selinux-refpolicy

Author	SHA1	Message	Date
Chris PeBenito	2b63d6a616	Module version bump for dovecot libs from Mika Pflueger.	2012-10-30 13:52:59 -04:00
Mika Pflüger	5ea6bf5c1e	Explicitly label dovecot libraries lib_t for debian	2012-10-30 13:42:05 -04:00
Chris PeBenito	a2cc003740	Module version bump for minor logging and sysnet changes from Sven Vermeulen.	2012-10-30 13:39:46 -04:00
Sven Vermeulen	7ed91bfafd	Support flushing routing cache To flush the routing cache, ifconfig_t (through the "ip" command) requires sys_admin capability. If not: ~# ip route flush cache Cannot flush routing cache Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>	2012-10-30 13:28:02 -04:00
Chris PeBenito	d29f5d4e72	Rename logging_search_all_log_dirs to logging_search_all_logs	2012-10-30 13:27:10 -04:00
Sven Vermeulen	c239a20504	Introduce logging_search_all_log_dirs interface Support the logging_search_all_log_dirs interface for applications such as fail2ban-client, who scan through log directories. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>	2012-10-30 13:25:23 -04:00
Sven Vermeulen	48e8c08717	Introduce logging_getattr_all_logs interface Support the logging_getattr_all_logs interface, which will be used by applications responsible for reviewing the state of log files (without needing to read them), such as the fail2ban-client application. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>	2012-10-30 13:25:07 -04:00
Chris PeBenito	b7bc3d1506	Module version bump for kernel_stream_connect() from Dominick Grift.	2012-10-19 09:18:53 -04:00
Chris PeBenito	2dfd2b93a9	Move kernel_stream_connect() declaration.	2012-10-19 09:18:19 -04:00
Dominick Grift	07c2944493	Changes to the kernel policy module Interface is needed by at least plymouth Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-19 09:03:37 -04:00
Dominick Grift	0805dd800c	Changes to various policy modules pcscd_read_pub_files is deprecated use pcscd_read_pid_files instead Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-19 08:59:22 -04:00
Chris PeBenito	51b1bd56c4	Module version bump for xserver interfaces from Dominick Grift.	2012-10-19 08:58:54 -04:00
Chris PeBenito	1409b86b02	Rename new xserver interfaces.	2012-10-19 08:52:58 -04:00
Chris PeBenito	9b6993158b	Rearrange new xserver interfaces.	2012-10-19 08:49:43 -04:00
Dominick Grift	4034f4a4b4	Changes to the xserver policy module These interfaces are needed by at least plymouth Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-19 08:48:12 -04:00
Mika Pflüger	8b1aa69f1f	Debian locations of gvfs and kde4 libexec binaries in /usr/lib	2012-10-19 08:40:16 -04:00
Chris PeBenito	e4f0112175	Module version bump for dhcp6 ports, from Russell Coker.	2012-10-19 08:39:02 -04:00
Russell Coker	f9bee5a60b	Label port 5546 as dhcpc_port_t and allow dhcpc_t to bind to TCP for client control Client control is used by the wide dhcp6 client, which can be controlled via dhcp6ctl. This works by communicating over port 5546.	2012-10-19 08:19:28 -04:00
Chris PeBenito	2f3035fb3b	Module version bump for modutils patch from Dominick Grift.	2012-10-19 08:17:35 -04:00
Dominick Grift	e74b098ca4	Changes to the modutils policy module modutils_read_module_config() provides access to list modules_conf_t directories so that we do not need a seperate modutils_list_modules_config() Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-19 08:14:32 -04:00
Chris PeBenito	afdb509245	Module version bump for changes from Dominick Grift and Sven Vermeulen.	2012-10-09 11:01:42 -04:00
Dominick Grift	a63f5143ce	Changes to the bootloader policy module Add bootloader_exec() for kdumpgui Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-09 10:26:15 -04:00
Dominick Grift	c667fa4a7d	Changes to the userdomain policy module Remove evolution and evolution alarm dbus chat from common user template since callers of the evolution role are now allowed to dbus chat to evolution and evolution alarm. Common users need to be able to dbus chat with policykit and consolekit Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-09 10:25:29 -04:00
