Chris PeBenito
87ab639061
woops
2005-10-24 21:34:02 +00:00
Chris PeBenito
67167371a5
fix most of samba
2005-10-24 21:33:46 +00:00
Don Miner
bdfa8e72f0
Removed differences between refpolicy and targeted acct_t
2005-10-24 21:25:56 +00:00
Don Miner
9c4fcf666e
Removed differences between refpolicy and targeted NetworkManager_t
2005-10-24 21:25:02 +00:00
Chris PeBenito
7ebd6a9079
add proc_net lnk
2005-10-24 20:25:59 +00:00
Chris PeBenito
b4e1ebc1f0
hopefully fix su
2005-10-24 20:01:03 +00:00
Chris PeBenito
30705b6bc0
fixes
2005-10-24 19:50:21 +00:00
Chris PeBenito
9bbc757a76
more fix
2005-10-24 18:40:24 +00:00
Don Miner
0354e306b7
Fixed a problem which was allowing processes to become unconfined from initrc
2005-10-24 18:10:47 +00:00
Don Miner
dd57ca3454
Added rules to the bind policy for the named server so that it would start
2005-10-24 18:06:31 +00:00
Don Miner
57d8e6c7a3
Added signal permissions to postgres so it can start
2005-10-24 17:28:17 +00:00
Chris PeBenito
162dfc3395
corenet fixes
2005-10-24 17:06:34 +00:00
Chris PeBenito
a3754ffe12
add configuration for testing
2005-10-24 16:01:26 +00:00
Chris PeBenito
37fe0ecd85
update ranges
2005-10-24 15:52:04 +00:00
Chris PeBenito
e64b338b35
fix
2005-10-24 15:29:27 +00:00
Chris PeBenito
9d343af57c
fixes from chad
2005-10-24 15:15:25 +00:00
Chris PeBenito
88e5d70f52
add
2005-10-24 15:14:43 +00:00
Chris PeBenito
15fefa4958
remove bin policy and kern module assertions for now
2005-10-24 15:10:03 +00:00
Chris PeBenito
1480d3ad21
fix mls r_t
2005-10-24 14:22:13 +00:00
Chris PeBenito
34e722f3cd
more sediff
2005-10-24 14:15:29 +00:00
Don Miner
fa16f25281
Added rules to the smbd_t and the nmbd_t domains so that they would start properly
2005-10-24 12:45:16 +00:00
Chris PeBenito
1dd86c43cd
sediff fixes
2005-10-24 12:38:45 +00:00
Chris PeBenito
bb67633572
add initrc_su_t
2005-10-24 11:55:53 +00:00
Don Miner
3d37bca18f
Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start
2005-10-24 11:21:28 +00:00
Chris PeBenito
710791f1a4
more missing types
2005-10-24 03:52:35 +00:00
Chris PeBenito
19b5555f77
more fixes
2005-10-24 03:21:26 +00:00
Chris PeBenito
43989f82f8
add rpc
2005-10-24 01:53:13 +00:00
Chris PeBenito
2db2c7d099
fixes from sediff
2005-10-24 00:54:39 +00:00
Don Miner
f8964c04ba
Added a file context for httpd.pid so that it is correctly labeled
...
Added some rules to mysql to make it work
2005-10-24 00:23:12 +00:00
Chris PeBenito
f85544209a
nwmgr fixes
2005-10-23 22:46:06 +00:00
Chris PeBenito
ef5ca0fb79
add cups
2005-10-23 22:10:59 +00:00
Chris PeBenito
04926d07a8
add postfix
2005-10-23 20:18:36 +00:00
Chris PeBenito
f932d8e3cb
add spamassassin
2005-10-22 23:50:23 +00:00
Chris PeBenito
385dcd4e70
add radius
2005-10-22 22:51:14 +00:00
Chris PeBenito
44fc06b0cb
add radius and amanda, which I forgot to ci
2005-10-22 22:51:01 +00:00
Chris PeBenito
230838e117
add pegasus
2005-10-22 21:55:39 +00:00
Chris PeBenito
a636210ef8
add dbskk
2005-10-22 21:18:03 +00:00
Chris PeBenito
ad3b9d76dc
add lpd
2005-10-22 21:09:03 +00:00
Chris PeBenito
ae1d9afb5b
simplify since alias take care of it
2005-10-22 20:06:51 +00:00
Chris PeBenito
10b1f324d5
add amanda
2005-10-22 19:58:58 +00:00
Chris PeBenito
239db5e20c
add networkmanager
2005-10-22 17:44:04 +00:00
Chris PeBenito
ebed41b5aa
woops, radius wasn't actually completed
2005-10-22 16:47:17 +00:00
Chris PeBenito
ae90172c41
expand gen_context() in file contexts
2005-10-22 16:31:56 +00:00
Chris PeBenito
1f8a8bbbbd
more sediff fixes
2005-10-21 22:56:41 +00:00
Chris PeBenito
e6a2eaffdf
more fixes
2005-10-21 21:35:25 +00:00
Chris PeBenito
da4fc9ce2b
sediff fixes
2005-10-21 19:36:49 +00:00
Chris PeBenito
23a4442bf1
add xdm
2005-10-21 17:55:15 +00:00
Chris PeBenito
3509484c6f
add canna
2005-10-21 16:39:28 +00:00
Chris PeBenito
fe7b943240
fix
2005-10-21 16:19:26 +00:00
Chris PeBenito
ea557a85df
add cyrus
2005-10-21 16:18:11 +00:00
Chris PeBenito
06a5362f93
add all target to build base and modules
2005-10-21 16:00:24 +00:00
Chris PeBenito
29ce0009bc
add dovecot
2005-10-21 15:38:22 +00:00
Chris PeBenito
cf6141a72e
fix corenetwork generation and add distcc
2005-10-21 13:11:17 +00:00
Chris PeBenito
4e69c1c423
obj class typo for certs
2005-10-20 19:28:27 +00:00
Chris PeBenito
2b01ae7e20
make DISTRO=redhat imply DIRECT_INITRC=y
2005-10-20 18:08:31 +00:00
Chris PeBenito
a4e8b79d8a
release
2005-10-19 21:18:25 +00:00
Chris PeBenito
61feb222ae
add missing entry
2005-10-19 20:18:21 +00:00
Chris PeBenito
de764944d8
targeted policy fixes
2005-10-19 19:45:20 +00:00
Chris PeBenito
af4752bcb9
targeted and distro fixes for loadable modules
2005-10-19 16:44:24 +00:00
Chris PeBenito
0efe52ae99
fix last loadable module problems
2005-10-19 14:36:04 +00:00
Chris PeBenito
90c3ddefe3
fix requires
2005-10-19 13:11:49 +00:00
Chris PeBenito
12ae7557d3
piles of fixes for loadable modules
2005-10-18 18:25:33 +00:00
Chris PeBenito
c3812748c3
misc fixes
2005-10-18 15:07:11 +00:00
Chris PeBenito
84313262d7
error out if trying to build a module thats off or base
2005-10-17 21:31:30 +00:00
Chris PeBenito
97749e2a2e
add more docs
2005-10-17 20:00:33 +00:00
Chris PeBenito
c3a05c9f5a
fix error uncovered by sechecker
2005-10-17 20:00:20 +00:00
Chris PeBenito
e749cd12a6
wrap up almost all of apache
2005-10-17 17:55:38 +00:00
Chris PeBenito
e08118a52f
add ppp
2005-10-14 20:00:07 +00:00
Chris PeBenito
fe9d17fe14
more merging from 1.27.1-15
2005-10-14 18:42:42 +00:00
Chris PeBenito
d8636fc937
more merging from 1.27.1-15
2005-10-14 17:55:40 +00:00
Chris PeBenito
77f6e2cd27
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
Chris PeBenito
b1421d8712
add some docs, do some reordering
2005-10-12 21:25:16 +00:00
Chris PeBenito
8df65f137f
add sechecker targets
2005-10-12 19:13:49 +00:00
Chris PeBenito
c4bf979302
start adding perm sets with refpol names
2005-10-12 18:17:10 +00:00
Chris PeBenito
4c71994852
add missing interface
2005-10-12 17:32:41 +00:00
Chris PeBenito
be4690a5ae
add in last bits of webalizer
2005-10-12 17:22:25 +00:00
Chris PeBenito
c2b18fa1f3
more apache work
2005-10-12 16:23:22 +00:00
Chris PeBenito
799a0b43cd
add mailman
2005-10-11 15:36:53 +00:00
Chris PeBenito
fedd3cafbd
update INSTALL and start work on README
2005-10-10 21:02:49 +00:00
Chris PeBenito
f33561f560
add webalizer and sasl
2005-10-10 18:50:08 +00:00
Chris PeBenito
4483ee849c
add apm and arpwatch. fix implementation error on fs_getattr_all_files,
...
splitting it up into correct interfaces.
2005-10-10 18:11:46 +00:00
Chris PeBenito
d4dca58511
add finger and bluetooth
2005-10-07 21:45:04 +00:00
Chris PeBenito
9d3e339e82
partial mailman merge
2005-10-07 19:35:36 +00:00
Chris PeBenito
99505c1c89
fix files_exec_usr_src_files
2005-10-07 18:48:43 +00:00
Chris PeBenito
4f9f30c8df
* Updated to sedoctool to read bool files and tunable
...
files separately.
