rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5,187 Commits 8 Branches 93 Tags 37 MiB
f8d85476fd
Commit Graph

5187 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel J Walsh
a384d73899 - Allow prelink when run from rpm to create tmp files Resolves: #221865 
- Remove file_context for exportfs Resolves: #221181
- Allow spamassassin to create ~/.spamassissin Resolves: #203290
- Allow ssh access to the krb tickets
- Allow sshd to change passwd
- Stop newrole -l from working on non securetty Resolves: #200110
 2007-01-09 15:24:41 +00:00
Daniel J Walsh
8a03d5e828 - Allow spamassassin to read var_lib_t dir Resolves: #219234 2007-01-02 16:40:08 +00:00
Daniel J Walsh
9bcfd16a2d - fix mplayer to work under strict policy 
- Allow iptables to use nscd Resolves: #220794
 2006-12-29 20:01:11 +00:00
Daniel J Walsh
8bacd8ed15 - Add gconf policy and make it work with strict 2006-12-28 17:39:12 +00:00
Daniel J Walsh
5db544f392 - Many fixes for strict policy and by extension mls. 2006-12-24 15:26:26 +00:00
Daniel J Walsh
135ea97ff1 - Many fixes for strict policy and by extension mls. 2006-12-24 07:31:09 +00:00
Daniel J Walsh
9051d60c06 - Fix to allow ftp to bind to ports > 1024 Resolves: #219349 2006-12-22 17:39:01 +00:00
Daniel J Walsh
5ded3c385e 2006-12-22 16:58:33 +00:00
Daniel J Walsh
4fd323b783 2006-12-22 16:56:53 +00:00
Daniel J Walsh
f9e32a004d - Allow semanage to exec it self. Label genhomedircon as semanage_exec_t 
Resolves: #219421
- Allow sysadm_lpr_t to manage other print spool jobs Resolves: #220080
 2006-12-20 20:40:30 +00:00
Daniel J Walsh
be9aefca3d - allow automount to setgid Resolves: #219999 2006-12-18 21:50:13 +00:00
Daniel J Walsh
5e01b4610b - Allow cron to polyinstatiate 
- Fix creation of boot flags Resolves: #207433
 2006-12-15 21:42:14 +00:00
Daniel J Walsh
272aa0b2e8 2006-12-14 20:06:00 +00:00
Daniel J Walsh
3a51847bd9 Resolves: #218978 2006-12-13 17:06:33 +00:00
Daniel J Walsh
422dcf1da8 Resolves: #218978 2006-12-13 17:03:55 +00:00
Chris PeBenito
b001503548 update version and changelog for release 2006-12-12 21:59:26 +00:00
Daniel J Walsh
e3b143b243 - Allow initrc to create files in /var directories Resolves: #219227 2006-12-12 21:46:24 +00:00
Chris PeBenito
42c5c5f612 bump versions for release. 2006-12-12 21:22:47 +00:00
Chris PeBenito
c0868a7a3b merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
Daniel J Walsh
6157a7e6e4 - More fixes for MLS 2006-12-11 12:35:45 +00:00
Daniel J Walsh
dd5d7e7583 - More Fixes polyinstatiation Resolves: #216184 2006-12-06 23:27:45 +00:00
Daniel J Walsh
a169fb7433 - Fix handling of keyrings 2006-12-06 19:38:32 +00:00
Daniel J Walsh
852ba6bb2f - Fix polyinstatiation 
- Fix pcscd handling of terminal Resolves: #218149 Resolves: #218350
 2006-12-05 23:05:39 +00:00
Chris PeBenito
d6d16b9796 patch from dan Wed, 29 Nov 2006 17:06:40 -0500 2006-12-04 20:10:56 +00:00
Daniel J Walsh
414ddd0de3 - More fixes for quota Resolves: #212957 2006-12-01 21:52:08 +00:00
Daniel J Walsh
9f388c1a78 - ncsd needs to use avahi sockets Resolves: #217640 Resolves: #218014 2006-12-01 17:58:00 +00:00
Daniel J Walsh
b6ffd7c2ae - Allow login programs to polyinstatiate homedirs Resolves: #216184 
- Allow quotacheck to create database files Resolves: #212957
 2006-11-30 22:06:22 +00:00
Daniel J Walsh
