Daniel J Walsh
7e6a2a413c
updated policy
2008-05-20 21:37:28 +00:00
Daniel J Walsh
fbea0df606
add init_upstart boolean
2008-05-19 17:48:06 +00:00
Daniel J Walsh
b426629866
remove old patch
2008-05-19 13:04:18 +00:00
Daniel J Walsh
4b7f030014
Update for rawhide
2008-05-19 13:02:56 +00:00
Daniel J Walsh
c43b447f6f
Update for rawhide
2008-05-19 13:01:59 +00:00
Daniel J Walsh
cd9bbaeddb
- Allow amanada to create data files
2008-05-08 15:46:03 +00:00
Daniel J Walsh
6a65e4eaf0
- Allow amanada to create data files
2008-05-08 15:24:16 +00:00
Daniel J Walsh
993c27dacb
- Allow amanada to create data files
2008-05-07 19:10:59 +00:00
Daniel J Walsh
da67f18558
- Remove dmesg boolean
...
- Allow user domains to read/write game data
2008-05-06 20:43:08 +00:00
Daniel J Walsh
58d7ee7ef1
- Remove dmesg boolean
...
- Allow user domains to read/write game data
2008-05-06 18:15:03 +00:00
Daniel J Walsh
6c25b428ce
- Remove dmesg boolean
...
- Allow user domains to read/write game data
2008-05-06 17:01:42 +00:00
Daniel J Walsh
86881dd93f
- Change unconfined_t to transition to unconfined_mono_t when running mono
...
- Change XXX_mono_t to transition to XXX_t when executing bin_t files, so
gnome-do will work
2008-04-29 16:05:11 +00:00
Daniel J Walsh
2d8ff5157a
- Remove old booleans from targeted-booleans.conf file
2008-04-28 21:24:59 +00:00
Daniel J Walsh
b4e933120a
- Don't run crontab from unconfined_t
2008-04-24 21:08:32 +00:00
Daniel J Walsh
ef5e600999
- Don't run crontab from unconfined_t
2008-04-24 19:41:22 +00:00
Daniel J Walsh
eb11e7fc27
- Change etc files to config files to allow users to read them
2008-04-23 19:50:45 +00:00
Daniel J Walsh
4b1d56da14
- Change etc files to config files to allow users to read them
2008-04-23 14:15:54 +00:00
Daniel J Walsh
a6a82aec79
- dontaudit mrtg reading /proc
...
- Allow iscsi to signal itself
- Allow gnomeclock sys_ptrace
2008-04-15 20:27:09 +00:00
Daniel J Walsh
b912a6e25d
- dontaudit mrtg reading /proc
...
- Allow iscsi to signal itself
- Allow gnomeclock sys_ptrace
2008-04-15 20:26:17 +00:00
Daniel J Walsh
5896bad9cf
2008-04-14 20:01:48 +00:00
Daniel J Walsh
bb36d75512
2008-04-11 18:58:08 +00:00
Daniel J Walsh
06686c20a2
- Allow dhcpd to read kernel network state
2008-04-10 19:45:47 +00:00
Daniel J Walsh
41625a26ea
- Label /var/run/gdm correctly
...
- Fix unconfined_u user creation
2008-04-10 14:37:57 +00:00
Daniel J Walsh
254e3c7af3
- Allow transition from initrc_t to getty_t
2008-04-08 20:14:36 +00:00
Daniel J Walsh
5a576e06f0
- Allow passwd to communicate with user sockets to change gnome-keyring
2008-04-08 19:17:28 +00:00
Daniel J Walsh
7f851af8d9
- Fix initial install
2008-04-08 03:17:46 +00:00
Daniel J Walsh
c3c4a525c2
-
2008-04-06 12:06:47 +00:00
Daniel J Walsh
08f4abfd6d
- Allow radvd to use fifo_file
...
- dontaudit setfiles reading links
- allow semanage sys_resource
- add allow_httpd_mod_auth_ntlm_winbind boolean
- Allow privhome apps including dovecot read on nfs and cifs home dirs if
the boolean is set
2008-04-05 12:01:36 +00:00
Daniel J Walsh
27943de6a0
- Allow radvd to use fifo_file
...
