Laurent Bigonville
ca6fefc3c8
Add lxc_contexts config file
...
selinux_lxc_contexts_path() function in upstream libselinux points to
this config file. It is ATM used by libvirt.
The file from Fedora also contains sandbox_lxc_process and
sandbox_kvm_process parameters, but I cannot find where they are used,
keep them out of the file for the time being.
2016-02-19 16:50:42 +01:00
Chris PeBenito
bf0cfe940a
Add systemd build option.
2015-10-20 15:01:23 -04:00
Chris PeBenito
6624f9cf7a
Drop RHEL4 and RHEL5 support.
2014-09-24 13:10:37 -04:00
Chris PeBenito
cce73689ea
Always use the unknown permissions handling build option.
...
This compile-time feature is in the minimum-required checkpolicy/checkmodule
for building the policy, so it should always be used.
2014-06-19 10:52:14 -04:00
Chris PeBenito
0dc377caa4
Add file for placing default_* statements.
2014-04-28 10:00:36 -04:00
Chris PeBenito
f27f36ff15
Make the QUIET build option apply to clean and bare targets.
2014-01-16 11:25:42 -05:00
Chris PeBenito
3bf7fd504c
Use python libselinux bindings to determine policy version.
...
This eliminates the hardcoded /selinux in Rules.monolithic, which
broke when the filesystem mount was moved to /sys/fs/selinux.
2013-06-06 09:27:40 -04:00
Chris PeBenito
d04cbbc8de
Add /usr/lib to TEST_TOOLCHAIN LD_LIBRARY_PATH.
2012-09-17 09:30:59 -04:00
Sven Vermeulen
f78979eadd
Adding default context rules for libvirt
...
The libvirt infrastructure requires the availability of the context files.
In this patch, we add the defaults to the three predefined application
contexts (mls/mcs/standard).
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2012-04-23 10:18:45 -04:00
Chris PeBenito
458ab7d2ba
Fix makefiles to install files with the correct DAC permissions if the umask is not 022.
...
trac ticket #50
2011-10-19 10:59:16 -04:00
Chris PeBenito
d1af485661
Remove rolemap and per-role template support.
...
This support was deprecated and unused in Reference Policy November 5 2008.
2011-10-14 08:52:21 -04:00
Chris PeBenito
f82712416e
Add m4 diverts in corenetwork generation code to clean up resultant files.
2011-10-04 16:00:08 -04:00
Chris PeBenito
f1aed68ac3
Support for file context path substitutions (file_contexts.subs).
...
Install file_contexts.subs_dist out of Refpolicy. This is TYPE-agnostic
so the file goes in config/. Populate the file with current substitutions.
2011-07-28 13:12:28 -04:00
KaiGai Kohei
b98aba85d9
Add sepgsql_contexts into appconfig-*
...
The attached patch adds sepgsql_contexts file into appconfig-*
directory. This configuration is used to initial labeling on
installation time for each database objects.
We can easily look up an appropriate label using selabel_loopup(3)
APIs. The 'sepgsql_contexts' is default for SE-PostgreSQL.
Thanks,
--
KaiGai Kohei <kaigai@ak.jp.nec.com>
2011-01-04 13:27:40 -05:00
Chris PeBenito
db774a54a6
Add support for custom build options.
2010-09-30 14:53:44 -04:00
Chris PeBenito
0001e26f4f
Increased default number of categories to 1024, from Russell Coker.
2010-06-28 09:04:24 -04:00
Chris PeBenito
0bf2bc9156
Fix Makefile info message for installing policy headers
...
The Makefile is currently using the policy TYPE (standard|mls|mcs) rather
than the more informative NAME (eg strict, targeted, etc). Fix the Makefile
to use NAME.
2009-08-17 09:49:53 -04:00
Chris PeBenito
0f5e26b620
Add btrfs and ext4 to labeling targets.
2009-08-11 09:01:58 -04:00
Chris PeBenito
90286f4292
Fix infrastructure to expand macros in initrc_context when installing.
...
The initrc_context file uses the mls_systemhigh macro and needs to be properly
expanded based on the build.conf settings. Add makefile support to do this.
2009-08-10 14:00:34 -04:00
Chris PeBenito
019dfaf9dc
trunk: Add support for network interfaces with access controlled by a Boolean from the CLIP project.
2009-01-15 20:31:06 +00:00
Chris PeBenito
296273a719
trunk: merge UBAC.
2008-11-05 16:10:46 +00:00
Chris PeBenito
c07f9ccd18
trunk: Add file for enabling policy capabilities.
2008-04-18 14:21:01 +00:00
Chris PeBenito
2c12b471ad
trunk: add core xselinux support.
2008-04-01 20:23:23 +00:00
Chris PeBenito
e276d50e21
trunk: Add iferror.m4 rather generate it out of the Makefiles.
2008-03-06 20:17:46 +00:00
Chris PeBenito
12cf805e1c
trunk: add basic ubuntu support
2008-02-05 18:24:43 +00:00
Chris PeBenito
13e4e6e3c4
trunk: install securetty_types.
2008-01-17 14:17:26 +00:00
Chris PeBenito
b23e1c1c17
trunk: simplify appconfig file installation.
2008-01-17 14:10:36 +00:00
Chris PeBenito
350b6ab767
trunk: merge strict and targeted policies. merge shlib_t into lib_t.
2007-10-02 16:04:50 +00:00
Chris PeBenito
8acfcbcc2a
trunk: Add support for setting the unknown permissions handling.
2007-09-27 13:41:09 +00:00
Chris PeBenito
96fc0a45be
trunk: Fix XML building for external reference builds and headers builds.
2007-09-21 15:06:58 +00:00
Chris PeBenito
4231988555
trunk: add templates to tags generation
2007-06-28 13:13:55 +00:00
Chris PeBenito
56e1b3d207
- Move booleans and tunables to modules when it is only used in a single
...
module.
- Add support for tunables and booleans local to a module.
2007-03-26 18:41:45 +00:00
Chris PeBenito
d9845ae92a
patch from dan Tue, 24 Oct 2006 11:00:28 -0400
2006-10-31 21:01:48 +00:00
Chris PeBenito
8a2492a2df
fix makefile to install root default contexts
2006-10-12 13:18:21 +00:00
Chris PeBenito
212832373e
mkdir policy and file contexts dirs in make load of modular policy.
2006-10-10 15:09:59 +00:00
Chris PeBenito
e070dd2df0
- Move range transitions to modules.
...
- Make number of MLS sensitivities, and number of MLS and MCS
categories configurable as build options.
2006-10-04 17:25:34 +00:00
Chris PeBenito
1a79cf0508
add -E to python commands
2006-09-13 19:10:53 +00:00
Chris PeBenito
bbcd3c97dd
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
Chris PeBenito
75beb95014
patch from dan Tue, 05 Sep 2006 17:06:06 -0400
2006-09-06 16:36:23 +00:00
Chris PeBenito
686f11c22c
add corenetwork.if dependency on corenetwork.te.in, since it is used to build the .if file
2006-09-05 14:29:37 +00:00
Chris PeBenito
c634db20c6
fix makefile style so internal variables are lowercase
2006-08-31 17:28:35 +00:00
Chris PeBenito
cfd5c5e157
add variable for install, and do other helper pgm cleanup
2006-08-08 21:56:45 +00:00
Chris PeBenito
5a7c06fdd1
add support for netfilter_contexts
2006-08-07 17:25:09 +00:00
Chris PeBenito
17de1b790b
remove extra level of directory
2006-07-12 20:32:27 +00:00