rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
4,531 Commits 8 Branches 96 Tags 37 MiB
f16c69cb48
Commit Graph

1557 Commits

Author SHA1 Message Date
Dominick Grift
39e118bc15 Use ps_process_pattern to read state. Access to get attributes of target afs_t domain is included with ps_process_pattern. 
Use ps_process_pattern to read state. Access to get attributes of target boinc_t domain is included with ps_process_pattern.

Use ps_process_pattern to read state. Access to get attributes of target cobblerd_t domain is included with ps_process_pattern.

Use ps_process_pattern to read state. Permission to get attributes of target exim_t domain is included with ps_process_pattern.

Use ps_process_pattern to read state. Access to get attributes of target plymouthd_t domain is included with ps_process_pattern.

Use ps_process_pattern to read state. Access to get attributes of target pportreserve_t domain is included with ps_process_pattern.

Use ps_process_pattern to read state. Access to get attributes of target postfix domains is included with ps_process_pattern.

Use ps_process_pattern to read state. Permission to get attributes of target qpidd_t domain is included with ps_process_pattern.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
1215dfb87c Allow pads_admin to search parent directories to be able to interact with pads content. 
Allow plymouthd_admin to search parent directories to be able to interact with plymouthd content.

Allow postgresql admin to search parent directories to be able to manage postgresql content.

Allow prelude_admin to search parent directories to be able to manage prelude content.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
d183137edb XML summary fix. 
XML summary fix.

XML summary fix.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
dcbbeeada3 Access to get attributes of target accountsd_t domain is included with ps_process_pattern. 
Permission to get attributes of target arpwatch_t domain is included with ps_process_pattern.

Access to get attributes of target asterisk_t domain is included with ps_process_pattern.

Permission to get attributes of target automount_t domain is included with ps_process_pattern.

Access to get attributes of target ntpd_t domain is included with ps_process_pattern.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
b6d0a79f2c Use admin_pattern. Allow nslcd_admin to search parent directories to be able to interact with nslcd content. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
eb12bc3076 Source is required to search generic pid directories to be able to interact with mysql sockets in var_run. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
f386b9002d Use the stream_connect_pattern. 
Use stream_connect_pattern.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
c5e7db7a71 Allow mpd_admin to manage mpd tmpfs content. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
0ba923e7d9 Source is required to search generic tmpfs directories to be able to interact with mpd tmpfs content. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
0ab415250b Redundant: mpd_search_lib already includes files_search_var_lib. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
7d34935ff2 Memcached_admin is required to search generic pid directories to be able to manage memcached pid content. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
aa5baa96ed Allow icecast_admin to ptrace and signal the icecast_t domain. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
4b81a55013 This is redundant since base user can search generic proc directories and included ps_process_pattern call permits all else. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
7d36c9fa13 Permission to search proc_t directories is required to be able to read abrt state. 
Signed-off-by: Dominick Grift <domg472@gmail.com>

