nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,571 Commits 1 Branch 0 Tags 16 MiB
7955d0b246
Commit Graph

86 Commits

Author SHA1 Message Date
Laurent Bigonville
7955d0b246 Add support for rsyslog 
Allow sys_nice capability, setsched, allow to search in /var/spool and
syslog_t domain to read network state files in /proc

squash! Add support for rsyslog
 2013-01-23 07:10:00 -05:00
Chris PeBenito
e1ab3f885b Module version bump for misc updates from Sven Vermeulen. 2013-01-03 10:32:41 -05:00
Sven Vermeulen
c105a1ccad Allow syslogger to manage cron log files (v2) 
Some cron daemons, including vixie-cron, support using the system logger for
handling their logging events. Hence we allow syslogd_t to manage the cron logs,
and put a file transition in place for the system logger when it creates the
cron.log file.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
 2013-01-03 10:32:41 -05:00
Chris PeBenito
b30c5df388 Module version bump for logging and tcpdump fixes from Sven Vermeulen. 2012-11-27 09:57:13 -05:00
Chris PeBenito
f11752ff60 Module version bump for iptables fc entry from Sven Vermeulen and inn log from Dominick Grift. 2012-11-27 08:53:57 -05:00
Dominick Grift
fe2743038a System logger creates innd log files with a named file transition 
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
 2012-11-27 08:53:04 -05:00
Chris PeBenito
a2cc003740 Module version bump for minor logging and sysnet changes from Sven Vermeulen. 2012-10-30 13:39:46 -04:00
Chris PeBenito
9294b7d11f Module version bump for cfengine fc change from Dominick Grift. 2012-10-02 10:10:18 -04:00
Chris PeBenito
140cd7bb6d Module version bump for various changes from Sven Vermeulen. 2012-09-17 10:00:10 -04:00
Sven Vermeulen
074cfbeb5b Allow syslogd to create /var/lib/syslog and /var/lib/misc/syslog-ng.persist 
If the /var/lib/syslog directory does not exist, then syslog-ng (running in
syslogd_t) will attempt to create the directory.

Allow the syslogd_t domain to create the directory, and use an automatic file
transition towards syslogd_var_lib_t.

Also, the syslog-ng daemon uses a persistence file in
/var/lib/misc/syslog-ng.persist (and .persist- if it suspects a collision). As
/var/lib/misc is still a generic var_lib_t, we have the syslogd_t daemon write
its files as syslogd_var_lib_t therein.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
 2012-09-17 09:31:35 -04:00
Chris PeBenito
3516535aa6 Bump module versions for release. 2012-07-25 14:33:06 -04:00
Chris PeBenito
4f24b1841c Add optional name for kernel and system filetrans interfaces. 2012-05-10 09:53:45 -04:00
Chris PeBenito
7b6fe9c1a5 Module version bump for syslog-ng and lvm patches from Sven Vermeulen. 2012-05-04 10:49:11 -04:00
Sven Vermeulen
1c5de3ddf5 Allow getsched for syslog-ng 
Recent syslog-ng implementation uses a threading library that requires the getsched permission.

