1071 lines
49 KiB
Text
1071 lines
49 KiB
Text
* Wed Apr 24 2013 Chris PeBenito <selinux@tresys.com> - 2.20130424
|
|
Chris PeBenito (18):
|
|
Rewrite of mcelog module from Guido Trentalancia
|
|
Remove unnecessary lines in mcelog.te.
|
|
Slight rearrangement in mcelog.te.
|
|
Module version bump for mcelog update from Guido Trentalancia.
|
|
Module version bump for ntp module fixes from Dominick Grift.
|
|
Module version bump for fc substitutions optimizations from Sven
|
|
Vermeulen.
|
|
Module version bump for postfix/mta misc fixes from Sven Vermeulen.
|
|
Module version bump for init_daemon_run_dirs usage from Sven Vermeulen.
|
|
Turn off all tunables by default, from Guido Trentalancia.
|
|
Module version bump for tunable default change.
|
|
Module version bump for saslauthd tcp mysql connections from Mika Flueger.
|
|
Move kernel request line in quota.
|
|
Module version bump for quota kernel module request from Mika Pflueger.
|
|
Module version bump for djbdns ports fixes from Russell Coker.
|
|
Remove stray + in keystone.te.
|
|
Whitespace fixes in cron.fc.
|
|
Module version bump for pulseaudio type_transition conflict fix from Sven
|
|
Vermeulen.
|
|
Bump module versions for release.
|
|
|
|
Dominick Grift (889):
|
|
Initial BIRD Internet Routing Daemon policy
|
|
oident daemon fixes
|
|
Introduce ntp_conf_t
|
|
Allow ntp_admin() to manage ntp_drift_t content.
|
|
List etc_t directories
|
|
Use "Role allowed access." for consistency
|
|
Use permissions sets for compatibility.
|
|
Remove getattr permision from ntp_admin()
|
|
Initial Sensord policy module
|
|
Various block_suspend capability2 support from Fedora
|
|
Gitolite3 support from Fedora
|
|
/var/lib/sqlgrey is greylist milter data from Fedora
|
|
Terminal related fixes for plymouthd from Fedora Support block_suspend
|
|
capability2 for plymouth
|
|
Support minimal polkit in new location
|
|
Support ldap for user authentication from Fedora
|
|
Sanlock sends kill signals to non-root processes from Fedora Various
|
|
other capabilities for sanlock from Fedora
|
|
Initial support for sqlgrey from Fedora
|
|
Tor reads network sysctls from Fedora
|
|
GPG agent reads /dev/random from Fedora
|
|
Freshclam reads system and network state from Fedora
|
|
Execute wpa_cli in the NetworkManager_t domain for wicd from Fedora
|
|
lpstat.cups reads fips_enabled from Fedora
|
|
Initial system tap compile server policy module
|
|
Systemtap server admin manages stapserver_var_lib_t content
|
|
Telepathy Idle reads gschemas.compiled from Fedora
|
|
Initial slpd policy module
|
|
Initial lightsquid policy module
|
|
Initial wdmd policy module
|
|
Initial mailscanner policy module and some depencies.
|
|
Support slpd log rotation
|
|
Initial numad policy module
|
|
Open log files for append only
|
|
CGClear reads CGConfig files from Fedora Cosmetic changes to cgroup
|
|
policy module File contexts of cgroup app executables files in
|
|
/sbin also apply to /usr/sbin Make cgroup_admin() a bit more
|
|
compact
|
|
Initial svnserve policy module
|
|
Various small changes to ucspitcp
|
|
Initial fcoe policy module
|
|
Initial lldpad policy module
|
|
fcoemon sends to lldpad with a dgram socket
|
|
Initial quantum policy module
|
|
Initial dspam policy module
|
|
Module version bump for Telepathy file context spec fixes from Laurent
|
|
Bigonville.
|
|
Initial isns policy module
|
|
Various changes to tcs policy module
|
|
Initial ctdb policy module
|
|
Various changes to the sblim policy module and its dependencies
|
|
Initial polipo policy module
|
|
Module version bump for networkmanager fixes
|
|
Fixes to the polipo policy module
|
|
Module version bump for smartmon fixes from Laurent Bigonville.
|
|
Module version bump for accountsd file context spec fix from Laurent
|
|
Bigonville.
|
|
Various changes to the raid module
|
|
Module version bump for rtkit file context spec fix from Laurent
|
|
Bigonville
|
|
Initial couchdb policy module
|
|
Changes to the bind policy module
|
|
Initial dnssectrigger policy module
|
|
Initial man2html policy module
|
|
Initial openhpi policy module
|
|
Bind sends/receives http server instead of client packets conditionally
|
|
Two file context regular expression fixes by Eric Paris
|
|
Type mdadm_t is no longer a unconfined type
|
|
Initial pkcs policy module
|
|
Initial cfengine policy module
|
|
Initial keystone policy module
|
|
Initial l2tp policy module
|
|
Initial mongodb policy module
|
|
cfengine whitespace cleanup
|
|
Changes to the accountsservice policy module
|
|
Changes to the acct policy module
|
|
Changes to the ada policy module
|
|
changes to the afs policy module
|
|
Changes to the accountsservice policy module
|
|
Changes to the aiccu policy module
|
|
Changes to the aide policy module
|
|
Syntax error in afs_admin()
|
|
Changes to the aisexec policy module
|
|
Changes to the alsa policy module
|
|
Changes to the amanda policy module
|
|
Changes to the amavisd policy module and relevant dependencies
|
|
Changes to the amtu policy module
|
|
Changes to the anaconda policy module
|
|
Changes to the abrt policy module and relevant dependencies
|
|
numad sends/receives msgs from Fedora
|
|
Amtu executable file in installed in /usr/sbin in Fedora
|
|
The (usr/)? expression does not work consistently so better not use it
|
|
at all
|
|
Changes to the httpd policy module
|
|
Merge branch 'master' of
|
|
ssh://dgrift@oss.tresys.com/home/git/refpolicy-contrib
|
|
Fixes to the apache policy module and dependencies
|
|
Changes to the apcupsd policy module
|
|
Role attributes for lightsquid application domain
|
|
Changes to the mailscanner module
|
|
Changes to the svnserve policy module
|
|
Changes to the quantum policy module
|
|
