Chris PeBenito
d174521a64
Bump module versions for release.
2013-04-24 16:14:52 -04:00
Chris PeBenito
be2e70be8d
Module version bump for fixes from Dominick Grift.
2013-01-03 10:53:34 -05:00
Dominick Grift
79e1e4efb9
NSCD related changes in various policy modules
...
Use nscd_use instead of nscd_socket_use. This conditionally allows
nscd_shm_use
Remove the nscd_socket_use from ssh_keygen since it was redundant
already allowed by auth_use_nsswitch
Had to make some ssh_keysign_t rules unconditional else
nscd_use(ssh_keysign_t) would not build (nested booleans) but that does
not matter, the only actual domain transition to ssh_keysign_t is
conditional so the other unconditional ssh_keygen_t rules are
conditional in practice
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2013-01-03 10:43:10 -05:00
Chris PeBenito
79f71729e3
Module version bump from Debian changes from Laurent Bigonville.
2012-12-07 00:46:27 -05:00
Chris PeBenito
3516535aa6
Bump module versions for release.
2012-07-25 14:33:06 -04:00
Chris PeBenito
2728d43634
Module version bump, changelog, pull contrib
2012-07-10 08:58:37 -04:00
Chris PeBenito
b35c647481
nss_domain attribute patch 3, Miroslav Grepl
2012-07-10 08:43:38 -04:00
Chris PeBenito
330b13a4a2
nss_domain attribute patch 1, Miroslav Grepl
2012-07-10 08:43:31 -04:00
Chris PeBenito
b72101a116
Module version bump and changelog for non-auth file attribute to eliminate set expressions, from James Carter.
2012-05-04 09:14:00 -04:00
James Carter
709fd365b8
Create non_auth_file_type attribute and interfaces
...
Reduce the binary policy size by eliminating some set expressions
related to file accesses and make Repolicy easier to convert into CIL.
- Moved the auth_file_type attribute.
- Created a new type attribute called non_auth_file_type.
- Created new interfaces to allow file accesses on non_auth_file_type
files.
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2012-05-04 08:47:37 -04:00
Chris PeBenito
aa4dad379b
Module version bump for release.
2011-07-26 08:11:01 -04:00
Chris PeBenito
a29c7b86e1
Module version bump and Changelog for auth file patches from Matthew Ife.
2011-07-18 13:48:05 -04:00
Matthew Ife
61fb2009ad
Create a new attribute for auth_file types. Add shadow as an auth_file type. Add new interfaces to manage auth_file types Deprecate *_except_shadow macros in favour of *_except_auth_files
2011-07-18 13:40:37 -04:00
Chris PeBenito
1bc5de22c0
Start pulling in pieces of Fedora policy in system layer.
2011-03-31 13:29:59 -04:00
Chris PeBenito
219e9a4f9a
Module version bump for authlogin patch from Guido Trentalancia.
2011-02-28 09:22:55 -05:00
Chris PeBenito
9262d3c958
Whitespace fixes in authlogin.
2011-02-28 09:22:26 -05:00
Guido Trentalancia
baa87c9324
patch to add needed permissions to the authlogin module
...
This patch adds some needed permissions to the chkpwd_t domain
in policy/modules/system/authlogin.te.
2011-02-28 09:17:05 -05:00
Dominick Grift
8340621920
Implement miscfiles_cert_type().
...
This is based on Fedoras' miscfiles_cert_type implementation.
The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates.
Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-10 11:05:46 -04:00
Chris PeBenito
48f99a81c0
Whitespace change: drop unnecessary blank line at the start of .te files.
2010-06-10 08:16:35 -04:00
Chris PeBenito
29af4c13e7
Bump module versions for release.
2010-05-24 15:32:01 -04:00
Chris PeBenito
153ed8751a
Authlogin patch from Dan Walsh.
2010-03-18 08:59:25 -04:00
Chris PeBenito
827060cb04
Style fixes and module version bumps for 38fc1bd
.
2010-03-17 09:28:18 -04:00
Chris PeBenito
42f1b11482
Module version bump for 03dd57f
.
2010-03-01 13:34:10 -05:00
Chris PeBenito
aadcb968f9
Move netlink route sockets from nsswitch to DNS name resolve.
2010-02-17 20:28:59 -05:00
Chris PeBenito
c3c753f786
Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users.
2010-02-11 14:20:10 -05:00
Chris PeBenito
9570b28801
module version number bump for release 2.20090730 that was mistakenly omitted.
2009-08-05 10:59:21 -04:00
Chris PeBenito
2acba7bbdb
fix ordering of interface calls in authlogin.
2009-08-05 09:51:47 -04:00
Chris PeBenito
3f67f722bb
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
Chris PeBenito
df28a0c444
trunk: Misc fixes for unix_update from Brandon Whalen.
2009-06-18 13:36:40 +00:00
Chris PeBenito
30425aa876
trunk: 1 patch from dan.
2009-06-12 15:30:15 +00:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
932c3536f8
trunk: additional open fixes.
2008-11-04 14:37:05 +00:00
Chris PeBenito
2cca6b79b4
trunk: remove redundant shared lib calls.
2008-10-17 17:31:04 +00:00
Chris PeBenito
0b36a2146e
trunk: Enable open permission checks policy capability.
2008-10-16 16:09:20 +00:00
Chris PeBenito
cfcf5004e5
trunk: bump versions for release.
2008-07-02 14:07:57 +00:00
Chris PeBenito
e9c6cda7da
trunk: Move user roles into individual modules.
2008-04-29 13:58:34 +00:00
Chris PeBenito
0a14f3ae09
trunk: bump module version numbers for release.
2008-04-02 16:04:43 +00:00
Chris PeBenito
9fa023ff58
trunk: Pam and samba updates from Stefan Schulze Frielinghaus.
2008-02-19 19:33:48 +00:00
Chris PeBenito
12cf805e1c
trunk: add basic ubuntu support
2008-02-05 18:24:43 +00:00
Chris PeBenito
7cbfeb97cf
trunk: uncomment set loginuid for functional login programs under strict.
2008-01-03 18:30:45 +00:00
Chris PeBenito
f7925f25f7
trunk: bump module versions for release.
2007-12-14 14:23:18 +00:00
Chris PeBenito
02d968c581
trunk: several fc updates from dan.
2007-12-12 15:55:21 +00:00
Chris PeBenito
09e21686ea
trunk: another round of nsswitch from dan.
2007-12-06 16:04:14 +00:00
Chris PeBenito
7d4161cdc9
trunk: 3 patches from dan.
2007-10-29 22:08:34 +00:00
Chris PeBenito
12e9ea1ae3
trunk: module version bumps for previous commit.
2007-10-02 17:15:07 +00:00
Chris PeBenito
350b6ab767
trunk: merge strict and targeted policies. merge shlib_t into lib_t.
2007-10-02 16:04:50 +00:00
Chris PeBenito
3480f3f239
trunk: bump version numbers for release.
2007-09-28 13:58:24 +00:00
Chris PeBenito
f8233ab7b0
trunk: Deprecate mls_file_write_down() and mls_file_read_up(), replaced with mls_write_all_levels() and mls_read_all_levels(), for consistency.
2007-08-20 18:26:08 +00:00
Chris PeBenito
d46cfe45cd
trunk: add application module
2007-07-19 18:57:48 +00:00
Chris PeBenito
116c1da330
trunk: update module version numbers for release.
2007-06-29 14:48:13 +00:00