Permission to search generic proc directories is required to read hald_t state.
 2010-09-15 17:42:28 +02:00
Dominick Grift
b36824efdf Permit fetchmail_admin to ptrace and signal the fetchmail_t domain. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
cf152b4953 Replace some type statements by comma delimiters. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
47cf98ddd5 Permission to get attributes of target devicekit_t, devicekit_disk_t and devicekit_power_t domains are included with ps_process_patterns. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:28 +02:00
Dominick Grift
5ecaacae61 Type system_cronjob_var_run_t is not required here. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:27 +02:00
Dominick Grift
beb9c35b25 Types crontab_exec_t, cron_spool_t and user_cron_spool_t are required here. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:27 +02:00
Dominick Grift
d8d33a15bf Permission to search generic pid directories is included with files_pid_filetrans. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:27 +02:00
Dominick Grift
0540e22fcc Use ps_process_pattern to read state. Permission to seach proc_t directories is required to read automount state. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:27 +02:00
Dominick Grift
cb76ff4560 Type xenstored_var_run_t is required here. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:27 +02:00
Dominick Grift
8c0a06a69a Type print_spool_t is not required here. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 17:42:27 +02:00
Dan Walsh
9461b60657 Add the ability to send audit messages to confined admin policies 
Remove permissive domain from cmirrord and dontaudit sys_tty_config
Split out unconfined_domain() calls from other unconfined_ calls so we can disable unconfined.pp and leave unconfineduser
virt needs to be able to read processes to clearance for MLS
 2010-09-15 11:31:20 -04:00
Miroslav Grepl
3b0a9c74bb Allow iscsid to manage tgtd semaphores 2010-09-15 16:50:07 +02:00
Chris PeBenito
fee48647ac Module version bump for c17ad38 5271920 2a2b6a7 01c4413 c4fbfae a831710 
67effb0 483be01 c6c63f6 b0d8d59 5b082e4 b8097d6 689d954 5afc3d3 f3c5e77
a59e50c cf87233 17759c7 dc1db54 e9bf16d 4f95198 bf40792 622c63b c20842c
dc7cc4d 792d448
 2010-09-15 10:42:34 -04:00
Jeremy Solt
792d44840c radvd patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
dc7cc4d5c1 snort patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
c20842caf8 stunnel patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
622c63b4e3 zabbix patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
bf40792ae5 zebra patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
4f95198644 awstats patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
e9bf16d2d9 certmaster patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
dc1db5407a pcscd patch from Dan Walsh 
Edit: removed the dev_list_sysfs call, dev_read_sysfs takes care of it
 2010-09-15 09:14:54 -04:00
Jeremy Solt
17759c7326 postgresql patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
cf872339b2 postgrey patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
a59e50c12c prelude patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
f3c5e77754 certwatch patch from Dan Walsh 
Not including userdom_dontaudit_list_admin_dir - still no admin_home_t in refpolicy
 2010-09-15 09:14:54 -04:00
Jeremy Solt
5afc3d3589 firstboot patch from Dan Walsh 
Not including gnome_admin_home_gconf_filetrans - no admin_home_t in refpolicy
 2010-09-15 09:14:54 -04:00
Jeremy Solt
689d95422f smoltclient patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
b8097d6ec4 amavis patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
5b082e4acf arpwatch patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
b0d8d59ff0 canna patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
c6c63f63c7 certmonger patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
483be01302 courier patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
67effb0450 dcc patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
a831710a6a style change to djbdns.te 2010-09-15 09:14:52 -04:00
Jeremy Solt
c4fbfaecdd fetchmail patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
01c441355e icecast patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
2a2b6a79fa nslcd patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
5271920764 nut patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
c17ad385ac openct patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Chris PeBenito
25d796ed37 Unconditional staff and user oidentd home config access from Dominick Grift. 2010-09-15 08:20:16 -04:00
Dominick Grift
941e3db567 Access for confined users to oidentd user home content is unconditional. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-15 08:05:41 -04:00
Dan Walsh
6dfe56b4e5 Merge branch 'master' of ssh://git.fedorahosted.org/git/selinux-policy 2010-09-14 16:39:10 -04:00
Dan Walsh
43a0339db4 add labeling for /root/.debug 2010-09-14 15:29:18 -04:00
Dan Walsh
d7f2020c46 - Allow all domains that can use cgroups to search tmpfs_t directory 
- Allow init to send audit messages
 2010-09-14 15:18:34 -04:00
Miroslav Grepl
323c9f13bb Fixes for vmware-host policy 2010-09-14 19:28:55 +02:00
Dan Walsh
c2dae98501 Allow a couple of sandbox issues. 
Remove postgresl managing of etc_files, until I find out why it is needed.
Dontaudit leaks from rpm to mount
 2010-09-14 10:02:43 -04:00
Dan Walsh
4251ae1004 Add labels for /lib/readahead. 
Add back gnome_setattr interface
 2010-09-13 16:15:43 -04:00
Dan Walsh
5ef740e54b Fix gnome_setattr_config_home 
Allow exec of sandbox_file_type by calling apps
Fix typos
 2010-09-13 14:47:02 -04:00
Dan Walsh
3034a8d941 Fix some names in passenger policy 2010-09-13 10:26:10 -04:00
Miroslav Grepl
94820e4290 Move passenger policy to services 2010-09-13 15:10:30 +02:00
Dan Walsh
536f28a2bf Merge branch 'master' of ssh://git.fedorahosted.org/git/selinux-policy 2010-09-13 08:43:40 -04:00
Dan Walsh
1a40cbf63e Fix boolean descriptions 2010-09-13 08:43:35 -04:00
Miroslav Grepl
3a3212619a Allow dovecot-deliver to create tmp files 
Allow tor to send signals to itself
 2010-09-13 13:12:24 +02:00
Miroslav Grepl
d7de04f8d4 - Add passenger policy 2010-09-13 11:49:37 +02:00
Dan Walsh
366396d855 Fix cert calls in telepath, boinc, kerberos 
Add sys_admin to xend to allow it to start
Add oident calls to staff_t
 2010-09-10 13:18:49 -04:00
Dan Walsh
cab9bc9c58 Merge branch 'master' of ssh://git.fedorahosted.org/git/selinux-policy; branch 'master' of http://oss.tresys.com/git/refpolicy 
Conflicts:
	policy/modules/admin/amanda.if
	policy/modules/system/init.te
	policy/modules/system/miscfiles.if
	policy/modules/system/miscfiles.te
	policy/modules/system/userdomain.if
 2010-09-10 13:02:25 -04:00
Dan Walsh
d7544f0d25 rename mdadm_map_t to mdadm_var_run_t 2010-09-10 12:14:25 -04:00
Dan Walsh
0b8f4cfe16 More fixes for mozilla_plugin_t 
Allow telepathy domains to send themselves sigkill
Label /etc/httpd/alias/*db as cert_t
Allow fprintd to sys_nice
 2010-09-10 12:10:13 -04:00
Chris PeBenito
da12b54802 Module version bumps for cert patch. 2010-09-10 11:31:22 -04:00
Chris PeBenito
e9d6dfb8b1 Fix missed deprecated interface usage from the cert patch. Add back a few rolecap tags. 2010-09-10 11:31:00 -04:00
Dominick Grift
8340621920 Implement miscfiles_cert_type(). 
This is based on Fedoras' miscfiles_cert_type implementation.
The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates.

Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-10 11:05:46 -04:00
Dan Walsh
1a82786cc8 Allow hugetlbfs_t to be on device_t file system 
Allow sudo domains to signal user domains
Dontaudit xdm_t sending signals to all domains
Fix allow_exec* boolean descriptions
 2010-09-10 10:10:34 -04:00
Chris PeBenito
8fbea561bb Module version bump for 8296eb2. 2010-09-10 08:51:54 -04:00
Dan Walsh
e81afdf5c9 raid tools now store pid file and sock_file in /dev/md for early boot. 2010-09-09 14:26:32 -04:00
Dan Walsh
8e47c02b16 fixes for openvpn suggested by dgrift 2010-09-09 10:35:27 -04:00
Dan Walsh
da07333345 Allow mozilla_plugin to create nsplugin_home_t directories 
Allow hugetlbfs_t to be on device_t file system
Fix for ajaxterm policy
Fix type in dbus_delete_pid_files
Change openvpn to only allow search of users home dir
 2010-09-09 09:55:31 -04:00
Chris PeBenito
9c2c77403f Remove unallocated tty access in amanda since it was originally there for the old targeted policy, and now all roles have a user tty type. 2010-09-09 09:32:31 -04:00
Dominick Grift
36c6e47384 Clean up Anaconda policy. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-09 08:14:56 -04:00
Dominick Grift
e02146370a Clean up Amtu module. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-09 08:14:09 -04:00
Dominick Grift
8296eb2261 Clean up Amanda module. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-09 08:13:13 -04:00
Dan Walsh
5f5963be01 add policy for ajaxterm 2010-09-09 07:11:32 -04:00
Dan Walsh
4c38170781 add policy for ajaxterm 2010-09-09 07:10:24 -04:00
Dan Walsh
d46a2b0115 allow sudo to create sudo_db_t dirs 2010-09-08 18:32:15 -04:00
Dan Walsh
ee4b1e0aad Allow crond to manage user_spool_cron_t link files 
Allow init to delete dbus message.pid
Allow init and udev to create hugetlbfs directories
 2010-09-08 17:54:31 -04:00
Dan Walsh
b36c20b2a9 Allow sudo domains to manage /var/db/sudo 
Allow init_t and initrc_t to dbus chat
Allow pulseaudio to read /usr/share/alsa/alsa.conf
 2010-09-08 17:27:24 -04:00
Dan Walsh
a75a591e52 Allow virt_domains to exec qumu_exec_t, add boolean to allow svirt_t to connect to x 2010-09-08 15:05:08 -04:00
Dan Walsh
dfe675b8f7 Mozilla_plugin needs to getattr on tmpfs and no longer needs to write to tmpfs_t 
cleanup of nsplugin interface definition
Latest pm-utils is causing lots of domains to see a leaked lock file
I want mplayer to run as unconfined_execmem_t
mountpoint is causing dbus and init apps to getattr on all filesystems directories
Miroslav update dkim-milter
NetworkManager dbus chats with init
Allow apps that can read user_fonts_t to read the symbolic link
udev needs to manage etc_t
 2010-09-08 12:06:20 -04:00
Dan Walsh
5dd0c28461 Cleanup warnings 2010-09-08 10:43:22 -04:00
Dan Walsh
4432db497b add sametime port definition 2010-09-08 10:33:16 -04:00
Dan Walsh
689bfef3a8 Fix apache interface 2010-09-08 10:29:40 -04:00
Dan Walsh
f79af26649 fix bad patch in xserver 2010-09-08 10:25:03 -04:00
Dan Walsh
aa760a2345 Fix gnome interface definitions 2010-09-08 10:10:20 -04:00
Dan Walsh
e51122d3e1 add sametime port definition 2010-09-08 09:40:46 -04:00
Dan Walsh
0745e42559 fix typo in xserver_stream_connect 2010-09-08 09:29:02 -04:00
Dan Walsh
36d83cb651 cleanup alsa patch to match upstream 2010-09-08 09:10:48 -04:00
Dan Walsh
4192c80c13 Eliminate extras alsa_read_home interface 2010-09-08 09:08:34 -04:00
Dan Walsh
8187343042 Any app that executes service command will not do a getattr of all mounted file systems 2010-09-08 08:56:13 -04:00
Dan Walsh
c16ffd1861 Allow apps that use pam to connect to init_t 2010-09-08 08:54:29 -04:00
Dan Walsh
