RepoMirrors/selinux-refpolicy
1
0
Fork 0
mirror of https://github.com/SELinuxProject/refpolicy synced 2025-03-31 07:46:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,296 Commits 3 Branches 50 Tags 22 MiB
cb35cd587f
Commit Graph

94 Commits

Author SHA1 Message Date
Chris PeBenito
cb35cd587f Little misc patches from Russell Coker. 2017-02-18 09:39:01 -05:00
Chris PeBenito
e9b2a7943c Module version bump for bootloader patch revert. Plus compat alias. 2017-02-11 14:51:21 -05:00
Chris PeBenito
2e7553db63 Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker. 2017-02-04 15:19:35 -05:00
Chris PeBenito
69ede859e8 Bump module versions for release. 2017-02-04 13:30:53 -05:00
Chris PeBenito
0fe21742cd Module version bumps for patches from cgzones. 2017-01-09 20:34:15 -05:00
Chris PeBenito
67c435f1fc Module version bump for fc updates from Nicolas Iooss. 2016-12-28 14:38:05 -05:00
Chris PeBenito
19c3addb99 Module version bump for patches from Guido Trentalancia. 2016-12-27 10:51:56 -05:00
Chris PeBenito
f850ec37df Module version bumps for /run fc changes from cgzones. 2016-12-22 15:54:46 -05:00
Chris PeBenito
34055cae87 Bump module versions for release. 2016-10-23 16:58:59 -04:00
Chris PeBenito
c720d99e30 Module version bump for module_load perm use from Guido Trentalancia. 2016-08-29 20:29:46 -04:00
Chris PeBenito
464c5df247 Reduce broad entrypoints for unconfined domains. 
Entrypoints into unconfined domains, like with confined domains, should be
tightly controlled to make arbitrary code execution more difficult.
 2016-03-22 15:43:30 -04:00
Chris PeBenito
c23353bcd8 Bump module versions for release. 2015-12-08 09:53:02 -05:00
Chris PeBenito
17694adc7b Module version bump for systemd additions. 2015-10-23 14:53:14 -04:00
Chris PeBenito
468185f5f7 Bump module versions for release. 2014-12-03 13:37:38 -05:00
Chris PeBenito
1743984baf Module version bump for misc fixes from Nicolas Iooss. 2014-08-26 09:14:44 -04:00
Chris PeBenito
b2b750279a Module version bump for firstboot_rw_t alias removal. 2014-06-09 08:23:24 -04:00
Chris PeBenito
fb51415d42 Remove firstboot_rw_t as FC5 has been gone for a long time. 2014-06-09 08:22:52 -04:00
Elia Pinto
a55da23db2 Fix misspelling 
Fix misspelling using  http://github.com/lyda/misspell-check

