rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5,780 Commits 8 Branches 93 Tags 37 MiB
cb2fee86ff
Commit Graph

5780 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel J Walsh
f08bf9299c - Remove ability for sysadm_t to look at audit.log 2006-11-07 21:16:47 +00:00
Daniel J Walsh
f3ecbbfcb9 - Fix rpc_port_types 
- Add aide policy for mls
 2006-11-07 20:38:46 +00:00
Chris PeBenito
0f9a2be65d add missing gentoo file contexts for initrc and lvm 2006-11-07 19:38:10 +00:00
Daniel J Walsh
d7e0f9fa0d - Merge with upstream 2006-11-06 21:15:57 +00:00
Daniel J Walsh
0dae3b6d89 - Lots of fixes for ricci 2006-11-03 21:27:47 +00:00
Chris PeBenito
f497b8df50 Christopher J. PeBenito wrote: 
> We could add another 'or' on the above constraint:
> 
> or ( (t2 == mlsfilewrite_in_range) and (l1 dom l2) and (h1 domby h2) )
> 
> I believe that would be the constraint you were looking for.  I don't
> like the name of that attribute, but I couldn't come up with a better
> one off the top of my head. :)
> 

Attached is a patch which I've tested against selinux-policy-2.4.2-1
that implements this additional constraint.  The name is still a bit
forced, but it works.

-matt <mra at hp dot com>
 2006-11-01 15:42:22 +00:00
Daniel J Walsh
d095a0e65b - Add perms for swat 2006-11-01 00:09:08 +00:00
Chris PeBenito
d9845ae92a patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
Daniel J Walsh
6b97615edf - Allow daemons to dump core files to / 2006-10-30 21:18:40 +00:00
Daniel J Walsh
8fb79d40f4 - Fixes for ricci 2006-10-30 16:45:09 +00:00
Daniel J Walsh
6672fcfbdd - Allow mount.nfs to work 2006-10-27 19:16:43 +00:00
Daniel J Walsh
85659e704f - Allow ricci-modstorage to look at lvm_etc_t 2006-10-27 14:42:56 +00:00
Chris PeBenito
582438054d fix up corecommands perm sets, add seutil_manage_config_dirs() 2006-10-27 13:55:35 +00:00
Chris PeBenito
d5ae683e2b add seutil_rw_config() 2006-10-25 20:48:04 +00:00
Chris PeBenito
76bac89cf0 make load target more friendly and add reload target 2006-10-25 20:38:33 +00:00
Daniel J Walsh
08efeffbe5 - Fixes for ricci using saslauthd 2006-10-25 15:31:39 +00:00
Daniel J Walsh
dc804f3593 - Allow mountpoint on home_dir_t and home_t 2006-10-24 19:55:28 +00:00
Daniel J Walsh
8ff9d6e5a3 - Update xen to read nfs files 2006-10-24 16:12:29 +00:00
Daniel J Walsh
3d011ff2e8 Mon Oct 23 2006 Dan Walsh <dwalsh@redhat.com> 2.4-4 
- Allow noxattrfs to associate with other noxattrfs
 2006-10-23 20:54:50 +00:00
Daniel J Walsh
11d7ea1908 - Allow hal to use power_device_t 2006-10-23 17:26:25 +00:00
Daniel J Walsh
d6926f7f13 - Allow procemail to look at autofs_t 
- Allow xen_image_t to work as a fixed device
 2006-10-20 21:08:15 +00:00
Chris PeBenito
a8671ae5b2 enhanced setransd support from darrel goeddel 2006-10-20 14:44:23 +00:00
Daniel J Walsh
e2eecb7a01 - Refupdate from upstream 2006-10-19 15:52:02 +00:00
Daniel J Walsh
302afb6db1 - Add lots of fixes for mls cups 2006-10-19 14:32:27 +00:00
Daniel J Walsh
6fa5ecef5d - Lots of fixes for ricci 2006-10-18 20:58:51 +00:00
Chris PeBenito
248cccf7ce 20061018 release 2006-10-18 20:26:45 +00:00
Chris PeBenito
a52b4d4f23 bump versions to release numbers 2006-10-18 19:25:27 +00:00
Chris PeBenito
b04eccd87b fix duplicate /usr/bin/mplayer fc match for targeted 2006-10-18 17:31:14 +00:00
Chris PeBenito
d4a48c41c2 make inetd optional 2006-10-18 15:49:45 +00:00
Daniel J Walsh
2d1b4a450f - Fix number of cats 2006-10-17 19:59:07 +00:00
Daniel J Walsh
da08298372 - Update to upstream 2006-10-17 18:43:08 +00:00
Chris PeBenito
130f8a4aa5 merge netlabel stuff from labeled-networking branch 2006-10-17 16:58:17 +00:00
Chris PeBenito
aeaae5185e fix ticket #16 2006-10-16 16:51:57 +00:00
Chris PeBenito
e45324d1ee gentoo integrated run_init rules in wrong build option. 2006-10-15 00:23:06 +00:00
Chris PeBenito
0e5c5442c6 fix term_tty() associations 2006-10-14 23:32:30 +00:00
Chris PeBenito
009b377174 more realplayer entries 2006-10-14 23:31:33 +00:00
Chris PeBenito
14b1684aae gentoo testing fixes. 2006-10-13 21:44:02 +00:00
jantill
a3698a1d5b - More iSCSI changes for #209854 2006-10-12 15:43:58 +00:00
jantill
cd0a0d2169 - Test ISCSI fixes for #209854 2006-10-12 15:24:06 +00:00
Chris PeBenito
8a2492a2df fix makefile to install root default contexts 2006-10-12 13:18:21 +00:00
Chris PeBenito
d508474f08 add load target to Makefile.devel 2006-10-10 15:23:17 +00:00
Chris PeBenito
212832373e mkdir policy and file contexts dirs in make load of modular policy. 2006-10-10 15:09:59 +00:00
Chris PeBenito
85f0c35922 make optional the inetd dependency in samba 2006-10-10 13:11:58 +00:00
Chris PeBenito
93ddc66983 change transition from run_init to initrc to spec. 2006-10-09 18:52:19 +00:00
Daniel J Walsh
ed9a4ccc00 - allow semodule to rmdir selinux_config_t dir 2006-10-08 21:45:47 +00:00
Daniel J Walsh
70e2dbc497 - Fix boot_runtime_t problem on ppc. Should not be creating these files. 2006-10-06 20:38:14 +00:00
Chris PeBenito
f76d07072a fix some stuff that does not affect policy 2006-10-06 17:31:52 +00:00
Chris PeBenito
830c12eb2d apply contested part of russell's last patch 2006-10-06 13:38:49 +00:00
Chris PeBenito
546c81ce25 more non .so lib files for acrobat 2006-10-05 20:39:25 +00:00
Chris PeBenito
3c3c0439f6 patch from russell, Thu, 5 Oct 2006 22:44:49 +1000 
Allow unconfined processes to see unlabeled processes in ps.

Removed a redundant rule in samba.te

Removed support for the pre-Fedora Red Hat code to create sym-links in /boot.

Removed support for devpts_t files in /tmp (there is no way that would ever 
work).

Allowed postgrey to create socket files.

Made the specs for the /lib and /lib64 directories better support stem 
compression.
 2006-10-05 19:57:37 +00:00