misc fixes
|
2005-10-18 15:07:11 +00:00 |
|
Chris PeBenito
|
c3a05c9f5a
|
fix error uncovered by sechecker
|
2005-10-17 20:00:20 +00:00 |
|
Chris PeBenito
|
e749cd12a6
|
wrap up almost all of apache
|
2005-10-17 17:55:38 +00:00 |
|
Chris PeBenito
|
e08118a52f
|
add ppp
|
2005-10-14 20:00:07 +00:00 |
|
Chris PeBenito
|
fe9d17fe14
|
more merging from 1.27.1-15
|
2005-10-14 18:42:42 +00:00 |
|
Chris PeBenito
|
d8636fc937
|
more merging from 1.27.1-15
|
2005-10-14 17:55:40 +00:00 |
|
Chris PeBenito
|
77f6e2cd27
|
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
|
2005-10-13 20:59:36 +00:00 |
|
Chris PeBenito
|
b1421d8712
|
add some docs, do some reordering
|
2005-10-12 21:25:16 +00:00 |
|
Chris PeBenito
|
4c71994852
|
add missing interface
|
2005-10-12 17:32:41 +00:00 |
|
Chris PeBenito
|
be4690a5ae
|
add in last bits of webalizer
|
2005-10-12 17:22:25 +00:00 |
|
Chris PeBenito
|
c2b18fa1f3
|
more apache work
|
2005-10-12 16:23:22 +00:00 |
|
Chris PeBenito
|
799a0b43cd
|
add mailman
|
2005-10-11 15:36:53 +00:00 |
|
Chris PeBenito
|
f33561f560
|
add webalizer and sasl
|
2005-10-10 18:50:08 +00:00 |
|
Chris PeBenito
|
4483ee849c
|
add apm and arpwatch. fix implementation error on fs_getattr_all_files,
splitting it up into correct interfaces.
|
2005-10-10 18:11:46 +00:00 |
|
Chris PeBenito
|
d4dca58511
|
add finger and bluetooth
|
2005-10-07 21:45:04 +00:00 |
|
Chris PeBenito
|
9d3e339e82
|
partial mailman merge
|
2005-10-07 19:35:36 +00:00 |
|
Chris PeBenito
|
99505c1c89
|
fix files_exec_usr_src_files
|
2005-10-07 18:48:43 +00:00 |
|
Chris PeBenito
|
e02c61cfa4
|
rename context_template() to gen_context()
|
2005-10-06 19:33:06 +00:00 |
|
Chris PeBenito
|
6e99a6cfd1
|
more apache work
|
2005-10-05 21:17:22 +00:00 |
|
Chris PeBenito
|
fc6524d746
|
add ftp
|
2005-10-05 19:52:53 +00:00 |
|
Chris PeBenito
|
5bc9f3061b
|
fix comment
|
2005-10-05 19:10:31 +00:00 |
|
Chris PeBenito
|
f4d7fdcfaf
|
add interfaces used in old anonymous_domain()
|
2005-10-05 19:09:42 +00:00 |
|
Chris PeBenito
|
a996bdf4ad
|
add most of apache
|
2005-09-29 20:59:00 +00:00 |
|
Chris PeBenito
|
a5ec7cb6c4
|
more pieces of ftp
|
2005-09-29 13:32:28 +00:00 |
|
Chris PeBenito
|
a2868f6eae
|
start adding secure_file_type implementation
|
2005-09-28 19:07:22 +00:00 |
|
Chris PeBenito
|
79cde317df
|
add winbind
|
2005-09-28 18:22:58 +00:00 |
|
Chris PeBenito
|
6942484b6f
|
add in a couple missing rules
|
2005-09-28 18:10:48 +00:00 |
|
Chris PeBenito
|
246a604273
|
add in a few parts of ftp
|
2005-09-27 22:29:45 +00:00 |
|
Chris PeBenito
|
20e306e2de
|
add dmidecode
|
2005-09-27 21:24:01 +00:00 |
|
Chris PeBenito
|
b03f960ece
|
add disable_trans support
|
2005-09-27 20:17:50 +00:00 |
|
Chris PeBenito
|
1f91e1bfe5
|
a few conditional cleanups
|
2005-09-27 19:40:44 +00:00 |
|
