c2b04d1ea2
kmod, lvm, brctl patches from Russell Coker
...
Patches for modutils, at least one of which is needed to generate an initramfs
on Debian.
Patch to allow lvm to talk to fifos from dpkg_script_t for postinst scripts
etc.
Patch for brctl to allow it to create sysfs files.
2017-04-18 21:17:36 -04:00
73d8b3026c
Systemd-related changes from Russell Coker.
2017-04-06 17:37:50 -04:00
b690079a93
Misc fc changes from Russell Coker.
2017-04-06 17:00:28 -04:00
63a6a44b3d
Module version bump for fixes from cgzones.
2017-03-12 16:36:49 -04:00
d62ce5b4e8
lvm: small adjustments
...
* align file contexts
* fix lvm_admin()
* call user_use_inherited_user_terminals and remove useless dontaudit call
2017-03-12 10:32:02 +01:00
4d028498d8
Module version bumps for fixes from cgzones.
2017-03-05 10:48:42 -05:00
4b79a54b41
modutils: adopt callers to new interfaces
2017-03-03 12:28:17 +01:00
e527ebaadf
systemd: Further revisions from Russell Coker.
2017-02-25 09:35:10 -05:00
2087bde934
Systemd fixes from Russell Coker.
2017-02-23 20:03:23 -05:00
cb35cd587f
Little misc patches from Russell Coker.
2017-02-18 09:39:01 -05:00
1720e109a3
Sort capabilities permissions from Russell Coker.
2017-02-15 18:47:33 -05:00
2e7553db63
Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker.
2017-02-04 15:19:35 -05:00
69ede859e8
Bump module versions for release.
2017-02-04 13:30:53 -05:00
67c435f1fc
Module version bump for fc updates from Nicolas Iooss.
2016-12-28 14:38:05 -05:00
f850ec37df
Module version bumps for /run fc changes from cgzones.
2016-12-22 15:54:46 -05:00
34055cae87
Bump module versions for release.
2016-10-23 16:58:59 -04:00
76f05a2c15
Module version bumps for LVM and useromain patches from Guido Trentalancia.
2016-09-07 18:02:18 -04:00
cbccb5aedf
Update the lvm module
...
Update the lvm module to add a permission needed by cryptsetup.
At the moment the SELinux kernel code is not able yet to distinguish
the sockets in the AF_ALG namespace that are used for interfacing to
the kernel Crypto API.
In the future the SELinux kernel code will be updated to distinguish
the new socket class and so this permission will change its class
from the generic "socket" to the new socket (e.g. "alg_socket").
Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
2016-09-07 17:43:16 -04:00
c23353bcd8
Bump module versions for release.
2015-12-08 09:53:02 -05:00
17694adc7b
Module version bump for systemd additions.
2015-10-23 14:53:14 -04:00
4388def2d9
Add refpolicy core socket-activated services.
2015-10-23 10:17:46 -04:00
f7286189b3
Add systemd units for core refpolicy services.
...
Only for services that already have a named init script.
Add rules to init_startstop_service(), with conditional arg until
all of refpolicy-contrib callers are updated.
2015-10-23 10:17:46 -04:00
579849912d
Add supporting rules for domains tightly-coupled with systemd.
2015-10-23 10:17:46 -04:00
d74c9bd6b8
Module version bumps for admin interfaces from Jason Zaman.
2015-07-14 11:18:35 -04:00
10ff4d0fa3
Bump module versions for release.
2014-03-11 08:16:57 -04:00
58db129761
Update modules for file_t merge into unlabeled_t.
2014-01-16 11:24:25 -05:00
3208ff94c4
Module version bump for second lot of patches from Dominick Grift.
2013-12-03 13:03:35 -05:00
3ee649f132
Add comment in policy for lvm sysfs write.
2013-12-03 10:54:22 -05:00
6905ddaa98
lvm: lvm writes read_ahead_kb
...
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2013-12-03 10:53:23 -05:00
b7b3b55280
Module version bumps for Debian udev updates from Dominick Grift.
2013-09-27 16:44:54 -04:00
5a727e1c60
Module version bump for lvm update from Dominick Grift.
2013-09-26 09:24:58 -04:00
43d6ac3f8e
lvm: lvm and udisks-lvm-pv-e read /run/udev/queue.bin
...
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2013-09-26 09:16:36 -04:00
d174521a64
Bump module versions for release.
2013-04-24 16:14:52 -04:00
e1ab3f885b
Module version bump for misc updates from Sven Vermeulen.
2013-01-03 10:32:41 -05:00
829b252cdc
lvscan creates the /run/lock/lvm directory if nonexisting (v2)
...
If the /run/lock/lvm directory doesn't exist yet, running any of the LVM tools
(like lvscan) will create this directory. Introduce a named file transition for
the lock location when a directory named "lvm" is created and grant the
necessary rights to create the directory.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2013-01-03 10:32:41 -05:00
3516535aa6
Bump module versions for release.
2012-07-25 14:33:06 -04:00
7b6fe9c1a5
Module version bump for syslog-ng and lvm patches from Sven Vermeulen.
2012-05-04 10:49:11 -04:00
ee62c91345
Recent lvm utilities now use setfscreate
...
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2012-05-04 10:45:57 -04:00
aa4dad379b
Module version bump for release.
2011-07-26 08:11:01 -04:00
a26f6088c9
Changelog and module version bump for LVM semaphore usage patch from Sven Vermeulen.
2011-02-09 09:01:18 -05:00
57835f4453
LVM uses systemwide semaphores for activities such as vgchange -ay
...
The LVM subsystem uses system-wide semaphores for various activities.
Although the system boots properly without these (apart from the AVC denials
of course), I would assume that they are here to ensure no corruption of any
kind happens in case of concurrent execution / race conditions.
As such, I rather enable it explicitly in the security policy.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2011-02-09 09:00:12 -05:00
dd74a2f442
policy/modules/system/lvm.te Typo change directores to directories, and also clean up a comment.
...
The below patch changes a typo "directores" to "directories", and also
fixes a comment to sound more proper.
Signed-off-by: Justin P. Mattock <justinmattock@gmail.com>
2011-02-01 09:09:26 -05:00
bca0cdb86e
Remove duplicate/redundant rules, from Russell Coker.
2010-07-07 08:41:20 -04:00
48f99a81c0
Whitespace change: drop unnecessary blank line at the start of .te files.
2010-06-10 08:16:35 -04:00
29af4c13e7
Bump module versions for release.
2010-05-24 15:32:01 -04:00
dccbb80cb0
Whitespace cleanup.
2009-11-24 11:11:38 -05:00
bd34ef71df
LVM patch from Dan Walsh.
2009-11-24 09:19:45 -05:00
9570b28801
module version number bump for release 2.20090730 that was mistakenly omitted.
2009-08-05 10:59:21 -04:00
568efbe895
fix ordering of interface calls in lvm.
2009-08-05 10:07:35 -04:00
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
cgzones
Guido Trentalancia
Chris PeBenito
Dominick Grift
Sven Vermeulen
Chris PeBenito
Justin P. Mattock