Chris PeBenito
574e63fabc
fix kerberos_use, which turned out to be a problem in dns_reslove
2005-11-29 15:36:53 +00:00
Chris PeBenito
70fb22d201
bump rev
2005-11-28 22:23:07 +00:00
Chris PeBenito
1504ff3e42
clean up most of the mta hacks
2005-11-28 22:19:08 +00:00
Chris PeBenito
08cd98b7c1
big cleanup of mta
2005-11-28 20:25:36 +00:00
Chris PeBenito
5d5ea8d002
add irqbalance
2005-11-28 19:06:22 +00:00
Chris PeBenito
f11f0c10ad
add timidity
2005-11-28 18:29:03 +00:00
Chris PeBenito
19ff64f83a
add rdisc
2005-11-28 17:46:29 +00:00
Chris PeBenito
131e573dcc
add yppasswdd to nis
2005-11-28 16:44:51 +00:00
Chris PeBenito
09741b1f0e
cleanup from sediff
2005-11-25 19:38:45 +00:00
Chris PeBenito
3f41889dae
add xfs
2005-11-25 19:09:08 +00:00
Chris PeBenito
f00434fae9
clean up rpc hack
2005-11-25 17:39:35 +00:00
Chris PeBenito
d828b5ca8f
clean up networkmanager hacks
2005-11-25 16:43:03 +00:00
Chris PeBenito
2629c6595a
patch from dan to remove rhgb and gph:fd use
2005-11-25 15:51:50 +00:00
Chris PeBenito
1328802a41
Change optional_policy() to refer to the module name rather than modulename.te.
2005-11-23 20:24:27 +00:00
Chris PeBenito
af23450c36
patch from dan
2005-11-23 19:02:40 +00:00
Chris PeBenito
9cc2ccc4ed
tweaks from dan
2005-11-22 17:56:53 +00:00
Chris PeBenito
95f82b0de8
fixes from dan
2005-11-21 22:15:11 +00:00
Chris PeBenito
c5c3066aa1
fix
2005-11-18 21:30:23 +00:00
Chris PeBenito
1d697ce7d2
add last bits from dan
2005-11-18 18:38:37 +00:00
Chris PeBenito
37ff8fe902
updates from dan
2005-11-18 16:12:30 +00:00
Chris PeBenito
1354ca04a6
fix superfluous network rules pointed out by dan walsh, and clean
2005-11-18 15:53:34 +00:00
Chris PeBenito
704327e8b2
fix transitions in and out of unconfined. fix bugs uncovered by rawhide testing
2005-11-16 21:08:52 +00:00
Chris PeBenito
8b4eab1445
missed mls cat update
2005-11-16 16:22:26 +00:00
Chris PeBenito
1dad083d2c
stray procmail execs
2005-11-15 20:27:49 +00:00
Chris PeBenito
3e6c816ddd
add procmail
2005-11-15 20:17:18 +00:00
Chris PeBenito
c6d4c8f186
clean up some hacks
2005-11-15 18:47:20 +00:00
Chris PeBenito
7b062eac78
add patch from dan
2005-11-15 16:34:10 +00:00
Chris PeBenito
3ed2b69339
role hack for genhomedircon
2005-11-14 22:46:18 +00:00
Chris PeBenito
de0d2651a7
temp genhomedircon hack
2005-11-14 22:38:14 +00:00
Chris PeBenito
9e91381a26
change dmesg and loadkeys behavior to aliasing, and enable modules
2005-11-14 20:26:41 +00:00
Chris PeBenito
0d5d74e02b
remove extra rule
2005-11-14 19:33:09 +00:00
Chris PeBenito
15c235f75c
more broken symptoms
2005-11-11 22:21:32 +00:00
Chris PeBenito
af86646bfe
hack
2005-11-11 21:39:09 +00:00
Chris PeBenito
3be48fa4e1
fix type transition conflicts
2005-11-11 21:33:54 +00:00
Chris PeBenito
17da253e65
fix ordering problem
2005-11-11 21:25:45 +00:00
Chris PeBenito
7fefc1d956
fix rpm
2005-11-11 21:25:31 +00:00
Chris PeBenito
175b1cb551
reverse last change
2005-11-11 21:00:00 +00:00
Chris PeBenito
5ae908113d
fix ordering
2005-11-11 20:50:23 +00:00
Chris PeBenito
4fe05f2055
add debugging symbols
2005-11-11 19:40:31 +00:00
Chris PeBenito
33ff9b8cf2
missing fc's
2005-11-11 19:03:44 +00:00
Chris PeBenito
3ad26d1c7a
update rh broken symptoms
2005-11-11 16:13:04 +00:00
Chris PeBenito
a6e32d615f
add initrc_tmp_t mountpoint
2005-11-11 16:08:03 +00:00
Chris PeBenito
daff1dc5af
fix missing role statements
2005-11-11 15:33:38 +00:00
Chris PeBenito
55290adf28
small fixes
2005-11-11 14:12:23 +00:00
Chris PeBenito
2e0a880165
