selinux-policy/policy/modules/system
Dominick Grift 1031ee6f6a Implement cobblerd policy.
My previous version had a minor bug in admin_role where it was using cobblerd_var_log_t, and cobblerd_var_lib_t instead of cobbler_var_log_t, and cobbler_var_lib_t.

Whilst i was at it, i decided the implement a cobbler_etc_t for cobbler content in /etc. This because you cannot admin a cobbler environment witouth having access to cobbler config files and i dont want to give cobbler_admin access to manage etc_t.

As a consequence if this i also removed the files_read_etc_files(cobblerd_t), as i think that cobbler only needed it to read its own files in /etc. However this is not confirmed, and it may need read access to etc_t afteral.

Also i would like to underscore my reason for using public_content_rw_t. One of the reasons is that i do not want to give cobbler access to manage httpd_sys_content_rw_t. In general i do not want to depend on apache module at all.

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <pebenito@gentoo.org>
2010-02-08 12:56:01 -05:00
..
application.fc trunk: add application module 2007-07-19 18:57:48 +00:00
application.if Application patch from Dan Walsh. 2009-11-24 11:48:39 -05:00
application.te Application patch from Dan Walsh. 2009-11-24 11:48:39 -05:00
authlogin.fc trunk: 1 patch from dan. 2009-06-12 15:30:15 +00:00
authlogin.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
authlogin.te module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
clock.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
clock.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
clock.te fix ordering of interface calls in clock. 2009-08-05 09:52:34 -04:00
daemontools.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
daemontools.if trunk: whitespace fixes in xml blocks. 2008-12-03 19:16:20 +00:00
daemontools.te trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
fstools.fc Fstools and Xen patches from Dan Walsh. 2009-11-25 10:27:31 -05:00
fstools.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
fstools.te Fstools and Xen patches from Dan Walsh. 2009-11-25 10:27:31 -05:00
getty.fc trunk: 6 patches from the fedora policy, cherry picked by david hardeman. 2008-08-14 14:19:50 +00:00
getty.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
getty.te fix ordering of interface calls in getty. 2009-08-05 09:55:58 -04:00
hostname.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
hostname.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
hostname.te remove redundant xen_append_log() call in hostname. 2009-08-11 14:19:38 -04:00
hotplug.fc patch to fix escaping of . in file contexts from james athey 2006-07-24 15:43:57 +00:00
hotplug.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
hotplug.te module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
init.fc trunk: whitespace fix changing multiple spaces into tabs. 2008-12-03 18:33:19 +00:00
init.if additional cleanup for e877913. 2009-11-11 11:28:50 -05:00
init.te adding puppet configuration management system 2009-11-11 08:37:16 -05:00
ipsec.fc IPSEC patch from Dan Walsh. 2009-11-24 14:09:10 -05:00
ipsec.if IPSEC patch from Dan Walsh. 2009-11-24 14:09:10 -05:00
ipsec.te IPSEC patch from Dan Walsh. 2009-11-24 14:09:10 -05:00
iptables.fc Iptables and modutils patches from Dan Walsh. 2009-12-01 09:23:11 -05:00
iptables.if Iptables and modutils patches from Dan Walsh. 2009-12-01 09:23:11 -05:00
iptables.te Iptables and modutils patches from Dan Walsh. 2009-12-01 09:23:11 -05:00
iscsi.fc trunk: 3 patches from the fedora policy, cherry picked by David Hardeman. 2008-08-11 14:03:36 +00:00
iscsi.if ISCSI patch from Dan Walsh. 2009-11-24 11:08:22 -05:00
iscsi.te ISCSI patch from Dan Walsh. 2009-11-24 11:08:22 -05:00
kdump.fc add kdump from dan. 2009-09-02 08:33:25 -04:00
kdump.if add kdump from dan. 2009-09-02 08:33:25 -04:00
kdump.te Kdump reads the kernel core. 2009-11-25 10:04:40 -05:00
libraries.fc fix refpolicy ticket #48. 2009-08-10 11:14:03 -04:00
libraries.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
libraries.te bump module versions for release. 2009-11-17 10:05:56 -05:00
locallogin.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
locallogin.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
locallogin.te module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
logging.fc trunk: logging update from dan. 2008-09-18 13:20:57 +00:00
logging.if Remove excessive permissions in logging_send_syslog_msg(). Ticket #14. 2009-08-26 10:05:36 -04:00
logging.te bump module versions for release. 2009-11-17 10:05:56 -05:00
lvm.fc trunk: 5 patches from dan. 2009-05-06 14:26:20 +00:00
lvm.if Whitespace cleanup. 2009-11-24 11:11:38 -05:00
lvm.te Whitespace cleanup. 2009-11-24 11:11:38 -05:00
metadata.xml remove extra level of directory 2006-07-12 20:32:27 +00:00
miscfiles.fc Implement cobblerd policy. 2010-02-08 12:56:01 -05:00
miscfiles.if Whitespace cleanup. 2009-11-24 11:11:38 -05:00
miscfiles.te Miscfiles patch from Dan Walsh. 2009-11-24 09:04:48 -05:00
modutils.fc Iptables and modutils patches from Dan Walsh. 2009-12-01 09:23:11 -05:00
modutils.if Iptables and modutils patches from Dan Walsh. 2009-12-01 09:23:11 -05:00
modutils.te Iptables and modutils patches from Dan Walsh. 2009-12-01 09:23:11 -05:00
mount.fc patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
mount.if automount patch from dan. 2009-07-29 08:59:26 -04:00
mount.te module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
netlabel.fc merge netlabel stuff from labeled-networking branch 2006-10-17 16:58:17 +00:00
netlabel.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
netlabel.te trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
pcmcia.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
pcmcia.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
pcmcia.te split dev_create_cardmgr_dev() into a create and a filetrans interface. 2009-08-25 09:56:56 -04:00
raid.fc RAID patch from Dan Walsh. 2009-11-25 11:17:19 -05:00
raid.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
raid.te RAID patch from Dan Walsh. 2009-11-25 11:17:19 -05:00
selinuxutil.fc merge restorecon into setfiles 2007-05-11 17:10:43 +00:00
selinuxutil.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
selinuxutil.te module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
setrans.fc trunk: init script for setrans. 2008-09-18 18:20:31 +00:00
setrans.if Setrans patch from Dan Walsh. 2009-11-24 09:41:03 -05:00
setrans.te Setrans patch from Dan Walsh. 2009-11-24 09:41:03 -05:00
sysnetwork.fc Implement cobblerd policy. 2010-02-08 12:56:01 -05:00
sysnetwork.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
sysnetwork.te module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
udev.fc UDEV patch from Dan Walsh. 2009-11-25 09:44:14 -05:00
udev.if UDEV patch from Dan Walsh. 2009-11-25 09:44:14 -05:00
udev.te UDEV patch from Dan Walsh. 2009-11-25 09:44:14 -05:00
unconfined.fc trunk: add openoffice locations in gentoo. 2007-12-10 15:59:01 +00:00
unconfined.if trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
unconfined.te bump module versions for release. 2009-11-17 10:05:56 -05:00
userdomain.fc trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
userdomain.if Add dbadm, from KaiGai Kohei. 2010-02-08 10:34:08 -05:00
userdomain.te Add dbadm, from KaiGai Kohei. 2010-02-08 10:34:08 -05:00
xen.fc Fstools and Xen patches from Dan Walsh. 2009-11-25 10:27:31 -05:00
xen.if Fstools and Xen patches from Dan Walsh. 2009-11-25 10:27:31 -05:00
xen.te Fstools and Xen patches from Dan Walsh. 2009-11-25 10:27:31 -05:00