* Changed the xml tag of <boolean> to <bool> to be consistent
with gen_bool().
* Modified the implementation of segenxml to use regular
expressions.
2005-10-07 18:08:50 +00:00
Chris PeBenito
e02c61cfa4
rename context_template() to gen_context()
2005-10-06 19:33:06 +00:00
Chris PeBenito
6e99a6cfd1
more apache work
2005-10-05 21:17:22 +00:00
Chris PeBenito
fc6524d746
add ftp
2005-10-05 19:52:53 +00:00
Chris PeBenito
5bc9f3061b
fix comment
2005-10-05 19:10:31 +00:00
Chris PeBenito
f4d7fdcfaf
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
Chris PeBenito
a996bdf4ad
add most of apache
2005-09-29 20:59:00 +00:00
Chris PeBenito
a5ec7cb6c4
more pieces of ftp
2005-09-29 13:32:28 +00:00
Chris PeBenito
a2868f6eae
start adding secure_file_type implementation
2005-09-28 19:07:22 +00:00
Chris PeBenito
79cde317df
add winbind
2005-09-28 18:22:58 +00:00
Chris PeBenito
6942484b6f
add in a couple missing rules
2005-09-28 18:10:48 +00:00
Chris PeBenito
246a604273
add in a few parts of ftp
2005-09-27 22:29:45 +00:00
Chris PeBenito
20e306e2de
add dmidecode
2005-09-27 21:24:01 +00:00
Chris PeBenito
b03f960ece
add disable_trans support
2005-09-27 20:17:50 +00:00
Chris PeBenito
1f91e1bfe5
a few conditional cleanups
2005-09-27 19:40:44 +00:00
Chris PeBenito
f0574fa9aa
add mls privileges
2005-09-26 20:26:32 +00:00
Chris PeBenito
6d788d87d1
comment fix
2005-09-26 20:24:44 +00:00
Chris PeBenito
9edc289521
add anaconda
2005-09-23 22:15:04 +00:00
Chris PeBenito
b9ae3aab39
rework nis_use_ypbind since optionals dont work in conditionals
2005-09-23 22:14:54 +00:00
Chris PeBenito
fa67570d9a
add radvd, plus a few cleanups from sediff
2005-09-23 21:20:03 +00:00
Chris PeBenito
842859260c
add kudzu
2005-09-23 19:38:34 +00:00
Chris PeBenito
0058418017
remove classes from gen_requires, and disable net_raw for now
2005-09-23 15:37:41 +00:00
Chris PeBenito
681c9a02e7
fixes from sediff
2005-09-22 21:59:50 +00:00
Chris PeBenito
48558667c0
update for release
2005-09-22 19:05:26 +00:00
Chris PeBenito
f7ba4a8963
add uucp
2005-09-22 16:27:52 +00:00
Chris PeBenito
b53f93a41f
testing fixes
2005-09-22 15:32:53 +00:00
Chris PeBenito
fb2817da70
make system.users look nicer
2005-09-22 14:42:49 +00:00
Chris PeBenito
90e497f586
fix regex
2005-09-22 14:33:38 +00:00
Chris PeBenito
1fb83a764b
fix system.users now that the gen_user macro is in support
2005-09-22 14:31:30 +00:00
Chris PeBenito
08c5c972cf
fix for targeted
2005-09-22 14:14:25 +00:00
Chris PeBenito
996ae37b69
fix for removed example targeted config
2005-09-22 13:35:13 +00:00
Chris PeBenito
25c6746156
loadable module compile fixes
2005-09-21 20:01:40 +00:00
Chris PeBenito
6e0542eb27
fix error with file common being output, not file class (unique perms were missing)
2005-09-21 20:01:21 +00:00
Chris PeBenito
142e9f40ea
targeted and redhat cleanups
2005-09-21 14:49:41 +00:00
Chris PeBenito
0e15cdfb50
change monolithic_policy to self_contained_policy for clarity
2005-09-21 13:26:30 +00:00
Chris PeBenito
3774e4eb28
todo cleanup
2005-09-20 20:48:17 +00:00
Chris PeBenito
93070cbaed
add cvs
2005-09-20 18:49:13 +00:00
Chris PeBenito
9210553ecb
add cpucontrol
2005-09-20 18:15:35 +00:00
Chris PeBenito
4fd5201a59
add rlogin and telnet
2005-09-20 17:11:53 +00:00
Chris PeBenito
c0e4fe2c9c
add appconfig for mls and mcs
2005-09-20 14:20:02 +00:00
Chris PeBenito
200f453ff5
add stunnel
2005-09-20 13:47:36 +00:00
Chris PeBenito
a1fcff33f2
final updates from nsa cvs
2005-09-19 21:17:45 +00:00
Chris PeBenito
41c4800de4
a few module compile fixes
2005-09-19 14:18:48 +00:00
Chris PeBenito
cf6a7d8993
more upstream merging
2005-09-16 21:20:37 +00:00
Chris PeBenito
cff75c90ca
more upstream merging
2005-09-16 19:36:10 +00:00
Chris PeBenito
40adb57f47
add tftp
2005-09-16 15:18:09 +00:00
Chris PeBenito
ccc5978224
add snmp
2005-09-16 14:54:36 +00:00
Chris PeBenito
a0824843c2
more merging from nsa cvs
2005-09-16 13:36:26 +00:00
Chris PeBenito
98a8ead4c5
more updates
2005-09-15 21:03:29 +00:00
Chris PeBenito
605ba28540
more merging from nsa cvs
2005-09-15 15:34:31 +00:00
Chris PeBenito
5a2649cefd
cleanup
2005-09-14 19:27:30 +00:00
Chris PeBenito
84c92239d4
add samba
2005-09-14 18:33:53 +00:00
Chris PeBenito
4479b31614
require fix
2005-09-14 15:41:46 +00:00
Chris PeBenito
71fe0fa4c5
fixes for module compiling
2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0
more merging of NSA CVS policy
2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3
begin merging in upstream NSA CVS changes
2005-09-12 21:40:56 +00:00
Chris PeBenito
082dcd9eb2
add base mod changelog entry
2005-09-12 15:58:44 +00:00
Chris PeBenito
712566ee41
fixes to make base module compilable
2005-09-12 15:17:39 +00:00
Chris PeBenito
2e863f8ad0
add first part of changes to make base module compilable
2005-09-09 20:51:54 +00:00
Chris PeBenito
0fdf3ef75e
fix sshd to use initrc transition while typeattribute in conditionals is still broken
2005-09-09 20:49:59 +00:00
Chris PeBenito
9ff3003346
add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work
2005-09-09 13:24:11 +00:00
Chris PeBenito
eb3cb6820a
add portmap
2005-09-08 17:12:38 +00:00
Chris PeBenito
d17b4d2323
add ktalk
2005-09-08 13:42:13 +00:00
Chris PeBenito
9b06402eaf
add missing rules of other domains using inn
2005-09-08 13:23:11 +00:00
Chris PeBenito
541b7d57ff
new release
2005-09-07 16:15:51 +00:00
Chris PeBenito
763a5e30c6
misc fixes
2005-09-07 13:31:37 +00:00
Chris PeBenito
8d93523409
add inn
2005-09-06 18:37:27 +00:00
Chris PeBenito
603f90ab9d
misc fixes
2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3
add ntp
2005-09-05 16:47:19 +00:00
Chris PeBenito
ce1b44aac4
typo
2005-09-02 20:55:17 +00:00
Chris PeBenito
ac0483aefe
add dictd
2005-09-02 20:50:54 +00:00
Chris PeBenito
fdae8e755e
add hal
2005-09-02 20:29:52 +00:00
Chris PeBenito
f344c0f38e
move dhcpd to dhcp
2005-09-02 19:18:43 +00:00
Chris PeBenito
0f707d52ab
add squid
2005-09-02 19:11:07 +00:00
Chris PeBenito
7c8fc35b14
add dhcpd
2005-09-02 14:52:08 +00:00
Chris PeBenito
9d3bdc25af
fix bugs uncovered from sediff
2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13
move rhgb_domain into TODO so modules can compile as binary modules
2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf
finish remaining dbus bits
2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578
add dbus
2005-08-31 20:58:12 +00:00
Chris PeBenito
6af06cd8b6
fix typos
2005-08-31 16:54:19 +00:00
Chris PeBenito
768283ac46
cosmetics
2005-08-31 16:49:30 +00:00
Chris PeBenito
6e61566dba
add comsat. clean up kerberos and nscd interfaces
2005-08-31 15:25:12 +00:00
Chris PeBenito
246839f3d2
fix up most of mta attribute insanity
2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59
send user role to per userdomain templates. update templated interfaces
...