changed rules fixes
2005-11-10 21:37:54 +00:00
Chris PeBenito
3797efb0ce
work around role dominance breakage in module compiler
2005-11-10 20:37:31 +00:00
Chris PeBenito
65b9361c0a
missing matches
2005-11-10 20:36:59 +00:00
Chris PeBenito
672a1570c8
reorder to work around module compiler bug
2005-11-10 19:41:23 +00:00
Chris PeBenito
70fe5a3e6e
turn off stuff not in original targeted
2005-11-10 19:30:39 +00:00
Chris PeBenito
37c85212a1
use role dominance in targeted for compatability with strict
2005-11-10 16:55:56 +00:00
Chris PeBenito
1904b01047
fix changed rules
2005-11-10 16:54:18 +00:00
Chris PeBenito
c6825e980c
missing matches
2005-11-10 16:53:50 +00:00
Chris PeBenito
c2e35b815a
fc fixes
2005-11-10 14:47:02 +00:00
Chris PeBenito
c646a9f838
add missing bin_t aliases
2005-11-09 22:18:15 +00:00
Chris PeBenito
51f3744773
add missing /var/yp match
2005-11-09 21:32:55 +00:00
Chris PeBenito
33faf59e07
correct shlib_t alias
2005-11-09 20:48:20 +00:00
Chris PeBenito
59a00d8a55
add avahi
2005-11-09 20:29:30 +00:00
Chris PeBenito
e3d21df8ad
fix to use real type rather than alias
2005-11-09 19:13:08 +00:00
Chris PeBenito
2ab07ebbf3
fixes for sorting
2005-11-09 18:29:03 +00:00
Chris PeBenito
4b9516c125
add avahi
2005-11-09 17:12:34 +00:00
Chris PeBenito
d3f715d228
more fix
2005-11-09 15:51:22 +00:00
Chris PeBenito
3e639ab08b
tty fixes
2005-11-09 15:05:47 +00:00
Chris PeBenito
725926c586
pile of sediff fixes
2005-11-08 22:00:30 +00:00
Chris PeBenito
76febd2146
fix sendmail transition
2005-11-07 21:13:07 +00:00
Chris PeBenito
8967bf8b89
merge in some of dan's old policy changes
2005-11-07 20:09:28 +00:00
Don Miner
bc6dfa6778
Changed a { create rw_dir_perms } to a create_dir_perms since starting radius was getting a setattr denial and setattr was shown to be missing in sediff
2005-11-04 16:43:05 +00:00
Don Miner
45aa10abd7
Added signal_perms to nscd_t.
2005-11-04 14:13:24 +00:00
Chris PeBenito
307e11419a
missing dir
2005-11-03 21:07:29 +00:00
Chris PeBenito
7afca0b4c1
user tty fixes
2005-11-03 19:33:53 +00:00
Chris PeBenito
9c6feb63de
add stuff from distros.fc
2005-11-03 18:08:36 +00:00
Don Miner
8f882ffcd9
Added rules so that tracepath, traceroute and ping work.
2005-11-02 20:44:17 +00:00
Chris PeBenito
73ef293bc5
fixes just so sediff is easier to handle
2005-11-01 21:15:11 +00:00
Chris PeBenito
b488014fd7
hack
2005-11-01 20:52:48 +00:00
Chris PeBenito
b9ea0fed0f
clean up last var_run_domain expansion errors
2005-11-01 19:52:37 +00:00
Chris PeBenito
ee08bc4c75
read certs
2005-11-01 16:11:32 +00:00
Chris PeBenito
35adb6f8d7
clean up socket
2005-11-01 15:57:15 +00:00
Chris PeBenito
31a1c2df88
fix filesystem associations
2005-11-01 15:45:00 +00:00
Chris PeBenito
7ac22585e3
tty and caps fixes
2005-11-01 15:34:00 +00:00
Chris PeBenito
0b12fa4bd0
more dbus cleanup
2005-11-01 15:19:48 +00:00
Chris PeBenito
dab808bde7
dbus obj class cleanup
2005-11-01 15:11:05 +00:00
Chris PeBenito
ce0ff19691
more of the same
2005-10-31 22:44:03 +00:00
Chris PeBenito
b422aa9b1e
initrc couldn't create/use its own pty!
2005-10-31 22:27:45 +00:00
Chris PeBenito
30910b37c6
more fixes
2005-10-31 22:19:16 +00:00
Don Miner
305106ebb9
Added a rule to allow dmidecode to use locallogin_t fd to make it so it works.
2005-10-31 21:45:42 +00:00
Chris PeBenito
aba9c7a3cf
add missing httpd_helper_t tty part
2005-10-31 20:58:44 +00:00
Chris PeBenito
9ca7e78a35
misc sediff fixes
2005-10-31 20:54:33 +00:00
Chris PeBenito
0500e01f2d
* fixes uncovered by sediff
...