Chris PeBenito
|
f0574fa9aa
|
add mls privileges
|
2005-09-26 20:26:32 +00:00 |
|
Chris PeBenito
|
6d788d87d1
|
comment fix
|
2005-09-26 20:24:44 +00:00 |
|
Chris PeBenito
|
9edc289521
|
add anaconda
|
2005-09-23 22:15:04 +00:00 |
|
Chris PeBenito
|
b9ae3aab39
|
rework nis_use_ypbind since optionals dont work in conditionals
|
2005-09-23 22:14:54 +00:00 |
|
Chris PeBenito
|
fa67570d9a
|
add radvd, plus a few cleanups from sediff
|
2005-09-23 21:20:03 +00:00 |
|
Chris PeBenito
|
842859260c
|
add kudzu
|
2005-09-23 19:38:34 +00:00 |
|
Chris PeBenito
|
0058418017
|
remove classes from gen_requires, and disable net_raw for now
|
2005-09-23 15:37:41 +00:00 |
|
Chris PeBenito
|
681c9a02e7
|
fixes from sediff
|
2005-09-22 21:59:50 +00:00 |
|
Chris PeBenito
|
f7ba4a8963
|
add uucp
|
2005-09-22 16:27:52 +00:00 |
|
Chris PeBenito
|
b53f93a41f
|
testing fixes
|
2005-09-22 15:32:53 +00:00 |
|
Chris PeBenito
|
08c5c972cf
|
fix for targeted
|
2005-09-22 14:14:25 +00:00 |
|
Chris PeBenito
|
25c6746156
|
loadable module compile fixes
|
2005-09-21 20:01:40 +00:00 |
|
Chris PeBenito
|
142e9f40ea
|
targeted and redhat cleanups
|
2005-09-21 14:49:41 +00:00 |
|
Chris PeBenito
|
0e15cdfb50
|
change monolithic_policy to self_contained_policy for clarity
|
2005-09-21 13:26:30 +00:00 |
|
Chris PeBenito
|
3774e4eb28
|
todo cleanup
|
2005-09-20 20:48:17 +00:00 |
|
Chris PeBenito
|
93070cbaed
|
add cvs
|
2005-09-20 18:49:13 +00:00 |
|
Chris PeBenito
|
9210553ecb
|
add cpucontrol
|
2005-09-20 18:15:35 +00:00 |
|
Chris PeBenito
|
4fd5201a59
|
add rlogin and telnet
|
2005-09-20 17:11:53 +00:00 |
|
Chris PeBenito
|
200f453ff5
|
add stunnel
|
2005-09-20 13:47:36 +00:00 |
|
Chris PeBenito
|
a1fcff33f2
|
final updates from nsa cvs
|
2005-09-19 21:17:45 +00:00 |
|
Chris PeBenito
|
41c4800de4
|
a few module compile fixes
|
2005-09-19 14:18:48 +00:00 |
|
Chris PeBenito
|
cf6a7d8993
|
more upstream merging
|
2005-09-16 21:20:37 +00:00 |
|
Chris PeBenito
|
cff75c90ca
|
more upstream merging
|
2005-09-16 19:36:10 +00:00 |
|
Chris PeBenito
|
40adb57f47
|
add tftp
|
2005-09-16 15:18:09 +00:00 |
|
Chris PeBenito
|
ccc5978224
|
add snmp
|
2005-09-16 14:54:36 +00:00 |
|
Chris PeBenito
|
a0824843c2
|
more merging from nsa cvs
|
2005-09-16 13:36:26 +00:00 |
|
Chris PeBenito
|
98a8ead4c5
|
more updates
|
2005-09-15 21:03:29 +00:00 |
|
Chris PeBenito
|
605ba28540
|
more merging from nsa cvs
|
2005-09-15 15:34:31 +00:00 |
|
Chris PeBenito
|
5a2649cefd
|
cleanup
|
2005-09-14 19:27:30 +00:00 |
|
Chris PeBenito
|
84c92239d4
|
add samba
|
2005-09-14 18:33:53 +00:00 |
|
Chris PeBenito
|
4479b31614
|
require fix
|
2005-09-14 15:41:46 +00:00 |
|
Chris PeBenito
|
71fe0fa4c5
|
fixes for module compiling
|
2005-09-14 00:30:10 +00:00 |
|
Chris PeBenito
|
0907bda1e0
|
more merging of NSA CVS policy
|
