Commit Graph

774 Commits

Author SHA1 Message Date
Chris PeBenito
574e63fabc fix kerberos_use, which turned out to be a problem in dns_reslove 2005-11-29 15:36:53 +00:00
Chris PeBenito
70fb22d201 bump rev 2005-11-28 22:23:07 +00:00
Chris PeBenito
1504ff3e42 clean up most of the mta hacks 2005-11-28 22:19:08 +00:00
Chris PeBenito
08cd98b7c1 big cleanup of mta 2005-11-28 20:25:36 +00:00
Chris PeBenito
5d5ea8d002 add irqbalance 2005-11-28 19:06:22 +00:00
Chris PeBenito
f11f0c10ad add timidity 2005-11-28 18:29:03 +00:00
Chris PeBenito
19ff64f83a add rdisc 2005-11-28 17:46:29 +00:00
Chris PeBenito
131e573dcc add yppasswdd to nis 2005-11-28 16:44:51 +00:00
Chris PeBenito
09741b1f0e cleanup from sediff 2005-11-25 19:38:45 +00:00
Chris PeBenito
3f41889dae add xfs 2005-11-25 19:09:08 +00:00
Chris PeBenito
f00434fae9 clean up rpc hack 2005-11-25 17:39:35 +00:00
Chris PeBenito
d828b5ca8f clean up networkmanager hacks 2005-11-25 16:43:03 +00:00
Chris PeBenito
2629c6595a patch from dan to remove rhgb and gph:fd use 2005-11-25 15:51:50 +00:00
Chris PeBenito
1328802a41 Change optional_policy() to refer to the module name rather than modulename.te. 2005-11-23 20:24:27 +00:00
Chris PeBenito
af23450c36 patch from dan 2005-11-23 19:02:40 +00:00
Chris PeBenito
9cc2ccc4ed tweaks from dan 2005-11-22 17:56:53 +00:00
Chris PeBenito
95f82b0de8 fixes from dan 2005-11-21 22:15:11 +00:00
Chris PeBenito
c5c3066aa1 fix 2005-11-18 21:30:23 +00:00
Chris PeBenito
1d697ce7d2 add last bits from dan 2005-11-18 18:38:37 +00:00
Chris PeBenito
37ff8fe902 updates from dan 2005-11-18 16:12:30 +00:00
Chris PeBenito
1354ca04a6 fix superfluous network rules pointed out by dan walsh, and clean 2005-11-18 15:53:34 +00:00
Chris PeBenito
704327e8b2 fix transitions in and out of unconfined. fix bugs uncovered by rawhide testing 2005-11-16 21:08:52 +00:00
Chris PeBenito
1dad083d2c stray procmail execs 2005-11-15 20:27:49 +00:00
Chris PeBenito
3e6c816ddd add procmail 2005-11-15 20:17:18 +00:00
Chris PeBenito
c6d4c8f186 clean up some hacks 2005-11-15 18:47:20 +00:00
Chris PeBenito
7b062eac78 add patch from dan 2005-11-15 16:34:10 +00:00
Chris PeBenito
3ed2b69339 role hack for genhomedircon 2005-11-14 22:46:18 +00:00
Chris PeBenito
de0d2651a7 temp genhomedircon hack 2005-11-14 22:38:14 +00:00
Chris PeBenito
9e91381a26 change dmesg and loadkeys behavior to aliasing, and enable modules 2005-11-14 20:26:41 +00:00
Chris PeBenito
0d5d74e02b remove extra rule 2005-11-14 19:33:09 +00:00
Chris PeBenito
15c235f75c more broken symptoms 2005-11-11 22:21:32 +00:00
Chris PeBenito
af86646bfe hack 2005-11-11 21:39:09 +00:00
Chris PeBenito
3be48fa4e1 fix type transition conflicts 2005-11-11 21:33:54 +00:00
Chris PeBenito
17da253e65 fix ordering problem 2005-11-11 21:25:45 +00:00
Chris PeBenito
7fefc1d956 fix rpm 2005-11-11 21:25:31 +00:00
Chris PeBenito
175b1cb551 reverse last change 2005-11-11 21:00:00 +00:00
Chris PeBenito
5ae908113d fix ordering 2005-11-11 20:50:23 +00:00
Chris PeBenito
4fe05f2055 add debugging symbols 2005-11-11 19:40:31 +00:00
