Chris PeBenito
|
157c69416f
|
add macro to expand object class sets for use in require blocks
|
2005-07-15 15:53:54 +00:00 |
|
Chris PeBenito
|
50f6503452
|
* break up files_getattr_all_files into correct interfaces
* move stuff out of pcmcia into the appropriate modules
|
2005-07-15 15:17:57 +00:00 |
|
Chris PeBenito
|
e0d57fbcb1
|
add pcmcia
|
2005-07-14 20:57:17 +00:00 |
|
Chris PeBenito
|
c429cb5e26
|
fix up the xml
|
2005-07-14 20:02:53 +00:00 |
|
Chris PeBenito
|
11633bbaa8
|
add ipsec
|
2005-07-14 18:15:47 +00:00 |
|
Chris PeBenito
|
493d6c4adc
|
add nscd
|
2005-07-13 20:48:51 +00:00 |
|
Chris PeBenito
|
df00b2e235
|
* fix chroot exec interface
* more TODO cleanup
* move IPC out of generic domtrans interfaces
|
2005-07-13 18:29:08 +00:00 |
|
Chris PeBenito
|
b24f35d8a3
|
more cleanup of current TODOs
|
2005-07-12 20:34:24 +00:00 |
|
Chris PeBenito
|
4051d15b62
|
fix xml
|
2005-07-11 19:15:54 +00:00 |
|
Chris PeBenito
|
ae9e2716c3
|
fix more TODOs. fix selinux.te to selinuxutil.te in optionals
|
2005-07-11 19:02:50 +00:00 |
|
Chris PeBenito
|
a42ca7ebec
|
another round of TODO cleanup
|
2005-07-08 20:44:57 +00:00 |
|
Chris PeBenito
|
e5f8060316
|
implement direct_sysadm_daemon
|
2005-07-07 15:25:28 +00:00 |
|
Chris PeBenito
|
c98340cfeb
|
support for targeted policy
|
2005-07-06 20:28:29 +00:00 |
|
Chris PeBenito
|
bb32544d61
|
add missing ssh file contexts
|
2005-07-06 15:59:54 +00:00 |
|
Chris PeBenito
|
9726b31857
|
add unconfined
|
2005-07-05 20:59:51 +00:00 |
|
Chris PeBenito
|
2745476e4a
|
add required tags
|
2005-07-05 17:47:15 +00:00 |
|
Chris PeBenito
|
a7a9799d79
|
convert can_kerberos()
|
2005-07-01 13:31:34 +00:00 |
|
Chris PeBenito
|
fd89e19f12
|
more work on current modules
|
2005-06-30 18:54:08 +00:00 |
|
Chris PeBenito
|
ebdc3b7902
|
clean up more todos
|
2005-06-29 20:53:53 +00:00 |
|
Chris PeBenito
|
d233bfce3f
|
make layer summary required
|
2005-06-29 16:54:13 +00:00 |
|
Chris PeBenito
|
8fd3673225
|
another round of renaming, for consistency
|
2005-06-29 14:26:41 +00:00 |
|
Chris PeBenito
|
96ce00afcc
|
add logrotate, more low-hanging fruit
|
2005-06-28 20:54:49 +00:00 |
|
Chris PeBenito
|
cbca03f513
|
add lost_found_t manage, rename fs_type attribute to filesystem_type and rename fs_make_fs to fs_type
|
2005-06-28 17:48:59 +00:00 |
|
Chris PeBenito
|
783b38347e
|
more low hanging fruit cleanup
|
2005-06-28 17:32:57 +00:00 |
|
Chris PeBenito
|
58c3da55f3
|
add fstools, and more cleanup
|
2005-06-27 20:59:28 +00:00 |
|
Chris PeBenito
|
80436b9b8f
|
changes to make inetd work
|
2005-06-27 18:37:33 +00:00 |
|
Chris PeBenito
|
ab940a4cc1
|
autofs_t and ypbind cleanup
|
2005-06-27 16:30:55 +00:00 |
|
Chris PeBenito
|
e88003ffe3
|
xml updates and nis stuff
|
2005-06-24 20:37:09 +00:00 |
|
Chris PeBenito
|
62a7b02c5b
|
add/update comments
|
2005-06-24 13:36:57 +00:00 |
|
Chris PeBenito
|
414e415198
|
update for new documentation method
|
2005-06-23 21:30:57 +00:00 |
|
Chris PeBenito
|
19ea99d495
|
fix
|
2005-06-23 16:06:39 +00:00 |
|
Chris PeBenito
|
261e0e66ee
|
shorten some xml tags
|
2005-06-23 16:00:05 +00:00 |
|
Chris PeBenito
|
007ca5600c
|
more setcurrent stuff
|
2005-06-23 15:37:39 +00:00 |
|
Chris PeBenito
|
2a3478cf15
|
fixes pointed out by steve, plus fixes revealed by the added assertions
|
2005-06-23 14:19:56 +00:00 |
|
Chris PeBenito
|
9ccd96dfc6
|
more work on ssh, plus import ssh-agent
|
2005-06-22 21:14:48 +00:00 |
|
Chris PeBenito
|
199895e201
|
move all interfaces over to the interface macro. add traceback debugging info
|
2005-06-22 19:21:31 +00:00 |
|
Chris PeBenito
|
cbc9d6951a
|
remove remaining _depend macros to prep for switchover to interface declaration macro
|
2005-06-22 16:07:14 +00:00 |
|
Chris PeBenito
|
0404a3903a
|
initial commit of ssh.
