Daniel J Walsh
d83af23b7d
- Cleanup spec file
2007-08-24 19:52:40 +00:00
Daniel J Walsh
3b13a834c7
- Allow xserver to be started by unconfined process and talk to tty
2007-08-24 14:20:35 +00:00
Daniel J Walsh
95bbe5cff0
- Upgrade to upstream to grab postgressql changes
2007-08-23 14:07:25 +00:00
Daniel J Walsh
77a22067be
- Add setransd for mls policy
2007-08-22 14:46:21 +00:00
Daniel J Walsh
c77aca56ae
- Add setransd for mls policy
2007-08-21 20:08:22 +00:00
Daniel J Walsh
4f23c46830
- Add ldconfig_cache_t
2007-08-20 23:02:30 +00:00
Daniel J Walsh
b4ae7d845a
- Allow sshd to write to proc_t for afs login
2007-08-20 22:15:46 +00:00
Daniel J Walsh
f012074e0f
- Allow xserver access to urand
2007-08-18 11:54:11 +00:00
Daniel J Walsh
7f6883ca6e
- allow dovecot to search mountpoints
2007-08-15 00:55:49 +00:00
Daniel J Walsh
0354c22269
- Fix Makefile for building policy modules
2007-08-11 11:18:09 +00:00
Daniel J Walsh
60a9ef60f0
- Fix dhcpc startup of service
2007-08-10 20:04:48 +00:00
Daniel J Walsh
bf33202534
- Fix dbus chat to not happen for xguest and guest users
2007-08-10 16:10:27 +00:00
Daniel J Walsh
d44a393484
- Fix nagios cgi
...
- allow squid to communicate with winbind
2007-08-09 19:18:57 +00:00
Daniel J Walsh
1a12c251ca
- Fixes for ldconfig
2007-08-06 21:33:36 +00:00
Daniel J Walsh
d8c8b2b904
- Update from upstream
2007-08-03 20:38:28 +00:00
Daniel J Walsh
f9778219aa
- Update from upstream
2007-08-03 19:53:44 +00:00
Daniel J Walsh
25a75469ff
- Update from upstream
2007-08-03 19:26:04 +00:00
Daniel J Walsh
4ce75b7cd5
- Fix new usb devices and dmfm
2007-08-01 17:13:35 +00:00
Daniel J Walsh
8239a93362
- Fix new usb devices and dmfm
2007-08-01 16:03:23 +00:00
Daniel J Walsh
6d2e7d5ebb
- Eliminate mount_ntfs_t policy, merge into mount_t
2007-07-31 20:51:43 +00:00
Daniel J Walsh
47a35fa722
- Eliminate mount_ntfs_t policy, merge into mount_t
2007-07-31 17:53:29 +00:00
Daniel J Walsh
07351eb493
- Allow xserver to write to ramfs mounted by rhgb
2007-07-30 14:37:54 +00:00
Daniel J Walsh
9c038630bf
- Add context for dbus machine id
2007-07-27 18:21:35 +00:00
Daniel J Walsh
2fac1d6655
- Update with latest changes from upstream
2007-07-26 17:54:24 +00:00
Daniel J Walsh
24acabce75
- Fix prelink to handle execmod
2007-07-24 20:47:24 +00:00
Daniel J Walsh
0f8f545d1a
- Fix prelink to handle execmod
2007-07-24 14:39:01 +00:00
Daniel J Walsh
e0ae206813
- Add ntpd_key_t to handle secret data
2007-07-23 20:34:22 +00:00
Daniel J Walsh
2ced404c55
- Add anon_inodefs
...
- Allow unpriv user exec pam_exec_t
- Fix trigger
2007-07-23 16:00:09 +00:00
Daniel J Walsh
779d23c7e4
- Allow cups to use generic usb
...
- fix inetd to be able to run random apps (git)
2007-07-20 15:13:37 +00:00
Daniel J Walsh
908512cccc
- Add proper contexts for rsyslogd
2007-07-19 20:55:20 +00:00
Daniel J Walsh
297dd1a900
- Allow execution of gconf
2007-07-19 14:45:16 +00:00
Daniel J Walsh
1d03199c5e
- Fix moilscanner update problem
2007-07-14 12:56:45 +00:00
Daniel J Walsh
7e3506426b
- Begin adding policy to separate setsebool from semanage
...