Chris PeBenito
33ff9b8cf2 missing fc's 2005-11-11 19:03:44 +00:00
Chris PeBenito
3ad26d1c7a update rh broken symptoms 2005-11-11 16:13:04 +00:00
Chris PeBenito
a6e32d615f add initrc_tmp_t mountpoint 2005-11-11 16:08:03 +00:00
Chris PeBenito
daff1dc5af fix missing role statements 2005-11-11 15:33:38 +00:00
Chris PeBenito
55290adf28 small fixes 2005-11-11 14:12:23 +00:00
Chris PeBenito
2e0a880165 changed rules fixes 2005-11-10 21:37:54 +00:00
Chris PeBenito
3797efb0ce work around role dominance breakage in module compiler 2005-11-10 20:37:31 +00:00
Chris PeBenito
65b9361c0a missing matches 2005-11-10 20:36:59 +00:00
Chris PeBenito
672a1570c8 reorder to work around module compiler bug 2005-11-10 19:41:23 +00:00
Chris PeBenito
37c85212a1 use role dominance in targeted for compatability with strict 2005-11-10 16:55:56 +00:00
Chris PeBenito
1904b01047 fix changed rules 2005-11-10 16:54:18 +00:00
Chris PeBenito
c6825e980c missing matches 2005-11-10 16:53:50 +00:00
Chris PeBenito
c2e35b815a fc fixes 2005-11-10 14:47:02 +00:00
Chris PeBenito
c646a9f838 add missing bin_t aliases 2005-11-09 22:18:15 +00:00
Chris PeBenito
51f3744773 add missing /var/yp match 2005-11-09 21:32:55 +00:00
Chris PeBenito
33faf59e07 correct shlib_t alias 2005-11-09 20:48:20 +00:00
Chris PeBenito
e3d21df8ad fix to use real type rather than alias 2005-11-09 19:13:08 +00:00
Chris PeBenito
2ab07ebbf3 fixes for sorting 2005-11-09 18:29:03 +00:00
Chris PeBenito
4b9516c125 add avahi 2005-11-09 17:12:34 +00:00
Chris PeBenito
d3f715d228 more fix 2005-11-09 15:51:22 +00:00
Chris PeBenito
3e639ab08b tty fixes 2005-11-09 15:05:47 +00:00
Chris PeBenito
725926c586 pile of sediff fixes 2005-11-08 22:00:30 +00:00
Chris PeBenito
76febd2146 fix sendmail transition 2005-11-07 21:13:07 +00:00
Chris PeBenito
8967bf8b89 merge in some of dan's old policy changes 2005-11-07 20:09:28 +00:00
Don Miner
bc6dfa6778 Changed a { create rw_dir_perms } to a create_dir_perms since starting radius was getting a setattr denial and setattr was shown to be missing in sediff 2005-11-04 16:43:05 +00:00
Don Miner
45aa10abd7 Added signal_perms to nscd_t. 2005-11-04 14:13:24 +00:00
Chris PeBenito
307e11419a missing dir 2005-11-03 21:07:29 +00:00
Chris PeBenito
7afca0b4c1 user tty fixes 2005-11-03 19:33:53 +00:00
Chris PeBenito
9c6feb63de add stuff from distros.fc 2005-11-03 18:08:36 +00:00
Don Miner
8f882ffcd9 Added rules so that tracepath, traceroute and ping work. 2005-11-02 20:44:17 +00:00
Chris PeBenito
73ef293bc5 fixes just so sediff is easier to handle 2005-11-01 21:15:11 +00:00
Chris PeBenito
b488014fd7 hack 2005-11-01 20:52:48 +00:00
Chris PeBenito
b9ea0fed0f clean up last var_run_domain expansion errors 2005-11-01 19:52:37 +00:00
Chris PeBenito
ee08bc4c75 read certs 2005-11-01 16:11:32 +00:00
Chris PeBenito
35adb6f8d7 clean up socket 2005-11-01 15:57:15 +00:00
Chris PeBenito
31a1c2df88 fix filesystem associations 2005-11-01 15:45:00 +00:00
Chris PeBenito
7ac22585e3 tty and caps fixes 2005-11-01 15:34:00 +00:00
Chris PeBenito