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
e5d45268fd
make corecommands required
2005-08-30 14:41:52 +00:00
Chris PeBenito
a19e346437
doctool display for no interfaces or templates
2005-08-29 19:55:00 +00:00
Chris PeBenito
37aa3ff267
update for release
2005-08-26 15:02:23 +00:00
Chris PeBenito
9439a25899
update config, switch most to module
2005-08-26 13:30:59 +00:00
Chris PeBenito
2a94561a89
start adding in templated interfaces
2005-08-25 20:27:20 +00:00
Chris PeBenito
d4df0aa62c
remove bad changelog date
2005-08-25 14:49:31 +00:00
Chris PeBenito
c6299b2a1b
add rpm spec skeleton
2005-08-24 20:42:15 +00:00
Chris PeBenito
6d12276bf5
fix quoting
2005-08-24 20:18:28 +00:00
Chris PeBenito
e28aa682c7
reformat for use in rpm
2005-08-24 20:18:06 +00:00
Chris PeBenito
3110dec4f3
fix tunables
2005-08-24 20:00:10 +00:00
Chris PeBenito
82024f9942
do bools until loadable modules support tunables
2005-08-24 18:30:47 +00:00
Chris PeBenito
d83fdad248
add bind
2005-08-23 17:26:19 +00:00
Chris PeBenito
902be0ae21
add privoxy
2005-08-22 21:49:27 +00:00
Chris PeBenito
35ecf83839
add rsync
2005-08-22 21:17:10 +00:00
Chris PeBenito
f9b11e9615
add howl
2005-08-22 20:43:20 +00:00
Chris PeBenito
4b8c5489ec
move require to right position, for modular policy
2005-08-22 20:18:42 +00:00
Chris PeBenito
a6df70c11a
more comments
2005-08-22 20:05:40 +00:00
Chris PeBenito
8b75b07055
remove comment about monolithic only supported
2005-08-22 18:28:45 +00:00
Chris PeBenito
c04f2abe88
complete infrastructure support for building modules
2005-08-22 17:07:17 +00:00
Chris PeBenito
db93d707c5
mark userpace object classes
2005-08-22 14:13:19 +00:00
Chris PeBenito
f6e28abbab
moved to selinux module
2005-08-19 20:05:02 +00:00
Chris PeBenito
28f0329c78
for base module, only enable modules actually in it
2005-08-19 20:00:05 +00:00
Chris PeBenito
fb0a3a98c6
initial support for compiling loadable modules
2005-08-18 21:27:20 +00:00
Chris PeBenito
f862c35c37
add gpm
2005-08-17 21:28:31 +00:00
Chris PeBenito
2961e79b55
add ldap
2005-08-17 18:33:43 +00:00
Chris PeBenito
23ca91f8bb
cleanup
2005-08-17 17:31:57 +00:00
Chris PeBenito
545b0c9176
add rshd
2005-08-17 15:23:24 +00:00
Chris PeBenito
886907ccef
add firstboot
2005-08-17 15:08:12 +00:00
Chris PeBenito
57a96cbd0b
add firstboot
2005-08-17 14:14:07 +00:00
Chris PeBenito
2d803edc73
more debian cleanup
2005-08-17 14:09:29 +00:00
Chris PeBenito
a573790b4d
make default for optional modules to module instead of base
2005-08-15 20:31:37 +00:00
Chris PeBenito
4806a05cfb
fix broken xml of previous commit
2005-08-15 19:35:20 +00:00
Chris PeBenito
5f38a65aab
try to knock out more of the distro_debian bootloader stuff
2005-08-15 19:31:37 +00:00
Chris PeBenito
21468a6076
add loadkeys
2005-08-15 14:46:17 +00:00
Chris PeBenito
8843093607
more comments
2005-08-12 19:28:30 +00:00
Chris PeBenito
f0b1efa2a2
all dev nodes assoc to tmpfs, since most everyone is moving to udev
2005-08-12 19:28:15 +00:00
Chris PeBenito
c5a6dcbc3e
quiet file context validation
2005-08-12 18:15:00 +00:00
Chris PeBenito
35b494789d
fix some udev naming
2005-08-12 18:13:03 +00:00
Chris PeBenito
aae06c1306
fix system spool file problem
2005-08-12 17:54:55 +00:00
Chris PeBenito
d06f3c3752
remove secdesc since desc is sufficient
2005-08-11 17:55:47 +00:00
Chris PeBenito
f7ebea06e3
finalize desc -> summary xml change
2005-08-11 17:46:39 +00:00
Chris PeBenito
4aa0dc20b4
add tcpd
2005-08-11 15:17:13 +00:00
Chris PeBenito
e694b51e6b
fix no interface module handling in segenxml
2005-08-11 14:55:41 +00:00
Chris PeBenito
052c953ae5
add quota
2005-08-11 14:49:58 +00:00
Chris PeBenito
5a3895a9f6
tabbing fix
2005-08-11 14:35:52 +00:00
Chris PeBenito
e784300a62
add sudo
2005-08-09 19:30:43 +00:00
Chris PeBenito
b9d7d70b33
add template xml
2005-08-09 19:21:25 +00:00
Chris PeBenito
9489149ec0
add su
2005-08-08 21:03:23 +00:00
Chris PeBenito
9465452eec
fix gen_user comment for more clarity
2005-08-08 18:13:56 +00:00
Chris PeBenito
dce68dc48d
add updfstab
2005-08-08 15:51:15 +00:00
Chris PeBenito
f5e321b0f0
fix xml tags
2005-08-08 15:43:20 +00:00
Chris PeBenito
7057c18db0
a few more ssh touchups
2005-08-05 18:49:23 +00:00
Chris PeBenito
ed78ea0034
add tmpreaper
2005-08-05 15:32:27 +00:00
Chris PeBenito
9a66d4e562
add acct
2005-08-05 14:32:12 +00:00
Chris PeBenito
3fd8336882
misc cleanup
2005-08-04 20:54:51 +00:00
Chris PeBenito
42be7c214d
add mysql
2005-08-03 17:56:26 +00:00
Chris PeBenito
046a21da80
search sbin dirs to find the pgms
2005-08-03 17:43:41 +00:00
Chris PeBenito
81343a6f90
* Rename ipsec connect interface for consistency.
...
* Add missing parts of unix stream socket connect interface
of ipsec.
* Rename inetd connect interface for consistency.
2005-08-03 15:16:33 +00:00
Chris PeBenito
52a902b803
new release
2005-08-02 14:54:30 +00:00
Chris PeBenito
6db8e52a8f
new release
2005-08-02 14:51:50 +00:00
Chris PeBenito
60abb5fdab
add missing
2005-08-01 15:58:14 +00:00
Chris PeBenito
cd8fa41253
fix comparison bug
2005-08-01 15:49:05 +00:00
Chris PeBenito
96a150deac
move file context validation to install
2005-07-29 20:49:52 +00:00
Chris PeBenito
bbdbdb9edf
fix stray line that got out of TODO
2005-07-29 15:07:15 +00:00
Chris PeBenito
e5590ea5ec
work on user transition
2005-07-28 20:52:55 +00:00
Chris PeBenito
c13146d97a
update
2005-07-27 21:01:19 +00:00
Chris PeBenito
78d30cb1f4
Fix handling of ordered and unordered HTML lists.
2005-07-22 19:15:49 +00:00
Chris PeBenito
022f61c0e3
add connect interface on ports to handle name_connect tcp perm
2005-07-22 15:38:01 +00:00
Chris PeBenito
50527cf581
make network_interface able to support multiple interfaces having the same type
2005-07-22 14:00:38 +00:00
Chris PeBenito
953541a918
update from privmail
2005-07-21 20:34:57 +00:00
Chris PeBenito
80526ccbdd
add an example module config for a targeted policy
2005-07-20 20:11:49 +00:00
Chris PeBenito
ea7d571bd7
/var/lib is now a mountpoint
2005-07-20 17:36:48 +00:00
Chris PeBenito
53857c8c05
unconfined can pass all constraints
2005-07-20 17:24:23 +00:00
Chris PeBenito
ef424c14d4
name_connect only on tcp_sockets
2005-07-20 17:10:07 +00:00
Chris PeBenito
9496fd5119
unconfined can name_connect to all ports
2005-07-20 17:08:07 +00:00
Chris PeBenito
d250634311
reorder kernel policy, add attributes for sysctl and proc entries. fix unconfined interface
2005-07-20 17:06:10 +00:00
Chris PeBenito
f82c6ac64c
bah typo
2005-07-20 15:08:33 +00:00
Chris PeBenito
0b28a23114
user home dirs were missing file type in targ policy
2005-07-20 15:06:49 +00:00
Chris PeBenito
1e3f610b3b
add missing dir and file perms for selinuxfs in unconfined
2005-07-20 14:57:13 +00:00
Chris PeBenito
689f6ddb35
fix typos and import some rules from NSA cvs to make targeted policy work
2005-07-20 14:25:24 +00:00
Chris PeBenito
474f43d13d
should actually try compiling first :x
2005-07-20 13:39:10 +00:00
Chris PeBenito
bd7e7a6417
missed a line
2005-07-20 13:37:18 +00:00
Chris PeBenito
a28f6db576
add in some rules from NSA CVS to make targeted policy work
2005-07-20 13:30:06 +00:00
Chris PeBenito
8c3f438f75
corenet was missing from unconfined
2005-07-19 20:38:26 +00:00
Chris PeBenito
892266ca76
more targeted policy fixes
2005-07-19 20:26:02 +00:00
Chris PeBenito
21f47732b1
add new netlink socket class
2005-07-19 20:25:42 +00:00
Chris PeBenito
ec848d247f
more fixes for targeted
2005-07-19 19:37:43 +00:00
Chris PeBenito
2ec4c9d38f
more cleanup
2005-07-19 18:40:31 +00:00
Chris PeBenito
8b0bbdda34
fixes for targeted policy
2005-07-19 18:40:19 +00:00
Chris PeBenito
391edeb577
fix assertions for framework
2005-07-18 20:17:21 +00:00
Chris PeBenito
a5f339f134
more cleanup in system
2005-07-18 18:31:49 +00:00
Chris PeBenito
9f103ce14b
fix to use context_template()
2005-07-18 14:25:05 +00:00
Chris PeBenito
3b6174a142
add missing context template
2005-07-15 20:54:24 +00:00
Chris PeBenito
50aca6d2f9
add raid (mdadm)
2005-07-15 20:45:26 +00:00
Chris PeBenito
d9fd8e7562
more pcmcia cleanup
2005-07-15 19:18:55 +00:00
Chris PeBenito
157c69416f
add macro to expand object class sets for use in require blocks
2005-07-15 15:53:54 +00:00
Chris PeBenito
50f6503452
* break up files_getattr_all_files into correct interfaces
...
