ba817fccd9
Add userdom interfaces for user application domains, user tmp files, and user tmpfs files.
2011-10-28 08:49:19 -04:00
4d91cc95c7
Module version bump and Changelog for asterisk admin updates from Sven Vermeulen.
2011-10-25 09:43:13 -04:00
458ab7d2ba
Fix makefiles to install files with the correct DAC permissions if the umask is not 022.
...
trac ticket #50
2011-10-19 10:59:16 -04:00
a8ad9ba250
Remove deprecated support macros.
2011-10-14 13:01:21 -04:00
d1af485661
Remove rolemap and per-role template support.
...
This support was deprecated and unused in Reference Policy November 5 2008.
2011-10-14 08:52:21 -04:00
332c3a5fc4
Fix corenetwork port declaration to choose either reserved or unreserved.
...
This changes the port declarations for cases where a type is used for
ports above and below 1024. The old code would give both the reserved
and unreserved port attribute. This new code only gives the reserved
port attribute.
2011-10-04 15:31:08 -04:00
8e94109c52
Change secure_mode_policyload to disable only toggling of this Boolean rather than disabling all Boolean toggling permissions.
2011-09-26 10:44:27 -04:00
7d6b1e5889
Module version bump and changelog for role attributes usage.
2011-09-21 09:16:34 -04:00
bf8592ee42
Module version bump and changelog for milter ports patch from Paul Howarth.
2011-09-20 09:49:48 -04:00
99a34d527e
eparate portage fetch rules out of portage_run() and portage_domtrans() from Sven Vermeulen.
2011-09-14 12:48:13 -04:00
a108d9db60
Enhance corenetwork network_port() macro to support ports that do not have a well defined port number, such as stunnel.
2011-09-14 12:17:22 -04:00
eb6591ff84
Opendkim support in dkim module from Paul Howarth.
2011-09-14 10:06:32 -04:00
82ee50ac21
Wireshark updates from Sven Vermeulen.
2011-09-14 09:00:39 -04:00
1c5dacd2c0
Change secure_mode_insmod to control sys_module capability rather than controlling domain transitions to insmod.
...
Based on a patch from Dan Walsh.
2011-09-13 14:45:14 -04:00
f07bc3f973
Module version and changelog for openrc and portage updates from Sven Vermeulen.
2011-09-06 14:02:12 -04:00
8ee51235f6
Allow user and role changes on dynamic transitions with the same constraints as regular transitions.
2011-09-02 09:59:26 -04:00
102f084d96
New git service features from Dominick Grift.
...
* git user sessions
* repositories on CIFS/NFS
* inetd service
2011-09-02 09:20:23 -04:00
ec70a331ff
Corenetwork policy size optimization from Dan Walsh.
2011-08-26 09:03:25 -04:00
ec280b3209
Silence spurious udp_socket listen denials.
2011-08-23 08:21:40 -04:00
adddcf93f6
Fix unexpanded MLS/MCS fields in monolithic seusers file.
2011-08-12 08:28:37 -04:00
81eefe7ce9
Type transition fix in Postgresql database objects from KaiGai Kohei.
2011-07-29 08:42:53 -04:00
f1aed68ac3
Support for file context path substitutions (file_contexts.subs).
...
Install file_contexts.subs_dist out of Refpolicy. This is TYPE-agnostic
so the file goes in config/. Populate the file with current substitutions.
2011-07-28 13:12:28 -04:00
f342e50500
Update VERSION and Changelog for release.
2011-07-26 08:15:53 -04:00
3cbc972771
Fix role declaration to handle new roleattribute requirements.
2011-07-25 12:10:05 -04:00
ee4bdf2959
Rename audioentropy module to entropyd due to haveged support.
2011-07-25 08:46:03 -04:00
004e272212
Module version bump and changelog for haveged support from Sven Vermeulen.
2011-07-25 08:43:51 -04:00
a29c7b86e1
Module version bump and Changelog for auth file patches from Matthew Ife.
2011-07-18 13:48:05 -04:00
ccf8bdea90
Add agent support to zabbix from Sven Vermeulen.
2011-06-15 14:11:14 -04:00
003dbe0c66
Cyrus file context update for Gentoo from Corentin Labbe.
2011-06-08 08:51:55 -04:00
78b1d1182c
Merge ncftool from Fedora.
2011-06-07 09:14:53 -04:00
8c3e30f913
Module version bump and changelog for Fedora modules.
2011-05-24 09:12:43 -04:00
2983a08467
Module version bump and changelog for Portage updates from Sven Vermeulen.
2011-05-02 12:46:28 -04:00
3979c6886f
Fix init_system_domain() description, pointed out by Elia Pinto.
2011-04-27 10:42:47 -04:00
6835095671
Changelog and module version bump for postgresql selabel_lookup update from KaiGai Kohei.
2011-04-15 10:25:10 -04:00
2b5cb1ff64
Dovecot managesieve support from Mika Pfluger.
...
For using the dovecot managesieve daemon on the standard (RFC 5804) port,
dovecot needs corenet_tcp_bind_sieve_port.
2011-04-04 14:37:29 -04:00
1b93cf8cb6
Changelog for remove unnecessary semicolons after interface/template calls everywhere from Elia Pinto.
2011-04-04 13:43:09 -04:00
88e6b506b6
Module version bump and changelog for courier from Sven Vermeulen.
2011-03-22 08:50:43 -04:00
0037b6084b
Amavis patch for connecting to nslcd from Miroslav Grepl.
...
* needs to talk to nslcd
* needs sigkill
* executes shell
2011-03-21 10:22:10 -04:00
1ca577db8c
Shorewall patch from Miroslav Grepl.
2011-03-21 09:42:12 -04:00
dc24f36872
Module version bump and changelog for cpufreqselector dbus patch from Guido Trentalancia.
2011-02-22 11:36:15 -05:00
fe4355ca6b
Module version bump and changelog for cron pam_namespace and pam_loginuid support from Harry Ciao.
2011-02-18 09:07:23 -05:00
0737bf0d71
Module version bump and changelog for Xserver update for startx from Sven Vermeulen.
2011-02-18 08:54:18 -05:00
d1d0493aac
Changelog for l1 domby l2 for contains MLS constraint from Harry Ciao.
2011-02-16 10:01:43 -05:00
b7e9f9dbea
Module version bump and changelog for Apache user webpages fix from Dominick Grift.
2011-02-16 09:35:06 -05:00
6b2440aab6
Changelog for Change build.conf to default to modular policy builds.
2011-02-16 08:54:43 -05:00
3139988506
Module version bump and changelog for Xen refinement patch from Stephen Smalley.
2011-02-15 13:48:04 -05:00
4f591873d4
Module version bump and changelog for sudo timestamp file location update from Sven Vermeulen.
2011-02-14 10:56:59 -05:00
2a8d412ba6
Module version bump and changelog for XServer keyboard event patch from Sven Vermeulen.
2011-02-14 09:13:44 -05:00
842bd4ec8a
Module version bump and changelog for RAID uevent patch from Sven Vermeulen.
2011-02-14 09:00:48 -05:00
4adcdf81c9
Changelog and module version bump for Gentoo ALSA init script usage patch from Sven Vermeulen.
2011-02-09 09:28:42 -05:00
Chris PeBenito
Chris PeBenito