Commit Graph

198 Commits

Author SHA1 Message Date
Daniel J Walsh
ee88b050c5 - Add asterisk policy back in 2009-11-20 16:55:54 +00:00
Daniel J Walsh
32594a1112 - Allow vpnc request the kernel to load modules 2009-10-02 15:15:36 +00:00
Daniel J Walsh
d976a83a17 - Allow cupsd_config to read user tmp
- Allow snmpd_t to signal itself
- Allow sysstat_t to makedir in sysstat_log_t
2009-09-30 17:37:44 +00:00
Daniel J Walsh
5b96313949 - Update rhcs policy 2009-09-29 19:47:31 +00:00
Daniel J Walsh
8b10e3abd7 - Update rhcs policy 2009-09-29 12:38:58 +00:00
Daniel J Walsh
69290fd9df - Update to upstream
- Dontaudit nsplugin search /root
- Dontaudit nsplugin sys_nice
2009-09-16 17:50:32 +00:00
Daniel J Walsh
6b7b0c1cdc - Fix devicekit_disk_t to getattr on all domains sockets and fifo_files
- Conflicts seedit (You can not use selinux-policy-targeted and seedit at
    the same time.)
2009-09-15 18:26:13 +00:00
Daniel J Walsh
ab8f807545 - More fixes 2009-09-09 21:08:02 +00:00
Daniel J Walsh
b8498d1e5b - More fixes 2009-09-08 23:55:31 +00:00
Daniel J Walsh
42f9effee7 - Add back in unconfined.pp and unconfineduser.pp
- Add Sandbox unshare
2009-08-26 20:19:02 +00:00
Daniel J Walsh
c5f5b5dbcb - Add ABRT policy 2009-08-21 22:58:28 +00:00
Daniel J Walsh
40243d944f - Allow cupsd_config_t to be started by dbus
- Add smoltclient policy
2009-08-18 22:43:34 +00:00
Daniel J Walsh
cbedd06c12 - Add kdump policy for Miroslav Grepl
- Turn off execstack boolean
2009-08-12 20:09:21 +00:00
Daniel J Walsh
867473ac62 - Add kdump policy for Miroslav Grepl
- Turn off execstack boolean
2009-08-10 18:22:10 +00:00
Daniel J Walsh
c6e2224c70 - Fix polkit label
- Remove hidebrokensymptoms for nss_ldap fix
- Add modemmanager policy
- Lots of merges from upstream
- Begin removing textrel_shlib_t labels, from fixed libraries
2009-07-30 04:31:53 +00:00
Daniel J Walsh
df7055d5b3 - Update to upstream 2009-07-23 21:47:41 +00:00
Daniel J Walsh
221642f17f - Add rtkit policy 2009-06-25 21:43:36 +00:00
Daniel J Walsh
9850f4d30d - Allow kpropd to create tmp files 2009-06-24 13:15:55 +00:00
Daniel J Walsh
8866315d40 - Update to upstream
cleanup
Fri Jun 19 2009 Dan Walsh <dwalsh@redhat.com> 3.6.17-1
- Update to upstream
- Additional mail ports
- Add virt_use_usb boolean for svirt
2009-06-20 13:59:00 +00:00
Daniel J Walsh
eead2a6f25 - Allow fprintd to access sys_ptrace
- Add sandbox policy
2009-05-20 17:28:24 +00:00
Daniel J Walsh
7b6c105887 - Add varnishd policy 2009-05-18 18:49:15 +00:00
Daniel J Walsh
5dd89f3819 - Fix /sbin/ip6tables-save context 2009-05-02 11:52:13 +00:00
Daniel J Walsh
37ebfc9102 - Add shorewall policy 2009-04-30 22:22:00 +00:00
Daniel J Walsh
40d8f60dd7 - Allow nsplugin to unix_read unix_write sem for unconfined_java 2009-04-28 20:09:21 +00:00
Daniel J Walsh
d4af172a64 - Separate out the ucnonfined user from the unconfined.pp package 2009-04-11 12:30:22 +00:00
Daniel J Walsh
25a47636ae - Upgrade to latest upstream
- Allow devicekit_disk sys_rawio
2009-04-08 00:59:46 +00:00
Daniel J Walsh
f49c57d5e6 - Allow setroubelshoot exec* privs to prevent crash from bad libraries
- add cpufreqselector
2009-04-03 14:45:58 +00:00
Daniel J Walsh
5dce3c12f7 - Add xenner and wine fixes from mgrepl 2009-03-20 18:42:38 +00:00
Daniel J Walsh