Changes to the dspam module
|
|
Changes to the ctdb policy module
|
|
Changes to the couchdb policy module
|
|
Changes to the openhpid policy module
|
|
Changes to the keystone policy module
|
|
Changes to the l2tp policy module
|
|
Changes to the apm module and relevant dependencies
|
|
Changes to the arpwatch policy module
|
|
Changes to the apcupsd policy module
|
|
Changes to the abrt policy module
|
|
Changes to the apache policy module
|
|
Changes to the asterisk policy module and dependencies
|
|
Changes to the authbind policy module
|
|
Changes to the automount policy module
|
|
Change acpid lock file context spec
|
|
Changes to the avahi policy module and dependencies
|
|
Changes to the awstats policy module
|
|
Changes to the bacula policy module
|
|
Changes to the bcfg2 policy module
|
|
Changes to the apt policy module
|
|
Changes to the apache policy module
|
|
Changes to the backup module
|
|
Changes to the bind policy module
|
|
Bird module clean up
|
|
Fix arpwatch connected_stream_socket_perms
|
|
Changes to the bitlbee policy module
|
|
Changes to the blueman policy module
|
|
Changes to the bluetooth policy module
|
|
Changes to the brctl policy module
|
|
Changes to the apache policy module
|
|
Changes to the bugzilla policy module
|
|
Changes to the calamaris policy module
|
|
Implement lightsquid_admin()
|
|
Changes to the apache policy module and dependencies
|
|
Initial boinc policy module
|
|
Initial callweaver policy module
|
|
Changes to the canna policy module
|
|
Changes to the ccs policy module
|
|
Changes to the cdrecord policy module
|
|
Changes to the certmaster policy module and various role attribute fixes
|
|
cdrecord needs to read and write callers unix domain stream socket not
|
|
create it
|
|
Changes to the certmonger policy module and its dependencies
|
|
Initial cachefilesd policy module
|
|
Changes to the certwatch policy module
|
|
Changes to the chronyd policy module
|
|
Changes to the cipe policy module
|
|
Changes to the clamav policy module
|
|
Various network clean up
|
|
Add dev_rw_cachefiles() to cachefilesd policy module
|
|
Changes to the clockspeed policy module
|
|
Changes to the clogd policy module
|
|
Changes to the cmirrord policy module
|
|
Changes to the cobbler policy module
|
|
Changes to the colord policy module
|
|
Changes to the comsat policy module
|
|
Initial collectd policy module
|
|
Initial condor policy module and relevant dependencies
|
|
Changes to the consolekit policy module and relevant dependencies
|
|
Changes to the corosync policy module and relevant dependencies
|
|
Clean up couchdb network rules
|
|
Changes to the courier policy module
|
|
Changes to the cpucontrol policy module
|
|
Changes to the cpufreqselector policy module
|
|
Changes to the cron policy module and relevant dependencies
|
|
Changes to the cups policy module and relevant dependencies
|
|
Changes to the cvs policy module
|
|
Remove redundant connect avperms
|
|
Changes to the cyphesis policy module
|
|
Remove redundant rules from apache_admin()
|
|
Changes to the cyrus policy module
|
|
Changes to the daemontools policy module
|
|
Changes to the dante policy module
|
|
Modify dbadm boolean descriptions
|
|
Changes to the dbus policy module and its dependencies
|
|
Changes to the dcc policy module
|
|
Changes to the ddclient policy module
|
|
Changes to the ddcprobe policy module
|
|
Changes to the denyhosts policy module
|
|
Changes to the devicekit policy module and relevant dependencies
|
|
Changes to the dhcpd policy module
|
|
Changes tothe dictd policy module
|
|
Changes to the discc policy module
|
|
Changes to the djbdns policy module
|
|
Changes to the dkim policy module
|
|
Changes to the dmidecode policy module
|
|
Module bump for Laurent Bigonville trousers init script file context
|
|
specification fix
|
|
Module bump for Laurent Bigonville libvirt init script file context
|
|
specification fix
|
|
Changes to the dnsmasq policy module and relevant dependencies
|
|
Changes to the dovecot policy module
|
|
Changes to the dpkg policy module
|
|
Changes to the entropyd policy module
|
|
Changes to the evolution policy module
|
|
Changes to the exim policy module and relevant dependencies
|
|
Changes to the cron policy module
|
|
Changes to the fail2ban policy module
|
|
fcoemon XML clean up
|
|
Changes to the fetchmail policy module
|
|
Changes to the fingerd policy module
|
|
Initial firewalld policy module
|
|
Changes to the firstboot policy module
|
|
Changes to the fprint policy module and relevant dependencies
|
|
Changes to the ftp module
|
|
Changes to the games policy module
|
|
Clean up evolution and cdrecord XML
|
|
Changes to the gatekeeper policy module
|
|
Changes to the gift policy module
|
|
Changes to the git policy module
|
|
Changes to the gitosis policy module
|
|
Changes to the glance policy module
|
|
Initial glusterfs policy module
|
|
Add gatekeeper newline
|
|
Deprecate glusterd_admin() use glusterfs_admin() instead
|
|
Portage module version bump for autofs support by Matthew Thode and
|
|
clean up
|
|
cfengine: This location is now labeled with a cfengine private type
|
|
Changes to the slpd policy module
|
|
Changes to the gnomeclock policy module and relevant dependencies
|
|
Changes to the gpg policy module
|
|
Changes to the gpm policy module
|
|
Changes to the gpsd policy module and relevant dependencies
|
|
changes to the guest policy module
|
|
Changes to the gnomeclock policy module
|
|
Deprecate various DBUS interfaces and relevant dependencies
|
|
Changes to the cachefilesd policy module
|
|
Remove file context specification for kgpg which is a GUI frontend to
|
|
GPG. Domain transition to gpg_t will happen when kgpg runs gpg.
