rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
774 Commits 8 Branches 90 Tags 36 MiB
Commit Graph

666 Commits

Author SHA1 Message Date
Daniel J Walsh 91ec07f1df - Dontaudit search of admin_home for init_system_domain 
- Rewrite of xace interfaces
- Lots of new fs_list_inotify
- Allow livecd to transition to setfiles_mac
 2008-06-04 12:57:43 +00:00
Daniel J Walsh 80e0b808d5 - Begin XAce integration 2008-06-03 20:27:28 +00:00
Daniel J Walsh 081b6ac47e - Merge Upstream 2008-06-02 18:56:05 +00:00
Daniel J Walsh 2e33f7ba70 - Merge Upstream 2008-06-02 17:10:33 +00:00
Daniel J Walsh 4b7f030014 Update for rawhide 2008-05-19 13:02:56 +00:00
Daniel J Walsh 993c27dacb - Allow amanada to create data files 2008-05-07 19:10:59 +00:00
Daniel J Walsh 6c25b428ce - Remove dmesg boolean 
- Allow user domains to read/write game data
 2008-05-06 17:01:42 +00:00
Daniel J Walsh 86881dd93f - Change unconfined_t to transition to unconfined_mono_t when running mono 
- Change XXX_mono_t to transition to XXX_t when executing bin_t files, so
    gnome-do will work
 2008-04-29 16:05:11 +00:00
Daniel J Walsh 2d8ff5157a - Remove old booleans from targeted-booleans.conf file 2008-04-28 21:24:59 +00:00
Daniel J Walsh b4e933120a - Don't run crontab from unconfined_t 2008-04-24 21:08:32 +00:00
Daniel J Walsh ef5e600999 - Don't run crontab from unconfined_t 2008-04-24 19:41:22 +00:00
Daniel J Walsh 4b1d56da14 - Change etc files to config files to allow users to read them 2008-04-23 14:15:54 +00:00
Daniel J Walsh a6a82aec79 - dontaudit mrtg reading /proc 
- Allow iscsi to signal itself
- Allow gnomeclock sys_ptrace
 2008-04-15 20:27:09 +00:00
Daniel J Walsh 5896bad9cf 2008-04-14 20:01:48 +00:00
Daniel J Walsh bb36d75512 2008-04-11 18:58:08 +00:00
Daniel J Walsh 06686c20a2 - Allow dhcpd to read kernel network state 2008-04-10 19:45:47 +00:00
Daniel J Walsh 41625a26ea - Label /var/run/gdm correctly 
- Fix unconfined_u user creation
 2008-04-10 14:37:57 +00:00
Daniel J Walsh 254e3c7af3 - Allow transition from initrc_t to getty_t 2008-04-08 20:14:36 +00:00
Daniel J Walsh 5a576e06f0 - Allow passwd to communicate with user sockets to change gnome-keyring 2008-04-08 19:17:28 +00:00
Daniel J Walsh 7f851af8d9 - Fix initial install 2008-04-08 03:17:46 +00:00
Daniel J Walsh c3c4a525c2 - 2008-04-06 12:06:47 +00:00
Daniel J Walsh 27943de6a0 - Allow radvd to use fifo_file 
- dontaudit setfiles reading links
- allow semanage sys_resource
- add allow_httpd_mod_auth_ntlm_winbind boolean
- Allow privhome apps including dovecot read on nfs and cifs home dirs if
    the boolean is set
 2008-04-05 10:39:06 +00:00
Daniel J Walsh c66f2bc425 - Allow nsplugin to read /etc/mozpluggerrc, user_fonts 
- Allow syslog to manage innd logs.
