Daniel J Walsh
7c124f5e42
- Allow allow_httpd_mod_auth_pam to work
2008-01-31 19:32:51 +00:00
Daniel J Walsh
f18a882ba5
- Add audisp policy and prelude
2008-01-30 21:34:13 +00:00
Daniel J Walsh
0f70114e58
- Allow all user roles to executae samba net command
2008-01-30 13:56:22 +00:00
Daniel J Walsh
7c2be34d14
- Allow usertypes to read/write noxattr file systems
2008-01-28 16:48:49 +00:00
Daniel J Walsh
7c7d59935b
- Fix nsplugin to allow flashplugin to work in enforcing mode
2008-01-24 18:12:25 +00:00
Daniel J Walsh
0939872058
- Allow pam_selinux_permit to kill all processes
2008-01-23 18:24:12 +00:00
Daniel J Walsh
cc5bb89ef0
- Allow ptrace or user processes by users of same type
...
- Add boolean for transition to nsplugin
2008-01-22 19:46:50 +00:00
Daniel J Walsh
ef19b75773
- Allow nsplugin sys_nice, getsched, setsched
2008-01-22 17:35:34 +00:00
Daniel J Walsh
b3c8a04083
- Allow login programs to talk dbus to oddjob
2008-01-21 21:42:26 +00:00
Daniel J Walsh
98f84cb0ed
- Add procmail_log support
...
- Lots of fixes for munin
2008-01-21 15:57:25 +00:00
Daniel J Walsh
e26fef9ac3
- Allow setroubleshoot to read policy config and send audit messages
2008-01-15 20:43:04 +00:00
Daniel J Walsh
8a40d69539
- Allow users to execute all files in homedir, if boolean set
...
- Allow mount to read samba config
2008-01-14 19:47:11 +00:00
Daniel J Walsh
27c7d85aab
- Fixes for xguest to run java plugin
2008-01-13 14:01:50 +00:00
Daniel J Walsh
4be3ba520d
- dontaudit pam_t and dbusd writing to user_home_t
2008-01-11 19:45:47 +00:00
Daniel J Walsh
5baf53aabd
- Update gpg to allow reading of inotify
2008-01-08 19:58:56 +00:00
Daniel J Walsh
a502c55197
- Change user and staff roles to work correctly with varied perms
2008-01-03 22:13:09 +00:00
Daniel J Walsh
c64ec27caa
- Fix munin log,
...
- Eliminate duplicate mozilla file context
- fix wpa_supplicant spec
2007-12-31 21:47:39 +00:00
Daniel J Walsh
88ae3f5e0c
- Fix role transition from unconfined_r to system_r when running rpm
...
- Allow unconfined_domains to communicate with user dbus instances
2007-12-30 15:12:11 +00:00
Daniel J Walsh
5d13344539
- Fix role transition fro unconfined_r to system_r when running rpm
2007-12-24 12:01:17 +00:00
Daniel J Walsh
0ec33db4ff
- Let all uncofined domains communicate with dbus unconfined
2007-12-21 07:58:04 +00:00
Daniel J Walsh
673eaaeafb
- Run rpm in system_r
2007-12-20 21:26:31 +00:00
Daniel J Walsh
5615fe1b3d
- Zero out customizable types
2007-12-19 21:45:51 +00:00
Daniel J Walsh
9a2cf87457
- Fix definiton of admin_home_t
2007-12-19 10:42:06 +00:00
Daniel J Walsh
2f257cb996
- Fix munin file context
2007-12-19 09:27:15 +00:00
Daniel J Walsh
91c2fa9d31
- Allow cron to run unconfined apps
2007-12-18 13:59:31 +00:00
Daniel J Walsh
99d3676891
- Modify default login to unconfined_u
2007-12-17 22:49:08 +00:00
Daniel J Walsh
4d59c29e33
- Dontaudit dbus user client search of /root
2007-12-14 12:40:39 +00:00
Daniel J Walsh
5928688f61
- Dontaudit dbus user client search of /root
2007-12-13 22:42:22 +00:00
Daniel J Walsh
76e3401243
- Update to upstream
2007-12-13 18:44:18 +00:00
Daniel J Walsh
4c6f2dd6a3
- Fixes for polkit
...
- Allow xserver to ptrace
2007-12-12 14:53:07 +00:00
Daniel J Walsh
7dfe3eb3ef
- Add polkit policy
...
- Symplify userdom context, remove automatic per_role changes
2007-12-11 06:08:33 +00:00
Daniel J Walsh
a1341a85df
- Update to upstream
...
- Allow httpd_sys_script_t to search users homedirs
2007-12-06 21:37:36 +00:00
Daniel J Walsh
02654b8fb4
- Update to upstream
...
- Allow httpd_sys_script_t to search users homedirs
2007-12-05 03:19:13 +00:00
Daniel J Walsh
d195fc7e87
- Update to upstreamddddddddddddd
...
- Allow httpd_sys_script_t to search users homedirs
2007-12-05 03:11:46 +00:00
Daniel J Walsh
320f3e6459
- Allow rpm_script to transition to unconfined_execmem_t
2007-12-04 00:15:27 +00:00
Daniel J Walsh
3b47cb03b7
Fri Nov 30 2007 Dan Walsh <dwalsh@redhat.com> 3.2.1-1
...