|
|
(rhbz#862229)
|
|
Initial mandb policy module
|
|
Changes to the hadoop policy module
|
|
Changes to the hald policy module
|
|
Changes to the hddtemp policy module
|
|
Changes to the howl policy module
|
|
changes to the mandb policy module
|
|
Changes to the dbus policy module
|
|
Changes to the rpm policy module
|
|
Changes to the i18n_input policy module
|
|
Changes to the icecast policy module
|
|
Changes to the ifplugd policy module
|
|
Changes to the imaze policy module
|
|
Changes to the inetd policy module and relevant dependencies
|
|
Changes to the innd policy module
|
|
Changes to the irc policy module
|
|
Changes to the ircd policy module
|
|
Changes to the irc policy module
|
|
Changes to the dbus policy module
|
|
Changes to the avahi policy module
|
|
Changes to the bluetooth policy module
|
|
Changes to the aiccu policy module
|
|
Changes to the bacula policy module
|
|
Changes to the boinc policy module
|
|
Changes to the bugzilla policy module
|
|
Changes to the ccs policy module
|
|
Changes to the clamav policy module
|
|
Changes to the cobbler policy module
|
|
Changes to the cyphesis policy module
|
|
Changes to the dante policy module
|
|
Changes to the dbskk policy module
|
|
Changes to the ddclient policy module
|
|
Changes to the denyhosts policy module
|
|
Changes to the dnssectrigger policy module
|
|
Changes to the dovecot policy module
|
|
Changes to the drbd policy module
|
|
Changes to the evolution policy module
|
|
Changes to the fail2ban policy module
|
|
Changes to the firewalld policy module
|
|
Changes to the firstboot policy module
|
|
Changes to the games policy module
|
|
Changes to the gift policy module
|
|
Changes to the glance policy module
|
|
Changes to the hald policy module
|
|
Changes to the dbus policy module
|
|
Changes to the git policy module
|
|
Changes to the polipo policy module
|
|
Changes to the firewalld policy module
|
|
Changes to the gpg policy module
|
|
Tab clean up in ircbalance file context file
|
|
Changes to the irqbalance policy module
|
|
Tab clean up in iscsi file context file
|
|
Changes to the iscsi policy module
|
|
Tab clean up in jabber file context file
|
|
Changes to the jabberd policy module
|
|
Changes to the pyicqt policy module
|
|
Tab clean up in java file context file
|
|
Changes to the java policy module
|
|
Changes to the dbus policy module
|
|
Changes to the gnome policy module
|
|
Changes to the apache policy module
|
|
Changes to the accountsd policy module
|
|
Changes to the alsa policy module
|
|
Changes to the evolution policy module
|
|
Changes to the bluetooth policy module
|
|
Changes to the games policy module
|
|
Changes to the gift policy module
|
|
Changes to the gpg policy module
|
|
Changes to the hadoop policy module
|
|
Tab clean up in kdump file context file
|
|
Changes to the kdump policy module
|
|
Changes to the gpg policy module
|
|
Changes to the dbus policy module
|
|
Changes to the evolution policy module
|
|
Changes to the gpm policy module
|
|
Version bump for evolution file context fixes by Laurent Bigonville
|
|
Version bump for nut file context fixes by Laurent Bigonville
|
|
Changes to the kdumpgui policy module
|
|
Tab clean up in kerberos file context file
|
|
Changes to the kerberos policy module and relevant dependencies
|
|
Changes to the kerneloops policy module
|
|
Tab clean up in kerberos file context file
|
|
Changes to the kismet policy module
|
|
Clean up amavis XML header
|
|
Initial keyboardd policy module
|
|
Tab clean up in ksmtuned file context file
|
|
Changes to the ksmtuned policy module
|
|
Tab clean up in ktalk file context file
|
|
Changes to the ktalk policy module
|
|
Changes to the kudzu policy module
|
|
Initial iodine policy module
|
|
Initial dirmngr policy module
|
|
Changes to the iodine policy module
|
|
Changes to the kerberos policy module
|
|
Changes to the kdumpgui policy module
|
|
Update deprecated interface calls ( gnome_read_config ->
|
|
gnome_read_generic_home_content )
|
|
Changes to the mozilla policy module
|
|
Changes to the thunderbird policy module
|
|
Changes to the l2tp policy module
|
|
Tab clean up in ldap file context file
|
|
Changes to the ldap policy module
|
|
Tab clean up in likewise file context file
|
|
Changes to the likewise policy module
|
|
Tab clean up in lircd file context file
|
|
Changes to the lircd policy module
|
|
Changes to the livecd policy module
|
|
Tab clean up in loadkeys file context file
|
|
Changes to the loadkeys policy module and relevant dependencies
|
|
Tab clean up in lockdev file context file
|
|
Changes to the lockdev policy module
|
|
Tab clean up in logrotate file context file
|
|
Changes to the logrotate policy module and relevant dependencies
|
|
Tab clean up in logwatch file context file
|
|
Changes to the logrotate policy module
|
|
Changes to the logwatch policy module
|
|
Tab clean up in lpd file context file
|
|
Changes to the lpd policy module
|
|
Tab clean up in cron policy module
|
|
Changes to the lpd policy module
|
|
Changes to the consolekit policy module
|
|
Tab fix in cron policy module
|
|
Tab clean up in mailman file context file
|
|
Changes to the mailman policy module and relevant dependencies
|
|
Tab clean up in mcelog file context file
|
|
Changes to the mcelog policy module
|
|
Tab clean up in mediawiki file context file
|
|
Mediawiki XML clean up
|
|
Tab clean up in memcached file context file
|
|
Changes to the memcached policy module
|
|
Changes to the apache policy module
|
|
Tab clean up in milter file context file
|
|
Changes to the milter policy module and relevant dependencies
|
|
Changes to the modemmanager policy module
|
|
Tab clean up in mojomojo file context file
|
|
Changes to the mojomojo policy module and relevant dependencies
|
|
Changes to the gpg policy module
|
|
Changes to the mongodb policy module
|
|
Changes to the mono policy module
|
|
Changes to the monop policy module
|
|
Tab clean up in mozilla file context file
|
|
Changes to the mozilla policy module and relevant dependencies
|
|
Changes to the mozilla policy module
|
|
Changes to the apache policy module