* fix disable_trans support so the daemon can be both
init and inet services, and not get dup bool decl
2005-10-31 20:32:53 +00:00
Chris PeBenito
bea7b4548e
add missing tunable
2005-10-31 19:58:51 +00:00
Chris PeBenito
6ff85b5c84
fix perm set
2005-10-31 19:31:22 +00:00
Chris PeBenito
62841791a5
fixes uncovered by sediff
2005-10-31 14:55:34 +00:00
Chris PeBenito
f3936d3876
nicer te_trans conflict fix
2005-10-28 19:18:50 +00:00
Chris PeBenito
cac3eca0be
fix te_trans conflict
2005-10-28 19:13:54 +00:00
Chris PeBenito
dc8f17037b
fix up sendmail for targeted
2005-10-28 18:57:23 +00:00
Chris PeBenito
f1b0a8c55b
fix
2005-10-28 18:46:46 +00:00
Chris PeBenito
2d13f72977
take care of missing types
2005-10-28 18:38:04 +00:00
Chris PeBenito
375c241556
ssh updates for targeted
2005-10-28 18:13:44 +00:00
Chris PeBenito
cbdb4ae6d3
clean up unused booleans
2005-10-28 17:31:53 +00:00
Chris PeBenito
bce06f1633
updated modules.conf from dan
2005-10-28 15:55:58 +00:00
Chris PeBenito
f0f18e0734
typo
2005-10-28 15:12:23 +00:00
Chris PeBenito
495a7026d9
add missing range transition
2005-10-28 15:09:03 +00:00
Chris PeBenito
005a9aa6e2
initrc fixes
2005-10-28 14:34:26 +00:00
Chris PeBenito
7e1c14d1f6
fix quoting
2005-10-28 13:53:18 +00:00
Chris PeBenito
dd3544d1a5
fixes from testing
2005-10-28 13:33:25 +00:00
Chris PeBenito
f1baed733f
fix some /opt regexes
2005-10-27 18:32:16 +00:00
Chris PeBenito
08c22f4d17
more transition work
2005-10-27 15:16:42 +00:00
Chris PeBenito
b281bf6ed9
add some missing transitions from unconfined
2005-10-27 15:06:15 +00:00
Chris PeBenito
a525f293c3
sediff fixes
2005-10-27 14:52:37 +00:00
Chris PeBenito
fc6198ced0
fixes from sediff
2005-10-27 14:08:53 +00:00
Chris PeBenito
ce03837abe
rpc fixes from testing
2005-10-27 14:08:47 +00:00
Chris PeBenito
5abea9818a
fixes from testing
2005-10-27 13:37:36 +00:00
Chris PeBenito
4614e83fbb
more fixing
2005-10-26 21:03:19 +00:00
Don Miner
f13da83f99
Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail process would be able to start through init
2005-10-26 18:31:09 +00:00
Chris PeBenito
d1b9d9228b
another pile o fixes
2005-10-26 18:07:20 +00:00
Chris PeBenito
33acca55ce
pile o fixes
2005-10-26 16:00:13 +00:00
Chris PeBenito
f5e4f795b6
fix rpm transition
2005-10-26 13:51:33 +00:00
Chris PeBenito
e8d0a659c3
fixes from arpwatch testing
2005-10-25 20:27:08 +00:00
Chris PeBenito
7a6d427eae
a few more strays
2005-10-25 20:22:25 +00:00
Chris PeBenito
c3cf6693c7
try to fix associations
2005-10-25 20:06:27 +00:00
Chris PeBenito
b7e1825b68
privfd
2005-10-25 19:20:56 +00:00
Chris PeBenito
ccfd7b19cf
easy fixes
2005-10-25 19:03:15 +00:00
Chris PeBenito
2526a44dea
missing privloggers
2005-10-25 18:42:08 +00:00
Chris PeBenito
ee64ef496f
typo
2005-10-25 18:34:46 +00:00
Chris PeBenito
d49d524d53
initrc also uses nscd
2005-10-25 18:33:13 +00:00
Chris PeBenito
e11d2e3bfd
add missing nscd clients
2005-10-25 18:28:41 +00:00
Chris PeBenito
2aec1461b4
use our own interface to make maintenance easier
2005-10-25 18:13:47 +00:00
Chris PeBenito
7eec657c86
add default_t read back
2005-10-25 18:00:42 +00:00
Chris PeBenito
784a3bbcad
privhome implementation
2005-10-25 17:50:00 +00:00
Chris PeBenito
7b90f2db5a
testing fixes
2005-10-25 17:37:56 +00:00
Chris PeBenito
51f5c6a2ab
add dontaudit
2005-10-25 15:56:28 +00:00
Chris PeBenito
467602f5d5
system_chkpwd can winbind
2005-10-25 15:53:36 +00:00
Chris PeBenito
b0bdeb0392
syslog logs to itself?
