Dan Walsh
01e471247b
- Add sandbox to sepolgen
2011-01-14 16:37:43 -05:00
Dan Walsh
afa2535b24
- Add sandbox to sepolgen
2011-01-14 14:39:26 -05:00
Dan Walsh
12eb5b45f4
- Fix proper handling of getopt errors
...
- Do not allow modules names to contain spaces
2011-01-10 14:39:21 -05:00
Dan Walsh
c76dc0c642
- Polgengui raises the wrong type of exception. #471078
...
- Change semanage to not allow it to semanage module -D
- Change setsebool to suggest run as root on failure
2011-01-06 14:38:19 -05:00
Dan Walsh
448a84b06a
- Polgengui raises the wrong type of exception. #471078
...
- Change semanage to not allow it to semanage module -D
2011-01-04 17:23:27 -05:00
Dan Walsh
18119ffd24
- Fix restorecond watching utmp file for people logging in our out
2010-12-22 14:38:46 -05:00
Dan Walsh
b1a3235896
- Update to upstream
2010-12-21 16:20:42 -05:00
Dan Walsh
a548207cc4
- Change to allow sandbox to run on nfs homedirs, add start python script
2010-12-21 16:20:01 -05:00
Dan Walsh
8937a040d8
- Change to allow sandbox to run on nfs homedirs, add start python script
2010-12-15 16:47:38 -05:00
Dan Walsh
3108046cf7
- Move seunshare to sandbox package
2010-12-15 14:15:49 -05:00
Dan Walsh
6c80e8dc19
- Fix sandbox to show correct types in usage statement
2010-11-30 12:09:48 -05:00
Dan Walsh
8c1d9b0f48
- Stop fixfiles from complaining about missing dirs
2010-11-29 10:14:39 -05:00
Dan Walsh
f0e85a70d6
- Update to upstream
...
- List types available for sandbox in usage statement
2010-11-24 13:41:52 -05:00
Dan Walsh
af19df0f00
- Don't report error on load_policy when system is disabled.
2010-11-22 13:50:29 -05:00
Dan Walsh
b9b7f4161c
- Fix up problems pointed out by solar designer on dropping capabilities
2010-11-08 15:12:25 -05:00
Dan Walsh
d7e1c238f4
- Check if you have full privs and reset otherwise dont drop caps
2010-11-01 16:21:00 -04:00
Dan Walsh
cdcc4526b7
- Fix setools require line
2010-11-01 09:50:12 -04:00
Dan Walsh
622bb69d77
- Move /etc/pam.d/newrole in to polcicycoreutils-newrole
...
- Additiona capability checking in sepolgen
2010-10-29 09:39:03 -04:00
Dan Walsh
9852e61813
- Remove setuid flag and replace with file capabilities
...
- Fix sandbox handling of files with spaces in them
2010-10-25 17:25:34 -04:00
Jesse Keating
c9df11e933
- Rebuilt for gcc bug 634757
2010-09-29 15:05:42 -07:00
Dan Walsh
cccd96b8cf
- Move restorecond into its own subpackage
2010-09-23 16:23:05 -04:00
Dan Walsh
e500ad80f0
* Wed Jul 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-9
...
- Update selinux-polgengui to sepolgen policy generation
2010-07-30 11:19:53 -04:00
Daniel J Walsh
57906a7d95
* Tue Jul 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-7
...
- Update translations
2010-07-27 13:59:26 +00:00
Daniel J Walsh
3fd25d56a5
* Mon Jul 26 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-6
...
- Fix sandbox man page
2010-07-26 15:58:23 +00:00
Daniel J Walsh
1eab65cee2
* Tue Jul 20 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-6
...
- Fix sandbox man page
2010-07-26 15:33:31 +00:00
dmalcolm
dee9b43382
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
2010-07-22 03:01:32 +00:00
Daniel J Walsh
d6510fbca2
* Tue Jul 20 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-4
...
- Add translations for menus
- Fixup man page from Russell Coker
2010-07-20 13:18:18 +00:00
Daniel J Walsh
614ca03ae7
* Tue Jun 15 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-3
...
- Change python scripts to use -s flag
- Update po
2010-07-13 17:32:51 +00:00
Daniel J Walsh
73342918cd
* Tue Jun 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-30
...
- Add cgroup support for sandbox
2010-06-08 19:13:40 +00:00
Daniel J Walsh
c6d112a36e
* Mon Jun 7 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-29
...
- Allow creation of /var/cache/DOMAIN from sepolgen
2010-06-07 20:48:46 +00:00
Daniel J Walsh
70b2ff10d0
* Thu Jun 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-28
...