2005-09-13 13:06:07 +00:00 |
|
Chris PeBenito
|
2705f9a0f3
|
begin merging in upstream NSA CVS changes
|
2005-09-12 21:40:56 +00:00 |
|
Chris PeBenito
|
712566ee41
|
fixes to make base module compilable
|
2005-09-12 15:17:39 +00:00 |
|
Chris PeBenito
|
2e863f8ad0
|
add first part of changes to make base module compilable
|
2005-09-09 20:51:54 +00:00 |
|
Chris PeBenito
|
0fdf3ef75e
|
fix sshd to use initrc transition while typeattribute in conditionals is still broken
|
2005-09-09 20:49:59 +00:00 |
|
Chris PeBenito
|
9ff3003346
|
add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work
|
2005-09-09 13:24:11 +00:00 |
|
Chris PeBenito
|
eb3cb6820a
|
add portmap
|
2005-09-08 17:12:38 +00:00 |
|
Chris PeBenito
|
d17b4d2323
|
add ktalk
|
2005-09-08 13:42:13 +00:00 |
|
Chris PeBenito
|
9b06402eaf
|
add missing rules of other domains using inn
|
2005-09-08 13:23:11 +00:00 |
|
Chris PeBenito
|
763a5e30c6
|
misc fixes
|
2005-09-07 13:31:37 +00:00 |
|
Chris PeBenito
|
8d93523409
|
add inn
|
2005-09-06 18:37:27 +00:00 |
|
Chris PeBenito
|
603f90ab9d
|
misc fixes
|
2005-09-05 18:17:17 +00:00 |
|
Chris PeBenito
|
b11a75a5e3
|
add ntp
|
2005-09-05 16:47:19 +00:00 |
|
Chris PeBenito
|
ce1b44aac4
|
typo
|
2005-09-02 20:55:17 +00:00 |
|
Chris PeBenito
|
ac0483aefe
|
add dictd
|
2005-09-02 20:50:54 +00:00 |
|
Chris PeBenito
|
fdae8e755e
|
add hal
|
2005-09-02 20:29:52 +00:00 |
|
Chris PeBenito
|
f344c0f38e
|
move dhcpd to dhcp
|
2005-09-02 19:18:43 +00:00 |
|
Chris PeBenito
|
0f707d52ab
|
add squid
|
2005-09-02 19:11:07 +00:00 |
|
Chris PeBenito
|
7c8fc35b14
|
add dhcpd
|
2005-09-02 14:52:08 +00:00 |
|
Chris PeBenito
|
9d3bdc25af
|
fix bugs uncovered from sediff
|
2005-09-01 20:13:42 +00:00 |
|
Chris PeBenito
|
c0d1566a13
|
move rhgb_domain into TODO so modules can compile as binary modules
|
2005-09-01 13:52:59 +00:00 |
|
Chris PeBenito
|
631ee4d3cf
|
finish remaining dbus bits
|
2005-09-01 13:34:45 +00:00 |
|
Chris PeBenito
|
0c3d170578
|
add dbus
|
2005-08-31 20:58:12 +00:00 |
|
Chris PeBenito
|
6af06cd8b6
|
fix typos
|
2005-08-31 16:54:19 +00:00 |
|
Chris PeBenito
|
768283ac46
|
cosmetics
|
2005-08-31 16:49:30 +00:00 |
|
Chris PeBenito
|
6e61566dba
|
add comsat. clean up kerberos and nscd interfaces
|
2005-08-31 15:25:12 +00:00 |
|
Chris PeBenito
|
246839f3d2
|
fix up most of mta attribute insanity
|
2005-08-30 20:47:41 +00:00 |
|
Chris PeBenito
|
451c1e3d59
|
send user role to per userdomain templates. update templated interfaces
to have the prefix be the first argument
|
2005-08-30 15:48:57 +00:00 |
|
Chris PeBenito
|
e5d45268fd
|
make corecommands required
|
2005-08-30 14:41:52 +00:00 |
|
Chris PeBenito
|
2a94561a89
|
start adding in templated interfaces
|
2005-08-25 20:27:20 +00:00 |
|
Chris PeBenito
|
d83fdad248
|
add bind
|
2005-08-23 17:26:19 +00:00 |
|
