rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
1,978 Commits 8 Branches 96 Tags 37 MiB
b81bfc2651
Commit Graph

214 Commits

Author SHA1 Message Date
Chris PeBenito
7aca2aa827 setroubleshoot has a plugin that checks the file context on disk versus a matchpathcon. So needs additional privs 2007-03-06 17:16:08 +00:00
Chris PeBenito
c23eb5b1c4 Patch for gssd fixes from Dan Walsh 2007-03-06 16:18:59 +00:00
Chris PeBenito
c5561c777d patches for lvm and ricci fixes from Dan Walsh. 2007-03-06 15:35:02 +00:00
Chris PeBenito
f2c69c47b3 lmtp and smtp are the same file require same context of setfiles complains 
postfix_pickup_t wants to read postfix_spool_maildrop_t dir
 2007-03-01 20:41:19 +00:00
Chris PeBenito
ecc98e19e3 patches for file contexts in networkmanager, miscfiles, corecommands, devices, and java from Dan Walsh. 2007-03-01 15:43:39 +00:00
Chris PeBenito
4900fdf7d1 Patch for kerberized telnet fixes from Dan Walsh. 2007-02-28 17:17:52 +00:00
Chris PeBenito
09c56f5496 Patch for kerberized ftp and other ftp fixes from Dan Walsh. 2007-02-28 17:01:47 +00:00
Chris PeBenito
f0eaed31be Patch for misc fixes to bluetooth from Dan Walsh. 2007-02-26 17:23:52 +00:00
Chris PeBenito
5b06477c8e On Tue, 2007-02-20 at 12:02 -0500, Daniel J Walsh wrote: 
> Eliminate excess avc messages created when using kerberos libraries
> 
> krb5kdc wans to setsched
> 
> Also uses a fifo_file to communicate.
> 
> Needs to search_network_sysctl
 2007-02-26 17:04:56 +00:00
Chris PeBenito
66cf194680 Patch to remove redundant mls_trusted_object() call from Dan Walsh. 2007-02-23 20:05:12 +00:00
Chris PeBenito
4685213857 Patch for misc fixes to nis ypxfr policy from Dan Walsh. 2007-02-23 19:52:52 +00:00
Chris PeBenito
aeb54c6dd0 Patch to allow apmd to telinit from Dan Walsh. 2007-02-23 19:41:41 +00:00
Chris PeBenito
d114071e7a While using samba and SELinux with Debian GNU/Linux (etch) the 
following files need to be labeled correctly:
/var/run/samba/gencache.tdb
/var/run/samba/share_info.tdb

Should also concern other distributions than Debian.

-Stefan
 2007-02-23 19:30:17 +00:00
Chris PeBenito
bcac3a5e3d Patch to remove incorrect cron labeling in apache.fc from Ryan Bradetich. 2007-02-23 19:08:45 +00:00
Chris PeBenito
6b19be3360 patch from dan, Thu, 2007-01-25 at 08:12 -0500 2007-02-16 23:01:42 +00:00
Chris PeBenito
10e12095d6 Fix explicit use of httpd_t in openca_domtrans(), bug #22. 2007-02-07 22:10:45 +00:00
Chris PeBenito
ff943a1b9b Clean up file context regexes in apache and java, from Eamon Walsh: 
Some file_contexts regular expressions in refpolicy-strict are causing 
genhomedircon to die; refpolicy is failing to build for me entirely.

The regular expressions seem redundant to me, perhaps I am missing 
something, but the following patch fixes the problems for me.  Please 
review and apply
 2007-01-24 17:10:31 +00:00
Chris PeBenito
42c5c5f612 bump versions for release. 2006-12-12 21:22:47 +00:00
Chris PeBenito
c0868a7a3b merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
Chris PeBenito
d6d16b9796 patch from dan Wed, 29 Nov 2006 17:06:40 -0500 2006-12-04 20:10:56 +00:00
Chris PeBenito
563e58e863 patch from dan for some missing gen_require()s 2006-11-29 13:44:40 +00:00
Chris PeBenito
c31f6724c0 fix dontaudit interface that was allowing instead of dontauditing; thanks to karl for pointing this out. 2006-11-28 15:47:47 +00:00
Chris PeBenito
fa45da0efd add aide, ccs, and ricci 2006-11-16 20:56:24 +00:00
Chris PeBenito
ed38ca9f3d fixes from gentoo strict testing: 
- Allow semanage to read from /root on strict non-MLS for
  local policy modules.
- Gentoo init script fixes for udev.
- Allow udev to read kernel modules.inputmap.
- Dnsmasq fixes from testing.
- Allow kernel NFS server to getattr filesystems so df can work
  on clients.
 2006-11-13 03:24:07 +00:00
Chris PeBenito
d9845ae92a patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
Chris PeBenito
a52b4d4f23 bump versions to release numbers 2006-10-18 19:25:27 +00:00
Chris PeBenito
d4a48c41c2 make inetd optional 2006-10-18 15:49:45 +00:00
Chris PeBenito
14b1684aae gentoo testing fixes. 2006-10-13 21:44:02 +00:00
Chris PeBenito
85f0c35922 make optional the inetd dependency in samba 2006-10-10 13:11:58 +00:00
Chris PeBenito
830c12eb2d apply contested part of russell's last patch 2006-10-06 13:38:49 +00:00
Chris PeBenito
3c3c0439f6 patch from russell, Thu, 5 Oct 2006 22:44:49 +1000 
Allow unconfined processes to see unlabeled processes in ps.

