RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,796 Commits 3 Branches 49 Tags 19 MiB
Commit Graph

63 Commits

Author SHA1 Message Date
Laurent Bigonville b1aee4c811 Associate the new xattrfs attribute to fs_t and some pseudo-fs 
Associate the new xattrfs attribute to fs_t and the pseudo filesystems
that we know support xattr

This patch adds the attribute to the following (pseudo) filesystems

 - device_t
 - devpts_t
 - fs_t
 - hugetlbfs
 - sysfs_t
 - tmpfs_t
 2014-04-11 09:08:19 -04:00
Laurent Bigonville 408549f8d3 Create new xattrfs attribute and fs_getattr_all_xattr_fs() interface 
Create a new attribute and fs_getattr_all_xattr_fs() interface that will
be used for all the filesystems that support xattr
 2014-04-11 09:08:19 -04:00
Chris PeBenito 10ff4d0fa3 Bump module versions for release. 2014-03-11 08:16:57 -04:00
Luis Ressel f824120b6d Use xattr-labeling for squashfs. 
This is taken from the Fedora policy (authors: Dan Walsh, Miroslav
Grepl) and dates back to 2011 there.
 2014-02-15 14:34:10 -05:00
Chris PeBenito 0b1efe5612 Module version bump for tmpfs associate to device_t from Dominick Grift. 2013-09-26 08:48:48 -04:00
Dominick Grift e3072cb7bf filesystem: associate tmpfs_t (shm) to device_t (devtmpfs) file systems 
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
 2013-09-26 08:46:36 -04:00
Chris PeBenito 951462610d Module version bump for pstore filesystem support from Dominick Grift. 2013-09-23 14:41:03 -04:00
Dominick Grift bf1ab85c1f Initial pstore support 
Generic interface to platform dependent persistent storage
https://www.kernel.org/doc/Documentation/ABI/testing/pstore

This basically works pretty much the same as cgroup file systems from a
SELinux perspective

Make sure that the installed /sys/fs/pstore directory is labeled
properly so that the pstore file system can be mounted on that

I also removed the files_type() calls as they are duplicate (it is
already called in files_mountpoint)

Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
 2013-09-23 14:31:20 -04:00
Chris PeBenito d174521a64 Bump module versions for release. 2013-04-24 16:14:52 -04:00
Chris PeBenito fd569471c3 Module version bump for Debian updates from Laurent Bigonville. 2013-01-23 07:23:52 -05:00
Chris PeBenito e0f7ab0a8a Module version bump for zfs labeling from Matthew Thode. 2012-12-07 13:23:41 -05:00
Matthew Thode 94c2ae8771 Implement zfs support 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Just adding zfs to the list of defined filesystems in filesystem.te

Signed-off-by: Matthew Thode <mthode@mthode.org>
 2012-12-07 13:07:15 -05:00
Chris PeBenito 104456aa17 Module version bump for interfaces used by virt from Dominick Grift. 2012-10-30 14:17:25 -04:00
Chris PeBenito 3516535aa6 Bump module versions for release. 2012-07-25 14:33:06 -04:00
Chris PeBenito 4f24b1841c Add optional name for kernel and system filetrans interfaces. 2012-05-10 09:53:45 -04:00
Chris PeBenito aa4dad379b Module version bump for release. 2011-07-26 08:11:01 -04:00
Chris PeBenito 9ec9808df5 Pull in cgroup changes from Fedora policy, in particular to handle systemd usage. 2011-04-29 13:22:47 -04:00
Chris PeBenito e541d13ae5 Pull in additional kernel layer Fedora policy changes. 2011-04-14 10:05:56 -04:00
Chris PeBenito ed17ee5394 Pull in additional changes in kernel layer from Fedora. 2011-03-31 09:49:01 -04:00
Chris PeBenito f940ca9db6 Remove eventpollfs_t. 
Eventpollfs was changed to task SID in 2006.  Remove the dead type.
 2011-03-31 08:52:07 -04:00
Chris PeBenito 826d014241 Bump module versions for release. 2010-12-13 09:12:22 -05:00
Chris PeBenito 52f38d23c9 Module version bump for Chris Richards' mount patchset. 2010-11-11 09:48:01 -05:00
Chris PeBenito 28d96f0e39 Module version bumps for b7ceb34 5675107 e411968 eca7eb3. 2010-09-03 13:09:40 -04:00
Chris PeBenito 76a9fe96e4 Module version bumps and changelog for devtmpfs patchset. 2010-08-25 11:19:27 -04:00
Jeremy Solt d6e1ef29cd Move devtmpfs to devices from filesystem 
Move devtmpfs to devices module (remove from filesystem module)
Make device_t a filesystem
Add interface for associating types with device_t filesystem (dev_associate)
Call dev_associate from dev_filetrans
Allow all device nodes associate with device_t filesystem
Remove dev_tmpfs_filetrans_dev from kernel_t
Remove fs_associate_tmpfs(initctl_t) - redundant, it was in dev_filetrans, now in dev_associate
Mounton interface, to allow the kernel to mounton device_t