Chris PeBenito
|
902be0ae21
|
add privoxy
|
2005-08-22 21:49:27 +00:00 |
|
Chris PeBenito
|
35ecf83839
|
add rsync
|
2005-08-22 21:17:10 +00:00 |
|
Chris PeBenito
|
f9b11e9615
|
add howl
|
2005-08-22 20:43:20 +00:00 |
|
Chris PeBenito
|
f6e28abbab
|
moved to selinux module
|
2005-08-19 20:05:02 +00:00 |
|
Chris PeBenito
|
fb0a3a98c6
|
initial support for compiling loadable modules
|
2005-08-18 21:27:20 +00:00 |
|
Chris PeBenito
|
f862c35c37
|
add gpm
|
2005-08-17 21:28:31 +00:00 |
|
Chris PeBenito
|
2961e79b55
|
add ldap
|
2005-08-17 18:33:43 +00:00 |
|
Chris PeBenito
|
23ca91f8bb
|
cleanup
|
2005-08-17 17:31:57 +00:00 |
|
Chris PeBenito
|
545b0c9176
|
add rshd
|
2005-08-17 15:23:24 +00:00 |
|
Chris PeBenito
|
57a96cbd0b
|
add firstboot
|
2005-08-17 14:14:07 +00:00 |
|
Chris PeBenito
|
2d803edc73
|
more debian cleanup
|
2005-08-17 14:09:29 +00:00 |
|
Chris PeBenito
|
4806a05cfb
|
fix broken xml of previous commit
|
2005-08-15 19:35:20 +00:00 |
|
Chris PeBenito
|
5f38a65aab
|
try to knock out more of the distro_debian bootloader stuff
|
2005-08-15 19:31:37 +00:00 |
|
Chris PeBenito
|
21468a6076
|
add loadkeys
|
2005-08-15 14:46:17 +00:00 |
|
Chris PeBenito
|
8843093607
|
more comments
|
2005-08-12 19:28:30 +00:00 |
|
Chris PeBenito
|
f0b1efa2a2
|
all dev nodes assoc to tmpfs, since most everyone is moving to udev
|
2005-08-12 19:28:15 +00:00 |
|
Chris PeBenito
|
35b494789d
|
fix some udev naming
|
2005-08-12 18:13:03 +00:00 |
|
Chris PeBenito
|
aae06c1306
|
fix system spool file problem
|
2005-08-12 17:54:55 +00:00 |
|
Chris PeBenito
|
f7ebea06e3
|
finalize desc -> summary xml change
|
2005-08-11 17:46:39 +00:00 |
|
Chris PeBenito
|
4aa0dc20b4
|
add tcpd
|
2005-08-11 15:17:13 +00:00 |
|
Chris PeBenito
|
052c953ae5
|
add quota
|
2005-08-11 14:49:58 +00:00 |
|
Chris PeBenito
|
e784300a62
|
add sudo
|
2005-08-09 19:30:43 +00:00 |
|
Chris PeBenito
|
b9d7d70b33
|
add template xml
|
2005-08-09 19:21:25 +00:00 |
|
Chris PeBenito
|
9489149ec0
|
add su
|
2005-08-08 21:03:23 +00:00 |
|
Chris PeBenito
|
dce68dc48d
|
add updfstab
|
2005-08-08 15:51:15 +00:00 |
|
Chris PeBenito
|
f5e321b0f0
|
fix xml tags
|
2005-08-08 15:43:20 +00:00 |
|
Chris PeBenito
|
7057c18db0
|
a few more ssh touchups
|
2005-08-05 18:49:23 +00:00 |
|
Chris PeBenito
|
ed78ea0034
|
add tmpreaper
|
2005-08-05 15:32:27 +00:00 |
|
Chris PeBenito
|
9a66d4e562
|
add acct
|
2005-08-05 14:32:12 +00:00 |
|
Chris PeBenito
|
3fd8336882
|
misc cleanup
|
2005-08-04 20:54:51 +00:00 |
|
Chris PeBenito
|
42be7c214d
|
add mysql
|
2005-08-03 17:56:26 +00:00 |
|
Chris PeBenito
|
046a21da80
|
search sbin dirs to find the pgms
|
2005-08-03 17:43:41 +00:00 |
|
Chris PeBenito
|
81343a6f90
|
* Rename ipsec connect interface for consistency.
* Add missing parts of unix stream socket connect interface
of ipsec.
