Commit Graph

124 Commits

Author SHA1 Message Date
Chris PeBenito
962d6fb9b0 Calamaris patch from Dan Walsh. 2009-12-01 10:29:51 -05:00
Chris PeBenito
ed3a1f559a bump module versions for release. 2009-11-17 10:05:56 -05:00
Chris PeBenito
a1a45de06e reorganize a92ee50 2009-10-22 10:35:45 -04:00
Dominick Grift
a92ee50126 Implement screen-locking feature.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2009-10-22 10:33:05 -04:00
Chris PeBenito
4be8dd10b9 add seunshare from dan. 2009-09-28 15:40:06 -04:00
Chris PeBenito
1d3b9e384c clean up xscreensaver. 2009-09-15 09:41:42 -04:00
corentin.labbe
31f9c109c1 SELinux xscreensaver policy support
Hello

This a patch for adding xscreensaver policy.

I think it need a specific policy because of the auth_domtrans_chk_passwd.

cordially

Signed-off-by: LABBE Corentin <corentin.labbe@geomatys.fr>
2009-09-15 08:46:28 -04:00
Chris PeBenito
dbed95369c add gitosis from miroslav grepl. 2009-09-03 09:52:08 -04:00
Chris PeBenito
634a13c21f cpufreqselector patch from dan. 2009-09-03 09:15:17 -04:00
Chris PeBenito
f6137171f3 add an additional vmware host program. 2009-09-03 08:56:58 -04:00
Chris PeBenito
6fdef06522 screen patch from dan. 2009-09-03 08:49:26 -04:00
Chris PeBenito
72b834ccb0 remove stale screen_dir_t references
The screen_dir_t was made an alias of the screen_var_run_t type.
Remove the remaining references to this type.
2009-09-03 08:39:42 -04:00
Chris PeBenito
ca7fa520e7 gpg patch from dan.
gpg sends sigstop and signull

Reads usb devices

Can encrypts users content in /tmp and the homedir, as well as on NFS and cifs
2009-09-03 08:23:18 -04:00
Chris PeBenito
93be4ba581 Webalizer does not list inotify, this was caused by leaked file descriptors in either dbus or cron. Both of which have been cleaned up. 2009-09-02 09:10:30 -04:00
Chris PeBenito
a4b6385b9d cdrecord patch from dan. 2009-09-01 09:22:40 -04:00
Chris PeBenito
1a79193449 awstats patch from dan. 2009-09-01 08:59:24 -04:00
Chris PeBenito
aac56b12b7 add ptchown policy from dan. 2009-08-31 10:21:01 -04:00
Chris PeBenito
a3dd1499ef pulseaudio patch from dan. 2009-08-31 10:07:57 -04:00
Chris PeBenito
aaff2fcfcd module version number bump for tun patches 2009-08-31 09:17:31 -04:00
Paul Moore
9dc3cd1635 refpol: Policy for the new TUN driver access controls
Add policy for the new TUN driver access controls which allow policy to
control which domains have the ability to create and attach to TUN/TAP
devices.  The policy rules for creating and attaching to a device are as
shown below:

  # create a new device
  allow domain_t self:tun_socket { create };

  # attach to a persistent device (created by tunlbl_t)
  allow domain_t tunlbl_t:tun_socket { relabelfrom };
  allow domain_t self:tun_socket { relabelto };

Further discussion can be found on this thread:

 * http://marc.info/?t=125080850900002&r=1&w=2

Signed-off-by: Paul Moore <paul.moore@hp.com>
2009-08-31 08:36:06 -04:00
Chris PeBenito
4279891d1f patch from Eamon Walsh to remove useage of deprecated xserver interfaces. 2009-08-28 13:40:29 -04:00
Chris PeBenito
b2648249d9 Fix unconfined_r use of unconfined_java_t.
The unconfined role is running java in the unconfined_java_t.  The current
policy only has a domtrans interface, so the unconfined_java_t domain is not
added to unconfined_r.  Add a run interface and change the unconfined module
to use this new interface.
2009-08-17 13:19:26 -04:00
Chris PeBenito
9570b28801 module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
Chris PeBenito
0c89174f7f pull most of fedora changes to samba. 2009-07-29 14:40:34 -04:00
Chris PeBenito
91550027de vmware patch from dan. 2009-07-28 11:37:34 -04:00
Chris PeBenito
c7ae9ae1c8 Merge branch 'master' of ssh://oss.tresys.com/home/git/refpolicy 2009-07-28 08:00:03 -04:00
Chris PeBenito
5f6c30f8bd wm policy from dan 2009-07-27 15:11:22 -04:00
Chris PeBenito
06625d302c mozilla patch from dan. 2009-07-27 09:11:12 -04:00
Chris PeBenito
f4962ab15b add cpufreqselector from dan 2009-07-27 09:09:00 -04:00
Chris PeBenito
09516cb4be remove read_default_t tunable 2009-07-23 08:58:35 -04:00
Chris PeBenito
5bb5ec1d40 podsleuth patch from dan. 2009-07-21 10:11:16 -04:00
Chris PeBenito
e4f73afb8e gpg patch from dan 2009-07-21 10:07:38 -04:00
Chris PeBenito
9b1907b217 add pulseaudio from dan. 2009-07-21 10:05:38 -04:00
Chris PeBenito
ce6fee6575 5 patches from dan 2009-07-14 10:30:22 -04:00
Chris PeBenito
10b03f376b three debian patches from manoj 2009-07-14 09:05:59 -04:00
Chris PeBenito
3f67f722bb trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
Chris PeBenito
63f0a71c8a trunk: 9 patches from dan. 2009-06-01 16:03:42 +00:00
Chris PeBenito
c90440a7cd trunk: 4 patches from dan. 2009-03-11 13:32:23 +00:00
Chris PeBenito
f79314234a trunk: 6 patches from dan. 2009-02-11 19:28:30 +00:00
Chris PeBenito
c1262146e0 trunk: Remove node definitions and change node usage to generic nodes. 2009-01-09 19:48:02 +00:00
Chris PeBenito
668b3093ff trunk: change network interface access from all to generic network interfaces. 2009-01-06 20:24:10 +00:00
Chris PeBenito
17ec8c1f84 trunk: bump module versions for release. 2008-12-10 19:38:10 +00:00
Chris PeBenito
ff8f0a63f4 trunk: whitespace fixes in xml blocks. 2008-12-03 19:16:20 +00:00
Chris PeBenito
6073ea1e13 trunk: whitespace fix changing multiple spaces into tabs. 2008-12-03 18:33:19 +00:00
Chris PeBenito
296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito
82d2775c92 trunk: more open perm fixes. 2008-10-20 16:10:42 +00:00
Chris PeBenito
2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito
2a98379a24 trunk: additional whitespace fixes. 2008-10-17 15:52:39 +00:00
Chris PeBenito
88cf0a9c2b trunk: whitespace fix; collapse multiple blank lines into one. 2008-10-17 15:29:51 +00:00
Chris PeBenito
0b36a2146e trunk: Enable open permission checks policy capability. 2008-10-16 16:09:20 +00:00