- Fix sandbox init script
- Add dbus-launch to sandbox -X
Resolve : #599599
2010-06-03 21:14:18 +00:00
Daniel J Walsh
9ff9a87a26
* Thu Jun 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-27
...
- Move genhomedircon.8 to same package as genhomedircon
- Fix sandbox to pass unit test
Resolves : #595796
2010-06-03 15:04:52 +00:00
Daniel J Walsh
85a18e3dcc
* Thu Jun 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-27
...
- Move genhomedircon.8 to same package as genhomedircon
- Fix sandbox to pass unit test
Resolves : #595796
2010-06-03 15:04:49 +00:00
Daniel J Walsh
d98a8977c6
* Wed Jun 2 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-26
...
- Fix listing of booleans from audit2allow
2010-06-02 15:48:11 +00:00
Daniel J Walsh
829762e693
* Thu May 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.82-24
...
- Man page fixes
- sandbox fixes
Resolves : #595796
- Move seunshare to base package
2010-05-27 21:23:08 +00:00
Daniel J Walsh
be45950990
* Thu Feb 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.79-1
...
- Update to upstream
* Fix double-free in newrole
- Fix python language handling
2010-02-16 21:35:16 +00:00
Daniel J Walsh
fc6c93ebeb
* Thu Feb 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.79-1
...
- Update to upstream
* Fix double-free in newrole
2010-02-16 19:49:37 +00:00
Daniel J Walsh
ee3649bda5
* Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21
...
- Fix display of command in sandbox
2010-02-11 18:24:55 +00:00
Daniel J Walsh
e7737e34ea
* Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-19
...
- Fix seobject and fixfiles
2010-02-03 20:24:35 +00:00
Daniel J Walsh
c8f4893a95
* Wed Feb 3 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-18
...
- Fix seobject and fixfiles
2010-02-03 16:42:37 +00:00
Daniel J Walsh
db71b70994
* Fri Jan 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-17
...
- Change seobject to use translations properly
2010-02-01 14:40:42 +00:00
Daniel J Walsh
ab47b01339
* Thu Jan 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-16
...
- Cleanup spec file
Resolves: 555835
2010-01-28 20:51:21 +00:00
Daniel J Walsh
fc6e11b600
* Thu Jan 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-15
...
- Add use_resolve to sepolgen
2010-01-28 17:19:01 +00:00
Daniel J Walsh
dd674534b4
* Wed Jan 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-14
...
- Add session capability to sandbox
- sandbox -SX -H ~/.homedir -t unconfined_t -l s0:c15 /etc/gdm/Xsession
2010-01-27 21:52:27 +00:00
Daniel J Walsh
88295c72ea
* Thu Jan 21 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-13
...
- Fix executable template for fifo files
2010-01-21 14:35:19 +00:00
Daniel J Walsh
5b80bc7b2c
* Tue Jan 19 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-12
...
- Fix patch xod xmodmap
- Exit 0 from script
2010-01-19 17:28:01 +00:00
Daniel J Walsh
a02089d628
* Thu Jan 14 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-11
...
- Run with the same xdmodmap in sandbox as outside
- Patch from Josh Cogliati
2010-01-19 17:25:36 +00:00
Daniel J Walsh
54e6651778
* Thu Jan 14 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-11
...
- Run with the same xdmodmap in sandbox as outside
- Patch from Josh Cogliati
2010-01-14 21:34:51 +00:00
Daniel J Walsh
fc860fa036
* Fri Jan 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-10
...
- Fix sepolgen to not generate user sh section on non user policy
2010-01-08 15:22:16 +00:00
Daniel J Walsh
6c22c6b1f6
* Fri Jan 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-9
...
- Add -e to semanage man page
- Add -D qualifier to audit2allow to generate dontaudit rules
2010-01-08 14:37:32 +00:00
Daniel J Walsh
0779b0302c
* Wed Jan 6 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-8
...
- Speed up audit2allow processing of audit2why comments
2010-01-06 20:51:36 +00:00
Daniel J Walsh
6ed2be87b5
* Wed Jan 6 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-8
...
- Speed up audit2allow processing of audit2why comments
2010-01-06 20:49:27 +00:00
Daniel J Walsh
29b74ccd7d
* Fri Dec 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-7
...
- Fixes to sandbox man page
2009-12-21 21:56:27 +00:00
Daniel J Walsh
beaed6f629
* Thu Dec 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-6
...
- Add setools-libs-python to requires for gui
2009-12-17 13:24:23 +00:00
Daniel J Walsh
37227819c9
* Wed Dec 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-5
...