* Rename inetd connect interface for consistency.
|
2005-08-03 15:16:33 +00:00 |
|
Chris PeBenito
|
bbdbdb9edf
|
fix stray line that got out of TODO
|
2005-07-29 15:07:15 +00:00 |
|
Chris PeBenito
|
e5590ea5ec
|
work on user transition
|
2005-07-28 20:52:55 +00:00 |
|
Chris PeBenito
|
022f61c0e3
|
add connect interface on ports to handle name_connect tcp perm
|
2005-07-22 15:38:01 +00:00 |
|
Chris PeBenito
|
50527cf581
|
make network_interface able to support multiple interfaces having the same type
|
2005-07-22 14:00:38 +00:00 |
|
Chris PeBenito
|
953541a918
|
update from privmail
|
2005-07-21 20:34:57 +00:00 |
|
Chris PeBenito
|
ea7d571bd7
|
/var/lib is now a mountpoint
|
2005-07-20 17:36:48 +00:00 |
|
Chris PeBenito
|
53857c8c05
|
unconfined can pass all constraints
|
2005-07-20 17:24:23 +00:00 |
|
Chris PeBenito
|
ef424c14d4
|
name_connect only on tcp_sockets
|
2005-07-20 17:10:07 +00:00 |
|
Chris PeBenito
|
9496fd5119
|
unconfined can name_connect to all ports
|
2005-07-20 17:08:07 +00:00 |
|
Chris PeBenito
|
d250634311
|
reorder kernel policy, add attributes for sysctl and proc entries. fix unconfined interface
|
2005-07-20 17:06:10 +00:00 |
|
Chris PeBenito
|
f82c6ac64c
|
bah typo
|
2005-07-20 15:08:33 +00:00 |
|
Chris PeBenito
|
0b28a23114
|
user home dirs were missing file type in targ policy
|
2005-07-20 15:06:49 +00:00 |
|
Chris PeBenito
|
1e3f610b3b
|
add missing dir and file perms for selinuxfs in unconfined
|
2005-07-20 14:57:13 +00:00 |
|
Chris PeBenito
|
689f6ddb35
|
fix typos and import some rules from NSA cvs to make targeted policy work
|
2005-07-20 14:25:24 +00:00 |
|
Chris PeBenito
|
474f43d13d
|
should actually try compiling first :x
|
2005-07-20 13:39:10 +00:00 |
|
Chris PeBenito
|
bd7e7a6417
|
missed a line
|
2005-07-20 13:37:18 +00:00 |
|
Chris PeBenito
|
a28f6db576
|
add in some rules from NSA CVS to make targeted policy work
|
2005-07-20 13:30:06 +00:00 |
|
Chris PeBenito
|
8c3f438f75
|
corenet was missing from unconfined
|
2005-07-19 20:38:26 +00:00 |
|
Chris PeBenito
|
892266ca76
|
more targeted policy fixes
|
2005-07-19 20:26:02 +00:00 |
|
Chris PeBenito
|
ec848d247f
|
more fixes for targeted
|
2005-07-19 19:37:43 +00:00 |
|
Chris PeBenito
|
2ec4c9d38f
|
more cleanup
|
2005-07-19 18:40:31 +00:00 |
|
Chris PeBenito
|
8b0bbdda34
|
fixes for targeted policy
|
2005-07-19 18:40:19 +00:00 |
|
Chris PeBenito
|
391edeb577
|
fix assertions for framework
|
2005-07-18 20:17:21 +00:00 |
|
Chris PeBenito
|
a5f339f134
|
more cleanup in system
|
2005-07-18 18:31:49 +00:00 |
|
Chris PeBenito
|
9f103ce14b
|
fix to use context_template()
|
2005-07-18 14:25:05 +00:00 |
|
Chris PeBenito
|
3b6174a142
|
add missing context template
|
2005-07-15 20:54:24 +00:00 |
|
Chris PeBenito
|
50aca6d2f9
|
add raid (mdadm)
|
2005-07-15 20:45:26 +00:00 |
|
Chris PeBenito
|
d9fd8e7562
|
more pcmcia cleanup
|
2005-07-15 19:18:55 +00:00 |
|
Chris PeBenito
|
157c69416f
|
add macro to expand object class sets for use in require blocks
|
2005-07-15 15:53:54 +00:00 |
|
Chris PeBenito
|
50f6503452
|
* break up files_getattr_all_files into correct interfaces
* move stuff out of pcmcia into the appropriate modules
|
2005-07-15 15:17:57 +00:00 |
|
Chris PeBenito
|
f136a944c5
|
reorder in alpha order of type, for sanity purposes
|
2005-07-15 14:30:19 +00:00 |
|