- Fix xserver.if definition to not break sepolgen.if
2007-07-12 21:37:30 +00:00
Daniel J Walsh
16d9531977
- Fix xserver.if definition to not break sepolgen.if
2007-07-12 14:44:32 +00:00
Daniel J Walsh
2796de2a45
- Add new devices
2007-07-11 20:45:02 +00:00
Daniel J Walsh
154d8231c3
- Add brctl policy
2007-07-11 19:44:56 +00:00
Daniel J Walsh
501a17b8b2
- Fix root login to include system_r
2007-07-06 19:23:20 +00:00
Daniel J Walsh
35e7f77fea
- Allow prelink to read kernel sysctls
2007-07-06 19:09:19 +00:00
Daniel J Walsh
af677794a8
- Default to user_u:system_r:unconfined_t
2007-07-03 19:20:47 +00:00
Daniel J Walsh
b267b6f201
- Default to user_u:system_r:unconfined_t
2007-07-02 20:32:38 +00:00
Daniel J Walsh
b529ed6a06
- Default to user_u:system_r:unconfined_t
2007-07-02 15:00:50 +00:00
Daniel J Walsh
2fdb5fd7c6
- fix squid
...
- Fix rpm running as uid
2007-07-02 01:58:41 +00:00
Daniel J Walsh
b786a2b04a
- Fix syslog declaration
2007-06-27 19:48:33 +00:00
Daniel J Walsh
7f44213c00
- Allow avahi to access inotify
...
- Remove a lot of bogus security_t:filesystem avcs
2007-06-27 18:12:03 +00:00
Daniel J Walsh
269acb5ee8
- Remove ifdef strict policy from upstream
2007-06-26 12:09:30 +00:00
Daniel J Walsh
a4ec9b75e1
- Remove ifdef strict policy from upstream
2007-06-22 19:21:00 +00:00
Daniel J Walsh
56187c2f8a
- Remove ifdef strict policy from upstream
2007-05-31 18:40:35 +00:00
Daniel J Walsh
bdb830255c
- Fix for amands
...
- Allow semanage to read pp files
- Allow rhgb to read xdm_xserver_tmp
2007-05-23 18:35:37 +00:00
Daniel J Walsh
346d2dccfd
2007-05-21 18:54:40 +00:00
Daniel J Walsh
9ffb88eba3
- allow alsactl to read kernel state
2007-05-17 17:16:26 +00:00
Daniel J Walsh
fc35770056
- More fixes for alsactl
...
- Transition from hal and modutils
- Fixes for suspend resume.
- insmod domtrans to alsactl
- insmod writes to hal log
2007-05-16 22:13:23 +00:00
Daniel J Walsh
88c8465c87
- More fixes for alsactl
2007-05-16 21:48:52 +00:00
Daniel J Walsh
cf806ebda9
- Fixes for suspend resume.
...
- insmod domtrans to alsactl
- insmod writes to hal log
2007-05-16 21:09:41 +00:00
Daniel J Walsh
7c3dcb3584
- Allow unconfined_t to transition to NetworkManager_t
...
- Fix netlabel policy
2007-05-16 19:31:34 +00:00
Daniel J Walsh
810e69636e
- Update to latest from upstream
2007-05-14 19:54:57 +00:00
Daniel J Walsh
8cd496f1d6
- Update to latest from upstream
2007-05-14 18:10:58 +00:00
Daniel J Walsh
057603fbda
- Update to latest from upstream
2007-05-07 18:07:26 +00:00
Daniel J Walsh
daa6abe9e1
- Update to latest from upstream
2007-05-04 17:30:10 +00:00
Daniel J Walsh
a615d5b893
- Update to latest from upstream
2007-05-02 02:53:14 +00:00
Daniel J Walsh
8fea836859
- Update to latest from upstream
2007-05-01 20:53:29 +00:00
Daniel J Walsh
6821c3df97
-
2007-04-27 17:23:49 +00:00
Daniel J Walsh
77d25ebf92
- Fixes for unix_update
...
- Fix logwatch to be able to search all dirs
2007-04-25 18:31:32 +00:00
Daniel J Walsh
8396b2dbd2
- Upstream bumped the version
2007-04-23 17:00:48 +00:00
Daniel J Walsh
61947fac0a
- Allow consolekit to syslog
...
