Commit Graph

47 Commits

Author SHA1 Message Date
Chris PeBenito bca0cdb86e Remove duplicate/redundant rules, from Russell Coker. 2010-07-07 08:41:20 -04:00
Chris PeBenito 48f99a81c0 Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
Chris PeBenito 29af4c13e7 Bump module versions for release. 2010-05-24 15:32:01 -04:00
Chris PeBenito 088b65e52b SSH patch from Dan Walsh. 2010-05-19 08:31:17 -04:00
Chris PeBenito d08a3df046 Ssh key creation fix from Gentoo. 2010-02-17 20:32:08 -05:00
Chris PeBenito c3c753f786 Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users. 2010-02-11 14:20:10 -05:00
Chris PeBenito edc2f7dea4 Fix home_ssh_t usage. 2010-01-25 08:34:28 -05:00
Chris PeBenito cde15072d0 SSH patch from Dan Walsh. 2010-01-15 15:28:27 -05:00
Chris PeBenito 9570b28801 module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
Chris PeBenito 09516cb4be remove read_default_t tunable 2009-07-23 08:58:35 -04:00
Chris PeBenito 3f67f722bb trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
Chris PeBenito c1262146e0 trunk: Remove node definitions and change node usage to generic nodes. 2009-01-09 19:48:02 +00:00
Chris PeBenito 668b3093ff trunk: change network interface access from all to generic network interfaces. 2009-01-06 20:24:10 +00:00
Chris PeBenito 296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito 2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito 5d4f4b5375 trunk: bump version numbers for release. 2008-10-14 15:46:36 +00:00
Chris PeBenito c9824ec5ce trunk: remove incomplete sshd_extern. 2008-09-18 14:06:30 +00:00
Chris PeBenito 0bfccda4e8 trunk: massive whitespace cleanup from dominick grift. 2008-07-23 21:38:39 +00:00
Chris PeBenito 0a14f3ae09 trunk: bump module version numbers for release. 2008-04-02 16:04:43 +00:00
Chris PeBenito 2c12b471ad trunk: add core xselinux support. 2008-04-01 20:23:23 +00:00
Chris PeBenito f7925f25f7 trunk: bump module versions for release. 2007-12-14 14:23:18 +00:00
Chris PeBenito ef659a476e Deprecate some old file and dir permission set macros in favor of the newer, more consistently-named macros. 2007-10-09 17:29:48 +00:00
Chris PeBenito 12e9ea1ae3 trunk: module version bumps for previous commit. 2007-10-02 17:15:07 +00:00
Chris PeBenito 350b6ab767 trunk: merge strict and targeted policies. merge shlib_t into lib_t. 2007-10-02 16:04:50 +00:00
Chris PeBenito 3480f3f239 trunk: bump version numbers for release. 2007-09-28 13:58:24 +00:00
Chris PeBenito 708aab1393 trunk: fix targeted sshd. When the domain was unaliased from unconfined_t, a transition to unconfined_t was not added. 2007-07-20 18:25:26 +00:00
Chris PeBenito d46cfe45cd trunk: add application module 2007-07-19 18:57:48 +00:00
Chris PeBenito 116c1da330 trunk: update module version numbers for release. 2007-06-29 14:48:13 +00:00
Chris PeBenito 1900668638 trunk: Unified labeled networking policy from Paul Moore.
The latest revision of the labeled policy patches which enable both labeled 
and unlabeled policy support for NetLabel.  This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access.  The older, transport layer specific interfaces, are still  
present for use by third-party modules but are not used in the default policy
modules.

trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.

This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
2007-06-27 15:23:21 +00:00
Chris PeBenito d28e528b0d Fixes for RHEL4 from the CLIP project. 2007-04-27 15:08:15 +00:00
Chris PeBenito 0251df3e39 bump module versions for release 2007-04-17 13:28:09 +00:00
Chris PeBenito 56e1b3d207 - Move booleans and tunables to modules when it is only used in a single
module.
- Add support for tunables and booleans local to a module.
2007-03-26 18:41:45 +00:00
Chris PeBenito 6b19be3360 patch from dan, Thu, 2007-01-25 at 08:12 -0500 2007-02-16 23:01:42 +00:00
Chris PeBenito 42c5c5f612 bump versions for release. 2006-12-12 21:22:47 +00:00
Chris PeBenito c0868a7a3b merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
Chris PeBenito d9845ae92a patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
Chris PeBenito a52b4d4f23 bump versions to release numbers 2006-10-18 19:25:27 +00:00
Chris PeBenito e070dd2df0 - Move range transitions to modules.
- Make number of MLS sensitivities, and number of MLS and MCS
  categories configurable as build options.
2006-10-04 17:25:34 +00:00
Chris PeBenito 693d4aedb5 patch from dan Fri, 22 Sep 2006 16:30:34 -0400 2006-09-25 18:53:06 +00:00
Chris PeBenito a9e03b3752 * add a macro for generating category declarations
* fix userdom_search_all_users_home_content() to use search_dir_perms;
* change ssh daemon macro to use userdom_search_all_users_home_dirs() instead of _home_content()
2006-09-21 15:48:15 +00:00
Chris PeBenito bf469d7669 gentoo testing fixes 2006-09-19 17:02:29 +00:00
Chris PeBenito 75beb95014 patch from dan Tue, 05 Sep 2006 17:06:06 -0400 2006-09-06 16:36:23 +00:00
Chris PeBenito 33c7e6b4e8 remove dead selopt rules 2006-08-15 20:00:58 +00:00
Chris PeBenito 4b3b46d7ef add authlogin interface to abstract common login program perms 2006-07-31 22:26:59 +00:00
Chris PeBenito 46551033aa patch from dan Wed, 26 Jul 2006 14:42:46 -0400 2006-07-28 15:13:58 +00:00
Chris PeBenito 528811e040 clean up most of the remaining ssh TODO 2006-07-26 20:34:09 +00:00
Chris PeBenito 17de1b790b remove extra level of directory 2006-07-12 20:32:27 +00:00