|
|
Tab clean up in mpd file context file
|
|
Changes to the mpd policy module
|
|
Tab clean up in mplayer file context file
|
|
Changes to the evolution policy module
|
|
Changes to the mplayer policy module
|
|
Changes to the irc policy module
|
|
Tab clean up in mrtg file context file
|
|
Changes to the mrtg policy module
|
|
Tab clean up in mta file context file
|
|
Changes to the mta policy module and relevant dependencies
|
|
Changes to the mta policy module and relevant dependencies
|
|
Get rid of mozilla_conf_t as it is unused
|
|
Changes to the logrotate policy module
|
|
Changes to the logwatch policy module
|
|
Changes to the java policy module
|
|
Changes to the apache module and relevant dependencies
|
|
Tab clean up in munin file context file
|
|
Changes to the munin policy module and relevant dependencies
|
|
Tab clean up in mysql file context file
|
|
Changes to mysqld policy module
|
|
Changes to various policy modules
|
|
Changes to the munin policy module
|
|
Changes to the dovecot policy module
|
|
Changes to various policy modules
|
|
Changes to the mta policy module
|
|
Changes to the certmonger policy module and relavant dependencies
|
|
Tab clean up in nagios file context file
|
|
Changes to the nagios policy module and relevant dependencies
|
|
Changes to the modutils policy module
|
|
Tab cleanup in the nessus file context file
|
|
Changes to the nessus policy module
|
|
Tab clean up in the network manager file context file
|
|
Changes to the networkmanager policy module and relevant dependencies
|
|
Changes to the mozilla policy module
|
|
Changes to the cobbler policy module
|
|
Initial rngd policy module
|
|
Tab clean up in the nis file context file
|
|
Changes to the nis policy module
|
|
Tab clean up in the nscd file context file
|
|
Changes to the nscd policy module
|
|
Tab clean up in the nsd file context file
|
|
Changes to the nsd policy module
|
|
Tab clean up in the nslcd file context file
|
|
Changes to the nslcd policy module
|
|
Tab clean up in the ntop file context file
|
|
Changes to the ntop policy module
|
|
Tab clean up in the ntp file context file
|
|
Changes to the ntp policy module
|
|
Changes to the numad policy module
|
|
Tab clean up in the nut file context file
|
|
Changes to the nut policy module
|
|
Tab clean up in the nx file context file
|
|
Changes to the nx policy module
|
|
Changes to the oav policy module
|
|
Initial obex policy module
|
|
Tab clean up in the oddjob file context file
|
|
Tab clean up in gpg policy module
|
|
Changes to the oddjob policy module
|
|
Changes to the mozilla policy module
|
|
Initial pacemaker policy module
|
|
Tab clean up in the oidentd file context file
|
|
Changes to the oident policy module
|
|
Tab clean up in the openca file context file
|
|
Changes to the openca policy module
|
|
Tab clean up in the openct file context file
|
|
Changes to the openct policy module
|
|
Tab clean up in the openvpn file context file
|
|
Changes to the openvpn policy module
|
|
Tab clean up in the pads file context file
|
|
Changes to the pads policy module
|
|
Tab clean up in the passenger file context file
|
|
Changes to the passenger policy module and relevant dependencies
|
|
Tab clean up in the pcmcia file context file
|
|
Changes to the pcmcia policy module
|
|
Tab clean up in the pcscd file context file
|
|
Changes to the pcscd policy module and relevant dependencies
|
|
Tab clean up in the pegasus file context file
|
|
Changes to the pegasus policy module
|
|
Tab clean up in the perdition file context file
|
|
Changes to the perdition policy module
|
|
Tab clean up in the pingd file context file
|
|
Changes to the pingd policy module
|
|
Changes to the plymouthd policy module
|
|
Changes to the mozilla policy module
|
|
Changes to the plymouth policy module
|
|
Tab clean up in the podsleuth file context file
|
|
Changes to the podsleuth policy module
|
|
Tab clean up in the policykit file context file
|
|
Changes to the policykit policy module and relevant dependencies
|
|
Tab clean up in the portage file context file
|
|
Changes to the portage policy module
|
|
Tab clean up in the portmap file context file
|
|
Changes to the portmap policy module
|
|
Tab clean up in the portreserve file context file
|
|
Changes to the portreserve policy module
|
|
Tab clean up in the portslave file context file
|
|
Changes to the portslave policy module and relevant dependencies
|
|
Tab clean up in the postfix file context file
|
|
Changes to the postfix policy module and relevant dependencies
|
|
Fixes to various policy modules
|
|
Tab clean up in the postfixpolicyd file context file
|
|
Changes to the postfixpolicyd policy module
|
|
Tab clean up in the postgrey file context file
|
|
Changes to the postgrey policy module
|
|
Tab clean up in the ppp file context file
|
|
Changes to the ppp policy module and relevant dependencies
|
|
Tab clean up in the prelink file context file
|
|
Changes to the prelink policy module and relevant dependencies
|
|
Tab clean up in the prelude file context file
|
|
Changes to the prelude policy module
|
|
Tab clean up in the privoxy file context file
|
|
Changes to the privoxy policy module
|
|
Tab clean up in the procmail file context file
|
|
Changes to the procmail policy module
|
|
Tab clean up in the psad file context file
|
|
Changes to the psad policy module
|
|
Changes to the ptchown policy module
|
|
Tab clean up in the publicfile file context file
|
|
Changes to the publicfile policy module
|
|
Fix a fatal syntax error in mozilla_plugin_role()
|
|
Changes to the plymouth policy module
|
|
Changes to the policykit policy module
|
|
Module version bump for fixes in shorewall, fail2ban and portage policy
|
|
modules by Sven Vermeulen
|
|
Tab clean up in the puppet file context file
|
|
Changes to ther puppet policy module and relevant dependencies
|
|
Initial pwauth policy module
|
|
Tab clean up in the pxe file context file
|
|
Changes to the pxe policy module
|
|
Tab clean up in the pyzor file context file
|
|
Changes to the pyzor policy module
|
|
Tab clean up in the qemu file context file
|
|