2005-10-25 15:52:08 +00:00
Chris PeBenito
2c216c09a8
use the right interface
2005-10-25 15:41:38 +00:00
Chris PeBenito
9aca490302
some home dir fixes
2005-10-25 15:36:45 +00:00
Chris PeBenito
83e4512c33
fix up su
2005-10-25 14:31:53 +00:00
Chris PeBenito
60789e16d0
fixes
2005-10-25 02:51:07 +00:00
Chris PeBenito
28e730b8e2
module build fixes
2005-10-25 01:17:55 +00:00
Chris PeBenito
9dd50026a0
homedir fixes
2005-10-25 01:08:10 +00:00
Chris PeBenito
88dd389695
more postfix work
2005-10-25 00:00:50 +00:00
Don Miner
2192d4baa1
Moved the dbus stuff inbetween networkmanager and bind to the bind policy
2005-10-24 23:14:39 +00:00
Chris PeBenito
3df88de0ba
hide broken symptoms
2005-10-24 22:55:28 +00:00
Chris PeBenito
52e1edb35b
fix acct
2005-10-24 22:31:44 +00:00
Don Miner
d2c57395ab
Fixed an allow that should have been a dontaudit
2005-10-24 22:20:04 +00:00
Chris PeBenito
977b1d65f5
add nscd
2005-10-24 22:13:41 +00:00
Chris PeBenito
69dcd685ad
fix most disable_trans errors
2005-10-24 22:08:13 +00:00
Don Miner
f470a1e329
Added a rule to allow apache to read httpd_sys_content_t so that it can show html error messages
2005-10-24 22:01:08 +00:00
Don Miner
c11417c4df
Reduced the number of differences in amanda between the targeted and the refpolicy
2005-10-24 21:35:50 +00:00
Chris PeBenito
67167371a5
fix most of samba
2005-10-24 21:33:46 +00:00
Don Miner
bdfa8e72f0
Removed differences between refpolicy and targeted acct_t
2005-10-24 21:25:56 +00:00
Don Miner
9c4fcf666e
Removed differences between refpolicy and targeted NetworkManager_t
2005-10-24 21:25:02 +00:00
Chris PeBenito
7ebd6a9079
add proc_net lnk
2005-10-24 20:25:59 +00:00
Chris PeBenito
b4e1ebc1f0
hopefully fix su
2005-10-24 20:01:03 +00:00
Chris PeBenito
30705b6bc0
fixes
2005-10-24 19:50:21 +00:00
Chris PeBenito
9bbc757a76
more fix
2005-10-24 18:40:24 +00:00
Don Miner
0354e306b7
Fixed a problem which was allowing processes to become unconfined from initrc
2005-10-24 18:10:47 +00:00
Don Miner
dd57ca3454
Added rules to the bind policy for the named server so that it would start
2005-10-24 18:06:31 +00:00
Don Miner
57d8e6c7a3
Added signal permissions to postgres so it can start
2005-10-24 17:28:17 +00:00
Chris PeBenito
162dfc3395
corenet fixes
2005-10-24 17:06:34 +00:00
Chris PeBenito
a3754ffe12
add configuration for testing
2005-10-24 16:01:26 +00:00
Chris PeBenito
37fe0ecd85
update ranges
2005-10-24 15:52:04 +00:00
Chris PeBenito
e64b338b35
fix
2005-10-24 15:29:27 +00:00
Chris PeBenito
15fefa4958
remove bin policy and kern module assertions for now
2005-10-24 15:10:03 +00:00
Chris PeBenito
1480d3ad21
fix mls r_t
2005-10-24 14:22:13 +00:00
Chris PeBenito
34e722f3cd
more sediff
2005-10-24 14:15:29 +00:00
Don Miner
fa16f25281
Added rules to the smbd_t and the nmbd_t domains so that they would start properly
2005-10-24 12:45:16 +00:00
Chris PeBenito
1dd86c43cd
sediff fixes
2005-10-24 12:38:45 +00:00
Chris PeBenito
bb67633572
add initrc_su_t
2005-10-24 11:55:53 +00:00
Don Miner
3d37bca18f
Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start
2005-10-24 11:21:28 +00:00
Chris PeBenito
710791f1a4
more missing types
2005-10-24 03:52:35 +00:00
Chris PeBenito
19b5555f77
more fixes
2005-10-24 03:21:26 +00:00
Chris PeBenito
43989f82f8
add rpc
2005-10-24 01:53:13 +00:00
Chris PeBenito
2db2c7d099
fixes from sediff
2005-10-24 00:54:39 +00:00
Don Miner
f8964c04ba
Added a file context for httpd.pid so that it is correctly labeled
...