|
2005-06-21 21:07:46 +00:00 |
|
Chris PeBenito
|
21871a5cf6
|
work on newrole policy
|
2005-06-21 17:01:45 +00:00 |
|
Chris PeBenito
|
e04b8e7832
|
initial commit
|
2005-06-20 18:43:14 +00:00 |
|
Chris PeBenito
|
57869a681e
|
XML: encapsulate modules in layers, rather then layer being an attribute of
module tag
|
2005-06-20 18:40:44 +00:00 |
|
Chris PeBenito
|
7a2f20a315
|
more work to clean up and complete current modules
|
2005-06-20 17:41:29 +00:00 |
|
Chris PeBenito
|
139520a233
|
review of system interfaces
|
2005-06-17 17:59:26 +00:00 |
|
Chris PeBenito
|
0e721690dc
|
misc cleanup
|
2005-06-16 20:54:18 +00:00 |
|
Chris PeBenito
|
d35c621eb0
|
add a couple more nfs and cifs interfaces, to cover most of the
use_(nfs|cifs)_home_dirs tunable
|
2005-06-16 20:33:51 +00:00 |
|
Chris PeBenito
|
77c124c8cd
|
eliminate _depend macros
|
2005-06-16 20:30:59 +00:00 |
|
Chris PeBenito
|
5e0da6a03e
|
finish renaming system/selinux to system/selinuxutil
|
2005-06-14 20:48:34 +00:00 |
|
Chris PeBenito
|
be4a8011d4
|
move selinux to selinuxutil
|
2005-06-14 20:12:46 +00:00 |
|
Chris PeBenito
|
8bd6789954
|
move constraints interfaces to domain module. move sysfs and usbfs to
devices module
|
2005-06-14 19:56:46 +00:00 |
|
Chris PeBenito
|
810f2b7155
|
fix typo
|
2005-06-14 18:15:01 +00:00 |
|
Chris PeBenito
|
b57dd19400
|
stray renames in distro_redhat
|
2005-06-14 17:36:21 +00:00 |
|
Chris PeBenito
|
3eed10909e
|
convert relevant conditionals into tunable_policy
|
2005-06-14 14:43:04 +00:00 |
|
Chris PeBenito
|
fa7bea8feb
|
rename requires_block_tempalte to gen_require
|
2005-06-13 20:47:04 +00:00 |
|
Chris PeBenito
|
34c8fabeeb
|
tunables work
|
2005-06-13 20:44:23 +00:00 |
|
Chris PeBenito
|
31908be07f
|
a few missed renames, and start fixing up tunables
|
2005-06-13 20:27:32 +00:00 |
|
Chris PeBenito
|
5a45e70177
|
rename setattr removable_device_t
|
2005-06-13 20:00:36 +00:00 |
|
Karl MacMillan
|
8700497fb1
|
Updates to documentation.
|
2005-06-13 19:22:00 +00:00 |
|
Chris PeBenito
|
c9428d33dc
|
renaming insanity
|
2005-06-13 17:35:46 +00:00 |
|
Karl MacMillan
|
f0c985ca80
|
Devices rename.
