Commit Graph

633 Commits

Author SHA1 Message Date
Daniel J Walsh
27c7d85aab - Fixes for xguest to run java plugin 2008-01-13 14:01:50 +00:00
Daniel J Walsh
4be3ba520d - dontaudit pam_t and dbusd writing to user_home_t 2008-01-11 19:45:47 +00:00
Daniel J Walsh
5baf53aabd - Update gpg to allow reading of inotify 2008-01-08 19:58:56 +00:00
Daniel J Walsh
a502c55197 - Change user and staff roles to work correctly with varied perms 2008-01-03 22:13:09 +00:00
Daniel J Walsh
c64ec27caa - Fix munin log,
- Eliminate duplicate mozilla file context
- fix wpa_supplicant spec
2007-12-31 21:47:39 +00:00
Daniel J Walsh
88ae3f5e0c - Fix role transition from unconfined_r to system_r when running rpm
- Allow unconfined_domains to communicate with user dbus instances
2007-12-30 15:12:11 +00:00
Daniel J Walsh
5d13344539 - Fix role transition fro unconfined_r to system_r when running rpm 2007-12-24 12:01:17 +00:00
Daniel J Walsh
0ec33db4ff - Let all uncofined domains communicate with dbus unconfined 2007-12-21 07:58:04 +00:00
Daniel J Walsh
673eaaeafb - Run rpm in system_r 2007-12-20 21:26:31 +00:00
Daniel J Walsh
5615fe1b3d - Zero out customizable types 2007-12-19 21:45:51 +00:00
Daniel J Walsh
9a2cf87457 - Fix definiton of admin_home_t 2007-12-19 10:42:06 +00:00
Daniel J Walsh
2f257cb996 - Fix munin file context 2007-12-19 09:27:15 +00:00
Daniel J Walsh
91c2fa9d31 - Allow cron to run unconfined apps 2007-12-18 13:59:31 +00:00
Daniel J Walsh
99d3676891 - Modify default login to unconfined_u 2007-12-17 22:49:08 +00:00
Daniel J Walsh
4d59c29e33 - Dontaudit dbus user client search of /root 2007-12-14 12:40:39 +00:00
Daniel J Walsh
5928688f61 - Dontaudit dbus user client search of /root 2007-12-13 22:42:22 +00:00
Daniel J Walsh
76e3401243 - Update to upstream 2007-12-13 18:44:18 +00:00
Daniel J Walsh
4c6f2dd6a3 - Fixes for polkit
- Allow xserver to ptrace
2007-12-12 14:53:07 +00:00
Daniel J Walsh
7dfe3eb3ef - Add polkit policy
- Symplify userdom context, remove automatic per_role changes
2007-12-11 06:08:33 +00:00
Daniel J Walsh
a1341a85df - Update to upstream
- Allow httpd_sys_script_t to search users homedirs
2007-12-06 21:37:36 +00:00
Daniel J Walsh
02654b8fb4 - Update to upstream
- Allow httpd_sys_script_t to search users homedirs
2007-12-05 03:19:13 +00:00
Daniel J Walsh
d195fc7e87 - Update to upstreamddddddddddddd
- Allow httpd_sys_script_t to search users homedirs
2007-12-05 03:11:46 +00:00
Daniel J Walsh
320f3e6459 - Allow rpm_script to transition to unconfined_execmem_t 2007-12-04 00:15:27 +00:00
Daniel J Walsh
3b47cb03b7 Fri Nov 30 2007 Dan Walsh <dwalsh@redhat.com> 3.2.1-1
- Remove user based home directory separation
2007-12-03 00:15:23 +00:00
Daniel J Walsh
9186dc57d9 - Remove user based home directory separation 2007-11-30 22:33:18 +00:00
Daniel J Walsh
3a54e4809f - Remove user specific crond_t 2007-11-28 16:56:57 +00:00
Daniel J Walsh
0fffbad8de - Merge with upstream
- Allow xsever to read hwdata_t
- Allow login programs to setkeycreate
2007-11-26 15:40:45 +00:00
Daniel J Walsh
ddf4ec413f - Update to upstream 2007-11-19 20:09:32 +00:00
Daniel J Walsh
7330e86b90 - Update to upstream 2007-11-10 14:14:41 +00:00
Daniel J Walsh
36404444a8 - Update to upstream 2007-11-07 19:42:24 +00:00
Daniel J Walsh
fa0d1c8884 - Update to upstream 2007-10-23 23:13:09 +00:00
Daniel J Walsh
d0649e9167 - Allow XServer to read /proc/self/cmdline 2007-10-22 14:27:29 +00:00
