Jeremy Solt
c4834a02d2
accountsd policy from Dan Walsh
...
Edits:
- Removed accountsd_manage_var_lib
- Removed optional block for xserver - these interfaces didn't exist
- It looks like sys_ptrace is needed because it reads /proc/pid/loginuid
- Whitespace and style fixes
2010-08-03 09:27:24 -04:00
Chris PeBenito
a7ee7f819a
Docs standardizing on the role portion of run interfaces. Additional docs cleanup.
2010-08-03 09:20:22 -04:00
Chris PeBenito
a72e42f485
Interface documentation standardization patch from Dan Walsh.
2010-08-02 09:22:09 -04:00
Chris PeBenito
64ef2df368
Module version bump for 5563d4c
.
2010-07-22 09:13:11 -04:00
Jeremy Solt
5563d4c4d8
Removing seutil_domtrans_setsebool from anaconda patch - it doesn't exist
2010-07-22 08:49:32 -04:00
Jeremy Solt
b0a6f1b7c2
anaconda patch from Dan Walsh
...
- Did not include the change to unconfined_domain_noaudit
2010-07-22 08:49:32 -04:00
Chris PeBenito
b70dfcdf8f
RPM patch from Dan Walsh.
2010-07-08 10:53:28 -04:00
Chris PeBenito
2d839c6791
Whitespace fixes in RPM.
2010-07-08 10:12:24 -04:00
Chris PeBenito
7e265a8abb
Add shutdown from Dan Walsh.
2010-07-07 11:10:56 -04:00
Chris PeBenito
3bcfe5beb7
Usermanage patch from Dan Walsh.
...
Broken leaks of sockets
useradd runs semanage for -Z.
passwd_t needs sys_nice
useradd run within a samba_controler needs to append to the samba log.
2010-07-06 10:56:20 -04:00
Chris PeBenito
ab62f3f1b1
Module version bump for a7521af
.
2010-07-01 10:48:11 -04:00
Jeremy Solt
a7521af67d
firstboot patch from Dan Walsh
...
- Did not include gnome_admin_home_gconf_filetrans
- Whitespace fixes
2010-07-01 10:36:31 -04:00
Chris PeBenito
ab4f820548
Module version bump for b5d89d0
.
2010-06-29 11:03:56 -04:00
Jeremy Solt
b5d89d0325
vpn patch from Dan Walsh
...
fixed gen_require in vpn_relabelfrom_tun_socket interface (wrong type)
removed userdom_read_home_certs (not in refpolicy)
2010-06-29 11:02:45 -04:00
Chris PeBenito
e08ac5acb3
Vbetool patch from Dan Walsh.
...
vbetool needs mls overrides
2010-06-18 14:56:27 -04:00
Chris PeBenito
3835c39a13
Sudo patch from Dan Walsh.
...
sudo gets execed by apps that leak sockets
2010-06-18 14:43:22 -04:00
Chris PeBenito
f7e3410aed
Su patch from Dan Walsh.
...
dontaudit leaked sockets
2010-06-18 14:32:42 -04:00
Chris PeBenito
b9be5cccf1
Shorewall patch from Dan Walsh.
...
Shorewall execs hostname
2010-06-18 14:23:46 -04:00
Chris PeBenito
5116faa198
Quota patch from Dan Walsh.
...
Quata needs to setshed on kernel processes
2010-06-18 14:14:21 -04:00
Chris PeBenito
a9ef84b578
Prelink patch from Dan Walsh.
...
Prelink has new directory under /var/lib
dontaudit leaks from domains that transition
cron job looks at all mount points.
2010-06-18 14:07:53 -04:00
Chris PeBenito
9a4d292902
Netutils patch from Dan Walsh.
...
ping gets leaked log descriptor from nagios.
Label send_arp as ping_exec_t
2010-06-17 10:16:19 -04:00
Chris PeBenito
10c0104066
Kismet patch from Dan Walsh.
...
Kismet searches user_home_dirs for kismet_home_t content.
2010-06-17 08:24:21 -04:00
Chris PeBenito
e89f04fd17
Mcelog patch from Dan Walsh.
