rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
1,148 Commits 8 Branches 90 Tags 36 MiB
Commit Graph

929 Commits

Author SHA1 Message Date
Daniel J Walsh f5a104d238 - Allow sendmail to request kernel modules load 2009-09-24 23:30:16 +00:00
Daniel J Walsh 4c2f298bf2 - Fix all kernel_request_load_module domains 2009-09-22 12:49:53 +00:00
Daniel J Walsh 405a74c394 - Fix all kernel_request_load_module domains 2009-09-21 13:55:41 +00:00
Daniel J Walsh 41f8e385a1 - Remove allow_exec* booleans for confined users. Only available for 
unconfined_t
 2009-09-20 14:32:30 +00:00
Daniel J Walsh 8323d545c4 - More fixes for sandbox_web_t 2009-09-19 02:03:03 +00:00
Daniel J Walsh ab462917cf - Allow sshd to create .ssh directory and content 2009-09-18 22:12:25 +00:00
Daniel J Walsh d53d158d2b - Fix request_module line to module_request 2009-09-18 20:44:00 +00:00
Daniel J Walsh 1fb0a98434 - Fix sandbox policy to allow it to run under firefox. 
- Dont audit leaks.
 2009-09-18 16:20:05 +00:00
Daniel J Walsh 9de7033708 - Fixes for sandbox 2009-09-17 21:41:30 +00:00
Daniel J Walsh 69290fd9df - Update to upstream 
- Dontaudit nsplugin search /root
- Dontaudit nsplugin sys_nice
 2009-09-16 17:50:32 +00:00
Daniel J Walsh 23e7082b4b - Fix label on /usr/bin/notepad, /usr/sbin/vboxadd-service 
- Remove policycoreutils-python requirement except for minimum
 2009-09-15 21:45:12 +00:00
Daniel J Walsh 6b7b0c1cdc - Fix devicekit_disk_t to getattr on all domains sockets and fifo_files 
- Conflicts seedit (You can not use selinux-policy-targeted and seedit at
    the same time.)
 2009-09-15 18:26:13 +00:00
Daniel J Walsh e20e351e10 - Add wordpress/wp-content/uploads label 
- Fixes for sandbox when run from staff_t
 2009-09-11 21:15:35 +00:00
Daniel J Walsh ddc8588081 - Update to upstream 
- Fixes for devicekit_disk
 2009-09-10 15:38:44 +00:00
Daniel J Walsh ab8f807545 - More fixes 2009-09-09 21:08:02 +00:00
Daniel J Walsh b8498d1e5b - More fixes 2009-09-08 23:55:31 +00:00
Daniel J Walsh 123ae9957d - Lots of fixes for initrc and other unconfined domains 2009-09-08 14:30:36 +00:00
Daniel J Walsh 72bc25da0e - Allow xserver to use netlink_kobject_uevent_socket 2009-09-07 01:29:07 +00:00
Daniel J Walsh 1a2981be4a - Dontaudit setroubleshootfix looking at /root directory 2009-09-02 13:33:15 +00:00
Daniel J Walsh 65c3f9a0a8 - Update to upsteam 2009-08-31 21:27:50 +00:00
Daniel J Walsh cb5670ca1b - Allow gssd to send signals to users 
- Fix duplicate label for apache content
 2009-08-31 13:39:37 +00:00
Daniel J Walsh faf9cbbc4b - Update to upstream 2009-08-28 20:55:16 +00:00
Daniel J Walsh 38d427a08f - Remove polkit_auth on upgrades 2009-08-28 18:56:15 +00:00
Daniel J Walsh 42f9effee7 - Add back in unconfined.pp and unconfineduser.pp 
- Add Sandbox unshare
 2009-08-26 20:19:02 +00:00
Daniel J Walsh 07c04f81b6 - Add back in unconfined.pp and unconfineduser.pp 2009-08-26 14:02:27 +00:00
Daniel J Walsh 89e3546337 - Fixes for cdrecord, mdadm, and others 2009-08-26 12:12:39 +00:00
Daniel J Walsh 080ce6f2c8 - Add capability setting to dhcpc and gpm 2009-08-23 13:55:48 +00:00
Daniel J Walsh 8e64d7d393 - Allow cronjobs to read exim_spool_t 2009-08-22 11:51:13 +00:00
Daniel J Walsh c5f5b5dbcb - Add ABRT policy 2009-08-21 22:58:28 +00:00
Daniel J Walsh e3dd4912ce - Fix system-config-services policy 2009-08-20 17:48:51 +00:00
Daniel J Walsh fc8ff2feac - Allow libvirt to change user componant of virt_domain 2009-08-20 00:02:37 +00:00
Daniel J Walsh 40243d944f - Allow cupsd_config_t to be started by dbus 
- Add smoltclient policy
 2009-08-18 22:43:34 +00:00
Daniel J Walsh 9c270225e5 - Add policycoreutils-python to pre install 2009-08-18 12:34:26 +00:00
Daniel J Walsh b2c5e72a15 - Make all unconfined_domains permissive so we can see what AVC's happen 2009-08-13 22:33:07 +00:00
Daniel J Walsh 7fe210d864 - Add pt_chown policy 2009-08-12 20:10:51 +00:00
Daniel J Walsh 867473ac62 - Add kdump policy for Miroslav Grepl 
- Turn off execstack boolean
 2009-08-10 18:22:10 +00:00
Bill Nottingham ac7bbfa65a - Turn on execstack on a temporary basis (#512845) 2009-08-07 19:36:54 +00:00
Daniel J Walsh 4de3826dbf - Allow nsplugin to connecto the session bus 
- Allow samba_net to write to coolkey data
 2009-08-07 11:51:54 +00:00
Daniel J Walsh e21330348f - Allow devicekit_disk to list inotify 2009-08-05 21:31:17 +00:00
Daniel J Walsh 4816e90c52 - Allow svirt images to create sock_file in svirt_var_run_t 2009-08-05 20:37:39 +00:00
Daniel J Walsh 4673269d66 - Allow exim to getattr on mountpoints 
- Fixes for pulseaudio
 2009-08-04 11:32:06 +00:00
Daniel J Walsh 947b439e10 - Allow svirt_t to stream_connect to virtd_t 2009-07-31 19:05:34 +00:00
Daniel J Walsh af4fa8266c - Allod hald_dccm_t to create sock_files in /tmp 2009-07-31 11:02:24 +00:00
Daniel J Walsh abd1536931 - More fixes from upstream 2009-07-30 20:30:26 +00:00
Daniel J Walsh c6e2224c70 - Fix polkit label 
- Remove hidebrokensymptoms for nss_ldap fix
- Add modemmanager policy
- Lots of merges from upstream
- Begin removing textrel_shlib_t labels, from fixed libraries
 2009-07-30 04:31:53 +00:00
Daniel J Walsh 3750561a72 - Update to upstream 2009-07-28 19:08:17 +00:00
Daniel J Walsh 9160520a0e - Allow certmaster to override dac permissions 2009-07-27 22:09:57 +00:00
Daniel J Walsh df7055d5b3 - Update to upstream 2009-07-23 21:47:41 +00:00
Daniel J Walsh 8da0248476 - Fix context for VirtualBox 2009-07-19 16:04:30 +00:00
Daniel J Walsh 2360ff9f3f - Update to upstream 2009-07-15 19:12:04 +00:00