Commit Graph

28 Commits

Author SHA1 Message Date
Chris PeBenito
296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito
2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito
0b36a2146e trunk: Enable open permission checks policy capability. 2008-10-16 16:09:20 +00:00
Chris PeBenito
5d4f4b5375 trunk: bump version numbers for release. 2008-10-14 15:46:36 +00:00
Chris PeBenito
e87221cefe trunk: 21 patches from dan. 2008-10-08 15:50:03 +00:00
Chris PeBenito
48f6456344 trunk: rename labeled init scripts with initrc convention. 2008-09-15 14:20:20 +00:00
Chris PeBenito
8786916e8d trunk: ntp and setrans update from dan. 2008-09-11 14:54:40 +00:00
Chris PeBenito
93f445b8c0 trunk: firstboot update from dan. 2008-08-20 19:45:39 +00:00
Chris PeBenito
0bfccda4e8 trunk: massive whitespace cleanup from dominick grift. 2008-07-23 21:38:39 +00:00
Chris PeBenito
cfcf5004e5 trunk: bump versions for release. 2008-07-02 14:07:57 +00:00
Chris PeBenito
e9c6cda7da trunk: Move user roles into individual modules. 2008-04-29 13:58:34 +00:00
Chris PeBenito
f7925f25f7 trunk: bump module versions for release. 2007-12-14 14:23:18 +00:00
Chris PeBenito
c0cf6e0a6e trunk: clean up nsswitch usage, from dan. 2007-12-04 15:05:55 +00:00
Chris PeBenito
12e9ea1ae3 trunk: module version bumps for previous commit. 2007-10-02 17:15:07 +00:00
Chris PeBenito
350b6ab767 trunk: merge strict and targeted policies. merge shlib_t into lib_t. 2007-10-02 16:04:50 +00:00
Chris PeBenito
116c1da330 trunk: update module version numbers for release. 2007-06-29 14:48:13 +00:00
Chris PeBenito
1900668638 trunk: Unified labeled networking policy from Paul Moore.
The latest revision of the labeled policy patches which enable both labeled 
and unlabeled policy support for NetLabel.  This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access.  The older, transport layer specific interfaces, are still  
present for use by third-party modules but are not used in the default policy
modules.

trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.

This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
2007-06-27 15:23:21 +00:00
Chris PeBenito
0251df3e39 bump module versions for release 2007-04-17 13:28:09 +00:00
Chris PeBenito
9af48eef6e six patches from dan 2007-04-10 13:10:58 +00:00
Chris PeBenito
8021cb4f63 Merge sbin_t and ls_exec_t into bin_t. 2007-03-23 23:24:59 +00:00
Chris PeBenito
a5f5eba459 Add dontaudits for init fds and console to init_daemon_domain(). 2007-03-20 18:47:18 +00:00
Chris PeBenito
c0868a7a3b merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
Chris PeBenito
a52b4d4f23 bump versions to release numbers 2006-10-18 19:25:27 +00:00
Chris PeBenito
8708d9bef2 patch from dan Wed, 20 Sep 2006 12:12:49 -0400 2006-09-22 17:14:35 +00:00
Chris PeBenito
5dbda5558a patch from dan Fri, 01 Sep 2006 15:45:24 -0400 2006-09-04 15:15:35 +00:00
Chris PeBenito
3ef029db7c add nscd_socket_use() to auth_use_nsswitch() since it caches nss lookups. 2006-08-22 19:37:56 +00:00
Chris PeBenito
33c7e6b4e8 remove dead selopt rules 2006-08-15 20:00:58 +00:00
Chris PeBenito
17de1b790b remove extra level of directory 2006-07-12 20:32:27 +00:00