selinux-refpolicy/policy/modules/system
Russell Coker bb90d67768
mon.te patches as well as some fstools patches related to it (#697)
* Patches for mon, mostly mon local monitoring.

Also added the fsdaemon_read_lib() interface and fstools patch because it
also uses fsdaemon_read_lib() and it's called by monitoring scripts

Signed-off-by: Russell Coker <russell@coker.com.au>

* Added the files_dontaudit_tmpfs_file_getattr() and
storage_dev_filetrans_fixed_disk_control() interfaces needed

Signed-off-by: Russell Coker <russell@coker.com.au>

* Fixed the issues from the review

Signed-off-by: Russell Coker <russell@coker.com.au>

* Specify name to avoid conflicting file trans

Signed-off-by: Russell Coker <russell@coker.com.au>

* fixed dontaudi_ typo

Signed-off-by: Russell Coker <russell@coker.com.au>

* Changed storage_dev_filetrans_fixed_disk to have a mandatory parameter for the object class

Signed-off-by: Russell Coker <russell@coker.com.au>

* Remove fsdaemon_read_lib as it was already merged

Signed-off-by: Russell Coker <russell@coker.com.au>

---------

Signed-off-by: Russell Coker <russell@coker.com.au>
2023-09-28 09:55:56 -04:00
..
application.fc
application.if
application.te
authlogin.fc debian motd.d directory (#689) 2023-09-21 10:21:25 -04:00
authlogin.if debian motd.d directory (#689) 2023-09-21 10:21:25 -04:00
authlogin.te separate label for /etc/security/opasswd 2023-09-12 15:52:20 -04:00
clock.fc
clock.if
clock.te
daemontools.fc
daemontools.if
daemontools.te
fstools.fc fstools: handle gentoo place for drivedb.h 2022-12-12 21:04:37 +01:00
fstools.if Keep context of blkid file/dir when created by zpool. 2023-05-15 19:33:41 +02:00
fstools.te mon.te patches as well as some fstools patches related to it (#697) 2023-09-28 09:55:56 -04:00
getty.fc
getty.if
getty.te
hostname.fc
hostname.if
hostname.te
init.fc Create a new specific file label for the random seed 2023-09-12 19:26:43 +02:00
init.if misc small patches for cron policy (#701) 2023-09-28 09:46:14 -04:00
init.te mon.te patches as well as some fstools patches related to it (#697) 2023-09-28 09:55:56 -04:00
ipsec.fc
ipsec.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
ipsec.te
iptables.fc
iptables.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
iptables.te various: fixes for kubernetes 2022-11-04 14:25:52 -04:00
iscsi.fc
iscsi.if
iscsi.te iscsi: Read initiatorname.iscsi. 2023-02-07 16:02:01 -05:00
libraries.fc
libraries.if small network patches (#707) 2023-09-25 11:44:52 -04:00
libraries.te
locallogin.fc
locallogin.if
locallogin.te small systemd patches (#708) 2023-09-27 09:20:52 -04:00
logging.fc rsyslog: add label for /var/empty/dev/log 2023-01-04 15:41:46 +01:00
logging.if separate domain for journalctl during init 2023-09-26 12:47:37 -04:00
logging.te Merge pull request #679 from gtrentalancia/audit_fixes_pr 2023-09-14 10:49:38 -04:00
lvm.fc lvm: Add fc entry for /etc/multipath/* 2023-02-08 08:09:30 -05:00
lvm.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
lvm.te mon.te patches as well as some fstools patches related to it (#697) 2023-09-28 09:55:56 -04:00
metadata.xml
miscfiles.fc
miscfiles.if container, miscfiles: transition to s0 for public content created by containers 2022-11-06 18:42:16 -05:00
miscfiles.te
modutils.fc
modutils.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
modutils.te To allow setting for net.netfilter.nf_* in /etc/sysctl.d/*.conf 2023-09-01 20:22:55 -04:00
mount.fc
mount.if Remove misplaced permission from mount interface 2023-09-11 09:34:58 +02:00
mount.te mount: allow mount_t to get attributes for all directories 2023-09-20 13:31:50 +08:00
netlabel.fc
netlabel.if
netlabel.te
raid.fc
raid.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
raid.te mon.te patches as well as some fstools patches related to it (#697) 2023-09-28 09:55:56 -04:00
selinuxutil.fc
selinuxutil.if
selinuxutil.te selinuxutil: permit run_init to read kernel sysctl 2023-01-25 21:33:13 +01:00
setrans.fc
setrans.if
setrans.te
sysnetwork.fc
sysnetwork.if small network patches (#707) 2023-09-25 11:44:52 -04:00
sysnetwork.te
systemd.fc separate domain for journalctl during init 2023-09-26 12:47:37 -04:00
systemd.if misc small patches for cron policy (#701) 2023-09-28 09:46:14 -04:00
systemd.te separate domain for journalctl during init 2023-09-26 12:47:37 -04:00
udev.fc
udev.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
udev.te systemd: allow daemons to access memory.pressure 2023-03-17 13:02:11 +00:00
unconfined.fc
unconfined.if
unconfined.te unconfined: Keys are linkable by systemd. 2023-09-18 17:05:23 -04:00
userdomain.fc
userdomain.if small storage changes (#706) 2023-09-25 11:46:04 -04:00
userdomain.te Allow all users to (optionally) send syslog messages 2023-09-19 09:14:08 -04:00
xdg.fc
xdg.if crio: new policy module 2022-11-04 13:55:15 -04:00
xdg.te
xen.fc
xen.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
xen.te