db879987ca Fix pootle 2010-09-07 16:32:23 -04:00
Dan Walsh
f5b49a5e0b Allow iptables to read shorewall tmp files 
Change chfn and passwd to use auth_use_pam so they can send dbus messages to fprintd
label vlc as an execmem_exec_t
Lots of fixes for mozilla_plugin to run google vidio chat
Allow telepath_msn to execute ldconfig and its own tmp files
Fix labels on hugepages
Allow mdadm to read files on /dev
Remove permissive domains and change back to unconfined
Allow freshclam to execute shell and bin_t
Allow devicekit_power to transition to dhcpc
Add boolean to allow icecast to connect to any port
 2010-09-07 16:23:09 -04:00
Dan Walsh
f00ba23b21 Merge with upsteam 2010-09-03 17:19:55 -04:00
Dan Walsh
cdda8feee0 Merge branches 'master', 'master' and 'master' of http://oss.tresys.com/git/refpolicy 
Conflicts:
	policy/modules/admin/alsa.fc
	policy/modules/admin/alsa.if
	policy/modules/kernel/filesystem.fc
 2010-09-03 17:16:08 -04:00
Dan Walsh
ef98a37444 Allow gpg_pinentry_t to use fifo files of apps that transition to gpg_agent 
Add mozilla_plugin_tmp_t
Allow mozilla_plugin to interact with pulseaudio tmpfs_t
Add apache labels for poodle
Add boolean to allow apache to connect to memcache_port
nagious sends signal and sigkill to system_mail_t
 2010-09-03 17:06:40 -04:00
Chris PeBenito
28d96f0e39 Module version bumps for b7ceb34 5675107 e411968 eca7eb3. 2010-09-03 13:09:40 -04:00
Chris PeBenito
eca7eb3b47 Rearrange alsa interfaces. 2010-09-03 11:56:10 -04:00
Dominick Grift
e411968dff Implement alsa_home_t for asoundrc. Clean up Alsa module. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-03 11:23:06 -04:00
Dominick Grift
5675107ff9 Libcgroup moved the cgroup directory to /sys/fs/cgroup. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-03 11:03:10 -04:00
Dominick Grift
b7ceb34995 Do not try to relabel the contents of the /dev/shm directory. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-03 10:55:16 -04:00
Dan Walsh
b631f26416 Fix mmap_zero patch 2010-09-03 09:22:06 -04:00
Dan Walsh
a668127367 Allow certmaster to read usr_t files. All python apps are going to need this. 
clvmd creates tmpfs files that corosync needs to communicate with
Allow dbus system services to search the cgroup_t directory
 2010-09-02 13:38:00 -04:00
Dan Walsh
3a2e888584 cleanup mmap_low merge with upstream 2010-09-01 14:55:04 -04:00
Dan Walsh
cbadf720ba Merge branch 'master' of http://oss.tresys.com/git/refpolicy 
Conflicts:
	policy/modules/kernel/domain.if
	policy/modules/services/xserver.te
 2010-09-01 14:11:18 -04:00
Dan Walsh
02fb4a01f1 define /sys/fs/cgroup as a <<none>> file system 2010-09-01 10:12:53 -04:00
Chris PeBenito
785ee7988c Module version bump and changelog entry for conditional mmap_zero patch. 2010-09-01 10:08:09 -04:00
Chris PeBenito
a1b42052c9 Fix mmap_zero assertion violation in xserver. 2010-09-01 09:59:39 -04:00
Dan Walsh
09686dc8ee Allow all X apps to use direct dri if user_direct_dri boolean is turned on 2010-09-01 09:56:28 -04:00
Dan Walsh
03527520de firstboot is leaking a netlink_route socket into iptables. We need to dontaudit 
tmpfs_t/devpts_t files can be stored on device_t file system
unconfined_mono_t can pass file descriptors to chrome_sandbox, so need transition from all unoconfined users types
Hald can connect to user processes over streams
xdm_t now changes the brightness level on the system
mdadm needs to manage hugetlbfs filesystems
 2010-09-01 09:47:50 -04:00
Dominick Grift
623e4f0885 1/1] Make the ability to mmap zero conditional where this is fapplicable. 
Retry: forgot to include attribute mmap_low_domain_type attribute to domain_mmap_low()	:

