rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5,187 Commits 8 Branches 93 Tags 37 MiB
f8d85476fd
Commit Graph

5187 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris PeBenito
924f3cc2cb trunk: add getserv and shmemserv nscd permissions. 2007-07-24 19:52:18 +00:00
Daniel J Walsh
fc4c7497a7 - Fix prelink to handle execmod 2007-07-24 19:43:20 +00:00
Daniel J Walsh
0f8f545d1a - Fix prelink to handle execmod 2007-07-24 14:39:01 +00:00
Daniel J Walsh
e0ae206813 - Add ntpd_key_t to handle secret data 2007-07-23 20:34:22 +00:00
Daniel J Walsh
2ced404c55 - Add anon_inodefs 
- Allow unpriv user exec pam_exec_t
- Fix trigger
 2007-07-23 16:00:09 +00:00
Chris PeBenito
708aab1393 trunk: fix targeted sshd. When the domain was unaliased from unconfined_t, a transition to unconfined_t was not added. 2007-07-20 18:25:26 +00:00
Daniel J Walsh
779d23c7e4 - Allow cups to use generic usb 
- fix inetd to be able to run random apps (git)
 2007-07-20 15:13:37 +00:00
Daniel J Walsh
6178b36c7d - Add proper contexts for rsyslogd 2007-07-20 12:31:52 +00:00
Daniel J Walsh
908512cccc - Add proper contexts for rsyslogd 2007-07-19 20:55:20 +00:00
Chris PeBenito
d46cfe45cd trunk: add application module 2007-07-19 18:57:48 +00:00
Chris PeBenito
6929521e0a trunk: fix missed netlabel deprecation 2007-07-19 15:11:19 +00:00
Daniel J Walsh
297dd1a900 - Allow execution of gconf 2007-07-19 14:45:16 +00:00
Daniel J Walsh
8675561212 - Allow execution of gconf 2007-07-19 14:37:59 +00:00
Daniel J Walsh
dac6d67c8c - Fix moilscanner update problem 2007-07-16 15:54:21 +00:00
Daniel J Walsh
1d03199c5e - Fix moilscanner update problem 2007-07-14 12:56:45 +00:00
Daniel J Walsh
7e3506426b - Begin adding policy to separate setsebool from semanage 
- Fix xserver.if definition to not break sepolgen.if
 2007-07-12 21:37:30 +00:00
Daniel J Walsh
16d9531977 - Fix xserver.if definition to not break sepolgen.if 2007-07-12 14:44:32 +00:00
Daniel J Walsh
2796de2a45 - Add new devices 2007-07-11 20:45:02 +00:00
Daniel J Walsh
154d8231c3 - Add brctl policy 2007-07-11 19:44:56 +00:00
Daniel J Walsh
501a17b8b2 - Fix root login to include system_r 2007-07-06 19:23:20 +00:00
Daniel J Walsh
35e7f77fea - Allow prelink to read kernel sysctls 2007-07-06 19:09:19 +00:00
Daniel J Walsh
af677794a8 - Default to user_u:system_r:unconfined_t 2007-07-03 19:20:47 +00:00
Daniel J Walsh
b267b6f201 - Default to user_u:system_r:unconfined_t 2007-07-02 20:32:38 +00:00
Chris PeBenito
f80a0e4f25 trunk: Add debian apcupsd binary location, from Stefan Schulze Frielinghaus. 2007-07-02 15:25:46 +00:00
Daniel J Walsh
b529ed6a06 - Default to user_u:system_r:unconfined_t 2007-07-02 15:00:50 +00:00
Daniel J Walsh
2fdb5fd7c6 - fix squid 
- Fix rpm running as uid
 2007-07-02 01:58:41 +00:00
Daniel J Walsh
1b77809f5e - fix squid 
- Fix rpm running as uid
 2007-07-02 01:49:51 +00:00
Chris PeBenito
970122ca12 trunk: updated version and changelog for release 2007-06-29 15:30:58 +00:00
Chris PeBenito
116c1da330 trunk: update module version numbers for release. 2007-06-29 14:48:13 +00:00
Chris PeBenito
113b4fc4a2 Fix incorrectly named files_lib_filetrans_shared_lib() interface in the libraries module. 2007-06-28 17:25:46 +00:00
Chris PeBenito
4231988555 trunk: add templates to tags generation 2007-06-28 13:13:55 +00:00
Chris PeBenito
e5e55ace89 trunk, strict-targeted-merge: add mmap_zero to xserver domains. 2007-06-28 12:34:08 +00:00
Daniel J Walsh
b786a2b04a - Fix syslog declaration 2007-06-27 19:48:33 +00:00
Chris PeBenito
f5842c1fa5 trunk: minor amanda update from dan 2007-06-27 19:19:20 +00:00
Daniel J Walsh
7f44213c00 - Allow avahi to access inotify 
- Remove a lot of bogus security_t:filesystem avcs
 2007-06-27 18:12:03 +00:00
Daniel J Walsh
1afb424363 - Allow avahi to access inotify 
- Remove a lot of bogus security_t:filesystem avcs
 2007-06-27 18:11:43 +00:00
Chris PeBenito
7b61fe506d trunk: add rpcbind from dan 2007-06-27 16:31:55 +00:00
Chris PeBenito
1900668638 trunk: Unified labeled networking policy from Paul Moore. 
The latest revision of the labeled policy patches which enable both labeled 
and unlabeled policy support for NetLabel.  This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access.  The older, transport layer specific interfaces, are still  
present for use by third-party modules but are not used in the default policy
modules.

trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.

This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
 2007-06-27 15:23:21 +00:00
Chris PeBenito
2c3ac47d45 trunk: pyzor and clamav updates from dan 2007-06-26 18:43:11 +00:00
Chris PeBenito
22bff65f4d trunk: fix typo in vmware.fc 2007-06-26 14:31:31 +00:00
Daniel J Walsh
269acb5ee8 - Remove ifdef strict policy from upstream 2007-06-26 12:09:30 +00:00
Daniel J Walsh
628851b917 - Remove ifdef strict policy from upstream 2007-06-26 11:15:55 +00:00
Daniel J Walsh
ac2f96f26e - Remove ifdef strict policy from upstream 2007-06-26 10:16:54 +00:00
Daniel J Walsh
a4ec9b75e1 - Remove ifdef strict policy from upstream 2007-06-22 19:21:00 +00:00
Chris PeBenito
02f2c3e979 trunk: nagios update from dan 2007-06-21 17:23:19 +00:00
Chris PeBenito
a90a256f64 trunk: procmail tweak from dan. 2007-06-21 14:54:34 +00:00
Chris PeBenito
7f089782ae trunk: xen updates from dan 2007-06-21 13:36:05 +00:00
Chris PeBenito
92d1ade254 trunk: trivial gentoo tweaks 2007-06-20 20:08:26 +00:00
Chris PeBenito
5bf9deb5bb trunk: 3 patches from dan 2007-06-20 19:47:10 +00:00
Chris PeBenito
99b5a56cb6 trunk: radius one-liner from dan 2007-06-20 15:03:55 +00:00