Daniel J Walsh
30dfdc7f05 - Fixes for hald_mac
- Treat unconfined_home_dir_t as a home dir
- dontaudit rhgb writes to fonts and root
2007-10-19 21:21:40 +00:00
Daniel J Walsh
3375c34d9a - Fix dnsmasq
- Allow rshd full login privs
2007-10-19 15:01:30 +00:00
Daniel J Walsh
6455c9d6b5 - Allow rshd to connect to ports > 1023 2007-10-18 22:33:41 +00:00
Daniel J Walsh
953fd14b2e - Fix vpn to bind to port 4500
- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
- Add Kismet policy
2007-10-18 22:00:35 +00:00
Daniel J Walsh
ccf8a72ae3 - Fix vpn to bind to port 4500
- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
2007-10-18 21:33:00 +00:00
Daniel J Walsh
b4ed6dbce0 - Allow rpm to chat with networkmanager 2007-10-17 03:51:04 +00:00
Daniel J Walsh
9185bf2fee - Pass the UNK_PERMS param to makefile
- Fix gdm location
2007-10-13 14:15:08 +00:00
Daniel J Walsh
c27b2bd6ae - Make alsa work 2007-10-11 18:57:00 +00:00
Daniel J Walsh
28021c8d41 - Fixes for consolekit and startx sessions 2007-10-09 20:53:38 +00:00
Daniel J Walsh
7a91e89abe - Dontaudit consoletype talking to unconfined_t 2007-10-08 15:32:19 +00:00
Daniel J Walsh
8fd9df6414 - Remove homedir_template 2007-10-05 19:47:10 +00:00
Daniel J Walsh
922f646a26 - Remove homedir_template 2007-10-05 11:43:46 +00:00
Daniel J Walsh
24ccb8b103 - Check asound.state 2007-10-04 14:34:02 +00:00
Daniel J Walsh
492612d339 - Fix exim policy 2007-10-01 21:20:16 +00:00
Daniel J Walsh
1ffa684823 - Allow tmpreadper to read man_t
- Allow racoon to bind to all nodes
- Fixes for finger print reader
2007-10-01 17:03:12 +00:00
Daniel J Walsh
7c1c1729f9 - Allow xdm to talk to input device (fingerprint reader)
- Allow octave to run as java
2007-09-26 22:01:27 +00:00
Daniel J Walsh
d770c53fe9 - Allow login programs to set ioctl on /proc 2007-09-25 15:03:25 +00:00
Daniel J Walsh
fb11ad6653 - Allow nsswitch apps to read samba_var_t 2007-09-25 13:30:08 +00:00
Daniel J Walsh
f5018f18f8 - Fix maxima 2007-09-24 20:26:12 +00:00
Daniel J Walsh
d83ea801ac - Eliminate rpm_t:fifo_file avcs
- Fix dbus path for helper app
2007-09-24 14:18:57 +00:00
Daniel J Walsh
6c319e4011 - Fix service start stop terminal avc's 2007-09-22 12:15:13 +00:00
Daniel J Walsh
ec4fb1ce99 - Allow also to search var_lib
- New context for dbus launcher
2007-09-21 23:46:18 +00:00
Daniel J Walsh
347ff1a0c3 - Allow cupsd_config_t to read/write usb_device_t
- Support for finger print reader,
- Many fixes for clvmd
- dbus starting networkmanager
2007-09-21 20:21:36 +00:00
Daniel J Walsh
07e28d136d - Fix java and mono to run in xguest account 2007-09-20 22:30:51 +00:00
Daniel J Walsh
a9d4b80f50 - Fix to add xguest account when inititial install
- Allow mono, java, wine to run in userdomains
2007-09-20 17:21:13 +00:00
Daniel J Walsh
c67a1217e2 - Fix to add xguest account when inititial install 2007-09-20 14:58:12 +00:00
Daniel J Walsh
d90a3db27d - Allow xserver to search devpts_t
- Dontaudit ldconfig output to homedir
2007-09-20 14:39:14 +00:00
Daniel J Walsh
21c534bcb9 - Allow xserver to search devpts_t
- Dontaudit ldconfig output to homedir
2007-09-19 17:40:59 +00:00
Daniel J Walsh
7ff410d3bc - Remove hplip_etc_t change back to etc_t. 2007-09-19 01:11:31 +00:00
Daniel J Walsh
1a3fe36b5c - Allow cron to search nfs and samba homedirs 2007-09-17 23:26:58 +00:00
Daniel J Walsh