Inspired by similar implementation in Fedora.
Wine and vbetool do not always actually need the ability to mmap a low area of the address space.
In some cases this can be silently denied.

Therefore introduce an interface that facilitates "mmap low" conditionally, and the corresponding boolean.
Also implement booleans for wine and vbetool that enables the ability to not audit attempts by wine and vbetool to mmap a low area of the address space.

Rename domain_mmap_low interface to domain_mmap_low_uncond.

Change call to domain_mmap_low to domain_mmap_low_uncond for xserver_t. Also move this call to distro redhat ifndef block because Redhat does not need this ability.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-01 09:41:56 -04:00
Dan Walsh
c6fa935fd5 Fix sandbox tcp_socket calls to create_stream_socket_perms 
Dontaudit sandbox_xserver_t trying to get the kernel to load modules
telepathy_msn sends dbus messages to networkmanager
mailman_t trys to read /root/.config
xserver tries to getpgid on processes that start it.
pam_systemd causes /var/run/users to be called for all login programs.  Must allow them to create directories
 2010-08-31 18:36:43 -04:00
Dan Walsh
4fccad906d Allow qmail to use uucpd 
Fixes found by Tom London for devicekit and udev using usbmuxd socket
 2010-08-31 10:51:10 -04:00
Dan Walsh
5fb4db53ad Add Miroslav Grepl patch for jabberd, adding new type for jabberd router. 2010-08-31 08:56:30 -04:00
Dan Walsh
3fdb12decd Allow prelink to read dbus config/Broken 
nsplugin_config wants the kernel to load modules for it.
mount writes into livecd_tmp_t directories
 2010-08-31 08:54:18 -04:00
Dan Walsh
5537e5558b Apply Dominick Grift typo fixes 2010-08-30 17:32:41 -04:00
Dan Walsh
079779a634 Allow hald to transition to netutils 
Block signal via mcs systems
 2010-08-30 15:15:03 -04:00
Dan Walsh
898c0de0b7 merge latest upstream 2010-08-30 13:41:40 -04:00
Dan Walsh
ddcd5d6350 Dontaudit signals from sandbox domains to domains that transition to them 2010-08-30 13:32:47 -04:00
Dan Walsh
8c8a10fcbe Dontaudit socket leaks when running semanage code 2010-08-30 11:37:02 -04:00
Dan Walsh
73f7d4f4a2 Fix spelling mistake 2010-08-30 11:30:00 -04:00
Dan Walsh
c71f02c02d More fixes 2010-08-30 11:15:53 -04:00
Dan Walsh
2d4a79a061 Policy fixes 2010-08-30 08:57:06 -04:00
Dan Walsh
ac498fa5d9 More fixes 2010-08-27 10:56:56 -04:00
Dan Walsh
08e567dc56 Latest fixes 2010-08-26 20:30:04 -04:00
Dan Walsh
9561b0ab08 Update f14 2010-08-26 15:42:17 -04:00
Dan Walsh
4765a595e8 Fixes for f14 2010-08-26 15:29:37 -04:00
Dan Walsh
46c24a359b ditto 2010-08-26 13:23:23 -04:00
Dan Walsh
aae38f05a6 whoya 2010-08-26 13:16:02 -04:00
Dan Walsh
2968e06818 Update f14 2010-08-26 12:55:57 -04:00
Dan Walsh
18549c23df Fix policy 2010-08-26 11:09:31 -04:00
Dan Walsh
507000a1db reset 2010-08-26 11:03:50 -04:00
Dan Walsh
8f4ec142d7 Modified amanda 2010-08-26 11:02:44 -04:00
Dan Walsh
09154bd53e Reset base 2010-08-26 11:01:06 -04:00
Dan Walsh
e15d0e76e3 Modify amanda 2010-08-26 10:59:43 -04:00
Dan Walsh
0aa4ecc332 F14 2010-08-26 10:56:06 -04:00
Dan Walsh
f9c5576c27 F14 2010-08-26 10:54:59 -04:00
Dan Walsh
e5e9b7bd43 F14 2010-08-26 10:50:47 -04:00
Dan Walsh
a61cba6e07 Rebase constraints 2010-08-26 10:45:39 -04:00
Dan Walsh
9afb2b166a Go with upstream 2010-08-26 10:40:06 -04:00
Dan Walsh
a947daf6df Update f14 2010-08-26 10:27:35 -04:00
Dan Walsh
83eff061a3 Latest f14 2010-08-26 10:26:28 -04:00
Dan Walsh
3eaa993945 UPdate for f14 policy 2010-08-26 09:41:21 -04:00
Chris PeBenito
76a9fe96e4 Module version bumps and changelog for devtmpfs patchset. 2010-08-25 11:19:27 -04:00
Chris PeBenito
0d24805fd0 Trivial tweaks to devtmpfs patches. 2010-08-25 11:18:25 -04:00
Jeremy Solt
2fc79f1ef4 Early devtmpfs access 
dontaudit attempts to read/write device_t chr files occurring before udev relabel
allow init_t and initrc_t read/write on device_t chr files (necessary to boot without unconfined)

Signed-off-by: Jeremy Solt <jsolt@tresys.com>
 2010-08-25 11:01:27 -04:00
Jeremy Solt
d6e1ef29cd Move devtmpfs to devices from filesystem 
Move devtmpfs to devices module (remove from filesystem module)
Make device_t a filesystem
Add interface for associating types with device_t filesystem (dev_associate)
Call dev_associate from dev_filetrans
Allow all device nodes associate with device_t filesystem
Remove dev_tmpfs_filetrans_dev from kernel_t
Remove fs_associate_tmpfs(initctl_t) - redundant, it was in dev_filetrans, now in dev_associate
Mounton interface, to allow the kernel to mounton device_t