Added some rules to mysql to make it work
2005-10-24 00:23:12 +00:00
Chris PeBenito
f85544209a
nwmgr fixes
2005-10-23 22:46:06 +00:00
Chris PeBenito
ef5ca0fb79
add cups
2005-10-23 22:10:59 +00:00
Chris PeBenito
04926d07a8
add postfix
2005-10-23 20:18:36 +00:00
Chris PeBenito
f932d8e3cb
add spamassassin
2005-10-22 23:50:23 +00:00
Chris PeBenito
44fc06b0cb
add radius and amanda, which I forgot to ci
2005-10-22 22:51:01 +00:00
Chris PeBenito
230838e117
add pegasus
2005-10-22 21:55:39 +00:00
Chris PeBenito
a636210ef8
add dbskk
2005-10-22 21:18:03 +00:00
Chris PeBenito
ad3b9d76dc
add lpd
2005-10-22 21:09:03 +00:00
Chris PeBenito
ae1d9afb5b
simplify since alias take care of it
2005-10-22 20:06:51 +00:00
Chris PeBenito
10b1f324d5
add amanda
2005-10-22 19:58:58 +00:00
Chris PeBenito
239db5e20c
add networkmanager
2005-10-22 17:44:04 +00:00
Chris PeBenito
1f8a8bbbbd
more sediff fixes
2005-10-21 22:56:41 +00:00
Chris PeBenito
e6a2eaffdf
more fixes
2005-10-21 21:35:25 +00:00
Chris PeBenito
da4fc9ce2b
sediff fixes
2005-10-21 19:36:49 +00:00
Chris PeBenito
23a4442bf1
add xdm
2005-10-21 17:55:15 +00:00
Chris PeBenito
3509484c6f
add canna
2005-10-21 16:39:28 +00:00
Chris PeBenito
fe7b943240
fix
2005-10-21 16:19:26 +00:00
Chris PeBenito
ea557a85df
add cyrus
2005-10-21 16:18:11 +00:00
Chris PeBenito
29ce0009bc
add dovecot
2005-10-21 15:38:22 +00:00
Chris PeBenito
cf6141a72e
fix corenetwork generation and add distcc
2005-10-21 13:11:17 +00:00
Chris PeBenito
4e69c1c423
obj class typo for certs
2005-10-20 19:28:27 +00:00
Chris PeBenito
de764944d8
targeted policy fixes
2005-10-19 19:45:20 +00:00
Chris PeBenito
af4752bcb9
targeted and distro fixes for loadable modules
2005-10-19 16:44:24 +00:00
Chris PeBenito
0efe52ae99
fix last loadable module problems
2005-10-19 14:36:04 +00:00
Chris PeBenito
90c3ddefe3
fix requires
2005-10-19 13:11:49 +00:00
Chris PeBenito
12ae7557d3
piles of fixes for loadable modules
2005-10-18 18:25:33 +00:00
Chris PeBenito
c3812748c3
misc fixes
2005-10-18 15:07:11 +00:00
Chris PeBenito
c3a05c9f5a
fix error uncovered by sechecker
2005-10-17 20:00:20 +00:00
Chris PeBenito
e749cd12a6
wrap up almost all of apache
2005-10-17 17:55:38 +00:00
Chris PeBenito
e08118a52f
add ppp
2005-10-14 20:00:07 +00:00
Chris PeBenito
fe9d17fe14
more merging from 1.27.1-15
2005-10-14 18:42:42 +00:00
Chris PeBenito
d8636fc937
more merging from 1.27.1-15
2005-10-14 17:55:40 +00:00
Chris PeBenito
77f6e2cd27
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
Chris PeBenito
b1421d8712
add some docs, do some reordering
2005-10-12 21:25:16 +00:00
Chris PeBenito
c4bf979302
start adding perm sets with refpol names
2005-10-12 18:17:10 +00:00
Chris PeBenito
4c71994852
add missing interface
2005-10-12 17:32:41 +00:00
Chris PeBenito
be4690a5ae
add in last bits of webalizer
2005-10-12 17:22:25 +00:00
Chris PeBenito
c2b18fa1f3
more apache work
2005-10-12 16:23:22 +00:00
Chris PeBenito
799a0b43cd
add mailman
2005-10-11 15:36:53 +00:00
Chris PeBenito
f33561f560
add webalizer and sasl
2005-10-10 18:50:08 +00:00
Chris PeBenito
4483ee849c
add apm and arpwatch. fix implementation error on fs_getattr_all_files,
...
splitting it up into correct interfaces.
2005-10-10 18:11:46 +00:00
Chris PeBenito
d4dca58511
add finger and bluetooth
2005-10-07 21:45:04 +00:00
Chris PeBenito
9d3e339e82
partial mailman merge
2005-10-07 19:35:36 +00:00
Chris PeBenito
99505c1c89
fix files_exec_usr_src_files
2005-10-07 18:48:43 +00:00
Chris PeBenito
4f9f30c8df
* Updated to sedoctool to read bool files and tunable
...
files separately.
* Changed the xml tag of <boolean> to <bool> to be consistent
with gen_bool().
* Modified the implementation of segenxml to use regular
expressions.