aba668f5f8 - Allow login programs to polyinstatiate homedirs Resolves: #216184 2006-11-30 20:55:33 +00:00
Daniel J Walsh
036c1c2fb6 - Dontaudit appending hal_var_lib files Resolves: #217452 Resolves: #217571 
Resolves: #217611 Resolves: #217640 Resolves: #217725
 2006-11-30 20:23:49 +00:00
Daniel J Walsh
cc1462b7d0 - Dontaudit appending hal_var_lib files Resolves: #217452 Resolves: #217571 
Resolves: #217611 Resolves: #217640 Resolves: #217725
 2006-11-29 20:11:02 +00:00
Chris PeBenito
563e58e863 patch from dan for some missing gen_require()s 2006-11-29 13:44:40 +00:00
Chris PeBenito
bff907113d fix dontaudit interface that was allowing instead of dontauditing; thanks to karl for pointing this out. 2006-11-28 15:57:22 +00:00
Chris PeBenito
c31f6724c0 fix dontaudit interface that was allowing instead of dontauditing; thanks to karl for pointing this out. 2006-11-28 15:47:47 +00:00
Daniel J Walsh
e4d46c95f3 - Fix context for helix players file_context #216942 2006-11-27 22:17:34 +00:00
Daniel J Walsh
02560dace3 - Fix load_policy to be able to mls_write_down so it can talk to the 
terminal
 2006-11-20 23:24:21 +00:00
Daniel J Walsh
4218645103 - Fixes for hwclock, clamav, ftp 2006-11-20 23:01:06 +00:00
Daniel J Walsh
9e4aeac9dd - Move to upstream version which accepted my patches 2006-11-17 19:21:40 +00:00
Chris PeBenito
fa45da0efd add aide, ccs, and ricci 2006-11-16 20:56:24 +00:00
Daniel J Walsh
b28d0a788f - Fixes for nvidia driver 2006-11-16 19:25:03 +00:00
Chris PeBenito
d31d3c159e This modifies the mls constraint for polmatch in the association class. 
Specifically:

- polmatch need no longer make an exception for unlabeled_t
  since a flow will now always match SPD rules with no contexts (per
  the IPSec leak fix patch upstreamed a few weeks back), as
  opposed to needing polmatch access to unlabeled_t.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
 2006-11-16 13:38:14 +00:00
Daniel J Walsh
a3f2f571c0 - Fixes for nvidia driver 2006-11-15 22:34:04 +00:00
Daniel J Walsh
150bdfbc67 - Fixes for nvidia driver 2006-11-15 22:28:06 +00:00
Daniel J Walsh
b0ecaa962d - Allow semanage to signal mcstrans 2006-11-15 21:43:36 +00:00
Daniel J Walsh
73ea8c2e4d - Update to upstream 2006-11-15 15:22:30 +00:00
Daniel J Walsh
d925bd337d - Allow modstorage to edit /etc/fstab file 2006-11-14 18:33:09 +00:00
Chris PeBenito
c6a60bb28d On Tue, 2006-11-07 at 16:51 -0500, James Antill wrote: 
> Here is the policy changes needed for the context contains security
> checking in PAM and cron.
 2006-11-14 13:38:52 +00:00
Daniel J Walsh
ec17438ae0 - Fix for qemu, /dev/ 
Mon Nov 13 2006 Dan Walsh <dwalsh@redhat.com> 2.4.3-11
- Fix path to realplayer.bin
 2006-11-14 04:57:37 +00:00
Daniel J Walsh
32b91c9d1f - Fix path to realplayer.bin 2006-11-13 20:48:57 +00:00
Chris PeBenito
59f8539306 - Add a reload target to Modules.devel and change the load 
target to only insert modules that were changed.
 2006-11-13 03:36:13 +00:00
Chris PeBenito
ed38ca9f3d fixes from gentoo strict testing: 
- Allow semanage to read from /root on strict non-MLS for
  local policy modules.
- Gentoo init script fixes for udev.
- Allow udev to read kernel modules.inputmap.
- Dnsmasq fixes from testing.
- Allow kernel NFS server to getattr filesystems so df can work
  on clients.
 2006-11-13 03:24:07 +00:00