rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
777 Commits 8 Branches 96 Tags 37 MiB
c5c253fae5
Commit Graph

669 Commits

Author SHA1 Message Date
Daniel J Walsh
533c755e4d - Allow nsplugin_config execstack/execmem 
- Allow nsplugin_t to read alsa config
- Change apache to use user content
 2008-02-28 03:32:23 +00:00
Daniel J Walsh
c092cc1478 - Add cyphesis policy 2008-02-26 23:02:51 +00:00
Daniel J Walsh
063999dd85 2008-02-26 19:24:53 +00:00
Daniel J Walsh
27b2b09ffe - 2008-02-26 16:15:00 +00:00
Daniel J Walsh
f75033d612 - Update to upstream fixes 2008-02-26 13:45:23 +00:00
Daniel J Walsh
5ca2ff99b6 - Add xace support 2008-02-22 20:32:52 +00:00
Daniel J Walsh
8bd036a289 - Add fusectl file system 2008-02-21 19:43:52 +00:00
Daniel J Walsh
541ba8edec - Fixes from yum-cron 
- Update to latest upstream
 2008-02-20 18:52:50 +00:00
Daniel J Walsh
e5acebe58c 2008-02-20 18:30:31 +00:00
Daniel J Walsh
306393505f - Fix userdom_list_user_files 2008-02-19 22:20:15 +00:00
Daniel J Walsh
eb3e9fbc68 - Merge with upstream 2008-02-18 21:31:18 +00:00
Daniel J Walsh
7e1e7bed89 - Allow udev to send audit messages 2008-02-14 21:05:32 +00:00
Daniel J Walsh
9870c64ba7 - Add additional login users interfaces 
- userdom_admin_login_user_template(staff)
 2008-02-13 22:13:58 +00:00
Daniel J Walsh
49295b262f - More fixes for polkit 2008-02-12 18:41:35 +00:00
Daniel J Walsh
ebe074be56 - More fixes for polkit 2008-02-11 22:53:26 +00:00
Daniel J Walsh
57ac1cab83 - Update to upstream 2008-02-06 21:47:42 +00:00
Daniel J Walsh
4637b67d50 - Fixes for staff_t 2008-02-05 21:25:09 +00:00
Daniel J Walsh
b53db53c9f - Add policy for kerneloops 
- Add policy for gnomeclock
 2008-02-05 18:31:25 +00:00
Daniel J Walsh
881d64a16e - Fixes for libvirt 2008-02-04 21:41:59 +00:00
Daniel J Walsh
60c693e546 - Fixes for nsplugin 2008-02-03 13:39:47 +00:00
Daniel J Walsh
11ac4bcde1 - Additional ports for vnc and allow qemu and libvirt to search all 
directories
 2008-02-02 15:42:44 +00:00
Daniel J Walsh
b19d470cd4 - Update to upstream 
- Add libvirt policy
- add qemu policy
 2008-02-02 06:30:04 +00:00
Daniel J Walsh
e1060e24d5 - Allow fail2ban to create a socket in /var/run 2008-02-01 13:49:05 +00:00
Daniel J Walsh
59d6fbb642 - Allow allow_httpd_mod_auth_pam to work 2008-01-31 20:59:05 +00:00
Daniel J Walsh
7c124f5e42 - Allow allow_httpd_mod_auth_pam to work 2008-01-31 19:32:51 +00:00
Daniel J Walsh
f18a882ba5 - Add audisp policy and prelude 2008-01-30 21:34:13 +00:00
Daniel J Walsh
0f70114e58 - Allow all user roles to executae samba net command 2008-01-30 13:56:22 +00:00
Daniel J Walsh
7c2be34d14 - Allow usertypes to read/write noxattr file systems 2008-01-28 16:48:49 +00:00
Daniel J Walsh
7c7d59935b - Fix nsplugin to allow flashplugin to work in enforcing mode 2008-01-24 18:12:25 +00:00
Daniel J Walsh
0939872058 - Allow pam_selinux_permit to kill all processes 2008-01-23 18:24:12 +00:00
Daniel J Walsh
cc5bb89ef0 - Allow ptrace or user processes by users of same type 
- Add boolean for transition to nsplugin
 2008-01-22 19:46:50 +00:00
Daniel J Walsh
ef19b75773 - Allow nsplugin sys_nice, getsched, setsched 2008-01-22 17:35:34 +00:00
Daniel J Walsh
b3c8a04083 - Allow login programs to talk dbus to oddjob 2008-01-21 21:42:26 +00:00
Daniel J Walsh
98f84cb0ed - Add procmail_log support 
- Lots of fixes for munin
 2008-01-21 15:57:25 +00:00
Daniel J Walsh
e26fef9ac3 - Allow setroubleshoot to read policy config and send audit messages 2008-01-15 20:43:04 +00:00
Daniel J Walsh