Signed-off-by: Jeremy Solt <jsolt@tresys.com>
 2010-08-25 11:01:22 -04:00
Chris PeBenito
c62f1bef77 Dbadm updates from KaiGai Kohei. 2010-08-19 08:41:39 -04:00
Chris PeBenito
ab8f919e6f Part of gnome patch from Dan Walsh. 2010-08-12 09:21:36 -04:00
Chris PeBenito
a9539a063b Additional kdumpgui cleanup. 2010-08-10 09:21:01 -04:00
Jeremy Solt
46fc0d39e3 Policy for system-config-kdump gui from Dan Walsh 
Edits:
 - removed gnome_dontaudit_search_config
 - removed userdom_dontaudit_search_admin_dir
 - whitespace and style fixes
 2010-08-10 09:05:43 -04:00
Jeremy Solt
68e615ec5a system-config-samba dbus service policy from Dan Walsh 2010-08-09 09:37:29 -04:00
Jeremy Solt
c87e150280 roles patch from Dan Walsh to move unwanted interface calls into a ifndef 2010-08-09 09:20:31 -04:00
Chris PeBenito
00ca404a20 Remove unnecessary require on cgroup_admin(). 2010-08-09 09:10:24 -04:00
Chris PeBenito
d687db9b42 Whitespace fixes on cgroup. 2010-08-09 08:52:39 -04:00
Dominick Grift
61d7ee58a4 Confine /sbin/cgclear. 
Libcgroup moved cgclear to /sbin.
Confine it so that initrc_t can domain transition to the cgclear_t domain. That way we do not have to extend the initrc_t domains policy.
We might want to add cgroup_run_cgclear to sysadm module.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-08-09 08:47:15 -04:00
Dominick Grift
a0546c9d1c System layer xml fixes. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-08-05 09:25:55 -04:00
Dominick Grift
288845a638 Services layer xml files. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-08-05 09:25:29 -04:00
Chris PeBenito
97b990f86e Fix corecmd_dontaudit_exec_all_executables doc. 2010-08-05 09:24:41 -04:00
Dominick Grift
705f70f098 Kernel layer xml fixes. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-08-05 09:08:07 -04:00
Chris PeBenito
19ff03977d Fix usermanage_kill_passwd() parameter doc. 2010-08-05 08:56:31 -04:00
Dominick Grift
77e4b55f70 Admin layer xml fixes. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-08-05 08:46:44 -04:00
Dominick Grift
03b86663f0 apps: domain { allowed to transition, allowed access, to not audit }. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-08-05 08:20:59 -04:00
Chris PeBenito
8da88970be Accountsd cleanup. 2010-08-03 09:50:40 -04:00
Chris PeBenito
d0eebed0b7 Move accountsd to services. 2010-08-03 09:31:53 -04:00
Jeremy Solt
c4834a02d2 accountsd policy from Dan Walsh 
Edits:
 - Removed accountsd_manage_var_lib
 - Removed optional block for xserver - these interfaces didn't exist
 - It looks like sys_ptrace is needed because it reads /proc/pid/loginuid
 - Whitespace and style fixes
 2010-08-03 09:27:24 -04:00
Chris PeBenito
a7ee7f819a Docs standardizing on the role portion of run interfaces. Additional docs cleanup. 2010-08-03 09:20:22 -04:00
Chris PeBenito
9d4395a736 MojoMojo from Lain Arnell. 2010-08-02 09:28:06 -04:00
Chris PeBenito
a72e42f485 Interface documentation standardization patch from Dan Walsh. 2010-08-02 09:22:09 -04:00
Chris PeBenito
27eeb649cc Virtio disk file context update from Mika Pfluger. 2010-08-02 08:33:41 -04:00
Mika Pflüger
b3f7203d6a Take virtio disks into account. 
Signed-off-by: Mika Pflüger <debian@mikapflueger.de>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-08-02 08:25:14 -04:00
Chris PeBenito
64ef2df368 Module version bump for 5563d4c. 2010-07-22 09:13:11 -04:00
Jeremy Solt
5563d4c4d8 Removing seutil_domtrans_setsebool from anaconda patch - it doesn't exist 2010-07-22 08:49:32 -04:00
Jeremy Solt
b0a6f1b7c2 anaconda patch from Dan Walsh 
- Did not include the change to unconfined_domain_noaudit
 2010-07-22 08:49:32 -04:00
Chris PeBenito
21fdee9dd5 Increase bindreservport range to 512-1024 in corenetwork, from Dan Walsh. 
We went back and reread the bindreservport code in glibc.

Turns out the range or ports that this will reserve are 512-1024 rather
then 600-1024.

The code actually first tries to reserve a port from 600-1024 and if
they are ALL reserved will try 512-599.