babb3641bd - Allow NetworkManager to dbus chat with yum-updated 2007-09-11 20:05:08 +00:00
Daniel J Walsh
bf7f975f77 - Allow xfs to bind to port 7100 2007-09-11 16:07:47 +00:00
Daniel J Walsh
25d586808d - Allow newalias/sendmail dac_override
- Allow bind to bind to all udp ports
2007-09-10 22:02:06 +00:00
Daniel J Walsh
4eaf5c6dc6 - Turn off direct transition 2007-09-07 20:26:11 +00:00
Daniel J Walsh
c7e443c95c - Allow wine to run in system role 2007-09-07 19:03:11 +00:00
Daniel J Walsh
37d6a1ce3f - Fix java labeling 2007-09-06 23:34:02 +00:00
Daniel J Walsh
07b8680835 - Define user_home_type as home_type 2007-09-06 15:00:00 +00:00
Daniel J Walsh
601f0f04ee - Allow sendmail to create etc_aliases_t 2007-09-06 02:24:18 +00:00
Daniel J Walsh
bea5486254 - Allow sendmail to create etc_aliases_t 2007-09-05 21:30:18 +00:00
Daniel J Walsh
bc85a6bb23 - Allow login programs to read symlinks on homedirs 2007-08-28 15:35:11 +00:00
Daniel J Walsh
e8b5993e52 - Update an readd modules 2007-08-27 21:43:05 +00:00
Daniel J Walsh
7f9951d4d3 - Cleanup spec file 2007-08-24 21:38:11 +00:00
Daniel J Walsh
d9f447990b - Cleanup spec file 2007-08-24 21:30:17 +00:00
Daniel J Walsh
b865b8b32e - Cleanup spec file 2007-08-24 21:21:56 +00:00
Daniel J Walsh
53f81916e1 - Cleanup spec file 2007-08-24 21:09:44 +00:00
Daniel J Walsh
3012ab200b - Cleanup spec file 2007-08-24 20:44:19 +00:00
Daniel J Walsh
d83af23b7d - Cleanup spec file 2007-08-24 19:52:40 +00:00
Daniel J Walsh
3b13a834c7 - Allow xserver to be started by unconfined process and talk to tty 2007-08-24 14:20:35 +00:00
Daniel J Walsh
95bbe5cff0 - Upgrade to upstream to grab postgressql changes 2007-08-23 14:07:25 +00:00
Daniel J Walsh
77a22067be - Add setransd for mls policy 2007-08-22 14:46:21 +00:00
Daniel J Walsh
c77aca56ae - Add setransd for mls policy 2007-08-21 20:08:22 +00:00
Daniel J Walsh
4f23c46830 - Add ldconfig_cache_t 2007-08-20 23:02:30 +00:00
Daniel J Walsh
b4ae7d845a - Allow sshd to write to proc_t for afs login 2007-08-20 22:15:46 +00:00
Daniel J Walsh
f012074e0f - Allow xserver access to urand 2007-08-18 11:54:11 +00:00
Daniel J Walsh
7f6883ca6e - allow dovecot to search mountpoints 2007-08-15 00:55:49 +00:00
Daniel J Walsh
0354c22269 - Fix Makefile for building policy modules 2007-08-11 11:18:09 +00:00
Daniel J Walsh
60a9ef60f0 - Fix dhcpc startup of service 2007-08-10 20:04:48 +00:00
Daniel J Walsh
bf33202534 - Fix dbus chat to not happen for xguest and guest users 2007-08-10 16:10:27 +00:00
Daniel J Walsh
d44a393484 - Fix nagios cgi
- allow squid to communicate with winbind
2007-08-09 19:18:57 +00:00
Daniel J Walsh
1a12c251ca - Fixes for ldconfig 2007-08-06 21:33:36 +00:00
Daniel J Walsh
d8c8b2b904 - Update from upstream 2007-08-03 20:38:28 +00:00
Daniel J Walsh
f9778219aa - Update from upstream 2007-08-03 19:53:44 +00:00
Daniel J Walsh
25a75469ff - Update from upstream 2007-08-03 19:26:04 +00:00
Daniel J Walsh
4ce75b7cd5 - Fix new usb devices and dmfm 2007-08-01 17:13:35 +00:00
Daniel J Walsh
8239a93362 - Fix new usb devices and dmfm 2007-08-01 16:03:23 +00:00
Daniel J Walsh
6d2e7d5ebb - Eliminate mount_ntfs_t policy, merge into mount_t 2007-07-31 20:51:43 +00:00
Daniel J Walsh
47a35fa722 - Eliminate mount_ntfs_t policy, merge into mount_t 2007-07-31 17:53:29 +00:00
Daniel J Walsh
07351eb493 - Allow xserver to write to ramfs mounted by rhgb 2007-07-30 14:37:54 +00:00