- Remove user based home directory separation
2007-12-03 00:15:23 +00:00
Daniel J Walsh
9186dc57d9
- Remove user based home directory separation
2007-11-30 22:33:18 +00:00
Daniel J Walsh
3a54e4809f
- Remove user specific crond_t
2007-11-28 16:56:57 +00:00
Daniel J Walsh
0fffbad8de
- Merge with upstream
...
- Allow xsever to read hwdata_t
- Allow login programs to setkeycreate
2007-11-26 15:40:45 +00:00
Daniel J Walsh
ddf4ec413f
- Update to upstream
2007-11-19 20:09:32 +00:00
Daniel J Walsh
7330e86b90
- Update to upstream
2007-11-10 14:14:41 +00:00
Daniel J Walsh
36404444a8
- Update to upstream
2007-11-07 19:42:24 +00:00
Daniel J Walsh
fa0d1c8884
- Update to upstream
2007-10-23 23:13:09 +00:00
Daniel J Walsh
d0649e9167
- Allow XServer to read /proc/self/cmdline
2007-10-22 14:27:29 +00:00
Daniel J Walsh
30dfdc7f05
- Fixes for hald_mac
...
- Treat unconfined_home_dir_t as a home dir
- dontaudit rhgb writes to fonts and root
2007-10-19 21:21:40 +00:00
Daniel J Walsh
3375c34d9a
- Fix dnsmasq
...
- Allow rshd full login privs
2007-10-19 15:01:30 +00:00
Daniel J Walsh
6455c9d6b5
- Allow rshd to connect to ports > 1023
2007-10-18 22:33:41 +00:00
Daniel J Walsh
953fd14b2e
- Fix vpn to bind to port 4500
...
- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
- Add Kismet policy
2007-10-18 22:00:35 +00:00
Daniel J Walsh
ccf8a72ae3
- Fix vpn to bind to port 4500
...
- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
2007-10-18 21:33:00 +00:00
Daniel J Walsh
b4ed6dbce0
- Allow rpm to chat with networkmanager
2007-10-17 03:51:04 +00:00
Daniel J Walsh
9185bf2fee
- Pass the UNK_PERMS param to makefile
...
- Fix gdm location
2007-10-13 14:15:08 +00:00
Daniel J Walsh
c27b2bd6ae
- Make alsa work
2007-10-11 18:57:00 +00:00
Daniel J Walsh
28021c8d41
- Fixes for consolekit and startx sessions
2007-10-09 20:53:38 +00:00
Daniel J Walsh
7a91e89abe
- Dontaudit consoletype talking to unconfined_t
2007-10-08 15:32:19 +00:00
Daniel J Walsh
8fd9df6414
- Remove homedir_template
2007-10-05 19:47:10 +00:00
Daniel J Walsh
922f646a26
- Remove homedir_template
2007-10-05 11:43:46 +00:00
Daniel J Walsh
24ccb8b103
- Check asound.state
2007-10-04 14:34:02 +00:00
Daniel J Walsh
492612d339
- Fix exim policy
2007-10-01 21:20:16 +00:00
Daniel J Walsh
1ffa684823
- Allow tmpreadper to read man_t
...
- Allow racoon to bind to all nodes
- Fixes for finger print reader
2007-10-01 17:03:12 +00:00
Daniel J Walsh
7c1c1729f9
- Allow xdm to talk to input device (fingerprint reader)
...
- Allow octave to run as java
2007-09-26 22:01:27 +00:00
Daniel J Walsh
d770c53fe9
- Allow login programs to set ioctl on /proc
2007-09-25 15:03:25 +00:00
Daniel J Walsh
fb11ad6653
- Allow nsswitch apps to read samba_var_t
2007-09-25 13:30:08 +00:00
Daniel J Walsh
f5018f18f8
- Fix maxima
2007-09-24 20:26:12 +00:00
Daniel J Walsh
d83ea801ac
- Eliminate rpm_t:fifo_file avcs
...
- Fix dbus path for helper app
2007-09-24 14:18:57 +00:00
Daniel J Walsh
6c319e4011
- Fix service start stop terminal avc's
2007-09-22 12:15:13 +00:00
Daniel J Walsh
ec4fb1ce99
- Allow also to search var_lib
...
- New context for dbus launcher
2007-09-21 23:46:18 +00:00
Daniel J Walsh
347ff1a0c3
- Allow cupsd_config_t to read/write usb_device_t
...
- Support for finger print reader,
- Many fixes for clvmd
- dbus starting networkmanager
2007-09-21 20:21:36 +00:00
Daniel J Walsh
07e28d136d
- Fix java and mono to run in xguest account
2007-09-20 22:30:51 +00:00
Daniel J Walsh
a9d4b80f50
- Fix to add xguest account when inititial install
...
- Allow mono, java, wine to run in userdomains
2007-09-20 17:21:13 +00:00
Daniel J Walsh
c67a1217e2
- Fix to add xguest account when inititial install
2007-09-20 14:58:12 +00:00
Daniel J Walsh
d90a3db27d
- Allow xserver to search devpts_t
...
- Dontaudit ldconfig output to homedir
2007-09-20 14:39:14 +00:00
Daniel J Walsh
21c534bcb9
- Allow xserver to search devpts_t
...
- Dontaudit ldconfig output to homedir
2007-09-19 17:40:59 +00:00
Daniel J Walsh
7ff410d3bc
- Remove hplip_etc_t change back to etc_t.