So we need to change corenetwork to reflect this.
 2010-07-19 14:22:44 -04:00
Chris PeBenito
29f3bfa464 Fix JIT usage for freshclam. 
http://marc.info/?l=selinux&m=127893898208934&w=2
 2010-07-13 08:39:54 -04:00
Dominick Grift
48c3c37cf2 Remove some redundant attributes from user_home_t. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-07-12 14:35:22 -04:00
Chris PeBenito
4b76ea5f51 Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
Dominick Grift
fa1847f4a2 Add files_poly_member() to userdom_user_home_content() Remove redundant files_poly_member() calls. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-07-09 09:43:04 -04:00
Chris PeBenito
f7ffe6c2a9 Add missing ubac constraints on pulseaudio. 2010-07-09 09:14:35 -04:00
Chris PeBenito
c14aebd032 Remove old rbacsep role statements. 2010-07-09 08:38:05 -04:00
Chris PeBenito
072857c425 VMWare patch from Dan Walsh. 2010-07-08 13:43:50 -04:00
Chris PeBenito
f1618ffc6f Whitespace fix in userhelper. 2010-07-08 10:56:15 -04:00
Chris PeBenito
b70dfcdf8f RPM patch from Dan Walsh. 2010-07-08 10:53:28 -04:00
Chris PeBenito
2d839c6791 Whitespace fixes in RPM. 2010-07-08 10:12:24 -04:00
Chris PeBenito
7e265a8abb Add shutdown from Dan Walsh. 2010-07-07 11:10:56 -04:00
Chris PeBenito
b841dffda1 Add livecd from Dan Walsh. 2010-07-07 10:28:25 -04:00
Chris PeBenito
08690c84ad Remove ethereal module since the application was renamed to wireshark due to trademark issues. 2010-07-07 09:31:57 -04:00
Chris PeBenito
3c4e9fce8e Make spamassassin optional for milter, from Russell Coker. 2010-07-07 08:55:57 -04:00
Chris PeBenito
bca0cdb86e Remove duplicate/redundant rules, from Russell Coker. 2010-07-07 08:41:20 -04:00
Chris PeBenito
1db1836ab9 Remove improper usage of userdom_manage_home_role(), userdom_manage_tmp_role(), and userdom_manage_tmpfs_role(). 2010-07-06 13:17:05 -04:00
Chris PeBenito
a3b0dc5b3c GPG patch from Dan Walsh. 2010-07-06 10:58:40 -04:00
Chris PeBenito
3bcfe5beb7 Usermanage patch from Dan Walsh. 
Broken leaks of sockets

useradd runs semanage for -Z.

passwd_t needs sys_nice

useradd run within a samba_controler needs to append to the samba log.
 2010-07-06 10:56:20 -04:00
Chris PeBenito
cad4224e8e Guest patch from Dan Walsh. 
Dominic asked to remove mono and java from guest_t
 2010-07-06 08:35:56 -04:00
Chris PeBenito
ab62f3f1b1 Module version bump for a7521af. 2010-07-01 10:48:11 -04:00
Jeremy Solt
a7521af67d firstboot patch from Dan Walsh 
- Did not include gnome_admin_home_gconf_filetrans
- Whitespace fixes
 2010-07-01 10:36:31 -04:00
Dominick Grift
7e5463b58c fix cgroup_admin 
When cgroup policy was merged, some changes were made. One of these changes was the renaming of the type for cgroup rules engine daemon configuration file. The cgroup_admin interface was not modified to reflect this change.

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-07-01 09:02:58 -04:00
Chris PeBenito
caf1666dc1 Module version bump for 5f04c91. 2010-06-29 11:26:16 -04:00
Jeremy Solt
5f04c91f30 gitosis patch from Dan Walsh 2010-06-29 11:25:37 -04:00
Chris PeBenito
ab4f820548 Module version bump for b5d89d0. 2010-06-29 11:03:56 -04:00
Jeremy Solt
b5d89d0325 vpn patch from Dan Walsh 
fixed gen_require in vpn_relabelfrom_tun_socket interface (wrong type)
removed userdom_read_home_certs (not in refpolicy)
 2010-06-29 11:02:45 -04:00
Chris PeBenito
155635e33d Create_lnk_perms fix from Russell Coker. 
Personally I'd rather dump all those old compatibility macros, make them all
just display a message indicating the new correct thing to do and abort the
build.  But if we are going to keep them then we need to update them and make
them work.

The attached patch adds write access to create_lnk_perms.
 2010-06-28 09:33:17 -04:00
Chris PeBenito
113d2e023d Minor tweaks and module version bump for a00fc1c. 2010-06-25 09:51:34 -04:00
Dominick Grift
a00fc1c317 hddtemp fixes. 
Clean up network control section.
Implement hddtemp_etc_t for /etc/sysconfig/hddtemp. The advantages are:
- hddtemp_t no longer needs access to read all generic etc_t files.
- allows us to implement a meaningful hddtemp_admin()

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-06-25 09:43:54 -04:00
Chris PeBenito
0cec649be7 WM patch from Dan Walsh. 
Window manager policy changes needed for MLS policy.
 2010-06-25 09:00:19 -04:00
Chris PeBenito
3c79f954d1 Rearrage interfaces in filesystem. 2010-06-22 10:17:42 -04:00
Chris PeBenito
eab2cc89b4 Slocate patch from Dan Walsh. 
Locate attempts to look at network sate and does getattr on all blk/chr
and noxattr symlinks.
 2010-06-22 09:58:14 -04:00
Chris PeBenito
2c207dfa49 Qemu patch from Dan Walsh. 
Fix qemu labeling.

Additional qemu interfaces

Allow qemu to read/write removable devices
 2010-06-22 09:32:35 -04:00
Chris PeBenito
1fd3a8070f Pulseaudio patch from Dan Walsh. 
Dontaudit attempts to exec pulseaudio.  qemu does this and it causes
other avc's even though qemu can not use pulseaudio.

Allow other domains to use pulseiaudio
 2010-06-22 09:13:17 -04:00
Chris PeBenito
1ff703fc4a Podsleuth patch from Dan Walsh. 
podsleuth asks the kernel to load modules
Reads/write removable blk device.