Sven Vermeulen	40c32b7a6a	Allow search within postgresql var directory for the stream connect interface Domains that are granted postgresql_stream_connect() need to be able to search through the postgresql_var_run_t directory (in which the socket is located). Update the interface to use the stream_connect_pattern definition to simplify the interface and make it more readable. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>	2012-10-09 10:21:09 -04:00
Dominick Grift	4ea2bc7eba	Changes to the sysnetwork policy module dhcpc is a dbus_system_domain() Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-09 10:18:36 -04:00
Dominick Grift	f3492a3a1e	Declare a cslistener port type for phpfpm Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-09 10:05:35 -04:00
Dominick Grift	1dc2705388	Restricted Xwindows user domains run windows managers in the windows managers domain Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-09 10:03:34 -04:00
Chris PeBenito	d7f7136953	Module version bump for cachefiles core support.	2012-10-04 08:25:19 -04:00
Chris PeBenito	1391285cf8	Rename cachefiles_dev_t to cachefiles_device_t.	2012-10-04 08:24:57 -04:00
Dominick Grift	298d840e46	Implement files_create_all_files_as() for cachefilesd Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-04 08:13:18 -04:00
Dominick Grift	f8075ac60f	Declare a cachfiles device node type Used by kernel to communicate with user space (cachefilesd) Label the character file accordingly Create a dev_rw_cachefiles_dev() for cachefilesd Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-04 08:13:11 -04:00
Chris PeBenito	8bd7b0e1b9	Module version bump for srvloc port definition from Dominick Grift.	2012-10-02 10:35:29 -04:00
Dominick Grift	b123010082	svrloc port type declaration from slpd policy module Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-02 10:33:55 -04:00
Chris PeBenito	e036d3d694	Module version bump for ipsec net sysctls reading from Miroslav Grepl.	2012-10-02 10:15:31 -04:00
Miroslav Grepl	672f146fec	Allow ipsec to read kernel sysctl	2012-10-02 10:14:44 -04:00
Chris PeBenito	99d1e6b9f1	Module verision bump for Debian cert file fc update from Laurent Bigonville.	2012-10-02 10:12:08 -04:00
Laurent Bigonville	e5c59868be	Add Debian location for PKI files	2012-10-02 10:10:59 -04:00
Chris PeBenito	9294b7d11f	Module version bump for cfengine fc change from Dominick Grift.	2012-10-02 10:10:18 -04:00
Dominick Grift	111b0b3176	Remove var_log_t file context spec The /var/cfengine/output location will be labeled in the forthcoming cfengine policy module that will be ported from Fedora Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-10-02 10:09:33 -04:00
Chris PeBenito	75c6d0b8c3	Module version bump for kmod fc from Laurent Bigonville.	2012-10-02 10:08:41 -04:00
Chris PeBenito	071537fab5	split kmod fc into two lines.	2012-10-02 10:08:09 -04:00
Laurent Bigonville	e57cb31d34	Add insmod_exec_t label for kmod executable lsmod, rmmod, insmod, modinfo, modprobe and depmod are now symlinks to the kmod executable	2012-10-02 09:59:28 -04:00
Chris PeBenito	7b4f78195f	Update contrib.	2012-10-01 13:27:36 -04:00
Chris PeBenito	17b43a4d8b	Update contrib.	2012-10-01 08:01:47 -04:00
Chris PeBenito	5b58ce70fd	Module version bump for Debian file context updates from Laurent Bigonville.	2012-09-17 11:08:42 -04:00
Laurent Bigonville	da349a2cfa	Add Debian location for udisks helpers	2012-09-17 10:31:39 -04:00
Laurent Bigonville	31daa917db	Add Debian locations for GDM 3	2012-09-17 10:31:38 -04:00
Chris PeBenito	0a0d071937	Module version bump for ports update from Dominick Grift.	2012-09-17 10:30:26 -04:00
Dominick Grift	53c8224fc4	Declare port types for ports used by Fedora but use /etc/services for port names rather than using fedora port names. If /etc/services does not have a port name for a port used by Fedora, skip for now. Signed-off-by: Dominick Grift <dominick.grift@gmail.com>	2012-09-17 10:06:29 -04:00
Chris PeBenito	140cd7bb6d	Module version bump for various changes from Sven Vermeulen.	2012-09-17 10:00:10 -04:00

1 2 3 4 5 ...

3548 Commits