- If restorecond running as a user has no files to watch then it should exit. (NFS Homedirs)
2009-12-16 21:18:04 +00:00
Daniel J Walsh
a1bf0daa6c
* Wed Dec 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-5
...
- If restorecond running as a user has no files to watch then it should exit. (NFS Homedirs)
2009-12-16 13:21:49 +00:00
Daniel J Walsh
79944fd474
* Tue Dec 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-3
...
- Fix audit2allow to report constraints, dontaudits, types, booleans
2009-12-09 21:33:50 +00:00
Daniel J Walsh
3fbc112632
* Tue Dec 1 2009 Dan Walsh <dwalsh@redhat.com> 2.0.78-1
...
- Update to upstream
* Remove non-working OUTFILE from fixfiles from Dan Walsh.
* Additional exception handling in chcat from Dan Walsh.
2009-12-01 21:17:45 +00:00
Daniel J Walsh
f3a1cbae2a
* Tue Nov 24 2009 Dan Walsh <dwalsh@redhat.com> 2.0.77-1
...
- Update to upstream
* Fixed bug preventing semanage node -a from working
from Chad Sellers
* Fixed bug preventing semanage fcontext -l from working
from Chad Sellers
- Change semanage to use unicode
2009-11-24 15:30:53 +00:00
Daniel J Walsh
e973847bf6
* Wed Nov 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.76-1
...
- Update to upstream
* Remove setrans management from semanage, as it does not work
from Dan Walsh.
* Move load_policy from /usr/sbin to /sbin from Dan Walsh.
2009-11-18 22:20:42 +00:00
Daniel J Walsh
4e4a82e887
* Mon Nov 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-3
...
- Raise exception if user tries to add file context with an embedded space
2009-11-16 21:54:45 +00:00
Daniel J Walsh
a1e42cb153
* Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-2
...
- Fix sandbox to setsid so it can run under mozilla without crashing the session
2009-11-11 21:56:23 +00:00
Daniel J Walsh
942b683f29
* Tue Nov 2 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-1
...
- Update to upstream
* Factor out restoring logic from setfiles.c into restore.c
2009-11-09 21:12:58 +00:00
Daniel J Walsh
44bb682976
* Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-15
...
- Fix typo in seobject.py
2009-11-02 16:40:00 +00:00
Daniel J Walsh
8cf3bcfdee
* Fri Oct 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-14
...
- Allow semanage -i and semanage -o to generate customization files.
- semanage -o will generate a customization file that semanage -i can read and set a machines to the same selinux configuration
2009-10-30 21:01:42 +00:00
Daniel J Walsh
d189740fc7
* Mon Oct 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-12
...
- Add generation of the users context file to polgengui
2009-10-19 19:05:28 +00:00
Daniel J Walsh
573cd1c340
* Fri Oct 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-11
...
- Remove tabs from system-config-selinux glade file
2009-10-16 14:46:45 +00:00
Daniel J Walsh
bf48090916
* Thu Oct 15 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-10
...
- Remove translations screen from system-config-selinux
2009-10-15 21:46:14 +00:00
Daniel J Walsh
fd3c8c94ea
* Wed Oct 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-9
...
- Move fixfiles man pages into the correct package
- Add genhomedircon to fixfiles restore
2009-10-14 14:47:50 +00:00
Daniel J Walsh
ac48b0b34b
* Thu Oct 6 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-8
...
- Add check to sandbox to verify save changes - Chris Pardy
- Fix memory leak in restorecond - Steve Grubb
2009-10-06 16:09:52 +00:00
Daniel J Walsh
678a86d335
* Thu Oct 1 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-7
...
- Fixes Templates
2009-10-01 16:04:13 +00:00
Daniel J Walsh
d909dfe9a1
* Wed Sep 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-5
...
- Fixes for semanage -equiv, readded modules, --enable, --disable
2009-09-30 17:28:58 +00:00
Daniel J Walsh
f466aa0b3b
* Wed Sep 30 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-5
...
- Fixes for semanage -equiv, readded modules, --enable, --disable
2009-09-30 15:37:12 +00:00
Daniel J Walsh
6c27d724c5
* Sun Sep 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-4
...
- Close sandbox when eclipse exits
2009-09-21 13:54:02 +00:00
Daniel J Walsh
425e7d2796
* Fri Sep 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-3
...
- Security fixes for seunshare
- Fix Sandbox to handle non file input to command.
2009-09-19 01:40:53 +00:00
Daniel J Walsh
b98d816316
* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-2
...