8a40d69539 - Allow users to execute all files in homedir, if boolean set 
- Allow mount to read samba config
 2008-01-14 19:47:11 +00:00
Daniel J Walsh
27c7d85aab - Fixes for xguest to run java plugin 2008-01-13 14:01:50 +00:00
Daniel J Walsh
4be3ba520d - dontaudit pam_t and dbusd writing to user_home_t 2008-01-11 19:45:47 +00:00
Daniel J Walsh
5baf53aabd - Update gpg to allow reading of inotify 2008-01-08 19:58:56 +00:00
Daniel J Walsh
a502c55197 - Change user and staff roles to work correctly with varied perms 2008-01-03 22:13:09 +00:00
Daniel J Walsh
c64ec27caa - Fix munin log, 
- Eliminate duplicate mozilla file context
- fix wpa_supplicant spec
 2007-12-31 21:47:39 +00:00
Daniel J Walsh
88ae3f5e0c - Fix role transition from unconfined_r to system_r when running rpm 
- Allow unconfined_domains to communicate with user dbus instances
 2007-12-30 15:12:11 +00:00
Daniel J Walsh
5d13344539 - Fix role transition fro unconfined_r to system_r when running rpm 2007-12-24 12:01:17 +00:00
Daniel J Walsh
0ec33db4ff - Let all uncofined domains communicate with dbus unconfined 2007-12-21 07:58:04 +00:00
Daniel J Walsh
673eaaeafb - Run rpm in system_r 2007-12-20 21:26:31 +00:00
Daniel J Walsh
5615fe1b3d - Zero out customizable types 2007-12-19 21:45:51 +00:00
Daniel J Walsh
9a2cf87457 - Fix definiton of admin_home_t 2007-12-19 10:42:06 +00:00
Daniel J Walsh
2f257cb996 - Fix munin file context 2007-12-19 09:27:15 +00:00
Daniel J Walsh
91c2fa9d31 - Allow cron to run unconfined apps 2007-12-18 13:59:31 +00:00
Daniel J Walsh
99d3676891 - Modify default login to unconfined_u 2007-12-17 22:49:08 +00:00
Daniel J Walsh
4d59c29e33 - Dontaudit dbus user client search of /root 2007-12-14 12:40:39 +00:00
Daniel J Walsh
5928688f61 - Dontaudit dbus user client search of /root 2007-12-13 22:42:22 +00:00
Daniel J Walsh
76e3401243 - Update to upstream 2007-12-13 18:44:18 +00:00
Daniel J Walsh
4c6f2dd6a3 - Fixes for polkit 
- Allow xserver to ptrace
 2007-12-12 14:53:07 +00:00
Daniel J Walsh
7dfe3eb3ef - Add polkit policy 
- Symplify userdom context, remove automatic per_role changes
 2007-12-11 06:08:33 +00:00
Daniel J Walsh
a1341a85df - Update to upstream 
- Allow httpd_sys_script_t to search users homedirs
 2007-12-06 21:37:36 +00:00
Daniel J Walsh
02654b8fb4 - Update to upstream 
- Allow httpd_sys_script_t to search users homedirs
 2007-12-05 03:19:13 +00:00
Daniel J Walsh
d195fc7e87 - Update to upstreamddddddddddddd 
- Allow httpd_sys_script_t to search users homedirs
 2007-12-05 03:11:46 +00:00
Daniel J Walsh
320f3e6459 - Allow rpm_script to transition to unconfined_execmem_t 2007-12-04 00:15:27 +00:00
Daniel J Walsh
3b47cb03b7 Fri Nov 30 2007 Dan Walsh <dwalsh@redhat.com> 3.2.1-1 
- Remove user based home directory separation
 2007-12-03 00:15:23 +00:00
Daniel J Walsh
9186dc57d9 - Remove user based home directory separation 2007-11-30 22:33:18 +00:00
Daniel J Walsh
3a54e4809f - Remove user specific crond_t 2007-11-28 16:56:57 +00:00
Daniel J Walsh
0fffbad8de - Merge with upstream 
- Allow xsever to read hwdata_t
- Allow login programs to setkeycreate
 2007-11-26 15:40:45 +00:00
Daniel J Walsh
ddf4ec413f - Update to upstream 2007-11-19 20:09:32 +00:00
Daniel J Walsh
7330e86b90 - Update to upstream 2007-11-10 14:14:41 +00:00
Daniel J Walsh
36404444a8 - Update to upstream 2007-11-07 19:42:24 +00:00
Daniel J Walsh
fa0d1c8884 - Update to upstream 2007-10-23 23:13:09 +00:00
Daniel J Walsh
d0649e9167 - Allow XServer to read /proc/self/cmdline 2007-10-22 14:27:29 +00:00
Daniel J Walsh
