Chris PeBenito
160d08f3ae
systemd-resolvd, sessions, and tmpfiles take2
...
I believe that I have addressed all the issues Chris raised, so here's a newer
version of the patch which applies to today's git version.
Description: systemd-resolved, sessions, and tmpfiles patches
Author: Russell Coker <russell@coker.com.au>
Last-Update: 2017-03-26
2017-03-28 18:51:35 -04:00
cgzones
d2702a4224
corecmd_read_bin_symlinks(): remove deprecated and redundant calls
2017-03-03 12:00:07 +01:00
Chris PeBenito
2087bde934
Systemd fixes from Russell Coker.
2017-02-23 20:03:23 -05:00
Chris PeBenito
1720e109a3
Sort capabilities permissions from Russell Coker.
2017-02-15 18:47:33 -05:00
cgzones
d8cb498284
remove trailing whitespaces
2016-12-06 13:45:13 +01:00
Chris PeBenito
f7286189b3
Add systemd units for core refpolicy services.
...
Only for services that already have a named init script.
Add rules to init_startstop_service(), with conditional arg until
all of refpolicy-contrib callers are updated.
2015-10-23 10:17:46 -04:00
Chris PeBenito
3639880cf6
Implement core systemd policy.
...
Significant contributions from the Tresys CLIP team.
Other changes from Laurent Bigonville.
2015-10-23 10:16:59 -04:00
Jason Zaman
a324fab096
logging: use init_startstop_service in _admin interface
...
The logging_admin interfaces had rules for RedHat sysvinit. This
replaces them with the interface init_startstop_service which can
easily be changed for other init systems.
2015-05-27 14:37:40 -04:00
Chris PeBenito
47fa454784
/dev/log symlinks are not labeled devlog_t.
...
Drop rule; if /dev/log is a symlink, it should be device_t.
2014-09-12 14:25:01 -04:00
Nicolas Iooss
ae4d07c8a8
Support logging with /run/systemd/journal/dev-log
...
In June 2014 systemd moved the socket used by journald to /run. This
requires two new directory search access for every domain sending syslog
messages:
* /run/systemd/ (handled by init_search_run)
* /run/systemd/journal/ (labeled syslogd_var_run_t)
systemd commit:
http://cgit.freedesktop.org/systemd/systemd/commit/units/systemd-journald-dev-log.socket?id=03ee5c38cb0da193dd08733fb4c0c2809cee6a99
2014-09-12 09:50:48 -04:00
Chris PeBenito
d29f5d4e72
Rename logging_search_all_log_dirs to logging_search_all_logs
2012-10-30 13:27:10 -04:00
Sven Vermeulen
c239a20504
Introduce logging_search_all_log_dirs interface
...
Support the logging_search_all_log_dirs interface for applications such as
fail2ban-client, who scan through log directories.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2012-10-30 13:25:23 -04:00
Sven Vermeulen
48e8c08717
Introduce logging_getattr_all_logs interface
...
Support the logging_getattr_all_logs interface, which will be used by
applications responsible for reviewing the state of log files (without needing
to read them), such as the fail2ban-client application.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2012-10-30 13:25:07 -04:00
Chris PeBenito
4f24b1841c
Add optional name for kernel and system filetrans interfaces.
2012-05-10 09:53:45 -04:00
Chris PeBenito
127d617b31
Pull in some changes from Fedora policy system layer.
2011-04-14 11:36:56 -04:00
Dominick Grift
a0546c9d1c
System layer xml fixes.
...
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 09:25:55 -04:00
Chris PeBenito
a7ee7f819a
Docs standardizing on the role portion of run interfaces. Additional docs cleanup.
2010-08-03 09:20:22 -04:00
Chris PeBenito
7a8807b627
Logging patch from Dan Walsh.
2010-03-17 14:40:06 -04:00
Chris PeBenito
5fb5bf2686
Additional docs for logging_log_filetrans().
2010-03-01 10:38:24 -05:00
Chris PeBenito
45185c0783
Improve the documentation of logging_log_file() and logging_log_filetrans().
2010-02-26 09:34:41 -05:00
Chris PeBenito
6e48775f75
Improve documentation on logging_send_syslog_msg().
2010-02-24 15:56:05 -05:00
Chris PeBenito
2f84a77d22
Syslog fixes from Gentoo.
2010-02-17 20:33:53 -05:00
Chris PeBenito
fef5dcf3af
Remove excessive permissions in logging_send_syslog_msg(). Ticket #14 .
2009-08-26 10:05:36 -04:00
Chris PeBenito
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
ff8f0a63f4
trunk: whitespace fixes in xml blocks.
2008-12-03 19:16:20 +00:00
Chris PeBenito
7a4c282536
trunk: fix logging admin interfaces.
2008-11-14 13:53:21 +00:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
0b36a2146e
trunk: Enable open permission checks policy capability.
2008-10-16 16:09:20 +00:00
Chris PeBenito
06099da657
trunk: 3 patches from dan.
2008-10-09 18:06:24 +00:00
Chris PeBenito
cfafe4a7a8
trunk: logging update from dan.
2008-09-18 13:20:57 +00:00
Chris PeBenito
96851b1d63
trunk: fix bad require.
2008-09-03 15:37:24 +00:00
Chris PeBenito
e40fa634b2
trunk: Logrotate and Bind updates from Vaclav Ovsik.
2008-09-03 14:12:56 +00:00
Chris PeBenito
c11057f7ae
trunk: fedora update cherry picked by david hardeman.
2008-08-22 15:17:01 +00:00
Chris PeBenito
8f3a0a95e0
trunk: a pile of misc fixes, mainly sync xml docs with interface implementation.
2008-05-15 13:10:34 +00:00
Chris PeBenito
1abafe3707
trunk: Patch for debian logrotate to handle syslogd-listfiles, from Vaclav Ovsik.
2007-12-12 16:18:50 +00:00
Chris PeBenito
eaed904cd5
trunk: 3 patches from dan.
2007-11-05 19:35:08 +00:00
Chris PeBenito
14add30d03
trunk: 3 patches from dan.
2007-09-12 14:53:39 +00:00
Chris PeBenito
0a0b8078ca
trunk: 5 patches from dan.
2007-09-04 18:57:58 +00:00
Chris PeBenito
d5b81a81ff
trunk: Add logging_send_audit_msgs() interface and deprecate send_audit_msgs_pattern().
2007-06-12 18:46:14 +00:00
Chris PeBenito
8021cb4f63
Merge sbin_t and ls_exec_t into bin_t.
2007-03-23 23:24:59 +00:00
Chris PeBenito
c0868a7a3b
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
Chris PeBenito
bbcd3c97dd
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
Chris PeBenito
a5e2133bc8
patch from dan Wed, 23 Aug 2006 14:03:49 -0400
2006-08-29 02:41:00 +00:00
Chris PeBenito
46551033aa
patch from dan Wed, 26 Jul 2006 14:42:46 -0400
2006-07-28 15:13:58 +00:00
Chris PeBenito
17de1b790b
remove extra level of directory
2006-07-12 20:32:27 +00:00