|
2005-06-13 16:22:32 +00:00 |
|
Chris PeBenito
|
0fd9dc55cf
|
renaming insanity
|
2005-06-10 01:01:13 +00:00 |
|
Chris PeBenito
|
a154cd45f3
|
reorder
|
2005-06-09 21:07:58 +00:00 |
|
Chris PeBenito
|
588ffaeb7f
|
kernel.if renaming
|
2005-06-09 20:50:17 +00:00 |
|
Chris PeBenito
|
cc41a97c99
|
aliases
|
2005-06-09 18:08:26 +00:00 |
|
Chris PeBenito
|
d90b274e40
|
for now, drop infoflow tags
|
2005-06-09 17:23:53 +00:00 |
|
Chris PeBenito
|
dd822947d2
|
aliases
|
2005-06-09 14:50:48 +00:00 |
|
Chris PeBenito
|
80048ca5d2
|
aliases
|
2005-06-09 14:26:05 +00:00 |
|
Chris PeBenito
|
5d31560b4d
|
genhomedircon entries
|
2005-06-08 22:32:43 +00:00 |
|
Chris PeBenito
|
5552ed88f3
|
initial commit
|
2005-06-08 22:32:33 +00:00 |
|
Chris PeBenito
|
7edd02d4f1
|
aliasing
|
2005-06-08 21:07:03 +00:00 |
|
Chris PeBenito
|
b29d23f315
|
initial commit
|
2005-06-08 20:49:16 +00:00 |
|
Chris PeBenito
|
066d463147
|
comment fix
|
2005-06-08 16:16:41 +00:00 |
|
Chris PeBenito
|
a7197232e8
|
add can_exec
|
2005-06-08 13:41:05 +00:00 |
|
Chris PeBenito
|
763c441e3b
|
start renaming filesystem interfaces
|
2005-06-08 13:12:00 +00:00 |
|
Chris PeBenito
|
3865d6b95e
|
add xml
|
2005-06-07 22:36:07 +00:00 |
|
Chris PeBenito
|
254bbc7bb3
|
start switching over to new tunable infrastructure
|
2005-06-07 18:45:47 +00:00 |
|
Chris PeBenito
|
2d68932a8d
|
fix broken macros
|
2005-06-07 14:46:20 +00:00 |
|
Chris PeBenito
|
a1d2e8ab29
|
add domain(_auto)_trans
|
2005-06-07 14:43:14 +00:00 |
|
Chris PeBenito
|
eb7f9a34cb
|
move audit to logging
|
2005-06-07 14:27:19 +00:00 |
|
Chris PeBenito
|
ef5e55c9fa
|
move to logging
|
2005-06-07 14:16:14 +00:00 |
|
Chris PeBenito
|
0c73cd2526
|
change over to some perm set macros. add indentation
|
2005-06-03 12:25:14 +00:00 |
|
Chris PeBenito
|
d115660e3b
|
change network verb in corenetwork to sendrecv
|
2005-06-02 18:55:47 +00:00 |
|
Chris PeBenito
|
cabfa520aa
|
move fs_use and isids to respective modules
|
2005-06-02 15:39:10 +00:00 |
|
Chris PeBenito
|
aa40608fbe
|
remove copyright until licensing issues are resolved
|
2005-06-01 17:34:13 +00:00 |
|
Chris PeBenito
|
e32d52ba47
|
fix xml
|
2005-06-01 14:17:43 +00:00 |
|
Chris PeBenito
|
1293184998
|
last fixes for cab
|
2005-06-01 13:51:54 +00:00 |
|
Chris PeBenito
|
d115b24712
|
more cab work
|
2005-05-31 23:02:11 +00:00 |
|
Chris PeBenito
|
3b857eae09
|
add some file_t interfaces, and console write
|
2005-05-31 21:25:45 +00:00 |
|
Chris PeBenito
|
4bf4ed9e68
|
permission set macro changes, plus more cab related work
|
2005-05-31 19:52:57 +00:00 |
|
Chris PeBenito
|
f5c42bd80b
|
many fixes from cab work
|
2005-05-30 21:17:20 +00:00 |
|
Chris PeBenito
|
32e53ac1b8
|
cleanup inspired by sediff
|
2005-05-27 21:56:01 +00:00 |
|
Chris PeBenito
|
c6fd1f85ba
|
restructure users, and add signalling
|
2005-05-27 20:44:05 +00:00 |
|
Chris PeBenito
|
dd31631500
|
fix ordering and put in var_lib_t