- Allow procmail to ioctl spamd_exec_t
 2008-04-01 09:21:21 +00:00
Daniel J Walsh 294ea7a213 - Allow initrc_t to dbus chat with consolekit. 2008-03-29 18:36:09 +00:00
Daniel J Walsh e54cb216a8 - Additional access for nsplugin 
- Allow xdm setcap/getcap until pulseaudio is fixed
 2008-03-28 22:07:45 +00:00
Daniel J Walsh f70afcdd9e - Allow mount to mkdir on tmpfs 
- Allow ifconfig to search debugfs
 2008-03-26 06:17:27 +00:00
Daniel J Walsh bf3d39e959 - Fix file context for MATLAB 
- Fixes for xace
 2008-03-21 23:24:11 +00:00
Daniel J Walsh 5ea3f10caf - Allow stunnel to transition to inetd children domains 
- Make unconfined_dbusd_t an unconfined domain
 2008-03-20 16:11:16 +00:00
Daniel J Walsh 94b7be909e 2008-03-18 21:10:02 +00:00
Daniel J Walsh ba9e5e8244 - Fixes for qemu/virtd 2008-03-17 21:42:05 +00:00
Daniel J Walsh 97081dcb9d - Fix bug in mozilla policy to allow xguest transition 
- This will fix the
 2008-03-14 21:17:21 +00:00
Daniel J Walsh a6e1280791 - Fix bug in mozilla policy to allow xguest transition 
- This will fix the
 2008-03-14 21:13:24 +00:00
Daniel J Walsh d593d26c1d - Allow nsplugin to run acroread 2008-03-14 15:59:07 +00:00
Daniel J Walsh 987b10f86d - Add cups_pdf policy 
- Add openoffice policy to run in xguest
 2008-03-14 00:25:00 +00:00
Daniel J Walsh 7f811bf534 - prewika needs to contact mysql 
- Allow syslog to read system_map files
 2008-03-13 12:58:25 +00:00
Daniel J Walsh ceda8feb68 - Change init_t to an unconfined_domain 2008-03-12 12:39:48 +00:00
Daniel J Walsh 0879f489ab - Allow init to transition to initrc_t on shell exec. 
- Fix init to be able to sendto init_t.
- Allow syslog to connect to mysql
- Allow lvm to manage its own fifo_files
- Allow bugzilla to use ldap
- More mls fixes
 2008-03-12 01:10:44 +00:00
Bill Nottingham 110bce3a29 fixes for init, rhgb. also, fix the build 2008-03-11 22:46:00 +00:00
Daniel J Walsh 2041ac3d49 - Additional changes for MLS policy 2008-03-10 20:58:06 +00:00
Daniel J Walsh 1bf67d57ed - Fix initrc_context generation for MLS 2008-03-06 22:25:06 +00:00
Daniel J Walsh dc57e68eff - Fixes for libvirt 2008-03-05 23:11:52 +00:00
Daniel J Walsh 5947905ef9 - Allow bitlebee to read locale_t 2008-03-04 21:38:18 +00:00
Daniel J Walsh d8c160273b - More xselinux rules 2008-02-29 22:33:22 +00:00
Daniel J Walsh 9a0f35b9ad - Change httpd_$1_script_r*_t to httpd_$1_content_r*_t 2008-02-29 22:18:30 +00:00
Daniel J Walsh 338714fc7f - 2008-02-28 21:51:10 +00:00
Daniel J Walsh b7229ad8bb - Prepare policy for beta release 
- Change some of the system domains back to unconfined
- Turn on some of the booleans
 2008-02-28 05:01:51 +00:00
Daniel J Walsh 40ce26840e - Prepare policy for beta release 
- Change some of the system domains back to unconfined
- Turn on some of the booleans
 2008-02-28 04:35:56 +00:00
Daniel J Walsh 533c755e4d - Allow nsplugin_config execstack/execmem 
- Allow nsplugin_t to read alsa config
- Change apache to use user content
 2008-02-28 03:32:23 +00:00
Daniel J Walsh c092cc1478 - Add cyphesis policy 2008-02-26 23:02:51 +00:00
Daniel J Walsh 063999dd85 2008-02-26 19:24:53 +00:00