2007-09-19 01:11:31 +00:00
Daniel J Walsh
1a3fe36b5c
- Allow cron to search nfs and samba homedirs
2007-09-17 23:26:58 +00:00
Daniel J Walsh
babb3641bd
- Allow NetworkManager to dbus chat with yum-updated
2007-09-11 20:05:08 +00:00
Daniel J Walsh
bf7f975f77
- Allow xfs to bind to port 7100
2007-09-11 16:07:47 +00:00
Daniel J Walsh
25d586808d
- Allow newalias/sendmail dac_override
...
- Allow bind to bind to all udp ports
2007-09-10 22:02:06 +00:00
Daniel J Walsh
4eaf5c6dc6
- Turn off direct transition
2007-09-07 20:26:11 +00:00
Daniel J Walsh
c7e443c95c
- Allow wine to run in system role
2007-09-07 19:03:11 +00:00
Daniel J Walsh
37d6a1ce3f
- Fix java labeling
2007-09-06 23:34:02 +00:00
Daniel J Walsh
07b8680835
- Define user_home_type as home_type
2007-09-06 15:00:00 +00:00
Daniel J Walsh
601f0f04ee
- Allow sendmail to create etc_aliases_t
2007-09-06 02:24:18 +00:00
Daniel J Walsh
bea5486254
- Allow sendmail to create etc_aliases_t
2007-09-05 21:30:18 +00:00
Daniel J Walsh
bc85a6bb23
- Allow login programs to read symlinks on homedirs
2007-08-28 15:35:11 +00:00
Daniel J Walsh
e8b5993e52
- Update an readd modules
2007-08-27 21:43:05 +00:00
Daniel J Walsh
7f9951d4d3
- Cleanup spec file
2007-08-24 21:38:11 +00:00
Daniel J Walsh
d9f447990b
- Cleanup spec file
2007-08-24 21:30:17 +00:00
Daniel J Walsh
b865b8b32e
- Cleanup spec file
2007-08-24 21:21:56 +00:00
Daniel J Walsh
53f81916e1
- Cleanup spec file
2007-08-24 21:09:44 +00:00
Daniel J Walsh
3012ab200b
- Cleanup spec file
2007-08-24 20:44:19 +00:00
Daniel J Walsh
d83af23b7d
- Cleanup spec file
2007-08-24 19:52:40 +00:00
Daniel J Walsh
3b13a834c7
- Allow xserver to be started by unconfined process and talk to tty
2007-08-24 14:20:35 +00:00
Daniel J Walsh
95bbe5cff0
- Upgrade to upstream to grab postgressql changes
2007-08-23 14:07:25 +00:00
Daniel J Walsh
77a22067be
- Add setransd for mls policy
2007-08-22 14:46:21 +00:00
Daniel J Walsh
c77aca56ae
- Add setransd for mls policy
2007-08-21 20:08:22 +00:00
Daniel J Walsh
4f23c46830
- Add ldconfig_cache_t
2007-08-20 23:02:30 +00:00
Daniel J Walsh
b4ae7d845a
- Allow sshd to write to proc_t for afs login
2007-08-20 22:15:46 +00:00
Daniel J Walsh
f012074e0f
- Allow xserver access to urand
2007-08-18 11:54:11 +00:00
Daniel J Walsh
7f6883ca6e
- allow dovecot to search mountpoints
2007-08-15 00:55:49 +00:00
Daniel J Walsh
0354c22269
- Fix Makefile for building policy modules
2007-08-11 11:18:09 +00:00
Daniel J Walsh
60a9ef60f0
- Fix dhcpc startup of service
2007-08-10 20:04:48 +00:00
Daniel J Walsh
bf33202534
- Fix dbus chat to not happen for xguest and guest users
2007-08-10 16:10:27 +00:00
Daniel J Walsh
d44a393484
- Fix nagios cgi
...
- allow squid to communicate with winbind
2007-08-09 19:18:57 +00:00
Daniel J Walsh
1a12c251ca
- Fixes for ldconfig
2007-08-06 21:33:36 +00:00
Daniel J Walsh
d8c8b2b904
- Update from upstream
2007-08-03 20:38:28 +00:00
Daniel J Walsh
f9778219aa
- Update from upstream
2007-08-03 19:53:44 +00:00
Daniel J Walsh
25a75469ff
- Update from upstream
2007-08-03 19:26:04 +00:00
Daniel J Walsh
4ce75b7cd5
- Fix new usb devices and dmfm
2007-08-01 17:13:35 +00:00
Daniel J Walsh
8239a93362
- Fix new usb devices and dmfm
2007-08-01 16:03:23 +00:00
Daniel J Walsh
6d2e7d5ebb
- Eliminate mount_ntfs_t policy, merge into mount_t
2007-07-31 20:51:43 +00:00
Daniel J Walsh
47a35fa722
- Eliminate mount_ntfs_t policy, merge into mount_t
2007-07-31 17:53:29 +00:00
Daniel J Walsh
07351eb493
- Allow xserver to write to ramfs mounted by rhgb
2007-07-30 14:37:54 +00:00
Daniel J Walsh
9c038630bf
- Add context for dbus machine id
2007-07-27 18:21:35 +00:00
Daniel J Walsh
2fac1d6655
- Update with latest changes from upstream
2007-07-26 17:54:24 +00:00
Daniel J Walsh
24acabce75
- Fix prelink to handle execmod
2007-07-24 20:47:24 +00:00
Daniel J Walsh
0f8f545d1a
- Fix prelink to handle execmod
2007-07-24 14:39:01 +00:00
Daniel J Walsh
e0ae206813
- Add ntpd_key_t to handle secret data
2007-07-23 20:34:22 +00:00
Daniel J Walsh
2ced404c55
- Add anon_inodefs
...
