Commit Graph

333 Commits

Author SHA1 Message Date
Chris PeBenito 4a8bd017aa Module version bump and extra comments for 194d61f. 2010-04-24 08:10:43 -04:00
Chris Richards 194d61fd3c modutils patch for update-modules
update-modules on Gentoo throws errors when run because it sources /etc/init.d/functions.sh, which always scans /var/lib/init.d to set SOFTLEVEL environment var.  This is never used by update-modules.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
Signed-off-by: Chris PeBenito <pebenito@gentoo.org>
2010-04-24 08:08:15 -04:00
Chris PeBenito 78352db924 Module version bump for 8c38fba. 2010-04-24 08:07:51 -04:00
Chris Richards 8c38fba0f0 allow syslog-ng to setrlimit
syslog-ng wants to increase the number of permissible open files from 256 to 4096 on unix/linux systems.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
Signed-off-by: Chris PeBenito <pebenito@gentoo.org>
2010-04-24 08:02:23 -04:00
Chris PeBenito bc31d12725 Libraries patch from Dan Walsh. 2010-03-19 14:21:23 -04:00
Chris PeBenito 0d86ea1d7b Xen patch from Dan Walsh. 2010-03-19 11:54:50 -04:00
Chris PeBenito b60df9f57d Getty patch from Dan Walsh. 2010-03-19 11:05:56 -04:00
Chris PeBenito 1fa92b8a55 Sysnetwork patch from Dan Walsh. 2010-03-18 15:40:04 -04:00
Chris PeBenito ddd786e404 Init patch from Dan Walsh. 2010-03-18 10:19:49 -04:00
Chris PeBenito 153ed8751a Authlogin patch from Dan Walsh. 2010-03-18 08:59:25 -04:00
Chris PeBenito 4fbcd778de Iptables patch from Dan Walsh. 2010-03-18 08:10:21 -04:00
Chris PeBenito a124c0a81f Udev patch from Dan Walsh. 2010-03-17 15:17:48 -04:00
Chris PeBenito 7a8807b627 Logging patch from Dan Walsh. 2010-03-17 14:40:06 -04:00
Chris PeBenito 90e65feca5 Ipsec patch from Dan Walsh. 2010-03-17 13:52:07 -04:00
Chris PeBenito d13c6758a4 Modutils patch from Dan Walsh. 2010-03-17 11:59:14 -04:00
Chris PeBenito 827060cb04 Style fixes and module version bumps for 38fc1bd. 2010-03-17 09:28:18 -04:00
Dominick Grift 38fc1bd180 Likewise policy.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-03-17 08:48:45 -04:00
Chris PeBenito 2f0e3a4e7e Raid patch from Dan Walsh. 2010-03-09 15:33:29 -05:00
Chris PeBenito 30496b1575 Iscsi and tgtd patches from Dan Walsh. 2010-03-09 15:17:16 -05:00
Chris PeBenito 939eaf2f13 Fstools patch from Dan Walsh. 2010-03-09 14:32:17 -05:00
Chris PeBenito d0a6df5c47 Miscfiles patch from Dan Walsh. 2010-03-09 10:44:55 -05:00
Chris PeBenito 1112a5bc20 Module version bump for be47d75. 2010-03-04 09:18:04 -05:00
Jeremy Solt 4d2680e508 hotplug transition to brctl from Dan Walsh 2010-03-04 09:18:04 -05:00
Chris PeBenito 402bbb9fe9 Improve documentation of udev_read_db(). 2010-03-03 14:16:36 -05:00
Chris PeBenito b675cec7f8 Improve documentation of seutil_sigchld_newrole(). 2010-03-03 14:16:22 -05:00
Chris PeBenito a6bafb5a25 Module version bump for bf530f5. 2010-03-03 13:11:58 -05:00
Dominick Grift bf530f532c Various permission set fixes.
Fix various interfaces to use permission sets for compatiblity with open permission.

Also use other permission sets where possible just because applicable permissions sets are available and the use of permission sets is encourage generally for compatibility.

The use of exec_file_perms permission set may be not be a good idea though since it may be a bit too coarse.

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-03-03 13:10:55 -05:00
Chris PeBenito b58db31da6 Improve the documentation of application_domain(). 2010-03-03 10:37:58 -05:00
Chris PeBenito d24a7df15c Improve the documentation of auth_use_nsswitch(). 2010-03-03 10:37:37 -05:00
Dominick Grift 4cb24aed7b Fix userdom_write_user_tmp_sockets to use write_sock_file_perms to allow domains to open user_tmp_t sock_files.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-03-03 10:31:56 -05:00
Chris PeBenito c46376e665 Improve documentation for userdomain interfaces:
userdom_use_user_terminals()
userdom_dontaudit_search_user_home_dirs()
userdom_dontaudit_use_unpriv_user_fds()
2010-03-02 14:01:10 -05:00
Chris PeBenito 42f1b11482 Module version bump for 03dd57f. 2010-03-01 13:34:10 -05:00
Dominick Grift 03dd57fe7b Fix auth_domtrans_chk_passwd to use read_file_perms to surpress open AVC denials.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-03-01 13:30:28 -05:00
Chris PeBenito 5fb5bf2686 Additional docs for logging_log_filetrans(). 2010-03-01 10:38:24 -05:00
Chris PeBenito 14e543cb1c Improve the documentation of unconfined_domain(). 2010-02-26 13:47:17 -05:00
Chris PeBenito 45185c0783 Improve the documentation of logging_log_file() and logging_log_filetrans(). 2010-02-26 09:34:41 -05:00
Chris PeBenito 13f000d2ef Improve the documentation of:
init_script_file()
init_daemon_domain()
init_system_domain()
init_ranged_daemon_domain()
init_ranged_system_domain()
init_use_fds()
2010-02-25 16:00:58 -05:00
Chris PeBenito d6887176c1 Improve sysnet_read_config() documentation. 2010-02-25 13:54:34 -05:00
Chris PeBenito 81a0fb4024 Switch sysnet_use_portmap(), sysnet_use_ldap(), and sysnet_dns_name_resolve() to use sysnet_read_config() rather thane explicit type usage. 2010-02-25 13:53:52 -05:00
Chris PeBenito 6e48775f75 Improve documentation on logging_send_syslog_msg(). 2010-02-24 15:56:05 -05:00
Chris PeBenito 611bc9311d Improve documentation on miscfiles_read_localization(). 2010-02-24 14:56:07 -05:00
Chris PeBenito 72295e93e1 Qemu patch from Dan Walsh. 2010-02-19 10:15:19 -05:00
Chris PeBenito 2f84a77d22 Syslog fixes from Gentoo. 2010-02-17 20:33:53 -05:00
Chris PeBenito 8b8501991e Clean up leaked portage file descriptors. 2010-02-17 20:33:31 -05:00
Chris PeBenito 2c05132062 Utmp fix from Gentoo. 2010-02-17 20:31:46 -05:00
Chris PeBenito 72c8a37c2b Setfiles fix from Gentoo. 2010-02-17 20:30:42 -05:00
Chris PeBenito 679a63d09f Mount usbfs fix from Gentoo. 2010-02-17 20:30:13 -05:00
Chris PeBenito aadcb968f9 Move netlink route sockets from nsswitch to DNS name resolve. 2010-02-17 20:28:59 -05:00
Chris PeBenito c3c753f786 Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users. 2010-02-11 14:20:10 -05:00
Chris PeBenito 16412e2ff9 Merge branch 'master' of git+ssh://cpebenito@oss.tresys.com/home/git/refpolicy 2010-02-08 14:47:06 -05:00