Commit Graph

1716 Commits

Author SHA1 Message Date
Chris PeBenito 4029f11670 last piece of previous consolekit patch 2007-04-11 20:02:59 +00:00
Chris PeBenito 97e8156ecb add zabbix from dan 2007-04-11 18:55:44 +00:00
Chris PeBenito 697489040e 5 patches from dan. confine insmod and udev on targeted, misc fc fixes, sasl kerberos use, and samba port fixes 2007-04-11 17:56:03 +00:00
Chris PeBenito 99064c9fbd more consolekit updates from dan 2007-04-11 14:04:35 +00:00
Chris PeBenito 82e284bb89 last piece of dan's previous patch 2007-04-11 13:31:10 +00:00
Chris PeBenito 19b2dee3cc confine ldconfig in targeted, from dan 2007-04-10 19:39:22 +00:00
Chris PeBenito ebc1e8be97 from dan:
kadmind trys to setattr on krb5kdc file.  Just a library checking access.
2007-04-10 17:20:07 +00:00
Chris PeBenito 9af48eef6e six patches from dan 2007-04-10 13:10:58 +00:00
Chris PeBenito f4e2b1983a man page updates from dan 2007-04-02 13:58:33 +00:00
Chris PeBenito 98faba122c gentoo /lib can be a symlink on x86-64 systems 2007-04-02 13:33:18 +00:00
Chris PeBenito 39d8dcdb4f fix http_script_domains, it was incorrectly applied to the content type rather than the script domain. bug #24. 2007-04-02 13:20:55 +00:00
Chris PeBenito f88ef60ac0 emit "null" instead of NULL for userspace headers 2007-03-30 20:33:51 +00:00
Chris PeBenito f6ddd6b9b7 bools in modules fix to require the boolean in optionals that are part of the base module, and move bool declarations in the base module/monolithic 2007-03-30 12:43:15 +00:00
Chris PeBenito dde00d4e70 add refresh target to devel makefile which tries to reload all of the modules currently in the store. 2007-03-29 12:08:00 +00:00
Chris PeBenito a26923c32e Two patches from Paul Moore to for ipsec to remove redundant rules and have setkey read the config file. 2007-03-28 18:47:45 +00:00
Chris PeBenito 9e8f65c83e six trivial patches from dan for iptables, netutils, ipsec, devices, filesystem and cpuspeed 2007-03-26 20:47:29 +00:00
Chris PeBenito 56e1b3d207 - Move booleans and tunables to modules when it is only used in a single
module.
- Add support for tunables and booleans local to a module.
2007-03-26 18:41:45 +00:00
Chris PeBenito 8021cb4f63 Merge sbin_t and ls_exec_t into bin_t. 2007-03-23 23:24:59 +00:00
Chris PeBenito ab514d6a89 remove disable_trans booleans 2007-03-23 21:01:49 +00:00
Chris PeBenito e9b0042f35 Output different header sets for kernel and userland from flask headers. 2007-03-23 20:32:23 +00:00
Chris PeBenito 1852cdabce deprecated pax class 2007-03-23 20:21:06 +00:00
Chris PeBenito 5f5b7a1ec6 network fix from dan 2007-03-22 14:33:00 +00:00
Chris PeBenito cc9130b90a one-liner from dan 2007-03-22 14:01:55 +00:00
Chris PeBenito 19fd9301e6 patch from dan to have ricci modstorage transition to lvm 2007-03-21 20:02:50 +00:00
Chris PeBenito d17bab02cc stop adding netfilter contexts, as decided at the developers summit 2007-03-21 19:40:55 +00:00
Chris PeBenito cd3ee91a4b add fail2ban from dan 2007-03-21 15:51:52 +00:00
Chris PeBenito efcf9df253 kudzu will telinit to make init re-read the inittab after configuring serial consoles 2007-03-20 19:00:35 +00:00
Chris PeBenito a5f5eba459 Add dontaudits for init fds and console to init_daemon_domain(). 2007-03-20 18:47:18 +00:00
Chris PeBenito 4832f0e066 create user gpg keys dir patch from dan 2007-03-19 19:10:43 +00:00
Chris PeBenito 93784927ca add kvmfs support, from dan 2007-03-19 18:48:14 +00:00
Chris PeBenito 7200146ea8 trivial patch for radius from dan 2007-03-19 18:42:57 +00:00
Chris PeBenito 86b28c9594 trivial patch from dan for sysstat access to sysfs 2007-03-19 18:38:54 +00:00
Chris PeBenito e66689f7be other part of consolekit addition 2007-03-19 18:36:36 +00:00
Chris PeBenito c224d91c7b from Dan:
This is a new policy for the User Switching capability coming in gnome.

consolekit is a daemon that communicates with xdm_t and hal through dbus to change the
ownership/access on certain devices when the login session changes from one user to another
2007-03-19 18:01:15 +00:00
Chris PeBenito 6c20f77e80 patch from Dan for sudo:
sudo should be able to getattr on all executables not just 
bin_t/sbin_t.  Confined executeables run from sudo need this.

sudo_exec_t needs to be marked as exec_type so prelink will work correctly.

sudo semanage should work
2007-03-19 16:32:44 +00:00
Chris PeBenito b50f2ee48d It was just pointed out to me that the raw IP socket class is missing from the
recvfrom MLS constraint.

Signed-off-by: Paul Moore
2007-03-09 14:45:19 +00:00
Chris PeBenito 0cca516db7 fix for rh bug 203290 2007-03-08 19:01:21 +00:00
Chris PeBenito b5a6c86f46 last bit of dans patch 2007-03-08 17:53:52 +00:00
Chris PeBenito cdc91b9aeb Patch for handling restart of nscd when ran from useradd, groupadd, and admin passwd, from Dan Walsh. 2007-03-08 15:14:45 +00:00
Chris PeBenito 59bedc1886 procmail uses /tmp files
Wants to send signull to itself
Can exec ls
Read spamassinn_lib_dirs
New directory for spamassin /var/lib/
pyzor uses tmp files
2007-03-07 21:33:22 +00:00
Chris PeBenito 7aefc69117 trivial change from dan 2007-03-06 17:44:26 +00:00
Chris PeBenito 7aca2aa827 setroubleshoot has a plugin that checks the file context on disk versus a matchpathcon. So needs additional privs 2007-03-06 17:16:08 +00:00
Chris PeBenito c23eb5b1c4 Patch for gssd fixes from Dan Walsh 2007-03-06 16:18:59 +00:00
Chris PeBenito c5561c777d patches for lvm and ricci fixes from Dan Walsh. 2007-03-06 15:35:02 +00:00
Chris PeBenito f2c69c47b3 lmtp and smtp are the same file require same context of setfiles complains
postfix_pickup_t wants to read postfix_spool_maildrop_t dir
2007-03-01 20:41:19 +00:00
Chris PeBenito ecc98e19e3 patches for file contexts in networkmanager, miscfiles, corecommands, devices, and java from Dan Walsh. 2007-03-01 15:43:39 +00:00
Chris PeBenito 4900fdf7d1 Patch for kerberized telnet fixes from Dan Walsh. 2007-02-28 17:17:52 +00:00
Chris PeBenito 09c56f5496 Patch for kerberized ftp and other ftp fixes from Dan Walsh. 2007-02-28 17:01:47 +00:00
Chris PeBenito 2aea366ffc Patch for an additional wine executable from Dan Walsh. 2007-02-28 16:23:06 +00:00
Chris PeBenito bf39cdb807 Patch for additional games file contexts from Dan Walsh. 2007-02-28 15:30:38 +00:00