Commit Graph

2666 Commits

Author SHA1 Message Date
Chris PeBenito 1b2f08ea10 Abrt patch from Dan Walsh. 2010-05-18 10:18:12 -04:00
Chris PeBenito e9e43f04b3 Plymouthd policy from Dan Walsh. 2010-05-18 09:54:18 -04:00
Chris PeBenito b0c2cae14a Hal patch from Dan Walsh.
Lots of random access for hal.
2010-05-18 09:06:36 -04:00
Chris PeBenito 2e4e39d26a Loadkeys patch from Dan Walsh. 2010-05-14 11:40:26 -04:00
Chris PeBenito 84940a0995 Java patch from Dan Walsh.
Additional java context

unconfined_Java apps needs to execmod any file since we do not know where the jave content will be labeled

We want unconfined java apps to transition to rpm when they execute rpm_exec_t.  To maintain proper labeling.
2010-05-14 10:40:59 -04:00
Chris PeBenito 299db7080c CVS patch from Dan Walsh.
cvs needs dac_override when it tries to read shadow
2010-05-14 10:24:11 -04:00
Chris PeBenito bcc6e65421 SETroubleshoot patch from Dan Walsh.
Policy to handle the fixit button in setroubleshoot.
2010-05-13 13:22:53 -04:00
Chris PeBenito ada61e1529 Asterisk patch from Dan Walsh.
asterisk_manage_lib_files(logrotate_t)
    asterisk_exec(logrotate_t)

Needs net_admin

Drops capabilities
connects to unix_stream

execs itself

Requests kernel load modules

Execs shells

Connects to postgresql and snmp ports

Reads urand and generic usb devices

Has mysql and postgresql back ends
sends mail
2010-05-13 11:35:58 -04:00
Chris PeBenito 24e0b9b3a4 Munin patch from Dan Walsh. 2010-05-13 11:20:54 -04:00
Chris PeBenito 16070400a8 RPM patch from Dan Walsh. 2010-05-11 11:11:40 -04:00
Chris PeBenito 27afb97c29 Minor fixes on a2524cf. Module version bump. 2010-05-11 08:33:04 -04:00
Chris PeBenito aeb7a4e180 Whitespace fixes on cobbler. 2010-05-11 08:23:02 -04:00
Jeremy Solt a2524cfa77 cobbler patch from Dan Walsh 2010-05-11 08:17:33 -04:00
Chris PeBenito fb3fc9e4f0 Cyrus patch from Dan Walsh. 2010-05-03 15:14:50 -04:00
Chris PeBenito 4804cd43a0 Clamav patch from Dan Walsh. 2010-05-03 15:01:35 -04:00
Chris PeBenito d8eb3c71c6 Dovecot patch from Dan Walsh. 2010-05-03 14:37:19 -04:00
Chris PeBenito baea7b1dc6 Networkmanager patch from Dan Walsh. 2010-05-03 14:01:26 -04:00
Justin P. Mattock d5932a6ac4 Fix a typo in support/genhomedircon.
Fix a typo in support/genhomedircon.

Signed-off-by: Justin P. Mattock <justinmattock@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-05-03 11:45:09 -04:00
Chris PeBenito 03a6e03926 Add kernel access to devtmpfs. Also add workround while devtmpfs is tmpfs_t instead of device_t. 2010-05-03 11:17:16 -04:00
Chris PeBenito a3108c60c0 Consolekit patch from Dan Walsh. 2010-05-03 10:21:48 -04:00
Chris PeBenito b0076a1413 Arpwatch patch from Dan Walsh. 2010-05-03 09:49:33 -04:00
Chris PeBenito 98ac98623c Dbus patch from Dan Walsh. 2010-05-03 09:34:42 -04:00
Chris PeBenito 61738f11ec Devicekit patch from Dan Walsh. 2010-05-03 09:01:46 -04:00
Chris PeBenito 857d37e84a GPG patch from Dan Walsh. 2010-04-30 15:24:19 -04:00
Chris PeBenito 3b72786090 Add trusted object condition to unix socket connectto/sendto, to fix label translation. 2010-04-29 11:29:39 -04:00
Chris PeBenito 87a9469fc9 Add networking rules for spamd to connect to mysql/postgresql over the network, from Chris St. Pierre. 2010-04-27 10:31:47 -04:00
Chris PeBenito 45696ab282 Add missing secmark rules in ntop, from Dominick Grift. 2010-04-27 09:31:30 -04:00
Chris PeBenito a53c6c65a4 FTP patch from Dan Walsh. 2010-04-26 15:15:23 -04:00
Chris PeBenito d7ebbd9d22 Module version bump for 34838aa. 2010-04-26 13:40:21 -04:00
Jeremy Solt 34838aa62a Samba patch from Dan Walsh
- signal interfaces
 - fusefs support
 - bug 566984: getattrs on all blk and chr files

