Commit Graph

452 Commits

Author SHA1 Message Date
Daniel J Walsh
44bb682976 * Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-15
- Fix typo in seobject.py
2009-11-02 16:40:00 +00:00
Daniel J Walsh
8cf3bcfdee * Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-14
- Allow semanage -i and semanage -o to generate customization files.
- semanage -o will generate a customization file that semanage -i can read and set a machines to the same selinux configuration
2009-10-30 21:01:42 +00:00
Daniel J Walsh
fd3c8c94ea * Wed Oct 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-9
- Move fixfiles man pages into the correct package
- Add genhomedircon to fixfiles restore
2009-10-14 14:47:50 +00:00
Daniel J Walsh
ac48b0b34b * Thu Oct 6 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-8
- Add check to sandbox to verify save changes - Chris Pardy
- Fix memory leak in restorecond - Steve Grubb
2009-10-06 16:09:52 +00:00
Daniel J Walsh
678a86d335 * Thu Oct 1 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-7
- Fixes Templates
2009-10-01 16:04:13 +00:00
Daniel J Walsh
f466aa0b3b * Wed Sep 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-5
- Fixes for semanage -equiv, readded modules, --enable, --disable
2009-09-30 15:37:12 +00:00
Daniel J Walsh
6c27d724c5 * Sun Sep 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-4
- Close sandbox when eclipse exits
2009-09-21 13:54:02 +00:00
Daniel J Walsh
425e7d2796 * Fri Sep 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-3
- Security fixes for seunshare
- Fix Sandbox to handle non file input to command.
2009-09-19 01:40:53 +00:00
Daniel J Walsh
b98d816316 * Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-2
- Security fixes for seunshare
2009-09-17 19:19:53 +00:00
Daniel J Walsh
26d020dedb * Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1
- Update to upstream
	* Change semodule upgrade behavior to install even if the module
	  is not present from Dan Walsh.
	* Make setfiles label if selinux is disabled and a seclabel aware
	  kernel is running from Caleb Case.
	* Clarify forkpty() error message in run_init from Manoj Srivastava.
2009-09-17 13:07:45 +00:00
Daniel J Walsh
1696e8f7d1 * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5
- Fix sandbox to handle relative paths
2009-09-16 19:48:49 +00:00
Daniel J Walsh
f109f0076e * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-3
- Fix restorecond script to use force-reload
2009-09-14 19:39:09 +00:00
Daniel J Walsh
b87b8212fa * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-2
- Fix init script to show status in usage message
2009-09-09 21:07:24 +00:00
Daniel J Walsh
fc20c42a12 * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-2
- Fix init script to show status in usage message
2009-09-09 17:04:51 +00:00
Daniel J Walsh
7ae4fd64fa * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-1
- Update to upstream
        * Add semanage dontaudit to turn off dontaudits from Dan Walsh.
        * Fix semanage to set correct mode for setrans file from Dan Walsh.
        * Fix malformed dictionary in portRecord from Dan Walsh.
	* Restore symlink handling support to restorecon based on a patch by
	Martin Orr.  This fixes the restorecon /dev/stdin performed by Debian
	udev scripts that was broken by policycoreutils 2.0.70.
2009-09-08 14:15:50 +00:00
Daniel J Walsh
7b3ab100a9 * Fri Aug 28 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-14
- Add enable/disable patch
2009-08-28 18:18:46 +00:00
Daniel J Walsh
a39af4db38 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-12
- Tighten up controls on seunshare.c
2009-08-26 21:52:30 +00:00
Daniel J Walsh
349a457593 * Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
- Add sandboxX
2009-08-26 18:05:32 +00:00
Daniel J Walsh
4b8a9749e9 * Sat Aug 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-10
- Fix realpath usage to only happen on argv input from user
2009-08-22 12:08:34 +00:00
Daniel J Walsh
4bf248f359 * Thu Aug 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-7
- Fix glob handling of /..
2009-08-20 19:51:45 +00:00
Daniel J Walsh
3f2af1bab0 * Thu Aug 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-7
- Fix glob handling of /..
2009-08-20 19:05:30 +00:00
Daniel J Walsh
c14fb87560 * Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-6
- Redesign restorecond to use setfiles/restore functionality
2009-08-19 20:38:19 +00:00
Daniel J Walsh
8c640c000d * Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-6
- Redesign restorecond to use setfiles/restore functionality
2009-08-19 20:25:21 +00:00
Daniel J Walsh
e96c403a63 * Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-4
- Add --boot flag to audit2allow to get all AVC messages since last boot
2009-08-18 19:25:04 +00:00
Daniel J Walsh
2b1f1bd524 * Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-3
- Fix semanage command
2009-08-18 12:32:44 +00:00
Daniel J Walsh
afa7adf27e * Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-1
- Fix chcat to report error on non existing file
- Update to upstream
	* Modify setfiles/restorecon checking of exclude paths.  Only check
	user-supplied exclude paths (not automatically generated ones based on
	lack of seclabel support), don't require them to be directories, and
	ignore permission denied errors on them (it is ok to exclude a path to
	which the caller lacks permission).
2009-08-13 15:51:51 +00:00
Daniel J Walsh
f23e0fcdf3 * Mon Aug 10 2009 Dan Walsh <dwalsh@redhat.com> 2.0.70-2
- Don't warn if the user did not specify the exclude if root can not stat file system
2009-08-10 15:26:43 +00:00
Daniel J Walsh
886ea9345c * Wed Aug 5 2009 Dan Walsh <dwalsh@redhat.com> 2.0.70-1
- Update to upstream
	* Modify restorecon to only call realpath() on user-supplied pathnames
	from Stephen Smalley.
