Chris PeBenito
a9e9678fc7
kismet patch from dan.
2009-08-31 09:38:47 -04:00
Chris PeBenito
aaff2fcfcd
module version number bump for tun patches
2009-08-31 09:17:31 -04:00
Paul Moore
9dc3cd1635
refpol: Policy for the new TUN driver access controls
...
Add policy for the new TUN driver access controls which allow policy to
control which domains have the ability to create and attach to TUN/TAP
devices. The policy rules for creating and attaching to a device are as
shown below:
# create a new device
allow domain_t self:tun_socket { create };
# attach to a persistent device (created by tunlbl_t)
allow domain_t tunlbl_t:tun_socket { relabelfrom };
allow domain_t self:tun_socket { relabelto };
Further discussion can be found on this thread:
* http://marc.info/?t=125080850900002&r=1&w=2
Signed-off-by: Paul Moore <paul.moore@hp.com>
2009-08-31 08:36:06 -04:00
Chris PeBenito
62c80e2546
module version bumps and changelog update for the previous 3 commits.
2009-08-18 13:20:01 -04:00
LABBE Corentin
755c52b8f7
portage need capability sys_nice
2009-08-18 13:13:31 -04:00
Chris PeBenito
02e594d5dc
Handle unix_chkpwd usage by useradd and groupadd; fixes ticket #49 .
2009-08-05 14:19:54 -04:00
Chris PeBenito
9570b28801
module version number bump for release 2.20090730 that was mistakenly omitted.
2009-08-05 10:59:21 -04:00
Chris PeBenito
9c47227c7a
fix ordering of interface calls in sudo.
2009-08-05 09:48:46 -04:00
Chris PeBenito
3162277ade
alsa file location update for debian, from Manoj.
2009-07-29 15:28:14 -04:00
Chris PeBenito
2a4740c0a0
whitespace fixes in apt.
2009-07-29 15:24:52 -04:00
Chris PeBenito
b5aaa7b72d
clean up 6a192f70d4
2009-07-29 15:12:48 -04:00
Manoj Srivastava
6a192f70d4
Update apt/aptitude policy to add support for lock/log files
...
Signed-off-by: Russell Coker <russell@coker.com.au>
Acked-By: Manoj Srivastava <srivasta@debian.org>
2009-07-29 15:00:39 -04:00
Chris PeBenito
41ea887598
sudo patch from dan.
2009-07-28 10:29:11 -04:00
Chris PeBenito
83f0b50814
readahead patch from dan.
2009-07-28 10:08:02 -04:00
Chris PeBenito
5be35f2acd
tmpreaper patch from dan.
2009-07-27 09:11:38 -04:00
Chris PeBenito
adea587572
4 patches from dan.
2009-07-20 11:34:46 -04:00
Chris PeBenito
10b03f376b
three debian patches from manoj
2009-07-14 09:05:59 -04:00
Chris PeBenito
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
c7dc1c7222
trunk: Allow unix_update to change the security attributes associate with files so
...
that it can properly create the shadow file. Also allow it to read from
urandom so that it can add salt to the password hash.
2009-06-18 13:57:26 +00:00
Chris PeBenito
30425aa876
trunk: 1 patch from dan.
2009-06-12 15:30:15 +00:00
Chris PeBenito
a65fd90a50
trunk: 6 patches from dan.
2009-06-11 15:00:48 +00:00
Chris PeBenito
63f0a71c8a
trunk: 9 patches from dan.
2009-06-01 16:03:42 +00:00
Chris PeBenito
153fe24bdc
trunk: 5 patches from dan.
2009-04-07 14:09:43 +00:00
Chris PeBenito
3c9b2e9bc6
trunk: 6 patches from dan.
2009-03-19 17:56:10 +00:00
Chris PeBenito
da04234f32
trunk: 5 patches from dan.
2009-03-10 19:32:04 +00:00
Chris PeBenito
9e7a338509
trunk: su fixes from clip.
2009-01-13 19:44:23 +00:00
Chris PeBenito
c1262146e0
trunk: Remove node definitions and change node usage to generic nodes.
2009-01-09 19:48:02 +00:00
Chris PeBenito
668b3093ff
trunk: change network interface access from all to generic network interfaces.
2009-01-06 20:24:10 +00:00
Chris PeBenito
59d599642e
trunk: fix certwatch version number.
2009-01-06 19:33:24 +00:00
Chris PeBenito
17ec8c1f84
trunk: bump module versions for release.
2008-12-10 19:38:10 +00:00
Chris PeBenito
6073ea1e13
trunk: whitespace fix changing multiple spaces into tabs.
2008-12-03 18:33:19 +00:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
82d2775c92
trunk: more open perm fixes.
2008-10-20 16:10:42 +00:00
Chris PeBenito
2cca6b79b4
trunk: remove redundant shared lib calls.
2008-10-17 17:31:04 +00:00
Chris PeBenito
88cf0a9c2b
trunk: whitespace fix; collapse multiple blank lines into one.
2008-10-17 15:29:51 +00:00
Chris PeBenito
0b36a2146e
trunk: Enable open permission checks policy capability.
2008-10-16 16:09:20 +00:00
Chris PeBenito
aea3f28e40
trunk: Remove hierarchy from portage module as it is not a good example of hieararchy.
2008-10-15 19:56:33 +00:00
Chris PeBenito
5d4f4b5375
trunk: bump version numbers for release.
2008-10-14 15:46:36 +00:00
Chris PeBenito
74993c4dae
trunk: 8 patches from dan.
2008-10-13 15:06:23 +00:00
Chris PeBenito
12c61f36f4
trunk: 7 patches from dan, 1 from eamon.
2008-10-06 17:27:49 +00:00
Chris PeBenito
4bdf192962
trunk: firstboot update from dan.
2008-10-02 17:32:03 +00:00
Chris PeBenito
bf9f3480e5
trunk: readahead fix from dan.
2008-09-23 13:07:28 +00:00
Chris PeBenito
21ea2b1884
trunk: firstboot update from dan.
2008-09-12 15:54:11 +00:00
Chris PeBenito
36095d11ce
trunk: kudzu and mta patches from dan.
2008-09-12 14:18:20 +00:00
Chris PeBenito
e40fa634b2
trunk: Logrotate and Bind updates from Vaclav Ovsik.
2008-09-03 14:12:56 +00:00
Chris PeBenito
93f445b8c0
trunk: firstboot update from dan.
2008-08-20 19:45:39 +00:00
Chris PeBenito
3e59876583
trunk: 6 patches from the fedora policy, cherry picked by david hardeman.
2008-08-14 14:19:50 +00:00
Chris PeBenito
6e328912ac
trunk: two small patches from dan.
2008-08-14 13:08:53 +00:00
Chris PeBenito
cc1eee1202
trunk: add an empty m4 string so the index macro is not invoked, to prevent a warning.
2008-08-12 19:30:54 +00:00
Chris PeBenito
8a948caf2b
trunk: 11 more cherry picks from fedora policy, by david hardeman.
2008-08-07 14:17:50 +00:00