|
2005-05-27 20:29:17 +00:00 |
|
Chris PeBenito
|
d490eb6b5c
|
fixes from cab
|
2005-05-26 20:38:45 +00:00 |
|
Chris PeBenito
|
efd8ede34d
|
many fixes from cab testing
|
2005-05-25 20:58:21 +00:00 |
|
Chris PeBenito
|
cbeef67c1c
|
cleanup
|
2005-05-24 22:22:26 +00:00 |
|
Chris PeBenito
|
e7fcdc6d2f
|
fix the object class in process transition interfaces
|
2005-05-24 20:45:27 +00:00 |
|
Chris PeBenito
|
dc771ff40e
|
another cleanup pass
|
2005-05-24 15:55:57 +00:00 |
|
Chris PeBenito
|
6b48fd013c
|
stuff from rpm
|
2005-05-23 17:56:35 +00:00 |
|
Chris PeBenito
|
57440fb076
|
add dontaudit shadow_t getattr
|
2005-05-23 17:56:26 +00:00 |
|
Chris PeBenito
|
39255175ca
|
move in stuff from rpm
|
2005-05-23 17:01:51 +00:00 |
|
Chris PeBenito
|
15a9613ca4
|
add ldconfig and rpm transitions
|
2005-05-23 15:51:33 +00:00 |
|
Chris PeBenito
|
162a57e583
|
add missing xml
|
2005-05-23 15:50:12 +00:00 |
|
Chris PeBenito
|
46410fd2b9
|
add tmpfsfile support
|
2005-05-23 15:49:31 +00:00 |
|
Chris PeBenito
|
1c9f9a50df
|
add signull all domains
|
2005-05-23 15:49:03 +00:00 |
|
Chris PeBenito
|
3000a31552
|
make transition on shell work
|
2005-05-23 15:48:45 +00:00 |
|
Chris PeBenito
|
48e0dbd63e
|
add ldconfig
|
2005-05-23 15:45:53 +00:00 |
|
Chris PeBenito
|
e32c0d3b86
|
add mls sensitivity to genfscon, initial sids and fs_use
|
2005-05-20 20:43:18 +00:00 |
|
Chris PeBenito
|
daa0e0b01f
|
add xml comments to interfaces, convert over userdomain stuff
|
2005-05-19 21:06:06 +00:00 |
|
Chris PeBenito
|
bee546bfd4
|
add context template to support mls
|
2005-05-18 21:02:15 +00:00 |
|
Chris PeBenito
|
26c87e0c42
|
add userdomain:fd use
|
2005-05-18 21:00:56 +00:00 |
|
Chris PeBenito
|
490639cd57
|
add a xml comment
|
2005-05-18 21:00:30 +00:00 |
|
Chris PeBenito
|
2e77b29e67
|
add xml
|
2005-05-18 21:00:00 +00:00 |
|
Chris PeBenito
|
8623d5b854
|
move run_init to selinux, as it is part of policycoreutils
|
2005-05-18 16:03:54 +00:00 |
|
Chris PeBenito
|
1786071159
|
rename some selinuxfs interfaces for more clarity
|
2005-05-18 13:22:37 +00:00 |
|
Chris PeBenito
|
ef373408a6
|
add source policy interfaces
|
2005-05-18 13:21:28 +00:00 |
|
Chris PeBenito
|
5817e3a820
|
add renice all domains
|
2005-05-18 13:21:00 +00:00 |
|
Chris PeBenito
|
76bff31d96
|
add admin template
|
2005-05-18 13:20:16 +00:00 |
|
Chris PeBenito
|
4d8ddf9a4f
|
start adding admin template
|
2005-05-18 13:18:49 +00:00 |
|
Chris PeBenito
|
dd14d0d892
|
change read_shared_libraries to use_shared_libraries, since the execute
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
|
2005-05-17 15:32:52 +00:00 |
|
Chris PeBenito
|
650e75c57d
|
initial commit
|
2005-05-16 21:11:26 +00:00 |
|
Chris PeBenito
|
b16c6b8c32
|
start adding user domains. fix ttynode and ptynode handling, as they're
more then user terminals (at least ptynode is). start adding XML comments
|
2005-05-16 21:10:33 +00:00 |