See also https://bugs.gentoo.org/show_bug.cgi?id=405425

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
 2012-05-04 10:40:05 -04:00
Chris PeBenito
aa4dad379b Module version bump for release. 2011-07-26 08:11:01 -04:00
Chris PeBenito
127d617b31 Pull in some changes from Fedora policy system layer. 2011-04-14 11:36:56 -04:00
Chris PeBenito
79c8dfe162 Module version bump for audisp patch from Guido Trentalancia. 2011-03-16 08:37:04 -04:00
Guido Trentalancia
ff07d7d209 patch to allow the audit dispatcher to read the system state 
This patch allows the audit dispatcher to read the system
state.
 2011-03-16 08:35:53 -04:00
Chris PeBenito
826d014241 Bump module versions for release. 2010-12-13 09:12:22 -05:00
Chris PeBenito
bc5a858a4e Change /dev/log fc to MLS system high. 
When the syslog recreates this sock_file on startup, it gets this sensitivity anyway.
This will prevent incorrect relabeling if /dev is relabeled.
 2010-11-05 13:13:21 -04:00
Chris PeBenito
bca0cdb86e Remove duplicate/redundant rules, from Russell Coker. 2010-07-07 08:41:20 -04:00
Chris PeBenito
48f99a81c0 Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
Chris PeBenito
29af4c13e7 Bump module versions for release. 2010-05-24 15:32:01 -04:00
Chris PeBenito
78352db924 Module version bump for 8c38fba. 2010-04-24 08:07:51 -04:00
Chris Richards
8c38fba0f0 allow syslog-ng to setrlimit 
syslog-ng wants to increase the number of permissible open files from 256 to 4096 on unix/linux systems.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
Signed-off-by: Chris PeBenito <pebenito@gentoo.org>
 2010-04-24 08:02:23 -04:00
Chris PeBenito
7a8807b627 Logging patch from Dan Walsh. 2010-03-17 14:40:06 -04:00
Chris PeBenito
2f84a77d22 Syslog fixes from Gentoo. 2010-02-17 20:33:53 -05:00
Chris PeBenito
c3c753f786 Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users. 2010-02-11 14:20:10 -05:00
Chris PeBenito
ed3a1f559a bump module versions for release. 2009-11-17 10:05:56 -05:00
Chris PeBenito
fef5dcf3af Remove excessive permissions in logging_send_syslog_msg(). Ticket #14. 2009-08-26 10:05:36 -04:00
Chris PeBenito
9570b28801 module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
Chris PeBenito
3f67f722bb trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
Chris PeBenito
c1262146e0 trunk: Remove node definitions and change node usage to generic nodes. 2009-01-09 19:48:02 +00:00
Chris PeBenito
668b3093ff trunk: change network interface access from all to generic network interfaces. 2009-01-06 20:24:10 +00:00
Chris PeBenito
17ec8c1f84 trunk: bump module versions for release. 2008-12-10 19:38:10 +00:00
Chris PeBenito
296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito
2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito
0b36a2146e trunk: Enable open permission checks policy capability. 2008-10-16 16:09:20 +00:00
Chris PeBenito
5d4f4b5375 trunk: bump version numbers for release. 2008-10-14 15:46:36 +00:00
Chris PeBenito
06099da657 trunk: 3 patches from dan. 2008-10-09 18:06:24 +00:00
Chris PeBenito
cfafe4a7a8 trunk: logging update from dan. 2008-09-18 13:20:57 +00:00
Chris PeBenito
e40fa634b2 trunk: Logrotate and Bind updates from Vaclav Ovsik. 2008-09-03 14:12:56 +00:00
Chris PeBenito
c11057f7ae trunk: fedora update cherry picked by david hardeman. 2008-08-22 15:17:01 +00:00
Chris PeBenito
3338f231d5 trunk: Policy size optimization with a non-security file attribute from James Carter. 2008-07-31 14:05:46 +00:00
Chris PeBenito
cfcf5004e5 trunk: bump versions for release. 2008-07-02 14:07:57 +00:00
Chris PeBenito
e9c6cda7da trunk: Move user roles into individual modules. 2008-04-29 13:58:34 +00:00
Chris PeBenito
0a14f3ae09 trunk: bump module version numbers for release. 2008-04-02 16:04:43 +00:00
Chris PeBenito
2ed4f5aedf trunk: small fixes for gentoo system. 2008-03-20 14:55:17 +00:00
Chris PeBenito
90c3c561ef trunk: fc fix and if addtion from Stefan Schulze Frielinghaus. 2008-02-25 14:20:56 +00:00
Chris PeBenito
12cf805e1c trunk: add basic ubuntu support 2008-02-05 18:24:43 +00:00