Signed-off-by: Elia Pinto <gitter.spiros@gmail.com>
 2014-06-09 08:21:45 -04:00
Chris PeBenito
10ff4d0fa3 Bump module versions for release. 2014-03-11 08:16:57 -04:00
Chris PeBenito
dd0df56c26 Module version bump for files_dontaudit_list_var() interface from Luis Ressel. 2014-02-08 09:04:18 -05:00
Chris PeBenito
d66aeb8436 Merge file_t into unlabeled_t, as they are security equivalent. 2014-01-16 11:19:00 -05:00
Chris PeBenito
57f00181ee Module version bump for mount updates from Dominick Grift. 2013-09-27 16:54:54 -04:00
Chris PeBenito
d174521a64 Bump module versions for release. 2013-04-24 16:14:52 -04:00
Chris PeBenito
fd569471c3 Module version bump for Debian updates from Laurent Bigonville. 2013-01-23 07:23:52 -05:00
Laurent Bigonville
ef854630b4 Label var_lock_t as a mountpoint 
In Debian, /var/lock is a symlink to /var/run/lock which is a tmpfs
mount.
 2013-01-23 07:10:13 -05:00
Chris PeBenito
b2cf9398df Module version bump for Gentoo openrc fixes for /run from Sven Vermeulen. 2012-10-31 11:49:56 -04:00
Chris PeBenito
104456aa17 Module version bump for interfaces used by virt from Dominick Grift. 2012-10-30 14:17:25 -04:00
Chris PeBenito
d7f7136953 Module version bump for cachefiles core support. 2012-10-04 08:25:19 -04:00
Chris PeBenito
4a865b3830 Module version bump for lost+found labeling in /var/log from Guido Trentalancia. 2012-08-29 10:49:23 -04:00
Chris PeBenito
2b70efd2f6 Module version bump for fc substitutions optimizations from Sven Vermeulen. 2012-08-15 11:00:55 -04:00
Chris PeBenito
3516535aa6 Bump module versions for release. 2012-07-25 14:33:06 -04:00
Chris PeBenito
36d6797363 Module version bump and changelog for udev and init changes to support /run, from Sven Vermeulen. 2012-07-24 09:11:14 -04:00
Chris PeBenito
2728d43634 Module version bump, changelog, pull contrib 2012-07-10 08:58:37 -04:00
Chris PeBenito
8e00a439ef Module verion bump for simplify file contexts based on file context path substitutions, from Sven Vermeulen. 2012-05-10 10:36:06 -04:00
Chris PeBenito
4f24b1841c Add optional name for kernel and system filetrans interfaces. 2012-05-10 09:53:45 -04:00
Chris PeBenito
b72101a116 Module version bump and changelog for non-auth file attribute to eliminate set expressions, from James Carter. 2012-05-04 09:14:00 -04:00
James Carter
709fd365b8 Create non_auth_file_type attribute and interfaces 
Reduce the binary policy size by eliminating some set expressions
related to file accesses and make Repolicy easier to convert into CIL.
- Moved the auth_file_type attribute.
- Created a new type attribute called non_auth_file_type.
- Created new interfaces to allow file accesses on non_auth_file_type
files.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
 2012-05-04 08:47:37 -04:00
Chris PeBenito
9e56720a39 Module version bump and changelog for various dontaudits from Sven Vermenulen. 2012-04-20 16:06:54 -04:00
Chris PeBenito
f65edd8280 Bump module versions for release. 2012-02-15 14:32:45 -05:00
Chris PeBenito
3cbb3701cd Module version bumps for debian fc patch from Russell Coker. 2011-11-16 15:31:48 -05:00
Chris PeBenito
aa4dad379b Module version bump for release. 2011-07-26 08:11:01 -04:00
Chris PeBenito
edfe67fd15 Relocated /var/run and /var/lock from Martin Orr. 
Add read_lnk_file_perms to all interfaces giving access to var_run_t and
var_lock_t.

This is needed as on Debian /var/run and /var/lock are now symlinks to
/run and /run/lock.
 2011-07-18 13:33:22 -04:00
Chris PeBenito
e541d13ae5 Pull in additional kernel layer Fedora policy changes. 2011-04-14 10:05:56 -04:00
Chris PeBenito
0de0ea5c9e Start pulling in kernel layer pieces from Fedora. 2011-03-29 10:33:43 -04:00
Chris PeBenito
dba659b832 Remove unnecessary etc_runtime_t labeling. 2011-03-04 09:00:25 -05:00
Chris PeBenito
826d014241 Bump module versions for release. 2010-12-13 09:12:22 -05:00
Chris PeBenito
52f38d23c9 Module version bump for Chris Richards' mount patchset. 2010-11-11 09:48:01 -05:00
Chris PeBenito
48f99a81c0 Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
Chris PeBenito
48e0aa86c9 Files patch from Dan Walsh. 
Redhat does want /usr/local/src labeled src_t or /usr/src for that matter

Fix labels on chroot environments
 2010-06-09 09:09:34 -04:00
Chris PeBenito
29af4c13e7 Bump module versions for release. 2010-05-24 15:32:01 -04:00