	* Fix typo in fixfiles that prevented it from relabeling btrfs
	  filesystems from Dan Walsh.
2009-08-05 19:27:53 +00:00
Daniel J Walsh
d03de9fdcd * Sun Jul 29 2009 Dan Walsh <dwalsh@redhat.com> 2.0.68-1
- Fix location of man pages
- Update to upstream
	* Modify setfiles to exclude mounts without seclabel option in
	/proc/mounts on kernels >= 2.6.30 from Thomas Liu.
	* Re-enable disable_dontaudit rules upon semodule -B from Christopher
	Pardy and Dan Walsh.
	* setfiles converted to fts from Thomas Liu.
2009-07-29 13:43:53 +00:00
Daniel J Walsh
2cc7fbfc2e * Fri Jun 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.64-1
- Update to upstream
	* Keep setfiles from spamming console from Dan Walsh.
	* Fix chcat's category expansion for users from Dan Walsh.
- Update po files
- Fix sepolgen
2009-06-26 19:02:05 +00:00
Daniel J Walsh
b30ac013f1 * Mon Jun 1 2009 Dan Walsh <dwalsh@redhat.com> 2.0.63-4
- Fix Sandbox option handling
- Fix fixfiles handling of btrfs
2009-06-01 10:43:27 +00:00
Daniel J Walsh
61c2d77e4e * Tue May 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.63-3
- Fix sandbox to be able to execute files in homedir
2009-05-26 16:58:40 +00:00
Daniel J Walsh
7d0ef81ff4 * Wed May 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.63-1
- Update to upstream
	* Fix transaction checking from Dan Walsh.
	* Make fixfiles -R (for rpm) recursive.
	* Make semanage permissive clean up after itself from Dan Walsh.
	* add /root/.ssh/* to restorecond.conf
2009-05-22 18:00:00 +00:00
Daniel J Walsh
e265547be3 * Wed Apr 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-14
- Fix audit2allow -a to retun /var/log/messages
2009-05-12 19:32:47 +00:00
Daniel J Walsh
43016e2233 * Wed Apr 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-14
- Fix audit2allow -a to retun /var/log/messages
2009-05-05 19:50:40 +00:00
Daniel J Walsh
b61040e0cd * Wed Apr 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-14
- Fix audit2allow -a to retun /var/log/messages
2009-05-05 18:51:52 +00:00
Daniel J Walsh
20fb912a16 * Thu Apr 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-11
- Add semanage module support
2009-04-16 18:53:29 +00:00
Daniel J Walsh
cdfce15287 * Tue Apr 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-10
- Do not print \n, if count < 1000;
2009-04-14 13:40:09 +00:00
Daniel J Walsh
a8ac23f196 * Sat Apr 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-9
- Handle case where subs file does not exist
2009-04-11 12:22:23 +00:00
Daniel J Walsh
28aeded808 * Wed Apr 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-8
- Update po files
- Add --equiv command for semanage
2009-04-09 02:05:21 +00:00
Daniel J Walsh
e5ab0eb59c * Tue Mar 31 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-7
- Cleanup creation of permissive domains
- Update po files
2009-03-31 12:56:45 +00:00
Daniel J Walsh
28777e87d2 * Thu Mar 12 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-5
- Fix semanage transations
2009-03-12 13:30:38 +00:00
Daniel J Walsh
3a53f1bcb5 * Mon Feb 23 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-2
- Add /root/.ssh to restorecond.conf
- fixfiles -R package should recursively fix files
2009-02-23 16:34:14 +00:00
Daniel J Walsh
badeadc2fc * Wed Feb 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.62-1
- Update to upstream
	* Add btrfs to fixfiles from Dan Walsh.
	* Remove restorecond error for matching globs with multiple hard links
 	  and fix some error messages from Dan Walsh.
	* Make removing a non-existant module a warning rather than an error
	  from Dan Walsh.
	* Man page fixes from Dan Walsh.
2009-02-18 21:54:32 +00:00
Daniel J Walsh
fdaed91e49 * Fri Jan 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.61-7
- Dont report errors on glob match and multiple links
2009-01-30 16:35:12 +00:00
Daniel J Walsh
114d182b28 * Tue Jan 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.61-1
- Update to upstream
	* chcat: cut categories at arbitrary point (25) from Dan Walsh
	* semodule: use new interfaces in libsemanage for compressed files
	  from Dan Walsh
	* audit2allow: string changes for usage
2009-01-13 14:01:10 +00:00
Daniel J Walsh
e2044195fe * Tue Jan 6 2009 Dan Walsh <dwalsh@redhat.com> 2.0.60-7
- Don't error out when removing a non existing module
2009-01-06 14:12:27 +00:00
Daniel J Walsh
55a7005067 * Mon Dec 15 2008 Dan Walsh <dwalsh@redhat.com> 2.0.60-6
- fix audit2allow man page
2009-01-04 19:46:52 +00:00
Daniel J Walsh
f4379014a9 * Tue Dec 2 2008 Dan Walsh <dwalsh@redhat.com> 2.0.60-2
- Fix error checking in restorecond, for inotify_add_watch
2008-12-02 13:37:45 +00:00
Daniel J Walsh
461604839c * Mon Dec 1 2008 Dan Walsh <dwalsh@redhat.com> 2.0.60-1
- Update to upstream
	* semanage: use semanage_mls_enabled() from Stephen Smalley.
2008-12-01 16:49:49 +00:00