selinux-policy/policy/modules/admin
Dominick Grift 623e4f0885 1/1] Make the ability to mmap zero conditional where this is fapplicable.
Retry: forgot to include attribute mmap_low_domain_type attribute to domain_mmap_low()	:

Inspired by similar implementation in Fedora.
Wine and vbetool do not always actually need the ability to mmap a low area of the address space.
In some cases this can be silently denied.

Therefore introduce an interface that facilitates "mmap low" conditionally, and the corresponding boolean.
Also implement booleans for wine and vbetool that enables the ability to not audit attempts by wine and vbetool to mmap a low area of the address space.

Rename domain_mmap_low interface to domain_mmap_low_uncond.

Change call to domain_mmap_low to domain_mmap_low_uncond for xserver_t. Also move this call to distro redhat ifndef block because Redhat does not need this ability.

Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-01 09:41:56 -04:00
..
acct.fc three debian patches from manoj 2009-07-14 09:05:59 -04:00
acct.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
acct.te Acct patch from Dan Walsh. 2010-06-17 08:22:17 -04:00
alsa.fc alsa file location update for debian, from Manoj. 2009-07-29 15:28:14 -04:00
alsa.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
alsa.te Alsa patch from Dan Walsh 2010-06-17 08:22:43 -04:00
amanda.fc trunk: add an empty m4 string so the index macro is not invoked, to prevent a warning. 2008-08-12 19:30:54 +00:00
amanda.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
amanda.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
amtu.fc trunk: whitespace fix changing multiple spaces into tabs. 2008-12-03 18:33:19 +00:00
amtu.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
amtu.te trunk: bump module versions for release. 2008-12-10 19:38:10 +00:00
anaconda.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
anaconda.if remove extra level of directory 2006-07-12 20:32:27 +00:00
anaconda.te Module version bump for 5563d4c. 2010-07-22 09:13:11 -04:00
apt.fc Update apt/aptitude policy to add support for lock/log files 2009-07-29 15:00:39 -04:00
apt.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
apt.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
backup.fc trunk: Backup update on Debian from Vaclav Ovsik. 2008-02-19 14:26:59 +00:00
backup.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
backup.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
bootloader.fc three debian patches from manoj 2009-07-14 09:05:59 -04:00
bootloader.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
bootloader.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
brctl.fc trunk: udev update and brctl module from dan. 2007-09-05 17:55:57 +00:00
brctl.if trunk: massive whitespace cleanup from dominick grift. 2008-07-23 21:38:39 +00:00
brctl.te Bump module versions for release. 2010-05-24 15:32:01 -04:00
certwatch.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
certwatch.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
certwatch.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
consoletype.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
consoletype.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
consoletype.te Consoletype patch from Dan Walsh. 2010-06-17 08:23:20 -04:00
ddcprobe.fc trunk: whitespace fix changing multiple spaces into tabs. 2008-12-03 18:33:19 +00:00
ddcprobe.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
ddcprobe.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
dmesg.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
dmesg.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
dmesg.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
dmidecode.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
dmidecode.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
dmidecode.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
dpkg.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
dpkg.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
dpkg.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
firstboot.fc patch from dan Fri, 01 Sep 2006 15:45:24 -0400 2006-09-04 15:15:35 +00:00
firstboot.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
firstboot.te Module version bump for a7521af. 2010-07-01 10:48:11 -04:00
kismet.fc Kismet and tzdata patches from Dan Walsh. 2009-11-25 15:12:52 -05:00
kismet.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
kismet.te Kismet patch from Dan Walsh. 2010-06-17 08:24:21 -04:00
kudzu.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
kudzu.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
kudzu.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
logrotate.fc trunk: Backup update on Debian from Vaclav Ovsik. 2008-02-19 14:26:59 +00:00
logrotate.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
logrotate.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