- Security fixes for seunshare
2009-09-17 19:19:53 +00:00
Daniel J Walsh
26d020dedb
* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1
...
- Update to upstream
* Change semodule upgrade behavior to install even if the module
is not present from Dan Walsh.
* Make setfiles label if selinux is disabled and a seclabel aware
kernel is running from Caleb Case.
* Clarify forkpty() error message in run_init from Manoj Srivastava.
2009-09-17 13:07:45 +00:00
Daniel J Walsh
1696e8f7d1
* Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5
...
- Fix sandbox to handle relative paths
2009-09-16 19:48:49 +00:00
Daniel J Walsh
c9fdf240be
* Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-4
...
- Add symbolic link to load_policy
2009-09-15 21:36:51 +00:00
Daniel J Walsh
f109f0076e
* Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-3
...
- Fix restorecond script to use force-reload
2009-09-14 19:39:09 +00:00
Daniel J Walsh
fc20c42a12
* Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-2
...
- Fix init script to show status in usage message
2009-09-09 17:04:51 +00:00
Daniel J Walsh
7ae4fd64fa
* Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-1
...
- Update to upstream
* Add semanage dontaudit to turn off dontaudits from Dan Walsh.
* Fix semanage to set correct mode for setrans file from Dan Walsh.
* Fix malformed dictionary in portRecord from Dan Walsh.
* Restore symlink handling support to restorecon based on a patch by
Martin Orr. This fixes the restorecon /dev/stdin performed by Debian
udev scripts that was broken by policycoreutils 2.0.70.
2009-09-08 14:15:50 +00:00
Bill Nottingham
05becad504
Fix typo
2009-09-02 15:09:25 +00:00
Daniel J Walsh
7b3ab100a9
* Fri Aug 28 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-14
...
- Add enable/disable patch
2009-08-28 18:18:46 +00:00
Tomáš Mráz
6c6ee0fad7
* Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.0.71-13
...
- rebuilt with new audit
2009-08-27 07:51:00 +00:00
Daniel J Walsh
a39af4db38
* Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-12
...
- Tighten up controls on seunshare.c
2009-08-26 21:52:30 +00:00
Daniel J Walsh
0a51336809
* Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
...
- Add sandboxX
2009-08-26 20:45:29 +00:00
Daniel J Walsh
a45221f297
* Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
...
- Add sandboxX
2009-08-26 19:09:44 +00:00
Daniel J Walsh
2d7c5b6d7a
* Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
...
- Add sandboxX
2009-08-26 18:05:34 +00:00
Daniel J Walsh
349a457593
* Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
...
- Add sandboxX
2009-08-26 18:05:32 +00:00
Daniel J Walsh
4b8a9749e9
* Sat Aug 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-10
...
- Fix realpath usage to only happen on argv input from user
2009-08-22 12:08:34 +00:00
Daniel J Walsh
f6cc437735
* Fri Aug 21 2009 Ville Skyttä <ville.skytta@iki.fi> - 2.0.71-9
...
- Don't try to remove restorecond after last erase (done already in %preun).
- Ensure scriptlets exit with status 0.
- Fix %post and %pr
2009-08-21 19:30:00 +00:00
Tomáš Mráz
7c396f5fa5
- rebuilt with new audit
2009-08-21 11:14:26 +00:00
Daniel J Walsh
3f2af1bab0
* Thu Aug 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-7
...
- Fix glob handling of /..
2009-08-20 19:05:30 +00:00
Daniel J Walsh
8c640c000d
* Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-6
...
- Redesign restorecond to use setfiles/restore functionality
2009-08-19 20:25:21 +00:00
Daniel J Walsh
48ee7275f3
* Wed Aug 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-5
...
- Fix sepolgen again
2009-08-19 19:02:29 +00:00
Daniel J Walsh
e96c403a63
* Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-4
...
- Add --boot flag to audit2allow to get all AVC messages since last boot
2009-08-18 19:25:04 +00:00
Daniel J Walsh
2b1f1bd524
* Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-3
...
- Fix semanage command
2009-08-18 12:32:44 +00:00
Daniel J Walsh
a66c52cf6b
* Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-2
...
- exclude unconfined.if from sepolgen
2009-08-13 22:22:35 +00:00
Daniel J Walsh
2267915618
* Thu Aug 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-1
...
- Fix chcat to report error on non existing file
- Update to upstream
* Modify setfiles/restorecon checking of exclude paths. Only check
user-supplied exclude paths (not automatically generated ones based on
lack of seclabel support), don't require them to be directories, and
ignore permission denied errors on them (it is ok to exclude a path to
which the caller lacks permission).
2009-08-13 22:01:02 +00:00