* move stuff out of pcmcia into the appropriate modules
2005-07-15 15:17:57 +00:00
Chris PeBenito
f136a944c5
reorder in alpha order of type, for sanity purposes
2005-07-15 14:30:19 +00:00
Chris PeBenito
316553a275
add pcmcia
2005-07-14 20:58:57 +00:00
Chris PeBenito
e0d57fbcb1
add pcmcia
2005-07-14 20:57:17 +00:00
Chris PeBenito
c429cb5e26
fix up the xml
2005-07-14 20:02:53 +00:00
Chris PeBenito
11633bbaa8
add ipsec
2005-07-14 18:15:47 +00:00
Chris PeBenito
493d6c4adc
add nscd
2005-07-13 20:48:51 +00:00
Chris PeBenito
df00b2e235
* fix chroot exec interface
...
* more TODO cleanup
* move IPC out of generic domtrans interfaces
2005-07-13 18:29:08 +00:00
Chris PeBenito
25a0c61ffc
add distro tunables. expand on a few comments
2005-07-13 18:08:12 +00:00
Chris PeBenito
b24f35d8a3
more cleanup of current TODOs
2005-07-12 20:34:24 +00:00
Chris PeBenito
20a22759a7
fix comments for templates to have same number of # as interfaces
2005-07-12 20:33:42 +00:00
Chris PeBenito
4051d15b62
fix xml
2005-07-11 19:15:54 +00:00
Chris PeBenito
ae9e2716c3
fix more TODOs. fix selinux.te to selinuxutil.te in optionals
2005-07-11 19:02:50 +00:00
Chris PeBenito
34bbe50d50
improve display of tunables and booleans
2005-07-11 14:41:21 +00:00
Chris PeBenito
4d7511ba57
add tun and bool descriptions
2005-07-11 13:49:15 +00:00
Chris PeBenito
249d461f23
initial global booleans and tunables support. also fix index
...
building, as it was being rebuilt for every module, rather then
once after all modules are loaded.
2005-07-08 21:02:59 +00:00
Chris PeBenito
a42ca7ebec
another round of TODO cleanup
2005-07-08 20:44:57 +00:00
Chris PeBenito
4d0d4157f4
silly formatting fix
2005-07-08 19:44:12 +00:00
Chris PeBenito
c11958bd0f
support for global booleans
2005-07-08 14:22:17 +00:00
Chris PeBenito
acb668edf1
* Added support for layer summaries.
...
* Added a "Index" link on the menu to link to index.html
* Added links from the master interface & template lists
to their respective documentation in their module.
* Added links to "Interfaces" and "Templates" in modules
that have both.
* Added "Return" links after the "Interfaces" and "Templates"
section that go to the top of the module site.
2005-07-07 20:56:27 +00:00
Chris PeBenito
58c7777e14
tag for 20050707 release
2005-07-07 17:25:53 +00:00
Chris PeBenito
dfa83e924c
add changelog
2005-07-07 17:13:17 +00:00
Chris PeBenito
e5f8060316
implement direct_sysadm_daemon
2005-07-07 15:25:28 +00:00
Chris PeBenito
1aa526281b
missing rules uncovered by sediff
2005-07-07 15:20:24 +00:00
Chris PeBenito
c98340cfeb
support for targeted policy
2005-07-06 20:28:29 +00:00
Chris PeBenito
83ce670b3d
put back to strict. will have separate strict and targeted appconfig
2005-07-06 19:42:27 +00:00
Chris PeBenito
14b25bc455
validate file contexts
2005-07-06 18:34:27 +00:00
Chris PeBenito
ed1a92b88c
ksu moves to su
2005-07-06 17:41:58 +00:00
Chris PeBenito
bb32544d61
add missing ssh file contexts
2005-07-06 15:59:54 +00:00
Chris PeBenito
a3fdcebc6a
quiet the awk if modules.conf doesnt exist
2005-07-06 15:24:45 +00:00
Karl MacMillan
ebb884dec2
- Removed OUTPUT_VERSION as default.
...
- Added default name as refpolicy to avoid clobbering string installs
2005-07-06 15:23:28 +00:00
Chris PeBenito
e17cb83c3d
update appconfig for unconfined login
2005-07-06 13:12:20 +00:00
Chris PeBenito
9726b31857
add unconfined
2005-07-05 20:59:51 +00:00
Chris PeBenito
e8f0055b6d
fix quoting problem
2005-07-05 20:54:12 +00:00
Chris PeBenito
e8b3e30abe
fix for new new modules.conf behavior
2005-07-05 19:42:11 +00:00
Chris PeBenito
f0cc1acd4a
update for required tag
2005-07-05 19:35:07 +00:00
Chris PeBenito
2745476e4a
add required tags
2005-07-05 17:47:15 +00:00
Chris PeBenito
d78fdee465
add tag for required modules
2005-07-05 16:03:47 +00:00
Chris PeBenito
a7a9799d79
convert can_kerberos()
2005-07-01 13:31:34 +00:00
Chris PeBenito
65c8613766
ul has to be in a p
2005-07-01 13:10:57 +00:00
Chris PeBenito
5e1ed4903e
initial commit
2005-06-30 21:11:54 +00:00
Chris PeBenito
fd89e19f12
more work on current modules
2005-06-30 18:54:08 +00:00
Chris PeBenito
ebdc3b7902
clean up more todos
2005-06-29 20:53:53 +00:00
Chris PeBenito
e8d8faa820
dont show interface/template hotlinks if the module doesnt have one of them.
2005-06-29 16:55:13 +00:00
Chris PeBenito
d233bfce3f
make layer summary required
2005-06-29 16:54:13 +00:00
Chris PeBenito
00172fb7c4
change messages for missing docs
2005-06-29 14:48:28 +00:00
Chris PeBenito
06c9680d78
make interfaces or templates section not shown if empty
2005-06-29 14:48:13 +00:00
Chris PeBenito
8fd3673225
another round of renaming, for consistency
2005-06-29 14:26:41 +00:00
Chris PeBenito
743b65115c
link fix
2005-06-29 13:05:16 +00:00
Chris PeBenito
96ce00afcc
add logrotate, more low-hanging fruit
2005-06-28 20:54:49 +00:00
Chris PeBenito
effd58c647
add templates
2005-06-28 20:41:50 +00:00
Chris PeBenito
ceebe3b4b0
change desc to summary
2005-06-28 19:51:46 +00:00
Chris PeBenito
896badc4d2
add comments and error handling
2005-06-28 19:50:38 +00:00
Chris PeBenito
2d56fdc240
preserve tunable values if tunables.conf exists
2005-06-28 18:01:47 +00:00
Chris PeBenito
cbca03f513
add lost_found_t manage, rename fs_type attribute to filesystem_type and rename fs_make_fs to fs_type
2005-06-28 17:48:59 +00:00
Chris PeBenito
783b38347e
more low hanging fruit cleanup
2005-06-28 17:32:57 +00:00
Chris PeBenito
cedae2e49e
better handling of whitespace
2005-06-28 17:31:50 +00:00
Chris PeBenito
19db6ba5a9
change modules.conf behavior to be in line with behavior which will be used in the future for base module
2005-06-28 17:31:18 +00:00
Chris PeBenito
a4c639ddd5
change modules.conf handling
2005-06-28 15:19:40 +00:00
Chris PeBenito
58c3da55f3
add fstools, and more cleanup
2005-06-27 20:59:28 +00:00
Chris PeBenito
80436b9b8f
changes to make inetd work
2005-06-27 18:37:33 +00:00
Chris PeBenito
24bf11c62a
initial commit
2005-06-27 18:36:56 +00:00
Chris PeBenito
ab940a4cc1
autofs_t and ypbind cleanup
2005-06-27 16:30:55 +00:00
Chris PeBenito
e88003ffe3
xml updates and nis stuff
2005-06-24 20:37:09 +00:00
Chris PeBenito
f8838e6ac1
better dummy xml entries
2005-06-24 20:36:49 +00:00
Chris PeBenito
73fbc771d1
initial commit
2005-06-24 19:49:46 +00:00
Chris PeBenito
62a7b02c5b
add/update comments
2005-06-24 13:36:57 +00:00
Chris PeBenito
e81f0220b6
add template support, and add dummy parameters for interfaces that have no comments, so it is valid against the dtd
2005-06-24 13:36:22 +00:00
Chris PeBenito
414e415198
update for new documentation method
2005-06-23 21:30:57 +00:00
Chris PeBenito
aad5b98eba
more updates
2005-06-23 20:35:48 +00:00
Chris PeBenito
c3a0754c23
a couple output fixes
2005-06-23 20:27:25 +00:00
Chris PeBenito
9916c694b4
update to new commenting style
2005-06-23 20:27:06 +00:00
Chris PeBenito
45239964e5
move ssh tunables into global_tunables
2005-06-23 19:57:15 +00:00
Chris PeBenito
95db422832
initial commit of segenxml. add support in Makefile
2005-06-23 19:55:23 +00:00
Chris PeBenito
19ea99d495
fix
2005-06-23 16:06:39 +00:00
Chris PeBenito
7c2b84e7a1
fix for shortened tags
2005-06-23 16:06:25 +00:00
Chris PeBenito
261e0e66ee
shorten some xml tags
2005-06-23 16:00:05 +00:00
Chris PeBenito
d3b892e4fd
convert a couple network macros
2005-06-23 15:44:18 +00:00
Chris PeBenito
007ca5600c
more setcurrent stuff
2005-06-23 15:37:39 +00:00
Chris PeBenito
2a3478cf15
fixes pointed out by steve, plus fixes revealed by the added assertions
2005-06-23 14:19:56 +00:00
Chris PeBenito
9ccd96dfc6
more work on ssh, plus import ssh-agent
2005-06-22 21:14:48 +00:00
Chris PeBenito
199895e201
move all interfaces over to the interface macro. add traceback debugging info
2005-06-22 19:21:31 +00:00
Chris PeBenito
cbc9d6951a
remove remaining _depend macros to prep for switchover to interface declaration macro
2005-06-22 16:07:14 +00:00
Chris PeBenito
0404a3903a
initial commit of ssh.