logwatch.fc patches from erich Wed, 13 Sep 2006 16:18:18 +0200 2006-09-13 18:35:10 +00:00
logwatch.if merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
logwatch.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
mcelog.fc mcelog policy from Dan Walsh 2010-03-16 11:47:07 -04:00
mcelog.if Whitespace fix for mcelog. 2010-03-16 13:15:38 -04:00
mcelog.te Mcelog patch from Dan Walsh. 2010-06-17 08:23:48 -04:00
metadata.xml remove extra level of directory 2006-07-12 20:32:27 +00:00
mrtg.fc patch from Stefan for mrtg daemon operation. 2006-08-07 17:14:00 +00:00
mrtg.if trunk: massive whitespace cleanup from dominick grift. 2008-07-23 21:38:39 +00:00
mrtg.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
netutils.fc Netutils patch from Dan Walsh. 2010-06-17 10:16:19 -04:00
netutils.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
netutils.te Netutils patch from Dan Walsh. 2010-06-17 10:16:19 -04:00
portage.fc trunk: add additional portage log locations. 2008-05-26 18:37:05 +00:00
portage.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
portage.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
prelink.fc Prelink patch from Dan Walsh. 2010-06-18 14:07:53 -04:00
prelink.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
prelink.te Prelink patch from Dan Walsh. 2010-06-18 14:07:53 -04:00
quota.fc patch from dan, Thu, 2007-01-25 at 08:12 -0500 2007-02-16 23:01:42 +00:00
quota.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
quota.te Quota patch from Dan Walsh. 2010-06-18 14:14:21 -04:00
readahead.fc readahead patch from dan. 2009-07-28 10:08:02 -04:00
readahead.if remove extra level of directory 2006-07-12 20:32:27 +00:00
readahead.te Module version bumps and changelog for devtmpfs patchset. 2010-08-25 11:19:27 -04:00
rpm.fc RPM patch from Dan Walsh. 2010-07-08 10:53:28 -04:00
rpm.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
rpm.te RPM patch from Dan Walsh. 2010-07-08 10:53:28 -04:00
sectoolm.fc Add sectoolm by Miroslav Grepl. 2010-02-19 09:39:06 -05:00
sectoolm.if Add sectoolm by Miroslav Grepl. 2010-02-19 09:39:06 -05:00
sectoolm.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
shorewall.fc shorewall log file from Dan Walsh 2010-03-08 09:34:37 -05:00
shorewall.if Iptables patch from Dan Walsh. 2010-03-18 08:10:21 -04:00
shorewall.te Shorewall patch from Dan Walsh. 2010-06-18 14:23:46 -04:00
shutdown.fc Add shutdown from Dan Walsh. 2010-07-07 11:10:56 -04:00
shutdown.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
shutdown.te Add shutdown from Dan Walsh. 2010-07-07 11:10:56 -04:00
smoltclient.fc Whitespace fixes for smoltclient. 2010-03-16 13:11:53 -04:00
smoltclient.if Policy for smolt sendProfile client from Dan Walsh 2010-03-16 11:37:56 -04:00
smoltclient.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
su.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
su.if Su patch from Dan Walsh. 2010-06-18 14:32:42 -04:00
su.te Su patch from Dan Walsh. 2010-06-18 14:32:42 -04:00
sudo.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
sudo.if Sudo patch from Dan Walsh. 2010-06-18 14:43:22 -04:00
sudo.te Sudo patch from Dan Walsh. 2010-06-18 14:43:22 -04:00
sxid.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
sxid.if merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
sxid.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
tmpreaper.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
tmpreaper.if Interface documentation standardization patch from Dan Walsh. 2010-08-02 09:22:09 -04:00
tmpreaper.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
tripwire.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
tripwire.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
tripwire.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
tzdata.fc patch from dan, Thu, 2007-01-25 at 08:12 -0500 2007-02-16 23:01:42 +00:00
tzdata.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
tzdata.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
updfstab.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
updfstab.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
updfstab.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
usbmodules.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
usbmodules.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
usbmodules.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
usermanage.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
usermanage.if Fix usermanage_kill_passwd() parameter doc. 2010-08-05 08:56:31 -04:00
usermanage.te Usermanage patch from Dan Walsh. 2010-07-06 10:56:20 -04:00
vbetool.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
vbetool.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
vbetool.te 1/1] Make the ability to mmap zero conditional where this is fapplicable. 2010-09-01 09:41:56 -04:00
vpn.fc trunk: 8 patches from dan. 2008-10-13 15:06:23 +00:00
vpn.if Admin layer xml fixes. 2010-08-05 08:46:44 -04:00
vpn.te Module version bump for b5d89d0. 2010-06-29 11:03:56 -04:00