rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5,187 Commits 8 Branches 93 Tags 37 MiB
f8d85476fd
Commit Graph

5187 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris PeBenito
8021cb4f63 Merge sbin_t and ls_exec_t into bin_t. 2007-03-23 23:24:59 +00:00
Chris PeBenito
ab514d6a89 remove disable_trans booleans 2007-03-23 21:01:49 +00:00
Chris PeBenito
e9b0042f35 Output different header sets for kernel and userland from flask headers. 2007-03-23 20:32:23 +00:00
Chris PeBenito
1852cdabce deprecated pax class 2007-03-23 20:21:06 +00:00
Daniel J Walsh
145e8d73ba - Allow samba to run groupadd 2007-03-23 17:31:13 +00:00
Daniel J Walsh
f040ac5fd3 - Allow samba to run groupadd 2007-03-23 15:42:50 +00:00
Daniel J Walsh
f634733f95 - Update to upstream 2007-03-23 14:32:31 +00:00
Chris PeBenito
5f5b7a1ec6 network fix from dan 2007-03-22 14:33:00 +00:00
Chris PeBenito
cc9130b90a one-liner from dan 2007-03-22 14:01:55 +00:00
Daniel J Walsh
281f5f5a50 - Fix labeling on udev.tbl dirs 2007-03-22 10:40:53 +00:00
Chris PeBenito
19fd9301e6 patch from dan to have ricci modstorage transition to lvm 2007-03-21 20:02:50 +00:00
Chris PeBenito
d17bab02cc stop adding netfilter contexts, as decided at the developers summit 2007-03-21 19:40:55 +00:00
Chris PeBenito
cd3ee91a4b add fail2ban from dan 2007-03-21 15:51:52 +00:00
Daniel J Walsh
552645bad0 - Fixes for logwatch 2007-03-21 03:39:06 +00:00
Daniel J Walsh
593fb16ef5 - Add fusermount and mount_ntfs policy 2007-03-20 20:45:45 +00:00
Chris PeBenito
efcf9df253 kudzu will telinit to make init re-read the inittab after configuring serial consoles 2007-03-20 19:00:35 +00:00
Chris PeBenito
a5f5eba459 Add dontaudits for init fds and console to init_daemon_domain(). 2007-03-20 18:47:18 +00:00
Daniel J Walsh
9d59ec430e - Update to upstream 
- Allow saslauthd to use kerberos keytabs
 2007-03-20 16:22:25 +00:00
Daniel J Walsh
d3aabaedb4 2007-03-20 15:01:28 +00:00
Daniel J Walsh
741e816e8e - Fixes for samba_var_t 2007-03-19 19:33:06 +00:00
Chris PeBenito
4832f0e066 create user gpg keys dir patch from dan 2007-03-19 19:10:43 +00:00
Chris PeBenito
93784927ca add kvmfs support, from dan 2007-03-19 18:48:14 +00:00
Chris PeBenito
7200146ea8 trivial patch for radius from dan 2007-03-19 18:42:57 +00:00
Chris PeBenito
86b28c9594 trivial patch from dan for sysstat access to sysfs 2007-03-19 18:38:54 +00:00
Chris PeBenito
e66689f7be other part of consolekit addition 2007-03-19 18:36:36 +00:00
Chris PeBenito
c224d91c7b from Dan: 
This is a new policy for the User Switching capability coming in gnome.

consolekit is a daemon that communicates with xdm_t and hal through dbus to change the
ownership/access on certain devices when the login session changes from one user to another
 2007-03-19 18:01:15 +00:00
Chris PeBenito
6c20f77e80 patch from Dan for sudo: 
sudo should be able to getattr on all executables not just 
bin_t/sbin_t.  Confined executeables run from sudo need this.

sudo_exec_t needs to be marked as exec_type so prelink will work correctly.

sudo semanage should work
 2007-03-19 16:32:44 +00:00
Daniel J Walsh
db4f0ec7b9 - Remove disable_trans booleans 
- hald_acl_t needs to talk to nscd
 2007-03-19 14:51:28 +00:00
Daniel J Walsh
2823e28d58 - Remove enable_audit booleans 
- hald_acl_t needs to talk to nscd
 2007-03-19 14:42:08 +00:00
Daniel J Walsh
2f82eed685 - Fix prelink to be able to manage usr dirs. 2007-03-16 03:14:13 +00:00
Daniel J Walsh
9468a641a6 - Allow insmod to launch init scripts 2007-03-14 12:48:09 +00:00
Daniel J Walsh
271752a5ca - Remove setsebool policy 2007-03-13 17:46:34 +00:00
Daniel J Walsh
bdb7f99f00 - Fix handling of unlabled_t packets 2007-03-12 14:51:29 +00:00
Daniel J Walsh
26a701e5d2 - More of my patches from upstream 2007-03-12 12:50:27 +00:00
Daniel J Walsh
2a9b648b37 - More of my patches from upstream 2007-03-11 05:19:36 +00:00
Chris PeBenito
b50f2ee48d It was just pointed out to me that the raw IP socket class is missing from the 
recvfrom MLS constraint.

Signed-off-by: Paul Moore
 2007-03-09 14:45:19 +00:00
Chris PeBenito
0cca516db7 fix for rh bug 203290 2007-03-08 19:01:21 +00:00
Chris PeBenito
b5a6c86f46 last bit of dans patch 2007-03-08 17:53:52 +00:00
Chris PeBenito
cdc91b9aeb Patch for handling restart of nscd when ran from useradd, groupadd, and admin passwd, from Dan Walsh. 2007-03-08 15:14:45 +00:00
Chris PeBenito
59bedc1886 procmail uses /tmp files 
Wants to send signull to itself
Can exec ls
Read spamassinn_lib_dirs
New directory for spamassin /var/lib/
pyzor uses tmp files
 2007-03-07 21:33:22 +00:00
Chris PeBenito
7aefc69117 trivial change from dan 2007-03-06 17:44:26 +00:00
Chris PeBenito
7aca2aa827 setroubleshoot has a plugin that checks the file context on disk versus a matchpathcon. So needs additional privs 2007-03-06 17:16:08 +00:00
Chris PeBenito
c23eb5b1c4 Patch for gssd fixes from Dan Walsh 2007-03-06 16:18:59 +00:00
Chris PeBenito
c5561c777d patches for lvm and ricci fixes from Dan Walsh. 2007-03-06 15:35:02 +00:00
Daniel J Walsh
1fed4c745c - Update to latest from upstream 
- Add fail2ban policy
 2007-03-01 21:57:47 +00:00
Chris PeBenito
f2c69c47b3 lmtp and smtp are the same file require same context of setfiles complains 
postfix_pickup_t wants to read postfix_spool_maildrop_t dir
 2007-03-01 20:41:19 +00:00
Daniel J Walsh
9a8202d585 - Update to latest from upstream 
- Add fail2ban policy
 2007-03-01 16:30:20 +00:00
Chris PeBenito
ecc98e19e3 patches for file contexts in networkmanager, miscfiles, corecommands, devices, and java from Dan Walsh. 2007-03-01 15:43:39 +00:00
Daniel J Walsh
5ad70cf38c - Update to remove security_t:filesystem getattr problems 2007-02-28 21:23:19 +00:00
Chris PeBenito
4900fdf7d1 Patch for kerberized telnet fixes from Dan Walsh. 2007-02-28 17:17:52 +00:00