summaryrefslogtreecommitdiff
path: root/policy
Commit message (Expand)AuthorAgeFilesLines
* pulseaudio: add fd perms for v72.20141203-r10Jason Zaman2015-11-181-0/+4
* ntp: add perms for socket /run/ntpd.sock for openntpdJason Zaman2015-11-182-1/+3
* system/logging: Remove duplicate filetrans on news logsJason Zaman2015-10-261-0/+2
* system/logging: Remove duplicate filetrans on cron.logJason Zaman2015-10-261-0/+2
* Module version bump for systemd additions.Chris PeBenito2015-10-2624-24/+24
* Add systemd socket activations.Chris PeBenito2015-10-265-0/+5
* Add systemd unit types.Chris PeBenito2015-10-2638-0/+135
* Module version bump for systemd additions.Chris PeBenito2015-10-2623-23/+23
* Add refpolicy core socket-activated services.Chris PeBenito2015-10-263-0/+3
* Add sysfs_types attribute.Chris PeBenito2015-10-263-2/+24
* Add systemd units for core refpolicy services.Chris PeBenito2015-10-2618-13/+86
* Add rules for sysadm_r to manage the services.Chris PeBenito2015-10-261-0/+9
* Add supporting rules for domains tightly-coupled with systemd.Chris PeBenito2015-10-2611-5/+135
* Implement core systemd policy.Chris PeBenito2015-10-2617-24/+1711
* Add systemd access vectors.Chris PeBenito2015-10-262-0/+23
* contrib/portage: Fix portage_ro_role interfaceLuis Ressel2015-10-221-7/+7
* portage: Add new interfaces to portage_ro_roleLuis Ressel2015-10-181-0/+2
* portage: New read-only interfaces for srcrepo and logsLuis Ressel2015-10-181-0/+40
* portage: Fix the gen_require of the portage_compile_domain interfaceLuis Ressel2015-10-181-2/+2
* portage: Dontaudit setattr in portage_dontaudit_write_cacheLuis Ressel2015-10-181-1/+1
* ipsec: Allow ipsec to run resolvconfJason Zaman2015-10-151-0/+9
* Module version bump for patches from Jason Zaman/Matthias Dahl.Chris PeBenito2015-10-132-2/+2
* Rearrange lines in ipsec.te.Chris PeBenito2015-10-131-22/+21
* system/ipsec: Add policy for StrongSwanJason Zaman2015-10-132-3/+75
* Add overlayfs as an XATTR capable fsJason Zaman2015-10-131-0/+1
* services/postgresql.fc: Drop obsolete distro_gentoo blockLuis Ressel2015-10-111-5/+0
* Module version bump for vfio support for libvirt from Alexander Wetzel.Chris PeBenito2015-09-201-1/+1
* Comment/whitespace fix in virt.te.Chris PeBenito2015-09-201-5/+5
* add vfio support for libvirtAlexander Wetzel2015-09-201-0/+19
* Module version bump for vfio device from Alexander Wetzel.Chris PeBenito2015-09-201-1/+1
* adds vfio device support to base policyAlexander Wetzel2015-09-203-0/+40
* Module version bump for changes to the virt module by Jason ZamanDominick Grift2015-09-061-1/+1
* virt: Add policy for virtlockd the Virtual machine lock managerJason Zaman2015-09-062-0/+60
* virt: Allow creating qemu guest agent socketJason Zaman2015-09-061-1/+1
* chromium: v45 needs setcap permsJason Zaman2015-09-061-1/+1
* vnstat: fix context on /usr/bin/vnstatdNiklas Haas2015-09-021-1/+1
* cgmanager: add fcontexts for /run and cgroupfs sockJason Zaman2015-09-021-3/+9
* apache: remove gentoo-specific fcontextJason Zaman2015-08-281-4/+0
* Changes to the git, hadoop and rsync modules by Jason Zaman.Dominick Grift2015-08-283-3/+3
* hadoop: init_startstop_service() can not take attributesJason Zaman2015-08-281-2/+11
* git: allow git_system_t to listen on tcp_socketsJason Zaman2015-08-281-2/+1
* rsync: remove rsync_run from admin interfaceJason Zaman2015-08-281-2/+0
* Module version bump for changes to the pulseaudio module by Niklas Haas.Dominick Grift2015-08-281-1/+1
* pulse: don't give pulseaudio_client full access to user_home_tNiklas Haas2015-08-281-3/+0
* Module version bump for APR build script labeling from Luis Ressel.Chris PeBenito2015-08-281-1/+1
* Mark APR build scripts as bin_tLuis Ressel2015-08-281-0/+2
* Add cgmanager client domainsJason Zaman2015-08-284-5/+26
* Add policy for cgmanagerJason Zaman2015-08-283-0/+91
* introduce fs_cgroup_filetrans() interfaceJason Zaman2015-08-261-0/+37
* android: dontaudit the /proc dir accessesJason Zaman2015-08-251-0/+1