Reads user_tmpfs
 2010-06-22 09:01:38 -04:00
Chris PeBenito
8a24097bff Mplayer patch from Dominick Grift through Dan Walsh. 2010-06-21 09:52:33 -04:00
Chris PeBenito
3c1e8ff6bb Mozilla patch from Dan Walsh. 
Various old fixes for mozilla.
 2010-06-21 09:36:39 -04:00
Chris PeBenito
ae1b7dedd7 Cpufreqselector patch from Dan Walsh. 
Needs to read localization
 2010-06-21 09:03:11 -04:00
Chris PeBenito
a99f69fd0e Loadkeys patch from Dan Walsh. 
Dontaudit leaked sockets
 2010-06-18 15:12:33 -04:00
Chris PeBenito
e08ac5acb3 Vbetool patch from Dan Walsh. 
vbetool needs mls overrides
 2010-06-18 14:56:27 -04:00
Chris PeBenito
3835c39a13 Sudo patch from Dan Walsh. 
sudo gets execed by apps that leak sockets
 2010-06-18 14:43:22 -04:00
Chris PeBenito
f7e3410aed Su patch from Dan Walsh. 
dontaudit leaked sockets
 2010-06-18 14:32:42 -04:00
Chris PeBenito
b9be5cccf1 Shorewall patch from Dan Walsh. 
Shorewall execs hostname
 2010-06-18 14:23:46 -04:00
Chris PeBenito
5116faa198 Quota patch from Dan Walsh. 
Quata needs to setshed on kernel processes
 2010-06-18 14:14:21 -04:00
Chris PeBenito
a9ef84b578 Prelink patch from Dan Walsh. 
Prelink has new directory under /var/lib

dontaudit leaks from domains that transition

cron job looks at all mount points.
 2010-06-18 14:07:53 -04:00
Chris PeBenito
9a4d292902 Netutils patch from Dan Walsh. 
ping gets leaked log descriptor from nagios.

Label send_arp as ping_exec_t
 2010-06-17 10:16:19 -04:00
Chris PeBenito
10c0104066 Kismet patch from Dan Walsh. 
Kismet searches user_home_dirs for kismet_home_t content.
 2010-06-17 08:24:21 -04:00
Chris PeBenito
e89f04fd17 Mcelog patch from Dan Walsh. 
mcelog needs mls override
 2010-06-17 08:23:48 -04:00
Chris PeBenito
0e30bca6d9 Consoletype patch from Dan Walsh. 
I am sick of every app in the known universe leaking socket descriptors.
  Dontaudit by default

consoletype is handed a write for hal log on resume from hibernate.
 2010-06-17 08:23:20 -04:00
Chris PeBenito
88a574d373 Alsa patch from Dan Walsh 
Alsa trys to talk to all types of terminals.  Dontaudit this access.
 2010-06-17 08:22:43 -04:00
Chris PeBenito
4db7790c60 Acct patch from Dan Walsh. 
acct needs to use generic ptys
 2010-06-17 08:22:17 -04:00
Chris PeBenito
48f99a81c0 Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
Chris PeBenito
5c942ceb83 AFS patch from Dan Walsh. 2010-06-10 08:08:23 -04:00
Chris PeBenito
b521229560 Abrt patch from Dan Walsh. 
Abrt uses /var/spool/abrt now and changed the name of its lock

Now uses a stream socket

Installs debuginfo packages

sys_nice itself
 2010-06-10 07:58:00 -04:00
Chris PeBenito
48e0aa86c9 Files patch from Dan Walsh. 
Redhat does want /usr/local/src labeled src_t or /usr/src for that matter

Fix labels on chroot environments
 2010-06-09 09:09:34 -04:00
Chris PeBenito
135b1b4c54 Terminal patch from Dan Walsh. 2010-06-09 08:22:31 -04:00
Chris PeBenito
c54e7d63dc Module version bump for cgroup patchset. 2010-06-08 09:18:43 -04:00
Chris PeBenito
53f9abbe68 Clean up cgroup. Rename cgconfigparser to cgconfig. 2010-06-08 09:15:41 -04:00
Chris PeBenito
0041a78ef7 Remove cgroup_t usage in cgroup_admin() since it is not owned by the module. 2010-06-08 09:12:03 -04:00
Chris PeBenito
860c05d9de Rearrange cgroup interfaces in filesystem. 2010-06-08 09:10:45 -04:00
Chris PeBenito
04dcd73fe3 Whitespace fixes in cgroup and init. 2010-06-08 08:47:26 -04:00
Dominick Grift
e2b9add5f8 How users interact with cgroup. 
All login users can list cgroup.
Common users can read and write cgroup files (access governed by dac)

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-06-08 08:38:33 -04:00
Dominick Grift
73f0985092 How libgroup init scripts interact with libcgroup. 
The libcgroup init scripts use tools in /usr/bin like cgexec and cgclear.

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-06-08 08:38:29 -04:00
Dominick Grift
ddf821332f add libcg policy. 
Libcgroup automates cgroup management.

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-06-08 08:38:22 -04:00
Dominick Grift
c0c635b3f3 cgroup in filesystem. 
Move cgroup_t declarations from kernel.te to filesystem.te
Redo cgroup interfaces in filesystem.if
Add file context specification for /cgroup mountpoint to filesystem.fc

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-06-08 08:38:18 -04:00