Changes to the qemu policy module
|
|
Tab clean up in the virt file context file
|
|
Changes to the virt policy module and relevant depedencies
|
|
Changes to the virt policy module
|
|
Changes to the cron policy module
|
|
Changes to the qemu policy module
|
|
Changes to the virt policy module
|
|
Epylog wants sys_nice and setsched
|
|
Tab clean up in the qmail file context file
|
|
Changes to the qmail policy module
|
|
Tab clean up in the qpid file context file
|
|
Changes to the qpid policy module
|
|
Tab clean up in the quota file context file
|
|
Changes to the quota policy module and relevant dependencies
|
|
Initial rabbitmq policy module
|
|
Tab clean up in the radius file context file
|
|
Changes to the radius policy module
|
|
Tab clean up in the radvd file context file
|
|
Changes to the radvd policy module
|
|
Changes to the raid policy module
|
|
Tab clean up in the razor file context file
|
|
Changes to the razor policy module and relevant dependencies
|
|
Smokeping cgi needs to run ping with a domain transition Remove
|
|
redundant socket create already provided by
|
|
sysnet_dns_name_resolve()
|
|
Changes to the virt policy module
|
|
Changes to the apache policy module
|
|
Changes to the gnome policy module
|
|
Changes to the rdisc policy mpdule
|
|
Changes to the readahead policy module
|
|
Changes to the remotelogin policy module
|
|
Tab clean up in the resmgr file context file
|
|
Changes to the resmgr policy module
|
|
Tab clean up in the rgmanager file context file
|
|
Changes to the rgmanager policy module
|
|
Initial Realmd policy module and relevant dependencies
|
|
Fix resmgrd init script file context specification
|
|
Changes to the cups policy module
|
|
automount reads overcommit_memory
|
|
Changes to the networkmanager policy module
|
|
Freshclam manages amavis spool content
|
|
Changes to the tftp policy module
|
|
Changes to the cobbler policy module
|
|
Tab clean up in the rhcs file context file
|
|
Changes to the rhcs policy module and relevant dependencies
|
|
Tab clean up in the rhgb file context file
|
|
Changes to the rhgb policy module
|
|
Tab clean up in the rhsmcertd file context file
|
|
Changes to the rhsmcertd policy module
|
|
Tab clean up in the ricci file context file
|
|
Changes to the ricci policy module
|
|
Tab clean up in the rlogin file context file
|
|
Changes to the rlogin policy module
|
|
Tab clean up in the roundup file context file
|
|
Changes to the roundup policy module
|
|
Changes to the remotelogin policy module
|
|
Changes to the apache policy module
|
|
Changes to the awstats policy module
|
|
fix puppet_admin() need to require types that it uses
|
|
Replace wrong type in puppet_admin()
|
|
Fix a syntax error in ricci_domtrans()
|
|
Catch all rpcbind content in /var/run
|
|
Changes to the cups policy module
|
|
Tab clean up in the rpc file context file
|
|
Changes to the rpc policy module
|
|
Tab clean up in the rpcbind file context file
|
|
Changes to the rpcbind policy module
|
|
Tab clean up in the rpm file context file
|
|
Changes to the rpm policy module and depedencies
|
|
Changes to the rshd policy module
|
|
Changes to the virt policy module
|
|
Changes to the rssh policy module
|
|
Tab clean up in the rsync file context file
|
|
Fix a typo in apache XML
|
|
Changes to the rsync policy module
|
|
Changes to the rtkit policy module
|
|
Tab clean up in the rwho file context file
|
|
Changes to the rwho policy module
|
|
Reads /proc/sys/kernel/random/poolsize
|
|
Tab clean up in the samba file context file
|
|
Changes to the samba policy module and relevant dependencies
|
|
Tab clean up in the sambagui file context file
|
|
Changes to the sambagui policy module
|
|
Initial firewallgui policy module
|
|
Tab clean up in the samhain file context file
|
|
Changes to the samhain policy module
|
|
Tab clean up in the sanlock file context file
|
|
Changes to the sanlock policy module and relevant dependencies
|
|
Tab clean up in the sasl file context file
|
|
Changes to the sasl policy module
|
|
Chnages to the sblim policy module
|
|
Tab clean up in the screen file context file
|
|
Changes to the screen policy module
|
|
Tab clean up in the sectoolm file context file
|
|
Changes to firewallgui policy module
|
|
Changes to the sectoolm policy module
|
|
Tab clean up in the sendmail file context file
|
|
Changes to the sendmail policy module and relevant dependencies
|
|
Tab clean up in the setroubleshoot file context file
|
|
Changes to the setroubleshoot policy module
|
|
Tab clean up in the shorewall file context file
|
|
Changes to the shorewall policy module
|
|
Tab clean up in the shutdown file context file
|
|
Changes to the shutdown policy module and relevant dependencies
|
|
Tab clean up in the slocate file context file
|
|
Changes to the slocate policy module and relevant dependencies
|
|
These domains transition to shutdown domain now so they no longer need
|
|
direct access
|
|
Re-add missing network rule in screen policy module
|
|
fail2ban server sets scheduler
|
|
shutdown XML clean up
|
|
libvirtd sets kernel scheduler
|
|
mongod reads cpuinfo_max_freq
|
|
Changes to the slrnpull policy module
|
|
Tab clean up in the smartmon file context file
|
|
Changes to the smartmon policy module
|
|
Tab clean up in the smokeping file context file
|
|
Changes to the smokeping policy module
|
|
Tab clean up in the smoltclient file context file
|
|
Changes to the smoltclient policy module
|
|
Tab clean up in the snmp file context file
|
|
Changes to the snmp policy module
|
|
Tab clean up in the snort file context file
|
|
Changes to the snort policy module
|
|
Changes to the sosreport policy module and relevant dependencies
|
|
Tab clean up in the soundserver file context file
|
|
Changes to the soundserver policy module
|
|
Tab clean up in the spamassassin file context file
|
|
Changes to the spamassassin policy module and relevant dependendies
|
|
spamassassin_role callers create ~/.spamd with the spamd_home_t user
|
|
home type instead
|
|
Re-add sys_admin capability that was lost with porting from Fedora
|
|
Move mailscanner content to mailscanner module