2005-06-21 21:07:46 +00:00
Chris PeBenito
21871a5cf6
work on newrole policy
2005-06-21 17:01:45 +00:00
Chris PeBenito
7fb9c1c72b
change doctool to bring in line with the xml tag change (layers encapsulate
...
modules)
2005-06-20 20:31:58 +00:00
Chris PeBenito
e04b8e7832
initial commit
2005-06-20 18:43:14 +00:00
Chris PeBenito
57869a681e
XML: encapsulate modules in layers, rather then layer being an attribute of
...
module tag
2005-06-20 18:40:44 +00:00
Chris PeBenito
7a2f20a315
more work to clean up and complete current modules
2005-06-20 17:41:29 +00:00
Chris PeBenito
2ba9a794db
interface review, and remove net_raw from raw node sends. only give
...
capability for raw send on an interface
2005-06-17 19:17:57 +00:00
Chris PeBenito
bc1fbab472
interface review, and remove net_raw from raw node sends. only give
...
capability for raw send on an interface
2005-06-17 18:59:34 +00:00
Chris PeBenito
c9b7f1a28e
add rw_term_perms
2005-06-17 18:56:23 +00:00
Chris PeBenito
5e6f9e5aac
services interfaces review
2005-06-17 18:41:07 +00:00
Chris PeBenito
7f2e39b8e6
review of admin interfaces
2005-06-17 18:27:08 +00:00
Chris PeBenito
139520a233
review of system interfaces
2005-06-17 17:59:26 +00:00
Chris PeBenito
a7c3a1b920
eliminate _depend macros
2005-06-16 21:06:29 +00:00
Chris PeBenito
0e721690dc
misc cleanup
2005-06-16 20:54:18 +00:00
Chris PeBenito
562cc2bd6c
reorder gpg tunable for alpha sorting
2005-06-16 20:34:57 +00:00
Chris PeBenito
d35c621eb0
add a couple more nfs and cifs interfaces, to cover most of the
...
use_(nfs|cifs)_home_dirs tunable
2005-06-16 20:33:51 +00:00
Chris PeBenito
77c124c8cd
eliminate _depend macros
2005-06-16 20:30:59 +00:00
Chris PeBenito
8c2f3ac695
have can_exec add a require block
2005-06-16 20:30:07 +00:00
Chris PeBenito
4ce9bdf0aa
fix
2005-06-15 21:08:58 +00:00
Chris PeBenito
815ff39128
initialize description to None so missing descriptions dont show wrong data
2005-06-15 20:53:19 +00:00
Chris PeBenito
102a59ba77
add comments for clean and bare
2005-06-15 15:45:54 +00:00
Chris PeBenito
337e4afa22
for use until we have a full README
2005-06-15 15:34:44 +00:00
Chris PeBenito
c592e52e38
add install-src target
2005-06-15 14:14:20 +00:00
Chris PeBenito
f08f5a030e
initial commit
2005-06-15 14:10:38 +00:00
Chris PeBenito
c7b41e9536
add CFLAGS, and drop -C from install since it doesn't exist in all distros,
...
and its function is useless
2005-06-15 14:08:18 +00:00
Chris PeBenito
8eaa723d28
put user line in col 1, since genhomedircon breaks otherwise
2005-06-15 14:07:20 +00:00
Chris PeBenito
828e03f635
initial commit
2005-06-15 13:53:48 +00:00
Chris PeBenito
5e0da6a03e
finish renaming system/selinux to system/selinuxutil
2005-06-14 20:48:34 +00:00
Chris PeBenito
ff7bc148e4
move security_t to selinux module
2005-06-14 20:40:09 +00:00
Chris PeBenito
be4a8011d4
move selinux to selinuxutil
2005-06-14 20:12:46 +00:00
Chris PeBenito
8bd6789954
move constraints interfaces to domain module. move sysfs and usbfs to
...
devices module
2005-06-14 19:56:46 +00:00
Chris PeBenito
8ae194f629
when a generated file is already generated, it shows up in the generated_*
...
variable, and also the make wildcard, so use sort, since it removes
duplicates.
2005-06-14 18:39:55 +00:00
Chris PeBenito
810f2b7155
fix typo
2005-06-14 18:15:01 +00:00
Chris PeBenito
1beba1c654
fix up appconfig, and generate $(installdir)/booleans
2005-06-14 18:13:55 +00:00
Chris PeBenito
b57dd19400
stray renames in distro_redhat
2005-06-14 17:36:21 +00:00
Chris PeBenito
d2d6c8ce17
fix makefile to only rebuild modules.conf and tunables.conf explicitly
2005-06-14 15:54:55 +00:00
Chris PeBenito
e75f78666c
initial commit
2005-06-14 14:43:15 +00:00
Chris PeBenito
3eed10909e
convert relevant conditionals into tunable_policy
2005-06-14 14:43:04 +00:00
Chris PeBenito
92e928e1bd
start making genhomedircon work
2005-06-13 21:16:05 +00:00
Chris PeBenito
c24ac9c51c
rename requires_block_template to gen_require
2005-06-13 20:51:09 +00:00
Chris PeBenito
fa7bea8feb
rename requires_block_tempalte to gen_require
2005-06-13 20:47:04 +00:00
Chris PeBenito
34c8fabeeb
tunables work
2005-06-13 20:44:23 +00:00
Chris PeBenito
31908be07f
a few missed renames, and start fixing up tunables
2005-06-13 20:27:32 +00:00
Chris PeBenito
94670f292b
fix
2005-06-13 20:10:01 +00:00
Chris PeBenito
eec67390d7
make summary and description optional in interfaces until we can clean it up
2005-06-13 20:03:08 +00:00
Chris PeBenito
5a45e70177
rename setattr removable_device_t
2005-06-13 20:00:36 +00:00
Karl MacMillan
8700497fb1
Updates to documentation.
2005-06-13 19:22:00 +00:00
Chris PeBenito
61bbe5312e
add "this is a generated file!" comment to top of corenetwork.{te,if}
2005-06-13 18:40:08 +00:00
Chris PeBenito
3c6d78b920
ul end tag fix, and css tweak
2005-06-13 18:07:35 +00:00
Chris PeBenito
fae6ff9aab
update from method
2005-06-13 17:41:38 +00:00
Chris PeBenito
d9507b1874
fix xml
2005-06-13 17:40:51 +00:00
Chris PeBenito
c9428d33dc
renaming insanity
2005-06-13 17:35:46 +00:00
Chris PeBenito
b2bf0b5c98
overwrite the generated .te file instead of append
2005-06-13 17:32:40 +00:00
Karl MacMillan
f0c985ca80
Devices rename.
2005-06-13 16:22:32 +00:00
Chris PeBenito
12b559a402
move policy.xml to doc, so it doesnt get deleted on a make clean
2005-06-13 12:55:56 +00:00
Chris PeBenito
bec110090f
make module description optional and interface summary optional until
...
everything is updated
2005-06-10 21:12:55 +00:00
Chris PeBenito
e214f62733
html tag updates
2005-06-10 20:39:41 +00:00
Karl MacMillan
bef4f00aa9
Added missing interface.