|
Chris PeBenito
|
ff31386090
|
move make_{daemon,init,system}_domain to init to fix type_transition'ing
|
2005-05-13 20:21:50 +00:00 |
|
Chris PeBenito
|
24a7ae1a5a
|
add lvm.fc, and move relevant entries to devices.fc and storage.fc
|
2005-05-13 15:03:19 +00:00 |
|
Chris PeBenito
|
7bba9d317a
|
pile of updates
|
2005-05-13 14:37:13 +00:00 |
|
Chris PeBenito
|
1bde8321dd
|
initial commit
|
2005-05-13 14:36:35 +00:00 |
|
Chris PeBenito
|
075c4fdaf1
|
additions for cron and mta
|
2005-05-12 20:50:09 +00:00 |
|
Chris PeBenito
|
fb1aee72f4
|
add iface creating private logs
|
2005-05-11 20:54:14 +00:00 |
|
Chris PeBenito
|
d25dd9c1c2
|
add make temporary_file and daemon_runtime_file
|
2005-05-11 19:36:36 +00:00 |
|
Chris PeBenito
|
38e24ae49e
|
add files_make_temporary_file and remove type attribute from
create_private_tmp
|
2005-05-11 19:21:40 +00:00 |
|
Chris PeBenito
|
24280a524d
|
updates needed for cron
|
2005-05-11 19:05:15 +00:00 |
|
Chris PeBenito
|
3ec805f7e5
|
add read and search for etc_t:dir
|
2005-05-11 16:48:10 +00:00 |
|
Chris PeBenito
|
118186e3dc
|
make a reasonable lib_t interface
|
2005-05-11 15:46:51 +00:00 |
|
Chris PeBenito
|
1832271029
|
reorder for more consistency
|
2005-05-11 15:22:28 +00:00 |
|
Chris PeBenito
|
b3416a3762
|
initial commit
|
2005-05-10 20:06:19 +00:00 |
|
Chris PeBenito
|
eeb2558418
|
leftover from netutils
|
2005-05-10 20:06:04 +00:00 |
|
Chris PeBenito
|
f8ec0ad43b
|
initial commit
|
2005-05-10 19:51:00 +00:00 |
|
Chris PeBenito
|
279b555ae3
|
reorder to fit file context style rules
|
2005-05-10 19:47:37 +00:00 |
|
Chris PeBenito
|
6f50b57665
|
use ptys
|
2005-05-10 15:03:56 +00:00 |
|
Chris PeBenito
|
2812bfac86
|
fix hotplug optional
|
2005-05-10 15:00:54 +00:00 |
|
Chris PeBenito
|
13e94c09e4
|
more authlogin handling
|
2005-05-09 21:07:53 +00:00 |
|
Chris PeBenito
|
5c162193b7
|
move system_chkpwd to .te rather then using template, so that the
ifelse(system,..) can be eliminated
|
2005-05-09 21:06:51 +00:00 |
|
Chris PeBenito
|
cb28738d20
|
priv* attribute fixes for sulogin
|
2005-05-09 21:05:01 +00:00 |
|
Chris PeBenito
|
c18e825f57
|
unexpand can_kerberos
|
2005-05-09 21:03:38 +00:00 |
|
Chris PeBenito
|
a9a20ddaae
|
allow all domains to use /dev/{zero,null,tty}
|
2005-05-09 19:55:01 +00:00 |
|
Chris PeBenito
|
e843cc89fd
|
reorder restorecon and setfiles relabel rules for consistency
|
2005-05-09 19:06:56 +00:00 |
|
Chris PeBenito
|
a1f94a3441
|
clean up authentication attributes
|
2005-05-09 18:50:20 +00:00 |
|
Chris PeBenito
|
96b0000f1b
|
start adding infrastructure for the constraint exceptions
|
2005-05-09 17:47:57 +00:00 |
|
Chris PeBenito
|
18f25afdf6
|
start adding infrastructure for the constraint exceptions
|
2005-05-09 17:41:29 +00:00 |
|
Chris PeBenito
|
c5b5a7479a
|
cleanup
|
2005-05-09 15:40:56 +00:00 |
|
Chris PeBenito
|
5d7e8ba6fb
|
add sulogin
|
2005-05-09 15:38:06 +00:00 |
|