selinux-refpolicy

Author	SHA1	Message	Date
Kenton Groombridge	8ef3a91347	spamassassin, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	0ac3f4ea2c	rssh, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	34c7853f00	razor, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	1339b7db0c	pyzor, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	9554af912d	openoffice, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	b3b8942040	mta, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	ffdbf9c86e	mplayer, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	f5f0af2c24	mozilla, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	34f7b026ea	lpd, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	8bdab0397c	libmtp, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	0f650e0dc5	java, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	b7980a45fc	irc, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	56a50fb56c	gpg, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	7cd14e0c49	gnome, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	d5246d98aa	games, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	ab30d35882	evolution, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	8875024efc	dirmngr, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	95cf374eee	cron, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	4d7eb76fb9	chromium, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	99c2c94507	cdrecord, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	afa5769b4c	bluetooth, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	386d00de34	authlogin, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	b90d40db67	xserver, roles, various: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	dd7abf1f47	xscreensaver, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:33 -04:00
Kenton Groombridge	3d11a43da1	sudo, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:13 -04:00
Kenton Groombridge	562d61bda9	ssh, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:13 -04:00
Kenton Groombridge	150353158a	screen, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:13 -04:00
Kenton Groombridge	76a6ee4fb9	apache, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:12 -04:00
Chris PeBenito	4248e38824	Bump module versions for release. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-09-08 10:53:44 -04:00
Chris PeBenito	19924201dc	dmesg, devices, sysadm: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-07-08 09:45:15 -04:00
Jonathan Davies	27325c9beb	sysadm.te: Allow sysadm_t to read/write Xen character devices so userspace tooling works. Signed-off-by: Jonathan Davies <jpds@protonmail.com>	2021-07-06 15:54:35 +01:00
Chris PeBenito	c9913a0e8c	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-05-19 08:46:41 -04:00
Chris PeBenito	0ecd14f47a	staff, sysadm, unprivuser: Move lines. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-05-19 08:45:36 -04:00
Yi Zhao	7ee15a0681	roles: move dbus_role_template to userdom_common_user_template After commit `cc8374fd24` (various: systemd user fixes and additional support), the dbus_role_template is required for all roles. Move it to userdom_common_user_template. Before the patch if set DISTRO=redhat: root@qemux86-64:~# ps xZ \| grep "systemd --user" root:sysadm_r:sysadm_t 240 ? Ss 0:00 /lib/systemd/systemd --user After the patch: root@qemux86-64:~# ps xZ \| grep "systemd --user" root:sysadm_r:sysadm_systemd_t 218 ? Ss 0:00 /lib/systemd/systemd --user Signed-off-by: Yi Zhao <yi.zhao@windriver.com>	2021-05-19 10:00:33 +08:00
Chris PeBenito	cd783138ac	logging, secadm, staff, sysadm: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-04-26 13:55:03 -04:00
Jonathan Davies	431f03f3b9	roles: Added log watching permissions to secadm and sysadm. Signed-off-by: Jonathan Davies <jd+github@upthedownstair.com>	2021-04-25 19:15:08 +01:00
Chris PeBenito	ea9ce5970a	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-04-15 16:01:13 -04:00
Kenton Groombridge	8eff2c5998	sysadm, systemd: various fixes Allow sysadm to communicate with logind over dbus and add missing rules for systemd-logind. Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-04-08 10:35:17 -04:00
Chris PeBenito	ab702bb825	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-03-17 11:16:40 -04:00
Chris PeBenito	8934069f82	Remove additional unused modules Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-03-07 09:29:34 -05:00
Chris PeBenito	ff983a6239	Bump module versions for release. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-02-03 08:38:26 -05:00
Chris PeBenito	221813c947	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-01-25 08:27:35 -05:00
Chris PeBenito	cb93093f4e	Merge pull request #335 from pebenito/drop-dead-modules	2021-01-25 08:22:09 -05:00
Chris PeBenito	0f6c861dfb	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-01-19 09:51:56 -05:00
Russell Coker	08d32dbc2d	latest iteration of certbot policy as patch Same .te as sent a few days ago, but as a patch and with the other files needed. I think this is ready for inclusion. Signed-off-by: Russell Coker <russell@coker.com.au>	2021-01-19 08:49:30 -05:00
Chris PeBenito	7b15003eae	Remove modules for programs that are deprecated or no longer supported. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-01-14 17:14:30 -05:00
Chris PeBenito	bb471c3f1c	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-01-13 15:20:47 -05:00
Chris PeBenito	ac51d56ddc	udev: Systemd 246 merged udev and udevadm executables. Drop init_system_domain() for udevadm to break type transition conflicts. Also fix interface naming issues for udevadm interfaces. Fixes #292 Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-01-13 15:12:18 -05:00
Chris PeBenito	d387e79989	Bump module versions for release. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2020-08-18 09:09:10 -04:00
Yi Zhao	8322f0e0d9	Remove duplicated rules Signed-off-by: Yi Zhao <yi.zhao@windriver.com>	2020-08-14 10:55:31 +08:00

1 2 3 4

176 Commits