Sven Vermeulen
1fe3d0929e
sudo with SELinux support requires key handling
...
When using sudo with SELinux integrated support, the sudo domains need to be able to create user keys. Without this
privilege, any command invoked like "sudo /etc/init.d/local status" will run within the sudo domain (sysadm_sudo_t)
instead of the sysadm_t domain (or whatever domain is mentioned in the sudoers file).
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2012-05-04 08:30:28 -04:00
Sven Vermeulen
fc2f5ea3b4
Adding dontaudit for sudo
...
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2012-04-20 15:55:12 -04:00
Chris PeBenito
e2fa4f2e8c
Add user application, tmp and tmpfs file interfaces.
2011-10-28 08:48:10 -04:00
Dominick Grift
69e900a7f4
Two insignificant fixes that i stumbled on when merging dev_getattr_fs()
...
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-10-11 10:30:45 -04:00
Chris PeBenito
c7908d1ee7
Module version bump for Dominick's sudo cleanup.
2010-10-08 14:33:04 -04:00
Dominick Grift
5e70e017a3
sudo: wants to get attributes of device_t filesystems.
...
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-10-08 14:26:55 -04:00
Dominick Grift
e737d5d723
sudo: wants to get attributes of generic pts filesystems.
...
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-10-08 09:26:14 -04:00
Chris PeBenito
3835c39a13
Sudo patch from Dan Walsh.
...
sudo gets execed by apps that leak sockets
2010-06-18 14:43:22 -04:00
Chris PeBenito
c3c753f786
Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users.
2010-02-11 14:20:10 -05:00
Chris PeBenito
ed03a5b916
Sudo patch from Dan Walsh.
2010-02-11 09:15:45 -05:00
Chris PeBenito
9c47227c7a
fix ordering of interface calls in sudo.
2009-08-05 09:48:46 -04:00
Chris PeBenito
41ea887598
sudo patch from dan.
2009-07-28 10:29:11 -04:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
2cca6b79b4
trunk: remove redundant shared lib calls.
2008-10-17 17:31:04 +00:00
Chris PeBenito
0bfccda4e8
trunk: massive whitespace cleanup from dominick grift.
2008-07-23 21:38:39 +00:00
Chris PeBenito
c0cf6e0a6e
trunk: clean up nsswitch usage, from dan.
2007-12-04 15:05:55 +00:00
Chris PeBenito
d46cfe45cd
trunk: add application module
2007-07-19 18:57:48 +00:00
Chris PeBenito
8021cb4f63
Merge sbin_t and ls_exec_t into bin_t.
2007-03-23 23:24:59 +00:00
Chris PeBenito
6c20f77e80
patch from Dan for sudo:
...
sudo should be able to getattr on all executables not just
bin_t/sbin_t. Confined executeables run from sudo need this.
sudo_exec_t needs to be marked as exec_type so prelink will work correctly.
sudo semanage should work
2007-03-19 16:32:44 +00:00
Chris PeBenito
6b19be3360
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
Chris PeBenito
c0868a7a3b
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
Chris PeBenito
bbcd3c97dd
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
Chris PeBenito
17de1b790b
remove extra level of directory
2006-07-12 20:32:27 +00:00