Removed a redundant rule in samba.te

Removed support for the pre-Fedora Red Hat code to create sym-links in /boot.

Removed support for devpts_t files in /tmp (there is no way that would ever 
work).

Allowed postgrey to create socket files.

Made the specs for the /lib and /lib64 directories better support stem 
compression.
 2006-10-05 19:57:37 +00:00
Chris PeBenito
e070dd2df0 - Move range transitions to modules. 
- Make number of MLS sensitivities, and number of MLS and MCS
  categories configurable as build options.
 2006-10-04 17:25:34 +00:00
Chris PeBenito
e2b84ef79a patch from dan Mon, 25 Sep 2006 15:46:40 -0400 2006-09-28 14:37:29 +00:00
Chris PeBenito
693d4aedb5 patch from dan Fri, 22 Sep 2006 16:30:34 -0400 2006-09-25 18:53:06 +00:00
Chris PeBenito
8708d9bef2 patch from dan Wed, 20 Sep 2006 12:12:49 -0400 2006-09-22 17:14:35 +00:00
Chris PeBenito
a9e03b3752 * add a macro for generating category declarations 
* fix userdom_search_all_users_home_content() to use search_dir_perms;
* change ssh daemon macro to use userdom_search_all_users_home_dirs() instead of _home_content()
 2006-09-21 15:48:15 +00:00
Chris PeBenito
bf469d7669 gentoo testing fixes 2006-09-19 17:02:29 +00:00
Chris PeBenito
9dfbd81493 forgot to bump policy vers 2006-09-13 18:42:49 +00:00
Chris PeBenito
73ca55d311 patches from erich Wed, 13 Sep 2006 16:18:18 +0200 2006-09-13 18:35:10 +00:00
Chris PeBenito
0d96ff339e misc fixes 2006-09-13 14:23:04 +00:00
Chris PeBenito
376fbc0be9 clean up usercanread 2006-09-11 18:23:09 +00:00
Chris PeBenito
95b8223eed cleanups 2006-09-08 17:21:28 +00:00
Chris PeBenito
bbcd3c97dd add main part of role-o-matic 2006-09-06 22:07:25 +00:00
Chris PeBenito
75beb95014 patch from dan Tue, 05 Sep 2006 17:06:06 -0400 2006-09-06 16:36:23 +00:00
Chris PeBenito
13d7cec671 patch from erich Sat, 02 Sep 2006 03:37:44 +0200 2006-09-04 18:22:12 +00:00
Chris PeBenito
5dbda5558a patch from dan Fri, 01 Sep 2006 15:45:24 -0400 2006-09-04 15:15:35 +00:00
Chris PeBenito
eac818f040 patch from dan Thu, 31 Aug 2006 15:16:30 -0400 2006-09-01 15:52:05 +00:00
Chris PeBenito
a5e2133bc8 patch from dan Wed, 23 Aug 2006 14:03:49 -0400 2006-08-29 02:41:00 +00:00
Chris PeBenito
d15dd5a739 more testing fixes 2006-08-23 03:47:39 +00:00
Chris PeBenito
3ef029db7c add nscd_socket_use() to auth_use_nsswitch() since it caches nss lookups. 2006-08-22 19:37:56 +00:00
Chris PeBenito
3573908f1c fix cron_system_entry() rules 2006-08-16 13:52:18 +00:00
Chris PeBenito
33c7e6b4e8 remove dead selopt rules 2006-08-15 20:00:58 +00:00
Chris PeBenito
497da0953c ps/ptrace dontaudit cleanup 2006-08-08 17:49:03 +00:00
Chris PeBenito
4846dc8ad4 patch from Stefan for mrtg daemon operation. 2006-08-07 17:14:00 +00:00
Chris PeBenito
4b3b46d7ef add authlogin interface to abstract common login program perms 2006-07-31 22:26:59 +00:00
Chris PeBenito
46551033aa patch from dan Wed, 26 Jul 2006 14:42:46 -0400 2006-07-28 15:13:58 +00:00
Chris PeBenito
81aa67fcc0 more ssh agent fixes 2006-07-26 21:16:45 +00:00
Chris PeBenito
528811e040 clean up most of the remaining ssh TODO 2006-07-26 20:34:09 +00:00
Chris PeBenito
79f5f5e8fd add gdm Xsession fc 2006-07-26 20:33:23 +00:00
Chris PeBenito
d617143ba4 remove deprecated mount_send_nfs_client_request() from stunnel 2006-07-25 22:28:47 +00:00
Chris PeBenito
ea3c1f508a add helpers for printing warning and error messages 2006-07-25 17:27:00 +00:00
Chris PeBenito
19ebf01d6a patch to fix escaping of . in file contexts from james athey 2006-07-24 15:43:57 +00:00
Chris PeBenito
da9bbc655a fix up audit message perms now that audit_write denials are being audited by the kernel. 2006-07-13 17:22:08 +00:00
Chris PeBenito
17de1b790b remove extra level of directory 2006-07-12 20:32:27 +00:00