Signed-off-by: Jeremy Solt <jsolt@tresys.com>
 2010-08-25 11:01:22 -04:00
Chris PeBenito eab2cc89b4 Slocate patch from Dan Walsh. 
Locate attempts to look at network sate and does getattr on all blk/chr
and noxattr symlinks.
 2010-06-22 09:58:14 -04:00
Chris PeBenito 48f99a81c0 Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
Dominick Grift c0c635b3f3 cgroup in filesystem. 
Move cgroup_t declarations from kernel.te to filesystem.te
Redo cgroup interfaces in filesystem.if
Add file context specification for /cgroup mountpoint to filesystem.fc

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
 2010-06-08 08:38:18 -04:00
Chris PeBenito 29af4c13e7 Bump module versions for release. 2010-05-24 15:32:01 -04:00
Chris PeBenito e399e3abea Add devtmpfs labeling. 2010-04-07 08:55:33 -04:00
Chris PeBenito 7af0e9bc95 Filesystem patch from Dan Walsh. 2010-03-12 11:40:59 -05:00
Chris PeBenito f4b9dc3b00 Filesystem patch from Dan Walsh. 2009-11-23 13:46:51 -05:00
Chris PeBenito 9570b28801 module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
Chris PeBenito 731008ad85 trunk: 2 patches from dan. 2009-06-08 17:18:26 +00:00
Chris PeBenito c45fdad85b trunk: filesystem patch from dan. 2009-03-04 15:53:07 +00:00
Chris PeBenito 156204a385 trunk: Drop write permission from fs_read_rpc_sockets(). 2009-02-24 20:00:15 +00:00
Chris PeBenito 805f34ed09 trunk: btrfs from Paul Moore. 2009-01-30 13:44:14 +00:00
Chris PeBenito 5d4f4b5375 trunk: bump version numbers for release. 2008-10-14 15:46:36 +00:00
Chris PeBenito 770c015f88 trunk: 2 patches from dan. 2008-08-14 15:10:41 +00:00
Chris PeBenito cfcf5004e5 trunk: bump versions for release. 2008-07-02 14:07:57 +00:00
Chris PeBenito b4921b5804 trunk: fs update from dan. 2008-05-26 21:07:22 +00:00
Chris PeBenito f7925f25f7 trunk: bump module versions for release. 2007-12-14 14:23:18 +00:00
Chris PeBenito 495df41602 trunk: 11 patches from dan. 2007-10-29 18:35:32 +00:00
Chris PeBenito 8e2fb69f88 trunk: filesystem patch from dan. 2007-10-24 18:37:26 +00:00
Chris PeBenito 3480f3f239 trunk: bump version numbers for release. 2007-09-28 13:58:24 +00:00
Chris PeBenito ce2c80f3c6 trunk: make coda nfs_t, ticket #39. 2007-09-04 13:38:39 +00:00
Chris PeBenito 3d6e962dfa trunk: filesystem patch from dan 2007-08-08 20:04:28 +00:00
Chris PeBenito 116c1da330 trunk: update module version numbers for release. 2007-06-29 14:48:13 +00:00
Chris PeBenito 5bf9deb5bb trunk: 3 patches from dan 2007-06-20 19:47:10 +00:00
Chris PeBenito 0251df3e39 bump module versions for release 2007-04-17 13:28:09 +00:00