0b12fa4bd0 more dbus cleanup 2005-11-01 15:19:48 +00:00
Chris PeBenito
dab808bde7 dbus obj class cleanup 2005-11-01 15:11:05 +00:00
Chris PeBenito
ce0ff19691 more of the same 2005-10-31 22:44:03 +00:00
Chris PeBenito
b422aa9b1e initrc couldn't create/use its own pty! 2005-10-31 22:27:45 +00:00
Chris PeBenito
30910b37c6 more fixes 2005-10-31 22:19:16 +00:00
Don Miner
305106ebb9 Added a rule to allow dmidecode to use locallogin_t fd to make it so it works. 2005-10-31 21:45:42 +00:00
Chris PeBenito
aba9c7a3cf add missing httpd_helper_t tty part 2005-10-31 20:58:44 +00:00
Chris PeBenito
9ca7e78a35 misc sediff fixes 2005-10-31 20:54:33 +00:00
Chris PeBenito
0500e01f2d * fixes uncovered by sediff
* fix disable_trans support so the daemon can be both
init and inet services, and not get dup bool decl
2005-10-31 20:32:53 +00:00
Chris PeBenito
bea7b4548e add missing tunable 2005-10-31 19:58:51 +00:00
Chris PeBenito
6ff85b5c84 fix perm set 2005-10-31 19:31:22 +00:00
Chris PeBenito
62841791a5 fixes uncovered by sediff 2005-10-31 14:55:34 +00:00
Chris PeBenito
f3936d3876 nicer te_trans conflict fix 2005-10-28 19:18:50 +00:00
Chris PeBenito
cac3eca0be fix te_trans conflict 2005-10-28 19:13:54 +00:00
Chris PeBenito
dc8f17037b fix up sendmail for targeted 2005-10-28 18:57:23 +00:00
Chris PeBenito
f1b0a8c55b fix 2005-10-28 18:46:46 +00:00
Chris PeBenito
2d13f72977 take care of missing types 2005-10-28 18:38:04 +00:00
Chris PeBenito
375c241556 ssh updates for targeted 2005-10-28 18:13:44 +00:00
Chris PeBenito
f0f18e0734 typo 2005-10-28 15:12:23 +00:00
Chris PeBenito
495a7026d9 add missing range transition 2005-10-28 15:09:03 +00:00
Chris PeBenito
005a9aa6e2 initrc fixes 2005-10-28 14:34:26 +00:00
Chris PeBenito
7e1c14d1f6 fix quoting 2005-10-28 13:53:18 +00:00
Chris PeBenito
dd3544d1a5 fixes from testing 2005-10-28 13:33:25 +00:00
Chris PeBenito
f1baed733f fix some /opt regexes 2005-10-27 18:32:16 +00:00
Chris PeBenito
08c22f4d17 more transition work 2005-10-27 15:16:42 +00:00
Chris PeBenito
b281bf6ed9 add some missing transitions from unconfined 2005-10-27 15:06:15 +00:00
Chris PeBenito
a525f293c3 sediff fixes 2005-10-27 14:52:37 +00:00
Chris PeBenito
fc6198ced0 fixes from sediff 2005-10-27 14:08:53 +00:00
Chris PeBenito
ce03837abe rpc fixes from testing 2005-10-27 14:08:47 +00:00
Chris PeBenito
5abea9818a fixes from testing 2005-10-27 13:37:36 +00:00
Chris PeBenito
4614e83fbb more fixing 2005-10-26 21:03:19 +00:00
Don Miner
f13da83f99 Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail process would be able to start through init 2005-10-26 18:31:09 +00:00
Chris PeBenito
d1b9d9228b another pile o fixes 2005-10-26 18:07:20 +00:00
Chris PeBenito
33acca55ce pile o fixes 2005-10-26 16:00:13 +00:00
Chris PeBenito
f5e4f795b6 fix rpm transition 2005-10-26 13:51:33 +00:00
Chris PeBenito
e8d0a659c3 fixes from arpwatch testing 2005-10-25 20:27:08 +00:00
Chris PeBenito
7a6d427eae a few more strays 2005-10-25 20:22:25 +00:00
Chris PeBenito
c3cf6693c7 try to fix associations 2005-10-25 20:06:27 +00:00