Did not include:
 - changes related to samba_unconfined_script_t and samba_unconfined_net_t
 - samba_helper_template (didn't appear to be used)
 - manage_lnk_files_pattern in samba_manage_var_files
 - signal allow rule in samba_domtrans_winbind_helper
 - samba_role_notrans
 - userdom_manage_user_home_content

Some style and spacing fixes
2010-04-26 13:28:21 -04:00
Chris Richards 9b3e798ea3 bootmisc init script, 2nd try
Allow to create /var/lock/.keep.  This prevents Portage from destroying /var/lock under certain conditions.  This patch is Gentoo specific.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-04-26 12:59:12 -04:00
Chris PeBenito 05a2e3e2d7 Lircd patch from Dan Walsh. 2010-04-26 12:59:02 -04:00
Chris PeBenito e07fbc004d Add DenyHosts from Dan Walsh. 2010-04-26 12:59:02 -04:00
Chris PeBenito 44b3808ba5 Djbdns patch from Dan Walsh. 2010-04-26 12:59:02 -04:00
Chris PeBenito 4a8bd017aa Module version bump and extra comments for 194d61f. 2010-04-24 08:10:43 -04:00
Chris Richards 194d61fd3c modutils patch for update-modules
update-modules on Gentoo throws errors when run because it sources /etc/init.d/functions.sh, which always scans /var/lib/init.d to set SOFTLEVEL environment var.  This is never used by update-modules.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
Signed-off-by: Chris PeBenito <pebenito@gentoo.org>
2010-04-24 08:08:15 -04:00
Chris PeBenito 78352db924 Module version bump for 8c38fba. 2010-04-24 08:07:51 -04:00
Chris Richards 8c38fba0f0 allow syslog-ng to setrlimit
syslog-ng wants to increase the number of permissible open files from 256 to 4096 on unix/linux systems.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
Signed-off-by: Chris PeBenito <pebenito@gentoo.org>
2010-04-24 08:02:23 -04:00
Chris PeBenito 5c3274d7bf Module version bump for 4b121a5. 2010-04-19 10:23:11 -04:00
Chris PeBenito 46879922d8 Additional whitespace fix in nis. 2010-04-19 10:20:19 -04:00
Jeremy Solt f49fc19e5a Style changes 2010-04-19 10:19:46 -04:00
Jeremy Solt 4b121a5f53 nis patch from Dan Walsh
Made a couple style changes.
Removed unnecessary require in nis_use_ypbind interface
2010-04-19 10:19:44 -04:00
Chris PeBenito da5940411c Additional whitespace fixes in certmonger. 2010-04-19 10:17:24 -04:00
Jeremy Solt 0e5494a3d9 Fix some whitespace and style issues. 2010-04-19 10:07:20 -04:00
Jeremy Solt 33793ec2ce certmonger policy from Dan Walsh
Removed manage_var_run and manage_var_lib interfaces
Added missing requires to admin interface
Removed permissive line
Fixed some spacing / style issues
2010-04-19 10:07:17 -04:00
Chris PeBenito 86ff008754 Module version bump for 4f7b413. 2010-04-19 10:05:22 -04:00
Jeremy Solt e6e2a769ac Remove excess white space from ntop.te
Move ntop ports declaration to correct location.
2010-04-19 09:55:01 -04:00
Jeremy Solt 4f7b413cdc Ntop policy from Dan Walsh
Added alias for ntop_http_content_t in apache
Pulled in ntop port from corenetwork patch
2010-04-19 09:54:58 -04:00
Chris PeBenito 98759716fe Module version bump for 46e16a2. 2010-04-19 09:54:13 -04:00
Jeremy Solt d86d4f6069 Move optional policy to correct location for style 2010-04-19 09:50:42 -04:00