- Allow unpriv user exec pam_exec_t
- Fix trigger
2007-07-23 16:00:09 +00:00
Daniel J Walsh
779d23c7e4
- Allow cups to use generic usb
...
- fix inetd to be able to run random apps (git)
2007-07-20 15:13:37 +00:00
Daniel J Walsh
908512cccc
- Add proper contexts for rsyslogd
2007-07-19 20:55:20 +00:00
Daniel J Walsh
297dd1a900
- Allow execution of gconf
2007-07-19 14:45:16 +00:00
Daniel J Walsh
1d03199c5e
- Fix moilscanner update problem
2007-07-14 12:56:45 +00:00
Daniel J Walsh
7e3506426b
- Begin adding policy to separate setsebool from semanage
...
- Fix xserver.if definition to not break sepolgen.if
2007-07-12 21:37:30 +00:00
Daniel J Walsh
16d9531977
- Fix xserver.if definition to not break sepolgen.if
2007-07-12 14:44:32 +00:00
Daniel J Walsh
2796de2a45
- Add new devices
2007-07-11 20:45:02 +00:00
Daniel J Walsh
154d8231c3
- Add brctl policy
2007-07-11 19:44:56 +00:00
Daniel J Walsh
501a17b8b2
- Fix root login to include system_r
2007-07-06 19:23:20 +00:00
Daniel J Walsh
35e7f77fea
- Allow prelink to read kernel sysctls
2007-07-06 19:09:19 +00:00
Daniel J Walsh
af677794a8
- Default to user_u:system_r:unconfined_t
2007-07-03 19:20:47 +00:00
Daniel J Walsh
b267b6f201
- Default to user_u:system_r:unconfined_t
2007-07-02 20:32:38 +00:00
Daniel J Walsh
b529ed6a06
- Default to user_u:system_r:unconfined_t
2007-07-02 15:00:50 +00:00
Daniel J Walsh
2fdb5fd7c6
- fix squid
...
- Fix rpm running as uid
2007-07-02 01:58:41 +00:00
Daniel J Walsh
b786a2b04a
- Fix syslog declaration
2007-06-27 19:48:33 +00:00
Daniel J Walsh
7f44213c00
- Allow avahi to access inotify
...
- Remove a lot of bogus security_t:filesystem avcs
2007-06-27 18:12:03 +00:00
Daniel J Walsh
269acb5ee8
- Remove ifdef strict policy from upstream
2007-06-26 12:09:30 +00:00
Daniel J Walsh
a4ec9b75e1
- Remove ifdef strict policy from upstream
2007-06-22 19:21:00 +00:00
Daniel J Walsh
56187c2f8a
- Remove ifdef strict policy from upstream
2007-05-31 18:40:35 +00:00
Daniel J Walsh
bdb830255c
- Fix for amands
...
- Allow semanage to read pp files
- Allow rhgb to read xdm_xserver_tmp
2007-05-23 18:35:37 +00:00
Daniel J Walsh
346d2dccfd
2007-05-21 18:54:40 +00:00
Daniel J Walsh
9ffb88eba3
- allow alsactl to read kernel state
2007-05-17 17:16:26 +00:00
Daniel J Walsh
fc35770056
- More fixes for alsactl
...
- Transition from hal and modutils
- Fixes for suspend resume.
- insmod domtrans to alsactl
- insmod writes to hal log
2007-05-16 22:13:23 +00:00
Daniel J Walsh
88c8465c87
- More fixes for alsactl
2007-05-16 21:48:52 +00:00
Daniel J Walsh
cf806ebda9
- Fixes for suspend resume.
...
- insmod domtrans to alsactl
- insmod writes to hal log
2007-05-16 21:09:41 +00:00
Daniel J Walsh
7c3dcb3584
- Allow unconfined_t to transition to NetworkManager_t
...
- Fix netlabel policy
2007-05-16 19:31:34 +00:00
Daniel J Walsh
810e69636e
- Update to latest from upstream
2007-05-14 19:54:57 +00:00
Daniel J Walsh
8cd496f1d6
- Update to latest from upstream
2007-05-14 18:10:58 +00:00
Daniel J Walsh
057603fbda
- Update to latest from upstream
2007-05-07 18:07:26 +00:00
Daniel J Walsh
daa6abe9e1
- Update to latest from upstream
2007-05-04 17:30:10 +00:00
Daniel J Walsh
a615d5b893
- Update to latest from upstream
2007-05-02 02:53:14 +00:00
Daniel J Walsh
8fea836859
- Update to latest from upstream
2007-05-01 20:53:29 +00:00
Daniel J Walsh
6821c3df97
-
2007-04-27 17:23:49 +00:00
Daniel J Walsh
77d25ebf92
- Fixes for unix_update
...
- Fix logwatch to be able to search all dirs
2007-04-25 18:31:32 +00:00
Daniel J Walsh
8396b2dbd2
- Upstream bumped the version
2007-04-23 17:00:48 +00:00
Daniel J Walsh
61947fac0a
- Allow consolekit to syslog
...