2005-06-10 14:33:06 +00:00
Chris PeBenito
d46f023278
more updates from method
2005-06-10 01:35:43 +00:00
Chris PeBenito
0fd9dc55cf
renaming insanity
2005-06-10 01:01:13 +00:00
Chris PeBenito
24040829d0
fix can_exec
2005-06-10 01:00:48 +00:00
Chris PeBenito
e1db6e9d0d
policy.xml is now in tmp/
2005-06-09 23:06:49 +00:00
Chris PeBenito
cab7c00ff4
make macro work
2005-06-09 23:06:23 +00:00
Chris PeBenito
e3fd778b8f
add can_exec
2005-06-09 23:06:07 +00:00
Chris PeBenito
1b8d67d157
fix
2005-06-09 22:46:38 +00:00
Karl MacMillan
c75e65afad
Templates for menu ordering change.
2005-06-09 21:19:37 +00:00
Chris PeBenito
a154cd45f3
reorder
2005-06-09 21:07:58 +00:00
Karl MacMillan
d6b0f3712f
Fixed doc tool to order menus.
2005-06-09 21:05:33 +00:00
Chris PeBenito
5d9417870c
speed improvement
2005-06-09 20:53:45 +00:00
Chris PeBenito
588ffaeb7f
kernel.if renaming
2005-06-09 20:50:17 +00:00
Chris PeBenito
eda201efe8
more renaming and xml
2005-06-09 19:52:50 +00:00
Chris PeBenito
eca5b2dd79
rename
2005-06-09 19:22:27 +00:00
Chris PeBenito
997bd99521
fix bracket display for optional parameters
2005-06-09 19:21:32 +00:00
Chris PeBenito
20030ef5d6
add back html page generation
2005-06-09 19:02:52 +00:00
Chris PeBenito
1601fb3738
fixes and remove debug code
2005-06-09 19:02:32 +00:00
Chris PeBenito
fe3bd5a557
more indentation for modules in the menu
2005-06-09 18:56:50 +00:00
Chris PeBenito
eb437dd092
initial commit
2005-06-09 18:17:25 +00:00
Chris PeBenito
5a3299bd30
updates
2005-06-09 18:16:51 +00:00
Chris PeBenito
cc41a97c99
aliases
2005-06-09 18:08:26 +00:00
Chris PeBenito
7591e83cba
fix layer in module tag
2005-06-09 17:56:38 +00:00
Chris PeBenito
c6ebefd2f2
rename
2005-06-09 17:51:40 +00:00
Chris PeBenito
d90b274e40
for now, drop infoflow tags
2005-06-09 17:23:53 +00:00
Chris PeBenito
16e1cf48cd
make policy.xml depend on all if's being generated
2005-06-09 17:23:23 +00:00
Chris PeBenito
dc67f782e4
aliases
2005-06-09 17:21:52 +00:00
Chris PeBenito
0a10b1fa12
aliases
2005-06-09 15:32:23 +00:00
Chris PeBenito
fe040c9777
renaming and xml
2005-06-09 15:20:31 +00:00
Chris PeBenito
dd822947d2
aliases
2005-06-09 14:50:48 +00:00
Chris PeBenito
80048ca5d2
aliases
2005-06-09 14:26:05 +00:00
Chris PeBenito
5d31560b4d
genhomedircon entries
2005-06-08 22:32:43 +00:00
Chris PeBenito
5552ed88f3
initial commit
2005-06-08 22:32:33 +00:00
Chris PeBenito
e12e573815
better handling of generated files
2005-06-08 22:14:26 +00:00
Chris PeBenito
f2e4ab3a99
make corenetwork generation explicit, rather then on-the-fly
2005-06-08 21:46:39 +00:00
Chris PeBenito
7edd02d4f1
aliasing
2005-06-08 21:07:03 +00:00
Chris PeBenito
0350b1dc7f
support_modules is finally gone, and modules.disable->modules.conf
2005-06-08 21:03:00 +00:00
Chris PeBenito
b29d23f315
initial commit
2005-06-08 20:49:16 +00:00
Chris PeBenito
c2c00bee05
add aliases
2005-06-08 20:28:45 +00:00
Karl MacMillan
72bdc60860
Moved and changed user_mls to gen_user.
2005-06-08 20:23:43 +00:00
Karl MacMillan
eb5e237573
Renamed support macros for consistency.
2005-06-08 20:23:12 +00:00
Chris PeBenito
eac7c31055
make infoflow optional
2005-06-08 20:08:24 +00:00
Chris PeBenito
dc5daf8b99
overhaul
2005-06-08 19:57:26 +00:00
Chris PeBenito
9f72a2655f
renaming
2005-06-08 18:40:30 +00:00
Chris PeBenito
0c5a288e98
interface renaming
2005-06-08 18:00:04 +00:00
Chris PeBenito
1694dee685
interface renaming
2005-06-08 16:18:08 +00:00
Chris PeBenito
066d463147
comment fix
2005-06-08 16:16:41 +00:00
Chris PeBenito
84eb353cd9
more fixes
2005-06-08 13:44:23 +00:00
Chris PeBenito
a7197232e8
add can_exec
2005-06-08 13:41:05 +00:00
Chris PeBenito
763c441e3b
start renaming filesystem interfaces
2005-06-08 13:12:00 +00:00
Chris PeBenito
a9ec5414d1
add interface macro
2005-06-08 13:11:47 +00:00
Chris PeBenito
b46609f09f
fix missing _socket in class
2005-06-08 13:08:01 +00:00
Chris PeBenito
3865d6b95e
add xml
2005-06-07 22:36:07 +00:00
Chris PeBenito
ddea18b0ad
more tunable work
2005-06-07 22:26:39 +00:00
Chris PeBenito
758618b1f3
initial commit
2005-06-07 22:26:11 +00:00
Karl MacMillan
6847e8295c
First cut at fixing fc_sort.
2005-06-07 21:20:14 +00:00
Chris PeBenito
2224ed3aa5
remove java
2005-06-07 18:50:35 +00:00
Chris PeBenito
9c25fdd816
add updated dtd
2005-06-07 18:49:44 +00:00
Chris PeBenito
254bbc7bb3
start switching over to new tunable infrastructure
2005-06-07 18:45:47 +00:00
Chris PeBenito
3a80ec29c6
initial tunable tool fixes
2005-06-07 18:35:18 +00:00
Chris PeBenito
8fb301e9ab
32 is space. ascii <= 32 is all whitespace
2005-06-07 18:26:28 +00:00
Chris PeBenito
89ec2321b7
initial commit
2005-06-07 18:23:00 +00:00
Chris PeBenito
0fbe15dc8a
start adding module disable and tunable infrastructure
2005-06-07 15:11:47 +00:00
Chris PeBenito
02b584a174
initial commit
2005-06-07 15:10:43 +00:00
Chris PeBenito
43bc3906c5
initial commit
2005-06-07 14:46:31 +00:00
Chris PeBenito
2d68932a8d
fix broken macros
2005-06-07 14:46:20 +00:00
Chris PeBenito
a1d2e8ab29
add domain(_auto)_trans
2005-06-07 14:43:14 +00:00
Chris PeBenito
eb7f9a34cb
move audit to logging
2005-06-07 14:27:19 +00:00
Chris PeBenito
ef5e55c9fa
move to logging
2005-06-07 14:16:14 +00:00
Chris PeBenito
09693356ac
fix appconfig dir
2005-06-06 18:16:41 +00:00
Chris PeBenito
b67488e36a
rework policy build options
2005-06-06 18:13:38 +00:00
Chris PeBenito
0c73cd2526
change over to some perm set macros. add indentation
2005-06-03 12:25:14 +00:00
Chris PeBenito
36e54b81f7
initial commit of xml->html conversion
2005-06-02 20:39:32 +00:00
Chris PeBenito
4196997813
add some indentation
2005-06-02 20:26:48 +00:00
Chris PeBenito
d115660e3b
change network verb in corenetwork to sendrecv
2005-06-02 18:55:47 +00:00
Chris PeBenito
cabfa520aa
move fs_use and isids to respective modules
2005-06-02 15:39:10 +00:00
Chris PeBenito
ca83afe7e6
start breaking up support_macros into macros dir
2005-06-02 14:31:31 +00:00
Chris PeBenito
44cda51b4f
add some comments. make install target install appconfig files
2005-06-01 20:17:47 +00:00
Chris PeBenito
f5d4efd756
add missing system_crond_t transition pieces
2005-06-01 20:16:36 +00:00
Chris PeBenito
98af6c7763
remove extra whitespace
2005-06-01 19:18:54 +00:00
Chris PeBenito
de96491bda
move global.if to support_macros at top level
2005-06-01 19:17:13 +00:00
Chris PeBenito
6d9915d615
add missing pieces of crond_t -> $1_crond_t transition
2005-06-01 19:01:28 +00:00
Chris PeBenito
0447352aec
use variable for dtd. move policy type to variant section
2005-06-01 19:01:00 +00:00
Chris PeBenito
004db90d3f
do dtd verification on xml. fix current xml to be valid
2005-06-01 18:34:34 +00:00
Chris PeBenito
3c62aa31a9
fix policy.xml to not have templates for generated interfaces
2005-06-01 17:45:06 +00:00
Chris PeBenito
2fc84fd172
move user_u and root to users
2005-06-01 17:40:22 +00:00
Chris PeBenito
aa40608fbe
remove copyright until licensing issues are resolved
2005-06-01 17:34:13 +00:00
Chris PeBenito
2926f9c788
better handling of appconfig dir
2005-06-01 17:27:56 +00:00
Chris PeBenito
f267dfbb8b
fix module name in xml
2005-06-01 17:27:39 +00:00
Chris PeBenito
134191be67
move flask dir to top level, and update them from nsa cvs. move files in
...
misc to top level. make mls support work.