- dontaudit setfiles reading links
- allow semanage sys_resource
- add allow_httpd_mod_auth_ntlm_winbind boolean
- Allow privhome apps including dovecot read on nfs and cifs home dirs if
the boolean is set
2008-04-05 10:39:06 +00:00
Daniel J Walsh
c66f2bc425
- Allow nsplugin to read /etc/mozpluggerrc, user_fonts
...
- Allow syslog to manage innd logs.
- Allow procmail to ioctl spamd_exec_t
2008-04-01 09:21:21 +00:00
Daniel J Walsh
7b9c57c8ba
- Allow initrc_t to dbus chat with consolekit.
2008-03-30 05:41:15 +00:00
Daniel J Walsh
294ea7a213
- Allow initrc_t to dbus chat with consolekit.
2008-03-29 18:36:09 +00:00
Daniel J Walsh
e54cb216a8
- Additional access for nsplugin
...
- Allow xdm setcap/getcap until pulseaudio is fixed
2008-03-28 22:07:45 +00:00
Daniel J Walsh
478aeeca6b
- Additional access for nsplugin
...
- Allow xdm setcap/getcap until pulseaudio is fixed
2008-03-28 21:09:45 +00:00
Daniel J Walsh
f70afcdd9e
- Allow mount to mkdir on tmpfs
...
- Allow ifconfig to search debugfs
2008-03-26 06:17:27 +00:00
Daniel J Walsh
bf3d39e959
- Fix file context for MATLAB
...
- Fixes for xace
2008-03-21 23:24:11 +00:00
Daniel J Walsh
5ea3f10caf
- Allow stunnel to transition to inetd children domains
...
- Make unconfined_dbusd_t an unconfined domain
2008-03-20 16:11:16 +00:00
Daniel J Walsh
94b7be909e
2008-03-18 21:10:02 +00:00
Daniel J Walsh
ba9e5e8244
- Fixes for qemu/virtd
2008-03-17 21:42:05 +00:00
Daniel J Walsh
954e7c7340
- Fix bug in mozilla policy to allow xguest transition
...
- This will fix the
2008-03-17 21:40:53 +00:00
Daniel J Walsh
97081dcb9d
- Fix bug in mozilla policy to allow xguest transition
...
- This will fix the
2008-03-14 21:17:21 +00:00
Daniel J Walsh
a6e1280791
- Fix bug in mozilla policy to allow xguest transition
...
- This will fix the
2008-03-14 21:13:24 +00:00
Daniel J Walsh
d593d26c1d
- Allow nsplugin to run acroread
2008-03-14 15:59:07 +00:00
Daniel J Walsh
ad50da8a27
- Allow nsplugin to run acroread
2008-03-14 15:17:23 +00:00
Daniel J Walsh
987b10f86d
- Add cups_pdf policy
...
- Add openoffice policy to run in xguest
2008-03-14 00:25:00 +00:00
Daniel J Walsh
7f811bf534
- prewika needs to contact mysql
...
- Allow syslog to read system_map files
2008-03-13 12:58:25 +00:00
Daniel J Walsh
ceda8feb68
- Change init_t to an unconfined_domain
2008-03-12 12:39:48 +00:00
Daniel J Walsh
41617c099b
- Change init_t to an unconfined_domain
2008-03-12 12:35:06 +00:00
Daniel J Walsh
e9fce44302
- Allow init to transition to initrc_t on shell exec.
...
- Fix init to be able to sendto init_t.
- Allow syslog to connect to mysql
- Allow lvm to manage its own fifo_files
- Allow bugzilla to use ldap
- More mls fixes
2008-03-12 02:21:18 +00:00
Daniel J Walsh
0879f489ab
- Allow init to transition to initrc_t on shell exec.
...
- Fix init to be able to sendto init_t.
- Allow syslog to connect to mysql
- Allow lvm to manage its own fifo_files
- Allow bugzilla to use ldap
- More mls fixes
2008-03-12 01:10:44 +00:00