46b5649f90 - Add pulseaudio context 2009-03-09 21:17:23 +00:00
Daniel J Walsh
0c34c69a38 - Add pulseaudio context 2009-03-09 16:18:51 +00:00
Daniel J Walsh
4f5b223107 - Upgrade to latest patches 2009-03-06 21:11:04 +00:00
Daniel J Walsh
a67a1c12aa - Upgrade to latest patches 2009-03-05 21:05:47 +00:00
Daniel J Walsh
496752533e - Further confinement of qemu images via svirt 2009-02-27 21:22:47 +00:00
Daniel J Walsh
1d1c058a4e - Add git web policy 2009-02-10 16:08:36 +00:00
Daniel J Walsh
2fbeb784fa - Fixes for wicd daemon 2009-01-28 22:23:18 +00:00
Daniel J Walsh
1b94a1375f - Add wm policy 2009-01-21 20:39:17 +00:00
Daniel J Walsh
acc137684b - Add devicekit policy 2009-01-19 22:34:56 +00:00
Daniel J Walsh
87fb15321a - Allow cups_pdf_t write to nfs_t 2009-01-12 16:59:00 +00:00
Daniel J Walsh
dcd0c96f34 - Allow unconfined_r unconfined_java_t 2008-12-11 15:21:57 +00:00
Daniel J Walsh
02d888c766 - Fix labeling on /var/spool/rsyslog 2008-11-25 19:18:01 +00:00
Daniel J Walsh
6a09cfb688 - Allow hal/pm-utils to look at /var/run/video.rom
- Add ulogd policy
2008-11-05 18:26:36 +00:00
Daniel J Walsh
411a424e1c - Additional fixes for cyphesis
- Fix certmaster file context
- Add policy for system-config-samba
2008-11-04 15:40:31 +00:00
Daniel J Walsh
a023a0be19 - Allow dhcpc to restart ypbind
- Fixup labeling in /var/run
2008-11-03 22:42:53 +00:00
Daniel J Walsh
333ebd64df - Allow dhcpc to restart ypbind
- Fixup labeling in /var/run
2008-11-03 21:09:40 +00:00
Daniel J Walsh
4125702a20 - Update to upstream 2008-10-14 23:50:08 +00:00
Daniel J Walsh
675bbabe24 - Update to upstream policy 2008-10-09 03:10:32 +00:00
Daniel J Walsh
11ef2470b7 - Fix labeling on new pm*log
- Allow ssh to bind to all nodes
2008-09-18 21:02:12 +00:00
Daniel J Walsh
530772ab58 - Fix labeling on new pm*log
- Allow ssh to bind to all nodes
2008-09-18 19:34:12 +00:00
Daniel J Walsh
8d197ddd11 - Merge upstream changes
- Add Xavier Toth patches
2008-09-18 14:19:06 +00:00
Daniel J Walsh
b844bb281b - Merge upstream changes
- Add Xavier Toth patches
2008-09-17 23:56:23 +00:00
Daniel J Walsh
59571abd0d - Merge upstream changes
- Add Xavier Toth patches
2008-09-16 13:57:15 +00:00
Daniel J Walsh
8a482d67b3 - Merge upstream changes
- Add Xavier Toth patches
2008-09-12 20:36:21 +00:00
Daniel J Walsh
aca77a6f2d - Remove gamin policy 2008-09-08 21:01:42 +00:00
Daniel J Walsh
0a219fe07b - Update to upstream
- New handling of init scripts
2008-09-03 20:16:35 +00:00
Daniel J Walsh
cd8bee594b - Update to upstream
- Fix crontab use by unconfined user
2008-08-29 19:29:23 +00:00
Daniel J Walsh
1a0f642074 - Update to upstream 2008-08-11 21:19:25 +00:00
Daniel J Walsh
6ed8533082 - Update to latest refpolicy 2008-07-15 15:22:39 +00:00
Daniel J Walsh
15f71c5d61 - Add livecd policy 2008-06-04 17:26:52 +00:00
Daniel J Walsh
a4995d5c65 - Merge Upstream 2008-05-30 20:12:46 +00:00
Daniel J Walsh
7fd4585229 - Merge Upstream 2008-05-23 20:05:34 +00:00
Daniel J Walsh
7e6a2a413c updated policy 2008-05-20 21:37:28 +00:00
Daniel J Walsh
4b7f030014 Update for rawhide 2008-05-19 13:02:56 +00:00
Daniel J Walsh
6c25b428ce - Remove dmesg boolean
- Allow user domains to read/write game data
2008-05-06 17:01:42 +00:00
Daniel J Walsh
987b10f86d - Add cups_pdf policy
- Add openoffice policy to run in xguest
2008-03-14 00:25:00 +00:00
