15f0cc4fe1
Merge branch 'newrole_fixes' of git://github.com/cgzones/refpolicy
2017-02-26 11:58:43 -05:00
2170c65ad9
Merge branch 'su_module' of git://github.com/cgzones/refpolicy
2017-02-26 11:48:37 -05:00
1fc4753443
devices: Fix docs for dev_write_generic_sock_files().
2017-02-25 11:50:31 -05:00
74bf84a79e
apache: Fix CI error.
2017-02-25 11:50:11 -05:00
9f99cfb771
Network daemon patches from Russell Coker.
2017-02-25 11:20:19 -05:00
4f5c53411a
Fix typo in README.
...
Closes #100
2017-02-25 09:38:26 -05:00
e527ebaadf
systemd: Further revisions from Russell Coker.
2017-02-25 09:35:10 -05:00
1c5c70d4ab
init: Move interface and whitespace change.
2017-02-25 08:39:58 -05:00
5acda8076f
init: Rename init_search_pid_dirs() to init_search_pids().
2017-02-25 08:38:16 -05:00
35bd01104a
new init interfaces for systemd
...
These are needed by several patches I'm about to send.
Description: some new interfaces for init/systemd
Author: Russell Coker <russell@coker.com.au>
Last-Update: 2017-02-24
2017-02-25 08:19:39 -05:00
7cc502dfe5
mailman: Fixes from Russell Coker.
2017-02-23 20:59:14 -05:00
d504e1ef1b
rw_inherited_file_perms
...
This patch defines rw_inherited_file_perms. It's needed by a few patches
I'm going to send soon so I need to get it in before they go in.
Also it's generally a good thing to have. We should reconsider some of the
other policy for whether it should use this.
2017-02-23 20:52:04 -05:00
c12d16435b
Xen fixes from Russell Coker.
2017-02-23 20:32:17 -05:00
c3c767bae2
Module version bump for CI fixes.
2017-02-23 20:32:10 -05:00
65e60689d4
Fix CI errors.
2017-02-23 20:16:40 -05:00
2087bde934
Systemd fixes from Russell Coker.
2017-02-23 20:03:23 -05:00
485929b762
Module version bump for ntp fixes from cgzones.
2017-02-22 19:01:20 -05:00
389e3c954f
Merge branch 'init_ntp_interface' of git://github.com/cgzones/refpolicy
2017-02-22 18:37:29 -05:00
17753638ca
add init_daemon_lock_file()
...
needed for ntp
2017-02-21 15:07:47 +01:00
14cc33cba9
alsa, vnstat: Updates from cgzones.
2017-02-20 12:14:23 -05:00
498fb3c6e8
Module version bump for cgroups systemd fix from cgzones.
2017-02-20 11:21:00 -05:00
e72556c6dd
Merge branch 'cgroups_fix' of git://github.com/cgzones/refpolicy
2017-02-20 11:13:07 -05:00
132db642bd
Module version bump for selinuxutil and systmd changes from cgzones.
2017-02-20 10:57:50 -05:00
34cfce5410
Merge branch 'selinuxutil_module' of git://github.com/cgzones/refpolicy
2017-02-20 10:53:56 -05:00
e52b701f59
Merge branch 'systemd_transient' of git://github.com/cgzones/refpolicy
2017-02-20 10:43:18 -05:00
3b1909d1d1
fetchmail, mysql, tor: Misc fixes from Russell Coker.
2017-02-20 10:33:23 -05:00
b5497053e9
monit: Fix build error.
...
Uncovered by Travis-CI.
2017-02-20 08:43:12 -05:00
5770a8ee7c
update init_ACTION_all_units
...
When with systemd a program does not ship a systemd unit file but only a init script, systemd creates a pseudo service on the fly.
To be able to act on this service, add the target attribute init_script_file_type to the init_ACTION_all_units interfaces.
Useful for monit.
2017-02-20 14:24:56 +01:00
e4f3940729
add fs_getattr_dos_dirs()
...
useful
2017-02-20 14:20:33 +01:00
c753c066d1
add corecmd_check_exec_bin_files()
...
useful for monit
2017-02-20 14:20:33 +01:00
9b5d89fcf6
newrole: fix denials
...
dontaudit net_admin access due to setsockopt
allow communication with systemd-logind
2017-02-20 14:10:17 +01:00
ede0dadc05
Monit policy from Russell Coker and cgzones.
2017-02-19 16:39:35 -05:00
53fb3a3ba4
dpkg: Updates from Russell Coker.
2017-02-19 16:13:14 -05:00
ba0e51c5b0
su: some adjustments
...
* systemd fixes
* remove unused attribute su_domain_type
* remove hide_broken_symptoms sections
* dontaudit init_t proc files access
* dontaudit net_admin capability due to setsockopt
2017-02-18 21:50:45 +01:00
4d413fd0cb
authlogin: introduce auth_use_pam_systemd
...
add special interface for pam_systemd module permissions
2017-02-18 21:50:45 +01:00
2fcce0a88f
Merge branch 'master' of github.com:TresysTechnology/refpolicy
2017-02-18 14:02:36 -05:00
4c16ca2d66
Only display the WERROR notice if there actually are errors.
2017-02-18 13:59:33 -05:00
14566f96a9
Module version bump for hostname fix from cgzones.
2017-02-18 13:58:29 -05:00
a5658b85a0
locallogin: adjustments
...
* do not grant permissions by negativ matching
* separate dbus from consolekit block for systemd
2017-02-18 19:36:44 +01:00
36fa3d8916
Merge branch 'hostname_module' of git://github.com/cgzones/refpolicy
2017-02-18 13:32:23 -05:00
8266424bcb
systemd_cgroups_t: fix denials
2017-02-18 18:41:45 +01:00
7d9a3be9f0
Merge pull request #98 from cgzones/admin_process_pattern
...
add admin_process_pattern macro
2017-02-18 12:38:23 -05:00
3726cd58f6
Module version bump for changes from cgzones.
2017-02-18 12:28:38 -05:00
abe9e18f73
Merge branch 'var_and_run' of git://github.com/cgzones/refpolicy
2017-02-18 11:54:16 -05:00
e96c357b79
Merge branch 'corecmd_module' of git://github.com/cgzones/refpolicy
2017-02-18 11:51:40 -05:00
8b6525e992
Merge branch 'sysadm_fixes' of git://github.com/cgzones/refpolicy
2017-02-18 11:39:05 -05:00
959f78de99
Merge branch 'setfiles_getattr' of git://github.com/cgzones/refpolicy
2017-02-18 11:34:23 -05:00
74d6a63ff9
mon: Fix deprecated interface usage.
2017-02-18 11:21:34 -05:00
c784507bce
Travis-CI: Terminate build immediately on error.
...
See travis-ci/travis-ci#1066 .
2017-02-18 10:37:35 -05:00
1af24ad32b
Fix Travis-CI WERROR support.
2017-02-18 10:25:48 -05:00
Chris PeBenito
Russell Coker
cgzones