2005-10-07 18:08:50 +00:00
Chris PeBenito
e02c61cfa4
rename context_template() to gen_context()
2005-10-06 19:33:06 +00:00
Chris PeBenito
6e99a6cfd1
more apache work
2005-10-05 21:17:22 +00:00
Chris PeBenito
fc6524d746
add ftp
2005-10-05 19:52:53 +00:00
Chris PeBenito
5bc9f3061b
fix comment
2005-10-05 19:10:31 +00:00
Chris PeBenito
f4d7fdcfaf
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
Chris PeBenito
a996bdf4ad
add most of apache
2005-09-29 20:59:00 +00:00
Chris PeBenito
a5ec7cb6c4
more pieces of ftp
2005-09-29 13:32:28 +00:00
Chris PeBenito
a2868f6eae
start adding secure_file_type implementation
2005-09-28 19:07:22 +00:00
Chris PeBenito
79cde317df
add winbind
2005-09-28 18:22:58 +00:00
Chris PeBenito
6942484b6f
add in a couple missing rules
2005-09-28 18:10:48 +00:00
Chris PeBenito
246a604273
add in a few parts of ftp
2005-09-27 22:29:45 +00:00
Chris PeBenito
20e306e2de
add dmidecode
2005-09-27 21:24:01 +00:00
Chris PeBenito
b03f960ece
add disable_trans support
2005-09-27 20:17:50 +00:00
Chris PeBenito
1f91e1bfe5
a few conditional cleanups
2005-09-27 19:40:44 +00:00
Chris PeBenito
f0574fa9aa
add mls privileges
2005-09-26 20:26:32 +00:00
Chris PeBenito
6d788d87d1
comment fix
2005-09-26 20:24:44 +00:00
Chris PeBenito
9edc289521
add anaconda
2005-09-23 22:15:04 +00:00
Chris PeBenito
b9ae3aab39
rework nis_use_ypbind since optionals dont work in conditionals
2005-09-23 22:14:54 +00:00
Chris PeBenito
fa67570d9a
add radvd, plus a few cleanups from sediff
2005-09-23 21:20:03 +00:00
Chris PeBenito
842859260c
add kudzu
2005-09-23 19:38:34 +00:00
Chris PeBenito
0058418017
remove classes from gen_requires, and disable net_raw for now
2005-09-23 15:37:41 +00:00
Chris PeBenito
681c9a02e7
fixes from sediff
2005-09-22 21:59:50 +00:00
Chris PeBenito
f7ba4a8963
add uucp
2005-09-22 16:27:52 +00:00
Chris PeBenito
b53f93a41f
testing fixes
2005-09-22 15:32:53 +00:00
Chris PeBenito
08c5c972cf
fix for targeted
2005-09-22 14:14:25 +00:00
Chris PeBenito
25c6746156
loadable module compile fixes
2005-09-21 20:01:40 +00:00
Chris PeBenito
142e9f40ea
targeted and redhat cleanups
2005-09-21 14:49:41 +00:00
Chris PeBenito
0e15cdfb50
change monolithic_policy to self_contained_policy for clarity
2005-09-21 13:26:30 +00:00
Chris PeBenito
3774e4eb28
todo cleanup
2005-09-20 20:48:17 +00:00
Chris PeBenito
93070cbaed
add cvs
2005-09-20 18:49:13 +00:00
Chris PeBenito
9210553ecb
add cpucontrol
2005-09-20 18:15:35 +00:00
Chris PeBenito
4fd5201a59
add rlogin and telnet
2005-09-20 17:11:53 +00:00
Chris PeBenito
200f453ff5
add stunnel
2005-09-20 13:47:36 +00:00
Chris PeBenito
a1fcff33f2
final updates from nsa cvs
2005-09-19 21:17:45 +00:00
Chris PeBenito
41c4800de4
a few module compile fixes
2005-09-19 14:18:48 +00:00
Chris PeBenito
cf6a7d8993
more upstream merging
2005-09-16 21:20:37 +00:00
Chris PeBenito
cff75c90ca
more upstream merging
2005-09-16 19:36:10 +00:00
Chris PeBenito
40adb57f47
add tftp
2005-09-16 15:18:09 +00:00
Chris PeBenito
ccc5978224
add snmp
2005-09-16 14:54:36 +00:00
Chris PeBenito
a0824843c2
more merging from nsa cvs
2005-09-16 13:36:26 +00:00
Chris PeBenito
98a8ead4c5
more updates
2005-09-15 21:03:29 +00:00
Chris PeBenito
605ba28540
more merging from nsa cvs
2005-09-15 15:34:31 +00:00
Chris PeBenito
5a2649cefd
cleanup
2005-09-14 19:27:30 +00:00
Chris PeBenito
84c92239d4
add samba
2005-09-14 18:33:53 +00:00
Chris PeBenito
4479b31614
require fix
2005-09-14 15:41:46 +00:00
Chris PeBenito
71fe0fa4c5
fixes for module compiling
2005-09-14 00:30:10 +00:00
Chris PeBenito
0907bda1e0
more merging of NSA CVS policy
2005-09-13 13:06:07 +00:00
Chris PeBenito