|
|
Changes to the speedtouch policy module
|
|
Tab clean up in the squid file context file
|
|
Changes to the squid policy module
|
|
Changes to the sssd policy module
|
|
Tab clean up in the stunnel file context file
|
|
Changes to the stunnel policy module
|
|
Tab clean up in the sxid file context file
|
|
Changes to the sxid policy module
|
|
Tab clean up in the sysstat file context file
|
|
Changes to the sysstat policy module
|
|
Tab clean up in the tcpd file context file
|
|
Changes to the tcpd policy module
|
|
Changes to the tcsd policy module
|
|
Tab clean up in the telepathy file context file
|
|
Changes to the telepathy policy module
|
|
Tab clean up in the telnet file context file
|
|
Changes to the telnet policy module
|
|
Tab clean up in the tftp file context file
|
|
Changes to the tftp policy module
|
|
Tab clean up in the tgtd file context file
|
|
Changes to the tgtd policy module
|
|
Tab clean up in the thunderbird file context file
|
|
Changes to the thunderbird policy module
|
|
Catch /var/log/cron directory as well
|
|
Dovecot module version bump for fixes by Sven Vermeulen
|
|
Portage module version bump for fixes by Sven Vermeulen
|
|
Cron module version bump for fixes by Sven Vermeulen
|
|
Changes to the exim policy module
|
|
Entropyd reads /proc/meminfo
|
|
Blueman reads tmp_t directories
|
|
Do not audit attempts by cups config to read tmp_t directories
|
|
Do not audit attempts by fail2ban to read tmp_t directories
|
|
Do not audit attempts by firewalld to read tmp_t directories
|
|
Gnomeclock reads urandom and realtime clock
|
|
Kdumpctl needs sys_chroot capability
|
|
Various kdumpgui fixes from Fedora
|
|
Do not audit attempts by logwatch to read tmp_t directories
|
|
Catch all alias files
|
|
Refine aliases file transition with names
|
|
Realmd dbus chat policykit and networkmanager from Fedora
|
|
Do not audit attempts by tuned to read tmp_t directories
|
|
Changes to the timidity policy module
|
|
Tab clean up in the tmpreaper file context file
|
|
Changes to the tmpreaper policy module and relevant dependencies
|
|
Tab clean up in the tor file context file
|
|
Changes to the tor policy module
|
|
Changes to the transproxy policy module
|
|
Tab clean up in the tripwire file context file
|
|
Changes to the tripwire policy module
|
|
Tab clean up in the tuned file context file
|
|
Changes to the tuned policy module
|
|
Tab clean up in the tvtime file context file
|
|
Changes to the tvtime policy module
|
|
Changes to the tzdata policy module
|
|
Changes to the ucspitcp policy module
|
|
Tab clean up in the ulogd file context file
|
|
Changes to the ulogd policy module
|
|
Tab clean up in the uml file context file
|
|
Changes to the uml policy module
|
|
Make it so that irc clients can also get attributes of cifs, nfs, fuse
|
|
and other file systems
|
|
Changes to the updfstab policy module
|
|
Changes to the uptime policy module
|
|
Tab clean up in the usbmodules file context file
|
|
Changes to the usbmodule policy module
|
|
Changes to the usbmuxd policy module
|
|
Tab clean up in the userhelper file context file
|
|
Screen sends child terminated signals to all interactive fd domains
|
|
Changes to the userhelper policy module and relevant dependencies
|
|
Changes to the virt policy module
|
|
Module version bump for fail2ban changes by Sven Vermeulen
|
|
Changes to the rpm policy module
|
|
fix smartmon init script file context specification
|
|
Changes to the usernetctl policy module
|
|
Tab clean up in the uucp file context file
|
|
Changes to the uucp policy module
|
|
Changes to the virt policy module
|
|
Tab clean up in the uuid file context file
|
|
Changes to the uuidd policy module
|
|
Tab clean up in the uwimap file context file
|
|
Changes to the uwimap policy module
|
|
Tab clean up in the varnishd file context file
|
|
Changes to the varnishd policy module
|
|
Changes to the vbetool policy module
|
|
Tab clean up in the vdagent file context file
|
|
Changes to the vdagent policy module
|
|
Tab clean up in the vhostmd file context file
|
|
Changes to the vhostmd policy module
|
|
Changes to the vlock policy module
|
|
Tab clean up in the vmware file context file
|
|
Changes to the vmware policy module
|
|
Tab clean up in the vnstatd file context file
|
|
Changes to the vnstatd policy module
|
|
Tab clean up in the vpn file context file
|
|
Changes to the vpnc policy module
|
|
Tab clean up in the w3c file context file
|
|
Changes to the w3c policy module
|
|
Tab clean up in the watchdog file context file
|
|
Changes to the watchdog policy module
|
|
Changes to the wdmd policy module
|
|
Changes to the webadm policy modules
|
|
Changes to the webalizer policy module
|
|
White space fix in apache policy module
|
|
Changes to the wine policy module
|
|
Tab clean up in the wireshark file context file
|
|
Changes to the wireshark policy module
|
|
Tab clean up in the wm file context file
|
|
Changes to the wm policy module
|
|
Changes to the inn policy module
|
|
Move man cache file type to miscfiles
|
|
Changes to the inn policy module
|
|
More accurate dbadm boolean descriptions
|
|
mysql_admin() has access to ~/.my.cnf files
|
|
Tab clean up in the xen file context file
|
|
Changes to the xen policy module and relevant dependencies
|
|
Tab clean up in the xfs file context file
|
|
Changes to the xfs policy module
|
|
Changes to the xguest policy module and relevant dependencies
|
|
Changes to the xprint policy module
|
|
Changes to the xscreensaver policy module
|
|
Tab clean up in the yam file context file
|
|
Changes to the yam policy module
|
|
Tab clean up in the zabbix file context file
|
|
Changes to the zabbix policy module
|
|
Tab clean up in the zarafa file context file
|
|
Changes to the zarafa policy module
|
|
Tab clean up in the zebra file context file
|
|
Changes to the zebra policy module
|
|
Changes to the zosremote policy module
|
|
Changes to the mysql policy module
|
|
Tab clean up in the pulseaudio file context file
|
|
Changes to the pulseaudio policy module and relevant dependencies
|
|
Changes to the pulseaudio policy module
|
|
One chown too many