- Allow ntfs to work with hal
2007-04-20 20:13:07 +00:00
Daniel J Walsh
2db3c1e86a
- Allow iptbales to read etc_runtime_t
2007-04-19 18:24:08 +00:00
Daniel J Walsh
4661767044
- MLS Fixes
2007-04-19 13:58:54 +00:00
Daniel J Walsh
53b22295eb
- MLS Fixes
2007-04-19 13:40:31 +00:00
Daniel J Walsh
883a0252b0
- Fix path of /etc/lvm/cache directory
...
- Fixes for alsactl and pppd_t
- Fixes for consolekit
2007-04-18 21:00:52 +00:00
Daniel J Walsh
ab59becfc6
- Fixes for alsactl and pppd_t
2007-04-18 20:50:02 +00:00
Daniel J Walsh
32b18f8ae9
- Fixes for consolekit
2007-04-18 20:45:20 +00:00
Daniel J Walsh
7671cee047
- Allow insmod_t to mount kvmfs_t filesystems
2007-04-17 20:42:32 +00:00
Daniel J Walsh
9fc00bcbda
- Rwho policy
...
- Fixes for consolekit
2007-04-17 19:28:14 +00:00
Daniel J Walsh
e6f3cfbe2d
- fixes for fusefs
2007-04-16 17:11:45 +00:00
Daniel J Walsh
8c912ab526
- Fix samba_net to allow it to view samba_var_t
2007-04-12 21:09:34 +00:00
Daniel J Walsh
a3b1a2c522
- Update to upstream
2007-04-11 20:55:28 +00:00
Daniel J Walsh
5d5caebf83
- Fix Sonypic backlight
...
- Allow snmp to look at squid_conf_t
2007-04-10 15:20:50 +00:00
Daniel J Walsh
7f1bd869ee
- Fixes for pyzor, cyrus, consoletype on everything installs
2007-04-09 20:47:56 +00:00
Daniel J Walsh
0b3279dee5
- Fix hald_acl_t to be able to getattr/setattr on usb devices
...
- Dontaudit write to unconfined_pipes for load_policy
2007-04-09 18:36:06 +00:00
Daniel J Walsh
21029bf045
- Allow bluetooth to read inotifyfs
2007-04-07 11:35:20 +00:00
Daniel J Walsh
e6b9e29195
- Fixes for samba domain controller.
...
- Allow ConsoleKit to look at ttys
2007-04-04 20:46:07 +00:00
Daniel J Walsh
f9f9ddcde1
- Fix interface call
2007-04-04 19:44:58 +00:00
Daniel J Walsh
89d3de7112
- Allow syslog-ng to read /var
...
- Allow locate to getattr on all filesystems
- nscd needs setcap
2007-04-03 19:25:58 +00:00
Daniel J Walsh
2528fa0969
- Update to upstream
2007-04-02 21:06:47 +00:00
Daniel J Walsh
8e5289e20b
- Update to upstream
2007-04-02 19:53:16 +00:00
Daniel J Walsh
ce7f30a258
- Update to upstream
2007-04-02 15:17:45 +00:00
Daniel J Walsh
f040ac5fd3
- Allow samba to run groupadd
2007-03-23 15:42:50 +00:00
Daniel J Walsh
f634733f95
- Update to upstream
2007-03-23 14:32:31 +00:00
Daniel J Walsh
281f5f5a50
- Fix labeling on udev.tbl dirs
2007-03-22 10:40:53 +00:00
Daniel J Walsh
552645bad0
- Fixes for logwatch
2007-03-21 03:39:06 +00:00
Daniel J Walsh
593fb16ef5
- Add fusermount and mount_ntfs policy
2007-03-20 20:45:45 +00:00
Daniel J Walsh
9d59ec430e
- Update to upstream
...
- Allow saslauthd to use kerberos keytabs
2007-03-20 16:22:25 +00:00
Daniel J Walsh
d3aabaedb4
2007-03-20 15:01:28 +00:00
Daniel J Walsh
741e816e8e
- Fixes for samba_var_t
2007-03-19 19:33:06 +00:00
Daniel J Walsh
db4f0ec7b9
- Remove disable_trans booleans
...
- hald_acl_t needs to talk to nscd
2007-03-19 14:51:28 +00:00
Daniel J Walsh
2823e28d58
- Remove enable_audit booleans
...
- hald_acl_t needs to talk to nscd
2007-03-19 14:42:08 +00:00
Daniel J Walsh
2f82eed685
- Fix prelink to be able to manage usr dirs.