- Allow ntfs to work with hal
2007-04-20 20:13:07 +00:00
Daniel J Walsh
2db3c1e86a
- Allow iptbales to read etc_runtime_t
2007-04-19 18:24:08 +00:00
Daniel J Walsh
4661767044
- MLS Fixes
2007-04-19 13:58:54 +00:00
Daniel J Walsh
53b22295eb
- MLS Fixes
2007-04-19 13:40:31 +00:00
Daniel J Walsh
883a0252b0
- Fix path of /etc/lvm/cache directory
...
- Fixes for alsactl and pppd_t
- Fixes for consolekit
2007-04-18 21:00:52 +00:00
Daniel J Walsh
ab59becfc6
- Fixes for alsactl and pppd_t
2007-04-18 20:50:02 +00:00
Daniel J Walsh
32b18f8ae9
- Fixes for consolekit
2007-04-18 20:45:20 +00:00
Daniel J Walsh
7671cee047
- Allow insmod_t to mount kvmfs_t filesystems
2007-04-17 20:42:32 +00:00
Daniel J Walsh
9fc00bcbda
- Rwho policy
...
- Fixes for consolekit
2007-04-17 19:28:14 +00:00
Daniel J Walsh
e6f3cfbe2d
- fixes for fusefs
2007-04-16 17:11:45 +00:00
Daniel J Walsh
8c912ab526
- Fix samba_net to allow it to view samba_var_t
2007-04-12 21:09:34 +00:00
Daniel J Walsh
a3b1a2c522
- Update to upstream
2007-04-11 20:55:28 +00:00
Daniel J Walsh
5d5caebf83
- Fix Sonypic backlight
...
- Allow snmp to look at squid_conf_t
2007-04-10 15:20:50 +00:00
Daniel J Walsh
7f1bd869ee
- Fixes for pyzor, cyrus, consoletype on everything installs
2007-04-09 20:47:56 +00:00
Daniel J Walsh
0b3279dee5
- Fix hald_acl_t to be able to getattr/setattr on usb devices
...
- Dontaudit write to unconfined_pipes for load_policy
2007-04-09 18:36:06 +00:00
Daniel J Walsh
21029bf045
- Allow bluetooth to read inotifyfs
2007-04-07 11:35:20 +00:00
Daniel J Walsh
e6b9e29195
- Fixes for samba domain controller.
...
- Allow ConsoleKit to look at ttys
2007-04-04 20:46:07 +00:00
Daniel J Walsh
f9f9ddcde1
- Fix interface call
2007-04-04 19:44:58 +00:00
Daniel J Walsh
89d3de7112
- Allow syslog-ng to read /var
...
- Allow locate to getattr on all filesystems
- nscd needs setcap
2007-04-03 19:25:58 +00:00
Daniel J Walsh
2528fa0969
- Update to upstream
2007-04-02 21:06:47 +00:00
Daniel J Walsh
8e5289e20b
- Update to upstream
2007-04-02 19:53:16 +00:00
Daniel J Walsh
ce7f30a258
- Update to upstream
2007-04-02 15:17:45 +00:00
Daniel J Walsh
f040ac5fd3
- Allow samba to run groupadd
2007-03-23 15:42:50 +00:00
Daniel J Walsh
f634733f95
- Update to upstream
2007-03-23 14:32:31 +00:00
Daniel J Walsh
281f5f5a50
- Fix labeling on udev.tbl dirs
2007-03-22 10:40:53 +00:00
Daniel J Walsh
552645bad0
- Fixes for logwatch
2007-03-21 03:39:06 +00:00
Daniel J Walsh
593fb16ef5
- Add fusermount and mount_ntfs policy
2007-03-20 20:45:45 +00:00
Daniel J Walsh
9d59ec430e
- Update to upstream
...
- Allow saslauthd to use kerberos keytabs
2007-03-20 16:22:25 +00:00
Daniel J Walsh
d3aabaedb4
2007-03-20 15:01:28 +00:00
Daniel J Walsh
741e816e8e
- Fixes for samba_var_t
2007-03-19 19:33:06 +00:00
Daniel J Walsh
db4f0ec7b9
- Remove disable_trans booleans
...
- hald_acl_t needs to talk to nscd
2007-03-19 14:51:28 +00:00
Daniel J Walsh
2823e28d58
- Remove enable_audit booleans
...
- hald_acl_t needs to talk to nscd
2007-03-19 14:42:08 +00:00
Daniel J Walsh
2f82eed685
- Fix prelink to be able to manage usr dirs.
2007-03-16 03:14:13 +00:00
Daniel J Walsh
9468a641a6
- Allow insmod to launch init scripts
2007-03-14 12:48:09 +00:00
Daniel J Walsh
271752a5ca
- Remove setsebool policy
2007-03-13 17:46:34 +00:00
Daniel J Walsh
bdb7f99f00
- Fix handling of unlabled_t packets
2007-03-12 14:51:29 +00:00
Daniel J Walsh
2a9b648b37
- More of my patches from upstream
2007-03-11 05:19:36 +00:00
Daniel J Walsh
1fed4c745c
- Update to latest from upstream
...
- Add fail2ban policy
2007-03-01 21:57:47 +00:00
Daniel J Walsh
9a8202d585
- Update to latest from upstream
...