|
|
Changes to the mplayer policy module
|
|
The prelink cron script now runs in its own domain
|
|
Initial smstools policy module
|
|
Initial openvswitch policy module and relevant dependencies
|
|
Reads pcsd pid files
|
|
Reads random device
|
|
winbind manages smbd pid sock files from Fedora
|
|
Changes to the bind policy module
|
|
CG rules daemon reads all sysctls
|
|
Runs consoletype and searches nfs state data from Fedora
|
|
Support munin unbound plugin from Fedora
|
|
Zabbix sends signals from Fedora
|
|
Blueman sets scheduler and sends signals from Fedora
|
|
pcscd_read_pub_files is deprecated, use pcscd_read_pid_files instead
|
|
Module version bumps for fixes in portage and virt modules by Sven
|
|
Vermeulen
|
|
Policy module version bumps for various changes by Sven Vermeulen
|
|
Changes to the openvpn policy module
|
|
Module version bumps for various fixes by Sven Vermeulen
|
|
Changes to the mandb policy module
|
|
Changes to the tmpreaper policy module
|
|
Changes to the munin policy module
|
|
Changes to the rngd policy module
|
|
Changes to the awstats policy module and relevant dependencies
|
|
Changes to the apache policy module
|
|
Changes to various policy modules
|
|
Changes to the abrt policy module
|
|
Changes to the passenger policy module and relevant depedencies
|
|
Changes to the pegagus policy module
|
|
Changes to the mta policy module
|
|
Changes to the fetchmail policy module
|
|
Changes to the bitlbee policy module
|
|
Changes to the blueman policy module and relevant dependencies
|
|
Changes to the amavis policy module
|
|
Changes to the userhelper policy module
|
|
Changes to the blueman policy module
|
|
Changes to the squid policy module
|
|
Changes to the sblim policy module
|
|
Changes to the kdumpgui policy module
|
|
Changes to the mailman policy module
|
|
Changes to the realmd policy module
|
|
Changes to the raid policy module
|
|
Changes to the samba policy module
|
|
Changes to the various policy modules
|
|
Changes to the snmp policy module
|
|
Changes to the spamassassin policy module
|
|
Changes to the sssd policy module
|
|
Changes to the l2tpd policy module
|
|
Changes to the shorewall policy module
|
|
Changes to the xen policy module
|
|
Changes to the tftp policy modules
|
|
Changes to the accountsd policy module
|
|
Changes to the tgtd policy module
|
|
Changes to the corosync policy module
|
|
Changes to the kdump policy module
|
|
Changes to the openvswitch policy module
|
|
Changes to the mpd policy module
|
|
Changes to the mozilla policy module
|
|
Changes to the zarafa policy module
|
|
Changes to the boinc policy module
|
|
Changes to the setroubleshoot policy module
|
|
Changes to the dspam policy module
|
|
Changes to the rgrmanager policy module and relevant dependencies
|
|
Changes to the svnserve policy module
|
|
Changes to the virt policy module
|
|
Changes to the prelink policy module
|
|
Changes to the apache policy module
|
|
Changes to the gnomeclock policy module
|
|
Changes to various policy modules
|
|
Changes to the pegagus policy module
|
|
Changes to the shorewall policy module
|
|
Changes to the kerberos policy module
|
|
Changes to the rhcs policy module
|
|
Changes to the irc policy module
|
|
Changes to the clamav policy module
|
|
Changes to the mrtg policy module
|
|
Changes to the munin policy module
|
|
Changes to the amavis policy module
|
|
Changes to the ppp policy module
|
|
Initial jockey policy module
|
|
Module version bumps for "several named transition for directories
|
|
created in /var/run by initscripts" in various modules by Laurent
|
|
Bigonville
|
|
Module version bumps for fixes in various modules by Laurent Bigonville
|
|
Module version bump for changes to the consolekit policy module by
|
|
Laurent Bigonville
|
|
Changes to the stunnel policy module
|
|
Module version bumps for fixes in various modules by Sven Vermeulen
|
|
Changes to the virt policy module
|
|
Changes to the apache policy module
|
|
Changes to the wm policy module
|
|
Changes to the samba policy module
|
|
Changes to the certmonger policy module
|
|
Changes to the mozilla policy module
|
|
Changes to the corosync policy module
|
|
Changes to the pacemaker policy module
|
|
Changes to the tuned policy module
|
|
Changes to the cups module and relevant dependencies
|
|
Changes to the rhsmcertd policy module
|
|
Changes to the lpd policy module
|
|
Changes to the munin policy module
|
|
Changes to the ntp policy module
|
|
Changes to the tor policy module
|
|
Changes to the firewalld policy module
|
|
Changes to the dspam policy module
|
|
Changes to the setroubleshoot policy module
|
|
Changes to the condor policy module
|
|
Changes to the kerberos policy module
|
|
Changes to the passenger policy module
|
|
Changes to the ppp policy module
|
|
Changes to the the dkim policy module
|
|
Changes to the abrt policy module
|
|
Changes to the lircd policy module
|
|
Changes to the dkim policy module
|
|
Changes to the virt policy module
|
|
Changes to the munin policy module
|
|
Changes to the dovecot policy module
|
|
Changes to the cobbler policy module
|
|
Changes to the userhelper policy module
|
|
Changes to the logwatch policy module
|
|
Changes to the wdmd policy module and relevant dependencies
|
|
Changes to the nscd policy module and relevant dependencies
|
|
Changes to the dbus policy module
|
|
Module version bumps for fixes in various policy modules by Laurent
|
|
Bigonville
|
|
Changes to the cups policy module
|
|
Changes to the dbus policy module
|
|
Changes to the apcupsd policy module
|
|
Remove redundant net_bind_service capabilities in various modules
|
|
Changes to the virt policy module
|
|
Changes to the puppet policy module
|
|
Module version bumps for fixes in various policy module by Sven
|
|
Vermeulen
|
|
Module version bumps for file context fixes in various policy modules by
|
|
Laurent Bigonville
|
|
Make httpd_manage_all_user_content() do what it advertises
|
|
Add more networking rules to mplayer policy module for compatibility
|
|
Fix fcronsighup file context. Should be crontab_exec_t as per previous
|
|
spec