2007-03-16 03:14:13 +00:00
Daniel J Walsh
9468a641a6
- Allow insmod to launch init scripts
2007-03-14 12:48:09 +00:00
Daniel J Walsh
271752a5ca
- Remove setsebool policy
2007-03-13 17:46:34 +00:00
Daniel J Walsh
bdb7f99f00
- Fix handling of unlabled_t packets
2007-03-12 14:51:29 +00:00
Daniel J Walsh
2a9b648b37
- More of my patches from upstream
2007-03-11 05:19:36 +00:00
Daniel J Walsh
1fed4c745c
- Update to latest from upstream
...
- Add fail2ban policy
2007-03-01 21:57:47 +00:00
Daniel J Walsh
9a8202d585
- Update to latest from upstream
...
- Add fail2ban policy
2007-03-01 16:30:20 +00:00
Daniel J Walsh
5ad70cf38c
- Update to remove security_t:filesystem getattr problems
2007-02-28 21:23:19 +00:00
Daniel J Walsh
13893ed688
- Policy for consolekit
2007-02-27 18:34:08 +00:00
Daniel J Walsh
af8af9caee
2007-02-26 15:06:22 +00:00
Daniel J Walsh
cc1be2260f
- Revert Nemiver change
...
- Set sudo as a corecmd so prelink will work, remove sudoedit mapping,
since this will not work, it does not transition.
- Allow samba to execute useradd
2007-02-23 15:35:01 +00:00
Daniel J Walsh
b0861172ab
- Add sepolgen support
...
- Add bugzilla policy
2007-02-20 21:37:52 +00:00
Daniel J Walsh
b7da3b9e3e
- Add sepolgen support
...
- Add bugzilla policy
2007-02-20 17:35:59 +00:00
Daniel J Walsh
2fa5bb00e9
- Add sepolgen support
...
- Add bugzilla policy
2007-02-16 19:55:48 +00:00
Daniel J Walsh
e10e57a4a6
THu Feb 15 2007 Dan Walsh <dwalsh@redhat.com> 2.5.3-3
...
- Add sepolgen support
- Add bugzilla policy
2007-02-15 20:46:02 +00:00
Daniel J Walsh
07dcdf7654
- Fix file context for nemiver
2007-02-15 20:29:48 +00:00
Daniel J Walsh
1a24735d8f
- Fix file context for nemiver
2007-02-15 00:19:30 +00:00
Daniel J Walsh
df0bef9ac0
-
2007-02-12 16:27:42 +00:00
Daniel J Walsh
9aff35b779
-
2007-02-12 16:18:31 +00:00
Daniel J Walsh
39b6cecaf2
- Allow mozilla, evolution and thunderbird to read dev_random. Resolves:
...
#227002
- Allow spamd to connect to smtp port Resolves : #227184
- Fixes to make ypxfr work Resolves : #227237
2007-02-06 16:54:13 +00:00
Daniel J Walsh
33501ce93f
- Fix ssh_agent to be marked as an executable
...
- Allow Hal to rw sound device
2007-02-04 12:42:16 +00:00
Daniel J Walsh
de0b364127
- Fix spamassisin so crond can update spam files
...
- Fixes to allow kpasswd to work
- Fixes for bluetooth
2007-02-01 21:40:50 +00:00
Daniel J Walsh
3902fd87fd
- Remove some targeted diffs in file context file
2007-01-31 22:18:10 +00:00
Daniel J Walsh
edd045d7c0
- Fix squid cachemgr labeling
2007-01-26 16:12:32 +00:00
Daniel J Walsh
e45f5d36d0
- Add ability to generate webadm_t policy
...
- Lots of new interfaces for httpd
- Allow sshd to login as unconfined_t
2007-01-25 19:07:00 +00:00
Daniel J Walsh
cc7c06a0d1
- Continue fixing, additional user domains
2007-01-23 01:08:45 +00:00
Daniel J Walsh
f86e42306e
- Begin adding user confinement to targeted policy
2007-01-22 16:52:18 +00:00
Daniel J Walsh
45478192f4
- Fixes for prelink, ktalkd, netlabel
2007-01-17 19:58:32 +00:00
Daniel J Walsh
ee095f5817
- Fixes for prelink, ktalkd, netlabel
2007-01-11 22:43:22 +00:00
Daniel J Walsh
b6ed674a00
- Fixes for prelink, ktalkd, netlabel
2007-01-10 22:05:57 +00:00
Daniel J Walsh
ae5ace1a7e
- Fixes for prelink, ktalkd, netlabel
2007-01-10 22:01:29 +00:00
Daniel J Walsh
9e0fa4fef3
- Allow prelink when run from rpm to create tmp files Resolves : #221865
...