...
mcelog needs mls override
2010-06-17 08:23:48 -04:00
Chris PeBenito
0e30bca6d9
Consoletype patch from Dan Walsh.
...
I am sick of every app in the known universe leaking socket descriptors.
Dontaudit by default
consoletype is handed a write for hal log on resume from hibernate.
2010-06-17 08:23:20 -04:00
Chris PeBenito
88a574d373
Alsa patch from Dan Walsh
...
Alsa trys to talk to all types of terminals. Dontaudit this access.
2010-06-17 08:22:43 -04:00
Chris PeBenito
4db7790c60
Acct patch from Dan Walsh.
...
acct needs to use generic ptys
2010-06-17 08:22:17 -04:00
Chris PeBenito
48f99a81c0
Whitespace change: drop unnecessary blank line at the start of .te files.
2010-06-10 08:16:35 -04:00
Chris PeBenito
2a29628e40
Fix duplicate lines in kudzu.
2010-05-26 08:26:50 -04:00
Chris PeBenito
29af4c13e7
Bump module versions for release.
2010-05-24 15:32:01 -04:00
Chris PeBenito
91cbcc6602
Fix deprecated interface usage in rhel4 block in su.if.
2010-05-24 15:09:18 -04:00
Chris PeBenito
3d95ca2d82
Module version bump for 904f3d8.
2010-05-24 13:08:09 -04:00
Chris PeBenito
213d35a07c
Module version bump for 9e28f74.
2010-05-24 13:08:09 -04:00
Chris PeBenito
c789f82bc5
Module version bump for d5170e5.
2010-05-24 13:08:09 -04:00
Chris PeBenito
d53a972879
Module version bump for cb1df6a.
2010-05-24 13:08:09 -04:00
Jeremy Solt
d8642cad29
readahead patch from Dan Walsh
...
Edits:
- Removed files_dontaudit_read_security_files and fs_dontaudit_read_tmpfs_blk_dev interface calls
2010-05-24 13:08:08 -04:00
Chris PeBenito
ff1cae1f5e
Move line in logrotate; module version bump.
2010-05-24 13:08:08 -04:00
Jeremy Solt
b8c9879a8c
logrotate patch from Dan Walsh
2010-05-24 13:08:08 -04:00
Jeremy Solt
fdc0d0f77c
vpn patch from Dan Walsh
...
Edits:
- Removed userdom_read_home_certs
2010-05-24 13:08:08 -04:00
Jeremy Solt
2483d7ae56
Replace apache_delete_cache with apache_delete_cache_files in tmpreaper.te
2010-05-24 13:08:07 -04:00
Jeremy Solt
8daddcf37e
tmpreaper patch from Dan Walsh
2010-05-24 13:08:07 -04:00
Jeremy Solt
7605d2738c
Remove call to nagios_rw_inherited_tmp_files
2010-05-24 13:08:07 -04:00
Jeremy Solt
44dc1b9c21
netutils patch from Dan Walsh
...
Edits:
- Dropping term_use_all_terms and user_ping tunables for ping and traceroute
- Whitespace fixes
2010-05-24 13:08:07 -04:00
Chris PeBenito
9fe1b540b8
Prelink patch from Dan Walsh.
2010-05-20 08:54:51 -04:00
Chris PeBenito
16070400a8
RPM patch from Dan Walsh.
2010-05-11 11:11:40 -04:00
Chris PeBenito
4fbcd778de
Iptables patch from Dan Walsh.
2010-03-18 08:10:21 -04:00
Chris PeBenito
c6491af860
Module version bump for d12f18e
.
2010-03-16 14:34:50 -04:00
Jeremy Solt
d12f18e452
Change kernel_load_module to kernel_request_load_module from Dan Walsh
2010-03-16 13:44:52 -04:00
Chris PeBenito
fad6e761bf
Whitespace fix for mcelog.
2010-03-16 13:15:38 -04:00
Chris PeBenito
580279da88
Module version bump for 74b51e6
.
2010-03-16 13:12:22 -04:00
Chris PeBenito
6bc64c4be7
Whitespace fixes for smoltclient.
2010-03-16 13:11:53 -04:00