- Add fail2ban policy
2007-03-01 16:30:20 +00:00
Daniel J Walsh
5ad70cf38c
- Update to remove security_t:filesystem getattr problems
2007-02-28 21:23:19 +00:00
Daniel J Walsh
13893ed688
- Policy for consolekit
2007-02-27 18:34:08 +00:00
Daniel J Walsh
af8af9caee
2007-02-26 15:06:22 +00:00
Daniel J Walsh
cc1be2260f
- Revert Nemiver change
...
- Set sudo as a corecmd so prelink will work, remove sudoedit mapping,
since this will not work, it does not transition.
- Allow samba to execute useradd
2007-02-23 15:35:01 +00:00
Daniel J Walsh
b0861172ab
- Add sepolgen support
...
- Add bugzilla policy
2007-02-20 21:37:52 +00:00
Daniel J Walsh
b7da3b9e3e
- Add sepolgen support
...
- Add bugzilla policy
2007-02-20 17:35:59 +00:00
Daniel J Walsh
2fa5bb00e9
- Add sepolgen support
...
- Add bugzilla policy
2007-02-16 19:55:48 +00:00
Daniel J Walsh
e10e57a4a6
THu Feb 15 2007 Dan Walsh <dwalsh@redhat.com> 2.5.3-3
...
- Add sepolgen support
- Add bugzilla policy
2007-02-15 20:46:02 +00:00
Daniel J Walsh
07dcdf7654
- Fix file context for nemiver
2007-02-15 20:29:48 +00:00
Daniel J Walsh
1a24735d8f
- Fix file context for nemiver
2007-02-15 00:19:30 +00:00
Daniel J Walsh
df0bef9ac0
-
2007-02-12 16:27:42 +00:00
Daniel J Walsh
9aff35b779
-
2007-02-12 16:18:31 +00:00
Daniel J Walsh
39b6cecaf2
- Allow mozilla, evolution and thunderbird to read dev_random. Resolves:
...
#227002
- Allow spamd to connect to smtp port Resolves : #227184
- Fixes to make ypxfr work Resolves : #227237
2007-02-06 16:54:13 +00:00
Daniel J Walsh
33501ce93f
- Fix ssh_agent to be marked as an executable
...
- Allow Hal to rw sound device
2007-02-04 12:42:16 +00:00
Daniel J Walsh
de0b364127
- Fix spamassisin so crond can update spam files
...
- Fixes to allow kpasswd to work
- Fixes for bluetooth
2007-02-01 21:40:50 +00:00
Daniel J Walsh
3902fd87fd
- Remove some targeted diffs in file context file
2007-01-31 22:18:10 +00:00
Daniel J Walsh
edd045d7c0
- Fix squid cachemgr labeling
2007-01-26 16:12:32 +00:00
Daniel J Walsh
e45f5d36d0
- Add ability to generate webadm_t policy
...
- Lots of new interfaces for httpd
- Allow sshd to login as unconfined_t
2007-01-25 19:07:00 +00:00
Daniel J Walsh
cc7c06a0d1
- Continue fixing, additional user domains
2007-01-23 01:08:45 +00:00
Daniel J Walsh
f86e42306e
- Begin adding user confinement to targeted policy
2007-01-22 16:52:18 +00:00
Daniel J Walsh
45478192f4
- Fixes for prelink, ktalkd, netlabel
2007-01-17 19:58:32 +00:00
Daniel J Walsh
ee095f5817
- Fixes for prelink, ktalkd, netlabel
2007-01-11 22:43:22 +00:00
Daniel J Walsh
b6ed674a00
- Fixes for prelink, ktalkd, netlabel
2007-01-10 22:05:57 +00:00
Daniel J Walsh
ae5ace1a7e
- Fixes for prelink, ktalkd, netlabel
2007-01-10 22:01:29 +00:00
Daniel J Walsh
9e0fa4fef3
- Allow prelink when run from rpm to create tmp files Resolves : #221865
...
- Remove file_context for exportfs Resolves : #221181
- Allow spamassassin to create ~/.spamassissin Resolves : #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves : #200110
- Fixes to run prelink in MLS machine Resolves : #221233
- Allow spamassassin to read var_lib_t dir Resolves : #219234
2007-01-09 15:26:56 +00:00
Daniel J Walsh
a384d73899
- Allow prelink when run from rpm to create tmp files Resolves : #221865
...
- Remove file_context for exportfs Resolves : #221181
- Allow spamassassin to create ~/.spamassissin Resolves : #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves : #200110
2007-01-09 15:24:41 +00:00
Daniel J Walsh
8a03d5e828
- Allow spamassassin to read var_lib_t dir Resolves : #219234
2007-01-02 16:40:08 +00:00
Daniel J Walsh
9bcfd16a2d
- fix mplayer to work under strict policy
...
- Allow iptables to use nscd Resolves : #220794
2006-12-29 20:01:11 +00:00
Daniel J Walsh
8bacd8ed15
- Add gconf policy and make it work with strict
2006-12-28 17:39:12 +00:00
Daniel J Walsh
5db544f392
- Many fixes for strict policy and by extension mls.
2006-12-24 15:26:26 +00:00
Daniel J Walsh
135ea97ff1
- Many fixes for strict policy and by extension mls.
2006-12-24 07:31:09 +00:00
Daniel J Walsh
9051d60c06
- Fix to allow ftp to bind to ports > 1024 Resolves : #219349
2006-12-22 17:39:01 +00:00
Daniel J Walsh
5ded3c385e
2006-12-22 16:58:33 +00:00
Daniel J Walsh
4fd323b783
2006-12-22 16:56:53 +00:00
Daniel J Walsh
f9e32a004d
- Allow semanage to exec it self. Label genhomedircon as semanage_exec_t
...