- Remove file_context for exportfs Resolves : #221181
- Allow spamassassin to create ~/.spamassissin Resolves : #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves : #200110
- Fixes to run prelink in MLS machine Resolves : #221233
- Allow spamassassin to read var_lib_t dir Resolves : #219234
2007-01-09 15:26:56 +00:00
Daniel J Walsh
a384d73899
- Allow prelink when run from rpm to create tmp files Resolves : #221865
...
- Remove file_context for exportfs Resolves : #221181
- Allow spamassassin to create ~/.spamassissin Resolves : #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves : #200110
2007-01-09 15:24:41 +00:00
Daniel J Walsh
8a03d5e828
- Allow spamassassin to read var_lib_t dir Resolves : #219234
2007-01-02 16:40:08 +00:00
Daniel J Walsh
9bcfd16a2d
- fix mplayer to work under strict policy
...
- Allow iptables to use nscd Resolves : #220794
2006-12-29 20:01:11 +00:00
Daniel J Walsh
8bacd8ed15
- Add gconf policy and make it work with strict
2006-12-28 17:39:12 +00:00
Daniel J Walsh
5db544f392
- Many fixes for strict policy and by extension mls.
2006-12-24 15:26:26 +00:00
Daniel J Walsh
135ea97ff1
- Many fixes for strict policy and by extension mls.
2006-12-24 07:31:09 +00:00
Daniel J Walsh
9051d60c06
- Fix to allow ftp to bind to ports > 1024 Resolves : #219349
2006-12-22 17:39:01 +00:00
Daniel J Walsh
5ded3c385e
2006-12-22 16:58:33 +00:00
Daniel J Walsh
4fd323b783
2006-12-22 16:56:53 +00:00
Daniel J Walsh
f9e32a004d
- Allow semanage to exec it self. Label genhomedircon as semanage_exec_t
...
Resolves : #219421
- Allow sysadm_lpr_t to manage other print spool jobs Resolves : #220080
2006-12-20 20:40:30 +00:00
Daniel J Walsh
be9aefca3d
- allow automount to setgid Resolves : #219999
2006-12-18 21:50:13 +00:00
Daniel J Walsh
5e01b4610b
- Allow cron to polyinstatiate
...
- Fix creation of boot flags Resolves : #207433
2006-12-15 21:42:14 +00:00
Daniel J Walsh
272aa0b2e8
2006-12-14 20:06:00 +00:00
Daniel J Walsh
3a51847bd9
Resolves : #218978
2006-12-13 17:06:33 +00:00
Daniel J Walsh
422dcf1da8
Resolves : #218978
2006-12-13 17:03:55 +00:00
Daniel J Walsh
e3b143b243
- Allow initrc to create files in /var directories Resolves : #219227
2006-12-12 21:46:24 +00:00
Daniel J Walsh
6157a7e6e4
- More fixes for MLS
2006-12-11 12:35:45 +00:00
Daniel J Walsh
dd5d7e7583
- More Fixes polyinstatiation Resolves : #216184
2006-12-06 23:27:45 +00:00
Daniel J Walsh
a169fb7433
- Fix handling of keyrings
2006-12-06 19:38:32 +00:00
Daniel J Walsh
852ba6bb2f
- Fix polyinstatiation
...
- Fix pcscd handling of terminal Resolves : #218149 Resolves : #218350
2006-12-05 23:05:39 +00:00
Daniel J Walsh
414ddd0de3
- More fixes for quota Resolves : #212957
2006-12-01 21:52:08 +00:00
Daniel J Walsh
9f388c1a78
- ncsd needs to use avahi sockets Resolves : #217640 Resolves : #218014
2006-12-01 17:58:00 +00:00
Daniel J Walsh
b6ffd7c2ae
- Allow login programs to polyinstatiate homedirs Resolves : #216184
...
- Allow quotacheck to create database files Resolves : #212957
2006-11-30 22:06:22 +00:00