2705f9a0f3
begin merging in upstream NSA CVS changes
2005-09-12 21:40:56 +00:00
Chris PeBenito
712566ee41
fixes to make base module compilable
2005-09-12 15:17:39 +00:00
Chris PeBenito
2e863f8ad0
add first part of changes to make base module compilable
2005-09-09 20:51:54 +00:00
Chris PeBenito
0fdf3ef75e
fix sshd to use initrc transition while typeattribute in conditionals is still broken
2005-09-09 20:49:59 +00:00
Chris PeBenito
9ff3003346
add zebra. change ssh to default to initrc transition instead of inetd while typeattribute in conditionals doesnt work
2005-09-09 13:24:11 +00:00
Chris PeBenito
eb3cb6820a
add portmap
2005-09-08 17:12:38 +00:00
Chris PeBenito
d17b4d2323
add ktalk
2005-09-08 13:42:13 +00:00
Chris PeBenito
9b06402eaf
add missing rules of other domains using inn
2005-09-08 13:23:11 +00:00
Chris PeBenito
763a5e30c6
misc fixes
2005-09-07 13:31:37 +00:00
Chris PeBenito
8d93523409
add inn
2005-09-06 18:37:27 +00:00
Chris PeBenito
603f90ab9d
misc fixes
2005-09-05 18:17:17 +00:00
Chris PeBenito
b11a75a5e3
add ntp
2005-09-05 16:47:19 +00:00
Chris PeBenito
ce1b44aac4
typo
2005-09-02 20:55:17 +00:00
Chris PeBenito
ac0483aefe
add dictd
2005-09-02 20:50:54 +00:00
Chris PeBenito
fdae8e755e
add hal
2005-09-02 20:29:52 +00:00
Chris PeBenito
f344c0f38e
move dhcpd to dhcp
2005-09-02 19:18:43 +00:00
Chris PeBenito
0f707d52ab
add squid
2005-09-02 19:11:07 +00:00
Chris PeBenito
7c8fc35b14
add dhcpd
2005-09-02 14:52:08 +00:00
Chris PeBenito
9d3bdc25af
fix bugs uncovered from sediff
2005-09-01 20:13:42 +00:00
Chris PeBenito
c0d1566a13
move rhgb_domain into TODO so modules can compile as binary modules
2005-09-01 13:52:59 +00:00
Chris PeBenito
631ee4d3cf
finish remaining dbus bits
2005-09-01 13:34:45 +00:00
Chris PeBenito
0c3d170578
add dbus
2005-08-31 20:58:12 +00:00
Chris PeBenito
6af06cd8b6
fix typos
2005-08-31 16:54:19 +00:00
Chris PeBenito
768283ac46
cosmetics
2005-08-31 16:49:30 +00:00
Chris PeBenito
6e61566dba
add comsat. clean up kerberos and nscd interfaces
2005-08-31 15:25:12 +00:00
Chris PeBenito
246839f3d2
fix up most of mta attribute insanity
2005-08-30 20:47:41 +00:00
Chris PeBenito
451c1e3d59
send user role to per userdomain templates. update templated interfaces
...
to have the prefix be the first argument
2005-08-30 15:48:57 +00:00
Chris PeBenito
e5d45268fd
make corecommands required
2005-08-30 14:41:52 +00:00
Chris PeBenito
9439a25899
update config, switch most to module
2005-08-26 13:30:59 +00:00
Chris PeBenito
2a94561a89
start adding in templated interfaces
2005-08-25 20:27:20 +00:00
Chris PeBenito
6d12276bf5
fix quoting
2005-08-24 20:18:28 +00:00
Chris PeBenito
3110dec4f3
fix tunables
2005-08-24 20:00:10 +00:00
Chris PeBenito
82024f9942
do bools until loadable modules support tunables
2005-08-24 18:30:47 +00:00
Chris PeBenito
d83fdad248
add bind
2005-08-23 17:26:19 +00:00
Chris PeBenito
902be0ae21
add privoxy
2005-08-22 21:49:27 +00:00
Chris PeBenito
35ecf83839
add rsync
2005-08-22 21:17:10 +00:00
Chris PeBenito
f9b11e9615
add howl
2005-08-22 20:43:20 +00:00
Chris PeBenito
4b8c5489ec
move require to right position, for modular policy
2005-08-22 20:18:42 +00:00
Chris PeBenito
c04f2abe88
complete infrastructure support for building modules
2005-08-22 17:07:17 +00:00
Chris PeBenito
db93d707c5
mark userpace object classes
2005-08-22 14:13:19 +00:00
Chris PeBenito
f6e28abbab
moved to selinux module
2005-08-19 20:05:02 +00:00
Chris PeBenito
fb0a3a98c6
initial support for compiling loadable modules
2005-08-18 21:27:20 +00:00
Chris PeBenito
f862c35c37
add gpm
2005-08-17 21:28:31 +00:00
Chris PeBenito
2961e79b55
add ldap