Daniel J Walsh
1bf67d57ed - Fix initrc_context generation for MLS 2008-03-06 22:25:06 +00:00
Daniel J Walsh
c092cc1478 - Add cyphesis policy 2008-02-26 23:02:51 +00:00
Daniel J Walsh
b53db53c9f - Add policy for kerneloops
- Add policy for gnomeclock
2008-02-05 18:31:25 +00:00
Daniel J Walsh
b19d470cd4 - Update to upstream
- Add libvirt policy
- add qemu policy
2008-02-02 06:30:04 +00:00
Daniel J Walsh
e1060e24d5 - Allow fail2ban to create a socket in /var/run 2008-02-01 13:49:05 +00:00
Daniel J Walsh
f18a882ba5 - Add audisp policy and prelude 2008-01-30 21:34:13 +00:00
Daniel J Walsh
98f84cb0ed - Add procmail_log support
- Lots of fixes for munin
2008-01-21 15:57:25 +00:00
Daniel J Walsh
a502c55197 - Change user and staff roles to work correctly with varied perms 2008-01-03 22:13:09 +00:00
Daniel J Walsh
194f6c15a0 - Allow cron to run unconfined apps 2007-12-18 19:58:20 +00:00
Daniel J Walsh
9281e2cc41 - Update to upstream
- Allow httpd_sys_script_t to search users homedirs
2007-12-11 06:03:18 +00:00
Daniel J Walsh
a1341a85df - Update to upstream
- Allow httpd_sys_script_t to search users homedirs
2007-12-06 21:37:36 +00:00
Daniel J Walsh
9186dc57d9 - Remove user based home directory separation 2007-11-30 22:33:18 +00:00
Daniel J Walsh
ddf4ec413f - Update to upstream 2007-11-19 20:09:32 +00:00
Daniel J Walsh
7330e86b90 - Update to upstream 2007-11-10 14:14:41 +00:00
Daniel J Walsh
36404444a8 - Update to upstream 2007-11-07 19:42:24 +00:00
Daniel J Walsh
fa0d1c8884 - Update to upstream 2007-10-23 23:13:09 +00:00
Daniel J Walsh
ccf8a72ae3 - Fix vpn to bind to port 4500
- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
2007-10-18 21:33:00 +00:00
Daniel J Walsh
25d586808d - Allow newalias/sendmail dac_override
- Allow bind to bind to all udp ports
2007-09-10 22:02:06 +00:00
Daniel J Walsh
37d6a1ce3f - Fix java labeling 2007-09-06 23:34:02 +00:00
Daniel J Walsh
e8b5993e52 - Update an readd modules 2007-08-27 21:43:05 +00:00
Daniel J Walsh
95bbe5cff0 - Upgrade to upstream to grab postgressql changes 2007-08-23 14:07:25 +00:00
Daniel J Walsh
154d8231c3 - Add brctl policy 2007-07-11 19:44:56 +00:00
Daniel J Walsh
a4ec9b75e1 - Remove ifdef strict policy from upstream 2007-06-22 19:21:00 +00:00
Daniel J Walsh
56187c2f8a - Remove ifdef strict policy from upstream 2007-05-31 18:40:35 +00:00
Daniel J Walsh
346d2dccfd 2007-05-21 18:54:40 +00:00
Daniel J Walsh
daa6abe9e1 - Update to latest from upstream 2007-05-04 17:30:10 +00:00
Daniel J Walsh
6821c3df97 - 2007-04-27 17:23:49 +00:00
Daniel J Walsh
4661767044 - MLS Fixes 2007-04-19 13:58:54 +00:00
Daniel J Walsh
9fc00bcbda - Rwho policy
- Fixes for consolekit
2007-04-17 19:28:14 +00:00
Daniel J Walsh
a3b1a2c522 - Update to upstream 2007-04-11 20:55:28 +00:00
Daniel J Walsh
8e5289e20b - Update to upstream 2007-04-02 19:53:16 +00:00
Daniel J Walsh
ce7f30a258 - Update to upstream 2007-04-02 15:17:45 +00:00
Daniel J Walsh
593fb16ef5 - Add fusermount and mount_ntfs policy 2007-03-20 20:45:45 +00:00
Daniel J Walsh
bdb7f99f00 - Fix handling of unlabled_t packets 2007-03-12 14:51:29 +00:00
Daniel J Walsh
2a9b648b37 - More of my patches from upstream 2007-03-11 05:19:36 +00:00
Daniel J Walsh
9a8202d585 - Update to latest from upstream
- Add fail2ban policy
2007-03-01 16:30:20 +00:00