2005-06-01 15:40:37 +00:00
Chris PeBenito
7555aab027
initial commit
2005-06-01 14:37:51 +00:00
Chris PeBenito
e32d52ba47
fix xml
2005-06-01 14:17:43 +00:00
Chris PeBenito
1293184998
last fixes for cab
2005-06-01 13:51:54 +00:00
Chris PeBenito
d115b24712
more cab work
2005-05-31 23:02:11 +00:00
Chris PeBenito
3b857eae09
add some file_t interfaces, and console write
2005-05-31 21:25:45 +00:00
Chris PeBenito
b8fca44d3f
initial commit
2005-05-31 20:39:15 +00:00
Chris PeBenito
b4c3f54eca
initial commit
2005-05-31 19:53:54 +00:00
Chris PeBenito
4bf4ed9e68
permission set macro changes, plus more cab related work
2005-05-31 19:52:57 +00:00
Chris PeBenito
08eb9d1a33
fix tmpfs assoc call
2005-05-31 13:45:37 +00:00
Chris PeBenito
f5c42bd80b
many fixes from cab work
2005-05-30 21:17:20 +00:00
Chris PeBenito
32e53ac1b8
cleanup inspired by sediff
2005-05-27 21:56:01 +00:00
Chris PeBenito
16e9b0cb6b
rpmbuild_t is not a system domain. also mark it as most likely dead.
2005-05-27 21:29:54 +00:00
Chris PeBenito
c6fd1f85ba
restructure users, and add signalling
2005-05-27 20:44:05 +00:00
Chris PeBenito
07da0af7bd
tmpfs associate for redhat
2005-05-27 20:43:37 +00:00
Chris PeBenito
dd31631500
fix ordering and put in var_lib_t
2005-05-27 20:29:17 +00:00
Chris PeBenito
d490eb6b5c
fixes from cab
2005-05-26 20:38:45 +00:00
Chris PeBenito
c220381539
initial commit
2005-05-26 15:50:53 +00:00
Chris PeBenito
efd8ede34d
many fixes from cab testing
2005-05-25 20:58:21 +00:00
Chris PeBenito
c9a26b3e95
add in appconfig files
2005-05-25 20:58:09 +00:00
Chris PeBenito
10abae75d9
initial commit
2005-05-25 19:52:21 +00:00
Chris PeBenito
cbeef67c1c
cleanup
2005-05-24 22:22:26 +00:00
Chris PeBenito
3b3bf871a7
cleanup
2005-05-24 21:41:29 +00:00
Chris PeBenito
6f3dab294e
initial commit
2005-05-24 21:32:34 +00:00
Chris PeBenito
7d7a36af98
initial commit
2005-05-24 21:23:39 +00:00
Chris PeBenito
e7fcdc6d2f
fix the object class in process transition interfaces
2005-05-24 20:45:27 +00:00
Chris PeBenito
547283e29a
more fixes
2005-05-24 20:44:31 +00:00
Chris PeBenito
c907b3e2c7
cleanup for corenetwork interface generation
2005-05-24 17:34:29 +00:00
Chris PeBenito
88c72f4408
a few touchups
2005-05-24 17:31:39 +00:00
Chris PeBenito
dc771ff40e
another cleanup pass
2005-05-24 15:55:57 +00:00
Chris PeBenito
6276f10155
instead of using macros to drop out non-macro calls during corenetwork
...
interface generation, use grep to get the macro calls and feed to m4
2005-05-24 15:52:57 +00:00
Chris PeBenito
992aba5f15
initial commit
2005-05-23 17:56:47 +00:00
Chris PeBenito
6b48fd013c
stuff from rpm
2005-05-23 17:56:35 +00:00
Chris PeBenito
57440fb076
add dontaudit shadow_t getattr
2005-05-23 17:56:26 +00:00
Chris PeBenito
957e269eb2
fix tmpfs associate infoflow
2005-05-23 17:56:00 +00:00
Chris PeBenito
39255175ca
move in stuff from rpm
2005-05-23 17:01:51 +00:00
Chris PeBenito
15a9613ca4
add ldconfig and rpm transitions
2005-05-23 15:51:33 +00:00
Chris PeBenito
162a57e583
add missing xml
2005-05-23 15:50:12 +00:00
Chris PeBenito
46410fd2b9
add tmpfsfile support
2005-05-23 15:49:31 +00:00
Chris PeBenito
1c9f9a50df
add signull all domains
2005-05-23 15:49:03 +00:00
Chris PeBenito
3000a31552
make transition on shell work
2005-05-23 15:48:45 +00:00
Chris PeBenito
c4309768f1
add transitions
2005-05-23 15:47:13 +00:00
Chris PeBenito
48e0dbd63e
add ldconfig
2005-05-23 15:45:53 +00:00
Chris PeBenito
e32c0d3b86
add mls sensitivity to genfscon, initial sids and fs_use
2005-05-20 20:43:18 +00:00
Chris PeBenito
0d0d2bafd6
add mls port support
2005-05-20 20:23:25 +00:00
Chris PeBenito
085faa06ff
add xml comments to generated sections, and add mls support to interfaces
...
and nodes
2005-05-20 20:07:42 +00:00
Chris PeBenito
daa0e0b01f
add xml comments to interfaces, convert over userdomain stuff
2005-05-19 21:06:06 +00:00
Chris PeBenito
bee546bfd4
add context template to support mls
2005-05-18 21:02:15 +00:00
Chris PeBenito
26c87e0c42
add userdomain:fd use
2005-05-18 21:00:56 +00:00
Chris PeBenito
490639cd57
add a xml comment
2005-05-18 21:00:30 +00:00
Chris PeBenito
2e77b29e67
add xml
2005-05-18 21:00:00 +00:00
Chris PeBenito
494e988f80
fix xml
2005-05-18 20:59:38 +00:00
Chris PeBenito
6d314fd3c1
add xml doc generation
2005-05-18 20:58:13 +00:00
Chris PeBenito
8623d5b854
move run_init to selinux, as it is part of policycoreutils
2005-05-18 16:03:54 +00:00
Chris PeBenito
1786071159
rename some selinuxfs interfaces for more clarity
2005-05-18 13:22:37 +00:00
Chris PeBenito
ef373408a6
add source policy interfaces
2005-05-18 13:21:28 +00:00
Chris PeBenito
5817e3a820
add renice all domains
2005-05-18 13:21:00 +00:00
Chris PeBenito
759ba0a459
add get all filesystems quotas
2005-05-18 13:20:38 +00:00
Chris PeBenito
76bff31d96
add admin template
2005-05-18 13:20:16 +00:00
Chris PeBenito
c3dff2e0a2
add device_node:{ chr_file blk_file } getattr;
2005-05-18 13:19:51 +00:00
Chris PeBenito
4d8ddf9a4f
start adding admin template
2005-05-18 13:18:49 +00:00
Chris PeBenito
dd14d0d892
change read_shared_libraries to use_shared_libraries, since the execute
...
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
2005-05-17 15:32:52 +00:00
Chris PeBenito
650e75c57d
initial commit
2005-05-16 21:11:26 +00:00
Chris PeBenito
b16c6b8c32
start adding user domains. fix ttynode and ptynode handling, as they're
...
more then user terminals (at least ptynode is). start adding XML comments
2005-05-16 21:10:33 +00:00
Chris PeBenito
c6a3a22457
add more parts to send_mail and drop transition since its more then a transition
2005-05-13 20:52:28 +00:00
Chris PeBenito
ff31386090
move make_{daemon,init,system}_domain to init to fix type_transition'ing
2005-05-13 20:21:50 +00:00
Chris PeBenito
24a7ae1a5a
add lvm.fc, and move relevant entries to devices.fc and storage.fc
2005-05-13 15:03:19 +00:00
Chris PeBenito
7bba9d317a
pile of updates
2005-05-13 14:37:13 +00:00
Chris PeBenito
1bde8321dd
initial commit
2005-05-13 14:36:35 +00:00
Chris PeBenito
075c4fdaf1
additions for cron and mta
2005-05-12 20:50:09 +00:00
Chris PeBenito
fd9deeb8ee
reorg and a fix
2005-05-12 20:49:39 +00:00
Chris PeBenito
d18e3d73bb
add crontab
2005-05-11 20:55:40 +00:00
Chris PeBenito
fb1aee72f4
add iface creating private logs
2005-05-11 20:54:14 +00:00
Chris PeBenito
d25dd9c1c2
add make temporary_file and daemon_runtime_file
2005-05-11 19:36:36 +00:00
Chris PeBenito
38e24ae49e
add files_make_temporary_file and remove type attribute from
...