2005-08-17 18:33:43 +00:00
Chris PeBenito
23ca91f8bb
cleanup
2005-08-17 17:31:57 +00:00
Chris PeBenito
545b0c9176
add rshd
2005-08-17 15:23:24 +00:00
Chris PeBenito
57a96cbd0b
add firstboot
2005-08-17 14:14:07 +00:00
Chris PeBenito
2d803edc73
more debian cleanup
2005-08-17 14:09:29 +00:00
Chris PeBenito
4806a05cfb
fix broken xml of previous commit
2005-08-15 19:35:20 +00:00
Chris PeBenito
5f38a65aab
try to knock out more of the distro_debian bootloader stuff
2005-08-15 19:31:37 +00:00
Chris PeBenito
21468a6076
add loadkeys
2005-08-15 14:46:17 +00:00
Chris PeBenito
8843093607
more comments
2005-08-12 19:28:30 +00:00
Chris PeBenito
f0b1efa2a2
all dev nodes assoc to tmpfs, since most everyone is moving to udev
2005-08-12 19:28:15 +00:00
Chris PeBenito
35b494789d
fix some udev naming
2005-08-12 18:13:03 +00:00
Chris PeBenito
aae06c1306
fix system spool file problem
2005-08-12 17:54:55 +00:00
Chris PeBenito
f7ebea06e3
finalize desc -> summary xml change
2005-08-11 17:46:39 +00:00
Chris PeBenito
4aa0dc20b4
add tcpd
2005-08-11 15:17:13 +00:00
Chris PeBenito
052c953ae5
add quota
2005-08-11 14:49:58 +00:00
Chris PeBenito
5a3895a9f6
tabbing fix
2005-08-11 14:35:52 +00:00
Chris PeBenito
e784300a62
add sudo
2005-08-09 19:30:43 +00:00
Chris PeBenito
b9d7d70b33
add template xml
2005-08-09 19:21:25 +00:00
Chris PeBenito
9489149ec0
add su
2005-08-08 21:03:23 +00:00
Chris PeBenito
9465452eec
fix gen_user comment for more clarity
2005-08-08 18:13:56 +00:00
Chris PeBenito
dce68dc48d
add updfstab
2005-08-08 15:51:15 +00:00
Chris PeBenito
f5e321b0f0
fix xml tags
2005-08-08 15:43:20 +00:00
Chris PeBenito
7057c18db0
a few more ssh touchups
2005-08-05 18:49:23 +00:00
Chris PeBenito
ed78ea0034
add tmpreaper
2005-08-05 15:32:27 +00:00
Chris PeBenito
9a66d4e562
add acct
2005-08-05 14:32:12 +00:00
Chris PeBenito
3fd8336882
misc cleanup
2005-08-04 20:54:51 +00:00
Chris PeBenito
42be7c214d
add mysql
2005-08-03 17:56:26 +00:00
Chris PeBenito
046a21da80
search sbin dirs to find the pgms
2005-08-03 17:43:41 +00:00
Chris PeBenito
81343a6f90
* Rename ipsec connect interface for consistency.
...
* Add missing parts of unix stream socket connect interface
of ipsec.
* Rename inetd connect interface for consistency.
2005-08-03 15:16:33 +00:00
Chris PeBenito
bbdbdb9edf
fix stray line that got out of TODO
2005-07-29 15:07:15 +00:00
Chris PeBenito
e5590ea5ec
work on user transition
2005-07-28 20:52:55 +00:00
Chris PeBenito
022f61c0e3
add connect interface on ports to handle name_connect tcp perm
2005-07-22 15:38:01 +00:00
Chris PeBenito
50527cf581
make network_interface able to support multiple interfaces having the same type
2005-07-22 14:00:38 +00:00
Chris PeBenito
953541a918
update from privmail
2005-07-21 20:34:57 +00:00
Chris PeBenito
80526ccbdd
add an example module config for a targeted policy
2005-07-20 20:11:49 +00:00
Chris PeBenito
ea7d571bd7
/var/lib is now a mountpoint
2005-07-20 17:36:48 +00:00
Chris PeBenito
53857c8c05
unconfined can pass all constraints
2005-07-20 17:24:23 +00:00
Chris PeBenito
ef424c14d4
name_connect only on tcp_sockets
2005-07-20 17:10:07 +00:00
Chris PeBenito
9496fd5119
unconfined can name_connect to all ports
2005-07-20 17:08:07 +00:00
Chris PeBenito
d250634311
reorder kernel policy, add attributes for sysctl and proc entries. fix unconfined interface
2005-07-20 17:06:10 +00:00
Chris PeBenito
f82c6ac64c
bah typo
2005-07-20 15:08:33 +00:00
Chris PeBenito
0b28a23114
user home dirs were missing file type in targ policy
2005-07-20 15:06:49 +00:00
Chris PeBenito
1e3f610b3b
add missing dir and file perms for selinuxfs in unconfined
2005-07-20 14:57:13 +00:00