61e9ec3240
Login take 4 from Russell Coker.
...
I have used optional sections for dbus and xserver as requested and also
fixed a minor issue of a rule not being in the correct section.
Please merge this.
2017-04-26 06:26:50 -04:00
ef653c810a
authlogin: put interface properly inside optional
2017-02-28 19:55:27 -05:00
ca04cdb14b
Module version bump for patches from cgzones.
2017-02-26 12:23:19 -05:00
2087bde934
Systemd fixes from Russell Coker.
2017-02-23 20:03:23 -05:00
2e7553db63
Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker.
2017-02-04 15:19:35 -05:00
69ede859e8
Bump module versions for release.
2017-02-04 13:30:53 -05:00
67c435f1fc
Module version bump for fc updates from Nicolas Iooss.
2016-12-28 14:38:05 -05:00
f850ec37df
Module version bumps for /run fc changes from cgzones.
2016-12-22 15:54:46 -05:00
34055cae87
Bump module versions for release.
2016-10-23 16:58:59 -04:00
b7c7209cff
Module version bumps + contrib update for user_runtime from Jason Zaman.
2016-06-01 13:34:14 -04:00
6b1b2e3965
Module version bumps for 2 patches from Dominick Grift.
2015-12-10 15:46:13 -05:00
81d15a0273
authlogin: remove duplicate files_list_var_lib(nsswitch_domain)
...
Signed-off-by: Dominick Grift <dac.override@gmail.com>
2015-12-10 14:10:16 -05:00
c23353bcd8
Bump module versions for release.
2015-12-08 09:53:02 -05:00
70ba55c2fc
Module version bump for utempter Debian helper from Laurent Bigonville.
2015-12-01 10:23:46 -05:00
17694adc7b
Module version bump for systemd additions.
2015-10-23 14:53:14 -04:00
468185f5f7
Bump module versions for release.
2014-12-03 13:37:38 -05:00
0735f2ca4a
Module version bump for misc fixes from Sven Vermeulen.
2014-12-02 10:29:59 -05:00
10ff4d0fa3
Bump module versions for release.
2014-03-11 08:16:57 -04:00
58db129761
Update modules for file_t merge into unlabeled_t.
2014-01-16 11:24:25 -05:00
1a01976fc4
Module version bump for first batch of patches from Dominick Grift.
2013-12-02 14:22:29 -05:00
a0e88de5e5
authlogin: unix_chkpwd traverses / on sysfs device on Debian
...
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2013-12-02 08:27:54 -05:00
a2aeeefd98
Module version bump for fc fix in authlogin from Dominick Grift.
2013-09-26 09:27:04 -04:00
d174521a64
Bump module versions for release.
2013-04-24 16:14:52 -04:00
be2e70be8d
Module version bump for fixes from Dominick Grift.
2013-01-03 10:53:34 -05:00
79e1e4efb9
NSCD related changes in various policy modules
...
Use nscd_use instead of nscd_socket_use. This conditionally allows
nscd_shm_use
Remove the nscd_socket_use from ssh_keygen since it was redundant
already allowed by auth_use_nsswitch
Had to make some ssh_keysign_t rules unconditional else
nscd_use(ssh_keysign_t) would not build (nested booleans) but that does
not matter, the only actual domain transition to ssh_keysign_t is
conditional so the other unconditional ssh_keygen_t rules are
conditional in practice
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2013-01-03 10:43:10 -05:00
79f71729e3
Module version bump from Debian changes from Laurent Bigonville.
2012-12-07 00:46:27 -05:00
3516535aa6
Bump module versions for release.
2012-07-25 14:33:06 -04:00
2728d43634
Module version bump, changelog, pull contrib
2012-07-10 08:58:37 -04:00
b35c647481
nss_domain attribute patch 3, Miroslav Grepl
2012-07-10 08:43:38 -04:00
330b13a4a2
nss_domain attribute patch 1, Miroslav Grepl
2012-07-10 08:43:31 -04:00
b72101a116
Module version bump and changelog for non-auth file attribute to eliminate set expressions, from James Carter.
2012-05-04 09:14:00 -04:00
709fd365b8
Create non_auth_file_type attribute and interfaces
...
Reduce the binary policy size by eliminating some set expressions
related to file accesses and make Repolicy easier to convert into CIL.
- Moved the auth_file_type attribute.
- Created a new type attribute called non_auth_file_type.
- Created new interfaces to allow file accesses on non_auth_file_type
files.
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2012-05-04 08:47:37 -04:00
aa4dad379b
Module version bump for release.
2011-07-26 08:11:01 -04:00
a29c7b86e1
Module version bump and Changelog for auth file patches from Matthew Ife.
2011-07-18 13:48:05 -04:00
61fb2009ad
Create a new attribute for auth_file types. Add shadow as an auth_file type. Add new interfaces to manage auth_file types Deprecate *_except_shadow macros in favour of *_except_auth_files
2011-07-18 13:40:37 -04:00
1bc5de22c0
Start pulling in pieces of Fedora policy in system layer.
2011-03-31 13:29:59 -04:00
219e9a4f9a
Module version bump for authlogin patch from Guido Trentalancia.
2011-02-28 09:22:55 -05:00
9262d3c958
Whitespace fixes in authlogin.
2011-02-28 09:22:26 -05:00
baa87c9324
patch to add needed permissions to the authlogin module
...
This patch adds some needed permissions to the chkpwd_t domain
in policy/modules/system/authlogin.te.
2011-02-28 09:17:05 -05:00
8340621920
Implement miscfiles_cert_type().
...
This is based on Fedoras' miscfiles_cert_type implementation.
The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates.
Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-10 11:05:46 -04:00
48f99a81c0
Whitespace change: drop unnecessary blank line at the start of .te files.
2010-06-10 08:16:35 -04:00
29af4c13e7
Bump module versions for release.
2010-05-24 15:32:01 -04:00
153ed8751a
Authlogin patch from Dan Walsh.
2010-03-18 08:59:25 -04:00
827060cb04
Style fixes and module version bumps for 38fc1bd.
2010-03-17 09:28:18 -04:00
42f1b11482
Module version bump for 03dd57f.
2010-03-01 13:34:10 -05:00
aadcb968f9
Move netlink route sockets from nsswitch to DNS name resolve.
2010-02-17 20:28:59 -05:00
c3c753f786
Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users.
2010-02-11 14:20:10 -05:00
9570b28801
module version number bump for release 2.20090730 that was mistakenly omitted.
2009-08-05 10:59:21 -04:00
2acba7bbdb
fix ordering of interface calls in authlogin.
2009-08-05 09:51:47 -04:00
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
Jason Zaman
Chris PeBenito
Dominick Grift
Dominick Grift
James Carter
Matthew Ife
Guido Trentalancia
Dominick Grift
Chris PeBenito