Chris PeBenito
b7e1825b68 privfd 2005-10-25 19:20:56 +00:00
Chris PeBenito
ccfd7b19cf easy fixes 2005-10-25 19:03:15 +00:00
Chris PeBenito
2526a44dea missing privloggers 2005-10-25 18:42:08 +00:00
Chris PeBenito
ee64ef496f typo 2005-10-25 18:34:46 +00:00
Chris PeBenito
d49d524d53 initrc also uses nscd 2005-10-25 18:33:13 +00:00
Chris PeBenito
e11d2e3bfd add missing nscd clients 2005-10-25 18:28:41 +00:00
Chris PeBenito
2aec1461b4 use our own interface to make maintenance easier 2005-10-25 18:13:47 +00:00
Chris PeBenito
7eec657c86 add default_t read back 2005-10-25 18:00:42 +00:00
Chris PeBenito
784a3bbcad privhome implementation 2005-10-25 17:50:00 +00:00
Chris PeBenito
7b90f2db5a testing fixes 2005-10-25 17:37:56 +00:00
Chris PeBenito
51f5c6a2ab add dontaudit 2005-10-25 15:56:28 +00:00
Chris PeBenito
467602f5d5 system_chkpwd can winbind 2005-10-25 15:53:36 +00:00
Chris PeBenito
b0bdeb0392 syslog logs to itself? 2005-10-25 15:52:08 +00:00
Chris PeBenito
2c216c09a8 use the right interface 2005-10-25 15:41:38 +00:00
Chris PeBenito
9aca490302 some home dir fixes 2005-10-25 15:36:45 +00:00
Chris PeBenito
83e4512c33 fix up su 2005-10-25 14:31:53 +00:00
Chris PeBenito
60789e16d0 fixes 2005-10-25 02:51:07 +00:00
Chris PeBenito
28e730b8e2 module build fixes 2005-10-25 01:17:55 +00:00
Chris PeBenito
9dd50026a0 homedir fixes 2005-10-25 01:08:10 +00:00
Chris PeBenito
88dd389695 more postfix work 2005-10-25 00:00:50 +00:00
Don Miner
2192d4baa1 Moved the dbus stuff inbetween networkmanager and bind to the bind policy 2005-10-24 23:14:39 +00:00
Chris PeBenito
3df88de0ba hide broken symptoms 2005-10-24 22:55:28 +00:00
Chris PeBenito
52e1edb35b fix acct 2005-10-24 22:31:44 +00:00
Don Miner
d2c57395ab Fixed an allow that should have been a dontaudit 2005-10-24 22:20:04 +00:00
Chris PeBenito
977b1d65f5 add nscd 2005-10-24 22:13:41 +00:00
Chris PeBenito
69dcd685ad fix most disable_trans errors 2005-10-24 22:08:13 +00:00
Don Miner
f470a1e329 Added a rule to allow apache to read httpd_sys_content_t so that it can show html error messages 2005-10-24 22:01:08 +00:00
Don Miner
c11417c4df Reduced the number of differences in amanda between the targeted and the refpolicy 2005-10-24 21:35:50 +00:00
Chris PeBenito
67167371a5 fix most of samba 2005-10-24 21:33:46 +00:00
Don Miner
bdfa8e72f0 Removed differences between refpolicy and targeted acct_t 2005-10-24 21:25:56 +00:00
Don Miner
9c4fcf666e Removed differences between refpolicy and targeted NetworkManager_t 2005-10-24 21:25:02 +00:00
Chris PeBenito
7ebd6a9079 add proc_net lnk 2005-10-24 20:25:59 +00:00
Chris PeBenito
b4e1ebc1f0 hopefully fix su 2005-10-24 20:01:03 +00:00
Chris PeBenito
30705b6bc0 fixes 2005-10-24 19:50:21 +00:00
Chris PeBenito
9bbc757a76 more fix 2005-10-24 18:40:24 +00:00
Don Miner
0354e306b7 Fixed a problem which was allowing processes to become unconfined from initrc 2005-10-24 18:10:47 +00:00
Don Miner
dd57ca3454 Added rules to the bind policy for the named server so that it would start 2005-10-24 18:06:31 +00:00