30dfdc7f05 - Fixes for hald_mac 
- Treat unconfined_home_dir_t as a home dir
- dontaudit rhgb writes to fonts and root
 2007-10-19 21:21:40 +00:00
Daniel J Walsh
3375c34d9a - Fix dnsmasq 
- Allow rshd full login privs
 2007-10-19 15:01:30 +00:00
Daniel J Walsh
6455c9d6b5 - Allow rshd to connect to ports > 1023 2007-10-18 22:33:41 +00:00
Daniel J Walsh
953fd14b2e - Fix vpn to bind to port 4500 
- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
- Add Kismet policy
 2007-10-18 22:00:35 +00:00
Daniel J Walsh
ccf8a72ae3 - Fix vpn to bind to port 4500 
- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
 2007-10-18 21:33:00 +00:00
Daniel J Walsh
b4ed6dbce0 - Allow rpm to chat with networkmanager 2007-10-17 03:51:04 +00:00
Daniel J Walsh
9185bf2fee - Pass the UNK_PERMS param to makefile 
- Fix gdm location
 2007-10-13 14:15:08 +00:00
Daniel J Walsh
c27b2bd6ae - Make alsa work 2007-10-11 18:57:00 +00:00
Daniel J Walsh
28021c8d41 - Fixes for consolekit and startx sessions 2007-10-09 20:53:38 +00:00
Daniel J Walsh
7a91e89abe - Dontaudit consoletype talking to unconfined_t 2007-10-08 15:32:19 +00:00
Daniel J Walsh
8fd9df6414 - Remove homedir_template 2007-10-05 19:47:10 +00:00
Daniel J Walsh
922f646a26 - Remove homedir_template 2007-10-05 11:43:46 +00:00
Daniel J Walsh
24ccb8b103 - Check asound.state 2007-10-04 14:34:02 +00:00
Daniel J Walsh
492612d339 - Fix exim policy 2007-10-01 21:20:16 +00:00
Daniel J Walsh
1ffa684823 - Allow tmpreadper to read man_t 
- Allow racoon to bind to all nodes
- Fixes for finger print reader
 2007-10-01 17:03:12 +00:00
Daniel J Walsh
7c1c1729f9 - Allow xdm to talk to input device (fingerprint reader) 
- Allow octave to run as java
 2007-09-26 22:01:27 +00:00
Daniel J Walsh
d770c53fe9 - Allow login programs to set ioctl on /proc 2007-09-25 15:03:25 +00:00
Daniel J Walsh
fb11ad6653 - Allow nsswitch apps to read samba_var_t 2007-09-25 13:30:08 +00:00
Daniel J Walsh
f5018f18f8 - Fix maxima 2007-09-24 20:26:12 +00:00
Daniel J Walsh
d83ea801ac - Eliminate rpm_t:fifo_file avcs 
- Fix dbus path for helper app
 2007-09-24 14:18:57 +00:00
Daniel J Walsh
6c319e4011 - Fix service start stop terminal avc's 2007-09-22 12:15:13 +00:00
Daniel J Walsh
ec4fb1ce99 - Allow also to search var_lib 
- New context for dbus launcher
 2007-09-21 23:46:18 +00:00
Daniel J Walsh
347ff1a0c3 - Allow cupsd_config_t to read/write usb_device_t 
- Support for finger print reader,
- Many fixes for clvmd
- dbus starting networkmanager
 2007-09-21 20:21:36 +00:00
Daniel J Walsh
07e28d136d - Fix java and mono to run in xguest account 2007-09-20 22:30:51 +00:00
Daniel J Walsh
a9d4b80f50 - Fix to add xguest account when inititial install 
- Allow mono, java, wine to run in userdomains
 2007-09-20 17:21:13 +00:00
Daniel J Walsh
c67a1217e2 - Fix to add xguest account when inititial install 2007-09-20 14:58:12 +00:00
Daniel J Walsh
d90a3db27d - Allow xserver to search devpts_t 
- Dontaudit ldconfig output to homedir
 2007-09-20 14:39:14 +00:00
Daniel J Walsh
21c534bcb9 - Allow xserver to search devpts_t 
- Dontaudit ldconfig output to homedir
 2007-09-19 17:40:59 +00:00
Daniel J Walsh
7ff410d3bc - Remove hplip_etc_t change back to etc_t. 2007-09-19 01:11:31 +00:00
Daniel J Walsh
1a3fe36b5c - Allow cron to search nfs and samba homedirs 2007-09-17 23:26:58 +00:00
Daniel J Walsh
babb3641bd - Allow NetworkManager to dbus chat with yum-updated 2007-09-11 20:05:08 +00:00
Daniel J Walsh
bf7f975f77 - Allow xfs to bind to port 7100 2007-09-11 16:07:47 +00:00