create_private_tmp
2005-05-11 19:21:40 +00:00
Chris PeBenito
0b1af28713
fix logging_make_log_file use
2005-05-11 19:11:14 +00:00
Chris PeBenito
23caa6d147
initial commit
2005-05-11 19:05:50 +00:00
Chris PeBenito
24280a524d
updates needed for cron
2005-05-11 19:05:15 +00:00
Chris PeBenito
3ec805f7e5
add read and search for etc_t:dir
2005-05-11 16:48:10 +00:00
Chris PeBenito
118186e3dc
make a reasonable lib_t interface
2005-05-11 15:46:51 +00:00
Chris PeBenito
1832271029
reorder for more consistency
2005-05-11 15:22:28 +00:00
Chris PeBenito
dec1686f0b
oops
2005-05-10 20:25:20 +00:00
Chris PeBenito
6b674012fc
reorder for more consistency
2005-05-10 20:24:26 +00:00
Chris PeBenito
b3416a3762
initial commit
2005-05-10 20:06:19 +00:00
Chris PeBenito
eeb2558418
leftover from netutils
2005-05-10 20:06:04 +00:00
Chris PeBenito
f8ec0ad43b
initial commit
2005-05-10 19:51:00 +00:00
Chris PeBenito
63a310c8cf
leftover from modutils
2005-05-10 19:50:41 +00:00
Chris PeBenito
279b555ae3
reorder to fit file context style rules
2005-05-10 19:47:37 +00:00
Chris PeBenito
0f3be6dbbb
initial commit
2005-05-10 15:31:48 +00:00
Chris PeBenito
6f50b57665
use ptys
2005-05-10 15:03:56 +00:00
Chris PeBenito
2812bfac86
fix hotplug optional
2005-05-10 15:00:54 +00:00
Chris PeBenito
35b2fb4d41
add v4l_device_t
2005-05-10 14:12:10 +00:00
Chris PeBenito
46be1f32ca
add printer_device_t
2005-05-10 13:59:10 +00:00
Chris PeBenito
13e94c09e4
more authlogin handling
2005-05-09 21:07:53 +00:00
Chris PeBenito
5c162193b7
move system_chkpwd to .te rather then using template, so that the
...
ifelse(system,..) can be eliminated
2005-05-09 21:06:51 +00:00
Chris PeBenito
cb28738d20
priv* attribute fixes for sulogin
2005-05-09 21:05:01 +00:00
Chris PeBenito
c18e825f57
unexpand can_kerberos
2005-05-09 21:03:38 +00:00
Chris PeBenito
a9a20ddaae
allow all domains to use /dev/{zero,null,tty}
2005-05-09 19:55:01 +00:00
Chris PeBenito
e843cc89fd
reorder restorecon and setfiles relabel rules for consistency
2005-05-09 19:06:56 +00:00
Chris PeBenito
a1f94a3441
clean up authentication attributes
2005-05-09 18:50:20 +00:00
Chris PeBenito
96b0000f1b
start adding infrastructure for the constraint exceptions
2005-05-09 17:47:57 +00:00
Chris PeBenito
18f25afdf6
start adding infrastructure for the constraint exceptions
2005-05-09 17:41:29 +00:00
Chris PeBenito
c5b5a7479a
cleanup
2005-05-09 15:40:56 +00:00
Chris PeBenito
5d7e8ba6fb
add sulogin
2005-05-09 15:38:06 +00:00
Chris PeBenito
15e3d8e8bc
initial commit
2005-05-09 13:26:33 +00:00
Chris PeBenito
8e02803ce3
add lvm_vg interfaces and do a little cleanup
2005-05-06 21:36:11 +00:00
Chris PeBenito
b2b38c78d4
initial commit
2005-05-05 21:40:32 +00:00
Chris PeBenito
ec81ecb30c
add read fonts
2005-05-05 21:36:53 +00:00
Chris PeBenito
44a43b680b
interfaces needed for clock
2005-05-05 21:19:18 +00:00
Chris PeBenito
2274f9ae4a
initial commit
2005-05-05 21:18:27 +00:00
Chris PeBenito
0fef98c405
add legacy read locale
2005-05-05 20:33:35 +00:00
Chris PeBenito
0634b6e77e
fix per_userdomain_templates macro generation
2005-05-05 19:38:22 +00:00
Chris PeBenito
ebf7600f20
cleanup
2005-05-05 19:04:51 +00:00
Chris PeBenito
bbd6a62111
convert over to system_domain, plus a couple init cleanups
2005-05-05 18:30:00 +00:00
Chris PeBenito
4fc91539f6
initial commit
2005-05-05 17:44:36 +00:00
Chris PeBenito
d0eddb6b0d
add in system_domain
2005-05-05 17:44:11 +00:00
Chris PeBenito
f66a1af94b
move type delcarations after attribute delcarations to fix a typeattribute
...
ordering issue. comment out the TODO types with a # so they don't get moved
2005-05-05 14:08:26 +00:00
Chris PeBenito
23af43bfef
fix depends
2005-05-05 14:02:32 +00:00
Chris PeBenito
df431c87fb
add missing copyright and policy_module lines
2005-05-05 14:01:59 +00:00
Chris PeBenito
f1470e5ede
rules picked up from sediff
2005-05-04 21:44:51 +00:00
Chris PeBenito
849380bd9a
add usermanage
2005-05-04 19:15:13 +00:00
Chris PeBenito
1e5c2a416a
more conversion
2005-05-04 17:01:46 +00:00
Chris PeBenito
bd202fe157
clean up interfaces for new binary module optional structure
2005-05-04 13:19:47 +00:00
Chris PeBenito
f1578d05a9
stuff from sysnetwork
2005-05-04 13:16:34 +00:00
Chris PeBenito
0bc32e04de
a few more copied over
2005-05-04 13:16:09 +00:00
Chris PeBenito
0d7ad32935
start moving in dhcpc and ifconfig
2005-05-04 13:14:48 +00:00
Chris PeBenito
75a10baf44
add in pam console
2005-05-03 21:04:20 +00:00
Chris PeBenito
b2e0625ca1
more conversion due to new interfaces
2005-05-03 20:44:35 +00:00
Chris PeBenito
3ce6cb4a45
fill pam and utempter authlogin policy and fix up interfaces
2005-05-03 20:23:33 +00:00
Chris PeBenito
07d6e32f44
reorg run_init a little, and add a convert to a few new interfaces
2005-05-02 21:02:14 +00:00
Chris PeBenito
ab64c30fc3
add newrole:fd use
2005-05-02 21:01:31 +00:00
Chris PeBenito
3a9aef9246
updates
2005-05-02 21:01:08 +00:00
Chris PeBenito
6b93833ba0
initial commit
2005-05-02 19:24:29 +00:00
Chris PeBenito
25baab18d1
switch over to tunable_policy and optional_policy
2005-05-02 19:22:58 +00:00
Chris PeBenito
f360f82f54
fix stupid _depend define errors (s/ifdef/define/g)
2005-05-02 19:19:06 +00:00
Chris PeBenito
67484fced4
add ignore read system state
2005-05-02 18:42:33 +00:00
Chris PeBenito
de2cee6817
add tty_device_t and devpts_t chr_file interfaces
2005-05-02 18:42:10 +00:00
Chris PeBenito
dfaf6c2ad8
add authlogin_read_pam_runtime_data and cleanup interfaces
2005-05-02 18:41:20 +00:00
Chris PeBenito
9f2f9e6dfe
add ignore read rootfs file
2005-05-02 18:40:42 +00:00
Chris PeBenito
d0b6abebb9
add in use and ignore use init control channel interfaces
2005-05-02 18:40:05 +00:00
Chris PeBenito
ba7740d145
handful of changes
2005-05-02 18:38:02 +00:00
Chris PeBenito
c3c58c5d8e
move in rule from hotplug
2005-05-02 18:37:24 +00:00
Chris PeBenito
1b909968df
add in missing policy_module line
2005-05-02 18:36:51 +00:00
Chris PeBenito
fc83dba9a0
domains not needed for execute interface
2005-05-02 18:36:11 +00:00
Chris PeBenito
85bd7f1ffa
add in transition and execute interfaces, and newrole sigchld interface
2005-05-02 18:18:45 +00:00
Chris PeBenito
5eafc37492
add append to /dev/null write
2005-05-02 15:42:20 +00:00
Chris PeBenito
e9a6fcb8f1
fix privfd
2005-04-29 21:00:40 +00:00
Chris PeBenito
4472f3ec01
doh
2005-04-29 21:00:29 +00:00
Chris PeBenito
7009881cc0
add in missing devices
2005-04-29 20:35:49 +00:00
Chris PeBenito
05a5cdccc3
add a few missing ports, and ppp_device_t
2005-04-29 20:22:04 +00:00
Chris PeBenito
a7ed44d531
initial commit
2005-04-29 20:16:38 +00:00
Chris PeBenito
a2d8246bf6
make mountpoints work, plus misc
2005-04-28 21:41:09 +00:00
Chris PeBenito
07efe969fe
initial local login commit
2005-04-28 19:50:58 +00:00
Chris PeBenito
ee5772e455
add bulk of selinux module policy, and add required interfaces
2005-04-28 18:59:01 +00:00
Chris PeBenito
f9cfa192a4
minor fixes
2005-04-28 18:58:39 +00:00
Chris PeBenito
b5860610b4
missed that sysctl_dev is a dir too
2005-04-28 15:52:42 +00:00
Chris PeBenito
3009816bcd
convert over optional policy to optional_policy macro
2005-04-28 15:48:27 +00:00