selinux-refpolicy

Author	SHA1	Message	Date
Kenton Groombridge	09a747a16d	sysadm: make haproxy admin Signed-off-by: Kenton Groombridge <concord@gentoo.org>	2024-06-28 09:52:40 -04:00
Dave Sugar	cc46c3296a	SELinux policy for cockpit Setup domain for cockpit-certificate-ensure Setup service rules Signed-off-by: Dave Sugar <dsugar100@gmail.com>	2024-01-26 21:05:27 -05:00
Kenton Groombridge	b1a8799185	sysadm: allow using networkctl Signed-off-by: Kenton Groombridge <concord@gentoo.org>	2023-12-17 23:42:07 -05:00
Kenton Groombridge	e59404bd44	init, sysadm: allow sysadm to manage systemd runtime units On systemd 252, mount units generated from /etc/fstab result in services labeled init_runtime_t. Allow sysadm to manage these services. Signed-off-by: Kenton Groombridge <me@concord.sh>	2022-12-12 10:32:10 -05:00
Kenton Groombridge	f1718529d2	sysadm: allow running kubernetes Signed-off-by: Kenton Groombridge <me@concord.sh>	2022-11-04 13:55:15 -04:00
Chris PeBenito	20090ad098	Merge pull request #546 from 0xC0ncord/opensm Add a policy for OpenSM	2022-09-26 16:42:21 -04:00
Kenton Groombridge	2f53213caf	sysadm: allow opensm access Signed-off-by: Kenton Groombridge <me@concord.sh>	2022-09-26 16:35:19 -04:00
Dave Sugar	0cace1e7a3	fapolicyd: Initial SELinux policy Signed-off-by: Dave Sugar <dsugar100@gmail.com>	2022-09-15 20:42:56 -04:00
Kenton Groombridge	24c3747b67	sysadm: allow admin access to zfs Signed-off-by: Kenton Groombridge <me@concord.sh>	2022-09-13 14:34:44 -04:00
Kenton Groombridge	b1fb8cbdfe	sysadm: allow sysadm to rw ipmi devices Signed-off-by: Kenton Groombridge <me@concord.sh>	2022-09-13 14:34:44 -04:00
Kenton Groombridge	fb531e2688	sysadm: allow sysadm to watch journal directories Required when using 'podman logs -f' Signed-off-by: Kenton Groombridge <me@concord.sh>	2022-04-02 13:47:39 -04:00
Kenton Groombridge	093e280e77	sysadm: allow container admin access Signed-off-by: Kenton Groombridge <me@concord.sh>	2022-01-24 11:07:02 -05:00
Chris PeBenito	78276fc43b	Drop module versioning. Semodule stopped using this many years ago. The policy_module() macro will continue to support an optional second parameter as version. If it is not specified, a default value of 1 is set. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2022-01-06 09:19:13 -05:00
Chris PeBenito	47a229198d	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-11-14 18:57:40 -05:00
Chris PeBenito	e0d1b94c8e	Merge pull request #412 from 0xC0ncord/bugfix/systemd-user-exec-apps-hookup	2021-11-14 18:57:19 -05:00
Chris PeBenito	2d371fcee2	various: Module version bump. Signed-off-by: Chris PeBenito <pebenito@ieee.org>	2021-11-09 11:13:37 -05:00
Kenton Groombridge	82767eaade	sysadm, systemd: fixes for systemd-networkd Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-11-09 11:05:48 -05:00
Kenton Groombridge	b591857dcd	cryfs, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	efd8b75386	shutdown, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	22f5be2547	hadoop, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	77ed833ba2	wm, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	7ba794a6a7	wireshark, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	92330a3119	vmware, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	6d9dd8d5dc	userhelper, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	32acf9ccac	uml, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	787cb62e75	tvtime, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	2efb746c67	thunderbird, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	da2ef960bb	su, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	8ef3a91347	spamassassin, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	0ac3f4ea2c	rssh, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	34c7853f00	razor, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	1339b7db0c	pyzor, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	9554af912d	openoffice, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	b3b8942040	mta, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	ffdbf9c86e	mplayer, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	f5f0af2c24	mozilla, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	34f7b026ea	lpd, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	8bdab0397c	libmtp, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	0f650e0dc5	java, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	b7980a45fc	irc, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	56a50fb56c	gpg, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	7cd14e0c49	gnome, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	d5246d98aa	games, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	ab30d35882	evolution, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	8875024efc	dirmngr, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	95cf374eee	cron, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	4d7eb76fb9	chromium, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	99c2c94507	cdrecord, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	afa5769b4c	bluetooth, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00
Kenton Groombridge	386d00de34	authlogin, roles: use user exec domain attribute Signed-off-by: Kenton Groombridge <me@concord.sh>	2021-10-13 19:07:34 -04:00

1 2 3 4 5

204 Commits