|
|
Module version bumps for changes in various modules by Sven Vermeulen
|
|
Move asterisk_exec() and modify XML header
|
|
Consolekit creates /var/run/console directories with a type transition
|
|
unconditionally
|
|
Module version bump in consolekit policy module for changes by Sven
|
|
Vermeulen
|
|
The imaplogin executable file should be courier_pop_exec_t according to
|
|
existing file context specification
|
|
Module version bump for changes to the fail2ban policy module by Sven
|
|
Vermeulen
|
|
Modules version bumps for changes in various policy modules by Sven
|
|
Vermeulen
|
|
|
|
Laurent Bigonville (28):
|
|
Add Debian locations for Telepathy connection managers
|
|
Label telepathy-rakia as telepathy-sofiasip
|
|
Allow smartd daemon to write in /var/lib/smartmontools directory
|
|
Add Debian location for smartd daemon initscript
|
|
Add Debian location for accounts-daemon daemon
|
|
Add Debian location for rtkit-daemon daemon
|
|
Add Debian location for tcsd init script
|
|
Add Debian location for libvirtd init script
|
|
Add Debian location for evolution executables
|
|
Add Debian locationis for nut executables and configuration files
|
|
Add several named transition for directories created in /var/run by
|
|
initscripts
|
|
Run packagekit under apt_t context on Debian distribution
|
|
Add proper label for colord daemon in debian
|
|
Allow the system dbus to search cgroup directories
|
|
Allow virtd_t context to read sysctl_crypto_t
|
|
Allow colord_t context to read sysctl_crypto_t
|
|
Add proper label for gconfd-2 daemon in Debian
|
|
Ensure that consolekit can create /var/run/console directory on Debian
|
|
Properly label nm-dispatcher.action on Debian
|
|
policykit.fc: Properly label polkit-agent-helper-1 on Debian
|
|
cups.fc: Properly label cups-pk-helper-mechanism on Debian
|
|
Allow pcscd the fsetid capability
|
|
Allow networkmanager_t to read crypto_sysctl_t
|
|
Allow virsh_t context to read sysctl_crypto_t
|
|
Allow cupsd_t to read cupsd_log_t
|
|
gnomeclock.fc: Properly label gsd-datetime-mechanism in Debian
|
|
ptchown.fc: Properly label pt_chown executable in Debian
|
|
Label /usr/bin/kvm as qemu_exec_t
|
|
|
|
Matthew Thode (2):
|
|
added autofs support and nsswitch support
|
|
removing refrences to named_var_lib_t as it doesn't exist anymore for
|
|
bind.if
|
|
|
|
Mika Pflüger (3):
|
|
Allow saslauthd_t to talk to mysqld via TCP
|
|
Quota policy adjustments: * Allow quota_t to load kernel modules
|
|
Debian locations for dovecot deliver and dovecot auth.
|
|
|
|
Russell Coker (1):
|
|
Fix djbdns ports
|
|
|
|
Sven Vermeulen (75):
|
|
Update with new substitutions
|
|
Mark the pid directory as a pid directory
|
|
Add in transitions for queue types when the queues are created
|
|
Fix typo in interface postfix_exec_postqueue
|
|
Allow maildelivery to use dotlock files in the mail spool
|
|
Allow postfix local to change ownership of mailfiles
|
|
Use libexec location for postfix binaries
|
|
Allow initrc_t to create run dirs for contrib modules
|
|
Update logwatch location in file context
|
|
Sandbox is an inherent part of the portage inner workings
|
|
Fix startup issue with fail2ban-client
|
|
Be able to get output from fail2ban-client
|
|
Ignore searches when ran from the user home directory
|
|
Shorewall admins execute shorewall too
|
|
Shorewall needs sys_admin capability for manipulating network stack
|
|
Be able to display dovecot errors
|
|
Remove transition to ldconfig
|
|
Adding interfaces for handling cron log files
|
|
Fail2ban client checks state of log files before telling the server
|
|
Support mysql init script
|
|
Support initial creation of mysql database files
|
|
Portage fetch domain needs to access certificates
|
|
Make samba domtrans optional in virt
|
|
Fix typo in tunable declaration for fcron_crond
|
|
Introducing cron_manage_log_files interface
|
|
Introduce dontaudit interfaces for leaked fd and unix stream sockets
|
|
Dontaudit attempts by system_mail_t to use leaked fd or stream sockets
|
|
Support at service
|
|
Additional postfix admin requirements
|
|
Reintroduce postfix_var_run_t for pid directory and fowner capability
|
|
Postfix deferred queue should not mark mails as postfix_spool_maildrop_t
|
|
Running qemu with SDL support requires more xserver-related privileges
|
|
Fix typo in clockspeed comment
|
|
Support openvpn status file
|
|
Asterisk voicemail messages are generated from tmp
|
|
Make rtkit calls optional
|
|
Gentoo installs dovecot certs in /etc/ssl/dovecot
|
|
Moving sandbox code to sandbox section (v2)
|
|
Allow sandbox to log violations
|
|
Use rw_fifo_file_perms
|
|
Apache should not depend on gpg
|
|
Named init script creates rundir
|
|
Add ~/.maildir as a valid maildir destination
|
|
Support stunnel_read_config for startup
|
|
Updates on stunnel policy
|
|
More .maildir fixes
|
|
Mark make.profile entry as portage_conf_t (v2)
|
|
Move mta call (coding style)
|
|
Changes to puppet domain
|
|
Allow rpc admin to run exportfs
|
|
Grant sys_admin capability to puppet
|
|
Puppet module helper scripts are puppet_var_lib_t
|
|
Support netlink_route_socket creation for puppet
|
|
Puppet initscript creates /run/puppet
|
|
Puppet runs statfs against selinuxfs
|
|
mplayer streams HTTP resources
|
|
fcron and fcronsighup binaries are moved
|
|
Asterisk needs to search through logs
|
|
Denial in mail log on node bind
|
|
Fix typo in mcelog_admin (missing bracket)
|
|
Add in contexts for fcron rm.systab and systab.tmp
|
|
Remove pulseaudio filename_trans conflict
|
|
Allow asterisk admins to execute asterisk binary directly
|
|
Support tagfiles for consolekit
|
|
ConsoleKit needs to read the dbus machine-id
|
|
File context updates for courier-imap
|
|
Update on file contexts for OpenLDAP
|
|
Update on file contexts for wpa_supplicant
|
|
Allow IRC clients to read certificates
|
|
Allow reading /proc/self for fail2ban due to FAM support
|
|
Update file contexts for puppet
|
|
Support ~/.tmux.conf as tmux configuration file
|
|
Add setuid/setgid capability to ulogd_t
|
|
Support tmux control socket
|
|
Postfix creates defer(red) queue locations
|
|
|