Resolves : #219421
- Allow sysadm_lpr_t to manage other print spool jobs Resolves : #220080
2006-12-20 20:40:30 +00:00
Daniel J Walsh
be9aefca3d
- allow automount to setgid Resolves : #219999
2006-12-18 21:50:13 +00:00
Daniel J Walsh
5e01b4610b
- Allow cron to polyinstatiate
...
- Fix creation of boot flags Resolves : #207433
2006-12-15 21:42:14 +00:00
Daniel J Walsh
272aa0b2e8
2006-12-14 20:06:00 +00:00
Daniel J Walsh
3a51847bd9
Resolves : #218978
2006-12-13 17:06:33 +00:00
Daniel J Walsh
422dcf1da8
Resolves : #218978
2006-12-13 17:03:55 +00:00
Daniel J Walsh
e3b143b243
- Allow initrc to create files in /var directories Resolves : #219227
2006-12-12 21:46:24 +00:00
Daniel J Walsh
6157a7e6e4
- More fixes for MLS
2006-12-11 12:35:45 +00:00
Daniel J Walsh
dd5d7e7583
- More Fixes polyinstatiation Resolves : #216184
2006-12-06 23:27:45 +00:00
Daniel J Walsh
a169fb7433
- Fix handling of keyrings
2006-12-06 19:38:32 +00:00
Daniel J Walsh
852ba6bb2f
- Fix polyinstatiation
...
- Fix pcscd handling of terminal Resolves : #218149 Resolves : #218350
2006-12-05 23:05:39 +00:00
Daniel J Walsh
414ddd0de3
- More fixes for quota Resolves : #212957
2006-12-01 21:52:08 +00:00
Daniel J Walsh
9f388c1a78
- ncsd needs to use avahi sockets Resolves : #217640 Resolves : #218014
2006-12-01 17:58:00 +00:00
Daniel J Walsh
b6ffd7c2ae
- Allow login programs to polyinstatiate homedirs Resolves : #216184
...
- Allow quotacheck to create database files Resolves : #212957
2006-11-30 22:06:22 +00:00
Daniel J Walsh
aba668f5f8
- Allow login programs to polyinstatiate homedirs Resolves : #216184
2006-11-30 20:55:33 +00:00
Daniel J Walsh
036c1c2fb6
- Dontaudit appending hal_var_lib files Resolves : #217452 Resolves : #217571
...
Resolves : #217611 Resolves : #217640 Resolves : #217725
2006-11-30 20:23:49 +00:00
Daniel J Walsh
cc1462b7d0
- Dontaudit appending hal_var_lib files Resolves : #217452 Resolves : #217571
...
Resolves : #217611 Resolves : #217640 Resolves : #217725
2006-11-29 20:11:02 +00:00
Daniel J Walsh
e4d46c95f3
- Fix context for helix players file_context #216942
2006-11-27 22:17:34 +00:00
Daniel J Walsh
02560dace3
- Fix load_policy to be able to mls_write_down so it can talk to the
...
terminal
2006-11-20 23:24:21 +00:00
Daniel J Walsh
4218645103
- Fixes for hwclock, clamav, ftp
2006-11-20 23:01:06 +00:00
Daniel J Walsh
9e4aeac9dd
- Move to upstream version which accepted my patches
2006-11-17 19:21:40 +00:00
Daniel J Walsh
b28d0a788f
- Fixes for nvidia driver
2006-11-16 19:25:03 +00:00
Daniel J Walsh
a3f2f571c0
- Fixes for nvidia driver
2006-11-15 22:34:04 +00:00
Daniel J Walsh
150bdfbc67
- Fixes for nvidia driver
2006-11-15 22:28:06 +00:00
Daniel J Walsh
b0ecaa962d
- Allow semanage to signal mcstrans
2006-11-15 21:43:36 +00:00
Daniel J Walsh
73ea8c2e4d
- Update to upstream
2006-11-15 15:22:30 +00:00
Daniel J Walsh
d925bd337d
- Allow modstorage to edit /etc/fstab file
2006-11-14 18:33:09 +00:00
Daniel J Walsh
ec17438ae0
- Fix for qemu, /dev/
...
Mon Nov 13 2006 Dan Walsh <dwalsh@redhat.com> 2.4.3-11
- Fix path to realplayer.bin
2006-11-14 04:57:37 +00:00
Daniel J Walsh
32b91c9d1f
- Fix path to realplayer.bin
2006-11-13 20:48:57 +00:00
Daniel J Walsh
06b64f8c21
- Allow xen to connect to xen port
2006-11-10 20:37:08 +00:00
Daniel J Walsh
1a986f04dc
- Allow cups to search samba_etc_t directory
...
- Allow xend_t to list auto_mountpoints
2006-11-10 13:31:34 +00:00
Daniel J Walsh
2098c9bff2
- Allow xen to search automount
2006-11-09 20:12:53 +00:00
Daniel J Walsh
6ba4868651
- Fix spec of jre files
2006-11-09 18:57:53 +00:00
Daniel J Walsh
0806593363
- Fix unconfined access to shadow file
2006-11-08 20:21:53 +00:00
Daniel J Walsh
4d11495dab
- Allow xend to create files in xen_image_t directories
2006-11-08 20:10:30 +00:00
Daniel J Walsh
0fcc493f96
- Fixes for /var/lib/hal
2006-11-08 13:28:28 +00:00
Daniel J Walsh
f08bf9299c
- Remove ability for sysadm_t to look at audit.log
2006-11-07 21:16:47 +00:00
Daniel J Walsh
f3ecbbfcb9
- Fix rpc_port_types
...
