Commit Graph

142 Commits

Author SHA1 Message Date
Chris PeBenito
a9e9678fc7 kismet patch from dan. 2009-08-31 09:38:47 -04:00
Chris PeBenito
aaff2fcfcd module version number bump for tun patches 2009-08-31 09:17:31 -04:00
Paul Moore
9dc3cd1635 refpol: Policy for the new TUN driver access controls
Add policy for the new TUN driver access controls which allow policy to
control which domains have the ability to create and attach to TUN/TAP
devices.  The policy rules for creating and attaching to a device are as
shown below:

  # create a new device
  allow domain_t self:tun_socket { create };

  # attach to a persistent device (created by tunlbl_t)
  allow domain_t tunlbl_t:tun_socket { relabelfrom };
  allow domain_t self:tun_socket { relabelto };

Further discussion can be found on this thread:

 * http://marc.info/?t=125080850900002&r=1&w=2

Signed-off-by: Paul Moore <paul.moore@hp.com>
2009-08-31 08:36:06 -04:00
Chris PeBenito
62c80e2546 module version bumps and changelog update for the previous 3 commits. 2009-08-18 13:20:01 -04:00
LABBE Corentin
755c52b8f7 portage need capability sys_nice 2009-08-18 13:13:31 -04:00
Chris PeBenito
02e594d5dc Handle unix_chkpwd usage by useradd and groupadd; fixes ticket #49. 2009-08-05 14:19:54 -04:00
Chris PeBenito
9570b28801 module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
Chris PeBenito
9c47227c7a fix ordering of interface calls in sudo. 2009-08-05 09:48:46 -04:00
Chris PeBenito
3162277ade alsa file location update for debian, from Manoj. 2009-07-29 15:28:14 -04:00
Chris PeBenito
2a4740c0a0 whitespace fixes in apt. 2009-07-29 15:24:52 -04:00
Chris PeBenito
b5aaa7b72d clean up 6a192f70d4 2009-07-29 15:12:48 -04:00
Manoj Srivastava
6a192f70d4 Update apt/aptitude policy to add support for lock/log files
Signed-off-by: Russell Coker <russell@coker.com.au>
Acked-By: Manoj Srivastava <srivasta@debian.org>
2009-07-29 15:00:39 -04:00
Chris PeBenito
41ea887598 sudo patch from dan. 2009-07-28 10:29:11 -04:00
Chris PeBenito
83f0b50814 readahead patch from dan. 2009-07-28 10:08:02 -04:00
Chris PeBenito
5be35f2acd tmpreaper patch from dan. 2009-07-27 09:11:38 -04:00
Chris PeBenito
adea587572 4 patches from dan. 2009-07-20 11:34:46 -04:00
Chris PeBenito
10b03f376b three debian patches from manoj 2009-07-14 09:05:59 -04:00
Chris PeBenito
3f67f722bb trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
Chris PeBenito
c7dc1c7222 trunk: Allow unix_update to change the security attributes associate with files so
that it can properly create the shadow file. Also allow it to read from
urandom so that it can add salt to the password hash.
2009-06-18 13:57:26 +00:00
Chris PeBenito
30425aa876 trunk: 1 patch from dan. 2009-06-12 15:30:15 +00:00
Chris PeBenito
a65fd90a50 trunk: 6 patches from dan. 2009-06-11 15:00:48 +00:00
Chris PeBenito
63f0a71c8a trunk: 9 patches from dan. 2009-06-01 16:03:42 +00:00
Chris PeBenito
153fe24bdc trunk: 5 patches from dan. 2009-04-07 14:09:43 +00:00
Chris PeBenito
3c9b2e9bc6 trunk: 6 patches from dan. 2009-03-19 17:56:10 +00:00
Chris PeBenito
da04234f32 trunk: 5 patches from dan. 2009-03-10 19:32:04 +00:00
Chris PeBenito
9e7a338509 trunk: su fixes from clip. 2009-01-13 19:44:23 +00:00
Chris PeBenito
c1262146e0 trunk: Remove node definitions and change node usage to generic nodes. 2009-01-09 19:48:02 +00:00
Chris PeBenito
668b3093ff trunk: change network interface access from all to generic network interfaces. 2009-01-06 20:24:10 +00:00
Chris PeBenito
59d599642e trunk: fix certwatch version number. 2009-01-06 19:33:24 +00:00
Chris PeBenito
17ec8c1f84 trunk: bump module versions for release. 2008-12-10 19:38:10 +00:00
Chris PeBenito
6073ea1e13 trunk: whitespace fix changing multiple spaces into tabs. 2008-12-03 18:33:19 +00:00
Chris PeBenito
296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito
82d2775c92 trunk: more open perm fixes. 2008-10-20 16:10:42 +00:00
Chris PeBenito
2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito
88cf0a9c2b trunk: whitespace fix; collapse multiple blank lines into one. 2008-10-17 15:29:51 +00:00
Chris PeBenito
0b36a2146e trunk: Enable open permission checks policy capability. 2008-10-16 16:09:20 +00:00
Chris PeBenito
aea3f28e40 trunk: Remove hierarchy from portage module as it is not a good example of hieararchy. 2008-10-15 19:56:33 +00:00
Chris PeBenito
5d4f4b5375 trunk: bump version numbers for release. 2008-10-14 15:46:36 +00:00
Chris PeBenito
74993c4dae trunk: 8 patches from dan. 2008-10-13 15:06:23 +00:00
Chris PeBenito
12c61f36f4 trunk: 7 patches from dan, 1 from eamon. 2008-10-06 17:27:49 +00:00
Chris PeBenito
4bdf192962 trunk: firstboot update from dan. 2008-10-02 17:32:03 +00:00
Chris PeBenito
bf9f3480e5 trunk: readahead fix from dan. 2008-09-23 13:07:28 +00:00
Chris PeBenito
21ea2b1884 trunk: firstboot update from dan. 2008-09-12 15:54:11 +00:00
Chris PeBenito
36095d11ce trunk: kudzu and mta patches from dan. 2008-09-12 14:18:20 +00:00
Chris PeBenito
e40fa634b2 trunk: Logrotate and Bind updates from Vaclav Ovsik. 2008-09-03 14:12:56 +00:00
Chris PeBenito
93f445b8c0 trunk: firstboot update from dan. 2008-08-20 19:45:39 +00:00
Chris PeBenito
3e59876583 trunk: 6 patches from the fedora policy, cherry picked by david hardeman. 2008-08-14 14:19:50 +00:00
Chris PeBenito
6e328912ac trunk: two small patches from dan. 2008-08-14 13:08:53 +00:00
Chris PeBenito
cc1eee1202 trunk: add an empty m4 string so the index macro is not invoked, to prevent a warning. 2008-08-12 19:30:54 +00:00
Chris PeBenito
8a948caf2b trunk: 11 more cherry picks from fedora policy, by david hardeman. 2008-08-07 14:17:50 +00:00