RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,669 Commits 3 Branches 49 Tags 18 MiB
Commit Graph

23 Commits

Author SHA1 Message Date
Sven Vermeulen 1fe3d0929e sudo with SELinux support requires key handling 
When using sudo with SELinux integrated support, the sudo domains need to be able to create user keys. Without this
privilege, any command invoked like "sudo /etc/init.d/local status" will run within the sudo domain (sysadm_sudo_t)
instead of the sysadm_t domain (or whatever domain is mentioned in the sudoers file).

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
 2012-05-04 08:30:28 -04:00
Sven Vermeulen fc2f5ea3b4 Adding dontaudit for sudo 
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
 2012-04-20 15:55:12 -04:00
Chris PeBenito e2fa4f2e8c Add user application, tmp and tmpfs file interfaces. 2011-10-28 08:48:10 -04:00
Dominick Grift 69e900a7f4 Two insignificant fixes that i stumbled on when merging dev_getattr_fs() 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-10-11 10:30:45 -04:00
Chris PeBenito c7908d1ee7 Module version bump for Dominick's sudo cleanup. 2010-10-08 14:33:04 -04:00
Dominick Grift 5e70e017a3 sudo: wants to get attributes of device_t filesystems. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-10-08 14:26:55 -04:00
Dominick Grift e737d5d723 sudo: wants to get attributes of generic pts filesystems. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-10-08 09:26:14 -04:00
Chris PeBenito 3835c39a13 Sudo patch from Dan Walsh. 
sudo gets execed by apps that leak sockets
 2010-06-18 14:43:22 -04:00
Chris PeBenito c3c753f786 Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users. 2010-02-11 14:20:10 -05:00
Chris PeBenito ed03a5b916 Sudo patch from Dan Walsh. 2010-02-11 09:15:45 -05:00
Chris PeBenito 9c47227c7a fix ordering of interface calls in sudo. 2009-08-05 09:48:46 -04:00
Chris PeBenito 41ea887598 sudo patch from dan. 2009-07-28 10:29:11 -04:00
Chris PeBenito 296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito 2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito 0bfccda4e8 trunk: massive whitespace cleanup from dominick grift. 2008-07-23 21:38:39 +00:00
Chris PeBenito c0cf6e0a6e trunk: clean up nsswitch usage, from dan. 2007-12-04 15:05:55 +00:00
Chris PeBenito d46cfe45cd trunk: add application module 2007-07-19 18:57:48 +00:00
Chris PeBenito 8021cb4f63 Merge sbin_t and ls_exec_t into bin_t. 2007-03-23 23:24:59 +00:00
Chris PeBenito 6c20f77e80 patch from Dan for sudo: 
sudo should be able to getattr on all executables not just 
bin_t/sbin_t.  Confined executeables run from sudo need this.

sudo_exec_t needs to be marked as exec_type so prelink will work correctly.

sudo semanage should work
 2007-03-19 16:32:44 +00:00
Chris PeBenito 6b19be3360 patch from dan, Thu, 2007-01-25 at 08:12 -0500 2007-02-16 23:01:42 +00:00
Chris PeBenito c0868a7a3b merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
Chris PeBenito bbcd3c97dd add main part of role-o-matic 2006-09-06 22:07:25 +00:00
Chris PeBenito 17de1b790b remove extra level of directory 2006-07-12 20:32:27 +00:00