- Add aide policy for mls
2006-11-07 20:38:46 +00:00
Daniel J Walsh
d7e0f9fa0d
- Merge with upstream
2006-11-06 21:15:57 +00:00
Daniel J Walsh
0dae3b6d89
- Lots of fixes for ricci
2006-11-03 21:27:47 +00:00
Daniel J Walsh
d095a0e65b
- Add perms for swat
2006-11-01 00:09:08 +00:00
Daniel J Walsh
6b97615edf
- Allow daemons to dump core files to /
2006-10-30 21:18:40 +00:00
Daniel J Walsh
8fb79d40f4
- Fixes for ricci
2006-10-30 16:45:09 +00:00
Daniel J Walsh
6672fcfbdd
- Allow mount.nfs to work
2006-10-27 19:16:43 +00:00
Daniel J Walsh
85659e704f
- Allow ricci-modstorage to look at lvm_etc_t
2006-10-27 14:42:56 +00:00
Daniel J Walsh
08efeffbe5
- Fixes for ricci using saslauthd
2006-10-25 15:31:39 +00:00
Daniel J Walsh
dc804f3593
- Allow mountpoint on home_dir_t and home_t
2006-10-24 19:55:28 +00:00
Daniel J Walsh
8ff9d6e5a3
- Update xen to read nfs files
2006-10-24 16:12:29 +00:00
Daniel J Walsh
3d011ff2e8
Mon Oct 23 2006 Dan Walsh <dwalsh@redhat.com> 2.4-4
...
- Allow noxattrfs to associate with other noxattrfs
2006-10-23 20:54:50 +00:00
Daniel J Walsh
11d7ea1908
- Allow hal to use power_device_t
2006-10-23 17:26:25 +00:00
Daniel J Walsh
d6926f7f13
- Allow procemail to look at autofs_t
...
- Allow xen_image_t to work as a fixed device
2006-10-20 21:08:15 +00:00
Daniel J Walsh
e2eecb7a01
- Refupdate from upstream
2006-10-19 15:52:02 +00:00
Daniel J Walsh
302afb6db1
- Add lots of fixes for mls cups
2006-10-19 14:32:27 +00:00
Daniel J Walsh
6fa5ecef5d
- Lots of fixes for ricci
2006-10-18 20:58:51 +00:00
Daniel J Walsh
2d1b4a450f
- Fix number of cats
2006-10-17 19:59:07 +00:00
Daniel J Walsh
da08298372
- Update to upstream
2006-10-17 18:43:08 +00:00
jantill
a3698a1d5b
- More iSCSI changes for #209854
2006-10-12 15:43:58 +00:00
jantill
cd0a0d2169
- Test ISCSI fixes for #209854
2006-10-12 15:24:06 +00:00
Daniel J Walsh
ed9a4ccc00
- allow semodule to rmdir selinux_config_t dir
2006-10-08 21:45:47 +00:00
Daniel J Walsh
70e2dbc497
- Fix boot_runtime_t problem on ppc. Should not be creating these files.
2006-10-06 20:38:14 +00:00
Daniel J Walsh
16c971a867
- Fix context mounts on reboot
...
- Fix ccs creation of directory in /var/log
2006-10-05 19:31:33 +00:00
Daniel J Walsh
7316db5b42
- Update for tallylog
2006-10-05 15:11:16 +00:00
Daniel J Walsh
bfcffeacff
- Allow xend to rewrite dhcp conf files
...
- Allow mgetty sys_admin capability
2006-10-05 13:48:32 +00:00
Daniel J Walsh
160281be0a
- Make xentapctrl work
2006-10-04 19:31:42 +00:00
Daniel J Walsh
46f098ac91
- Don't transition unconfined_t to bootloader_t
...
- Fix label in /dev/xen/blktap
2006-10-03 20:35:40 +00:00
Daniel J Walsh
f21d67baff
- Patch for labeled networking
2006-10-03 18:47:06 +00:00
Daniel J Walsh
42dd742837
- Fix crond handling for mls
2006-10-02 19:45:00 +00:00
Daniel J Walsh
8fff699602
- Update to upstream
2006-09-29 19:19:18 +00:00
Daniel J Walsh
52ba98baf2
- Remove bluetooth-helper transition
...
- Add selinux_validate for semanage
- Require new version of libsemanage
2006-09-29 18:12:18 +00:00
Daniel J Walsh
5096e7d5da
- Fix prelink
2006-09-29 14:22:55 +00:00
Daniel J Walsh
3c4577002a
- Fix rhgb
2006-09-29 05:33:37 +00:00
Daniel J Walsh
172c6c7dc9
- Fix setrans handling on MLS and useradd
2006-09-28 16:45:43 +00:00
Daniel J Walsh
afbab5a372
- Support for fuse
...
- fix vigr
2006-09-27 23:56:21 +00:00
Daniel J Walsh
bfd584d6c7
- Fix dovecot, amanda
...
- Fix mls
2006-09-27 20:59:46 +00:00