GitWeb
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Gentoo Repository
Repositories
Projects
Developer Overlays
User Overlays
Data
Websites
index
:
proj/hardened-refpolicy.git
concord-dev
mailinfra
master
secmodel
Gentoo Hardened SELinux reference policy implementation
Sven Vermeulen <swift@gentoo.org>
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
policy
Commit message (
Expand
)
Author
Age
Files
Lines
*
pulseaudio: add fd perms for v7
2.20141203-r10
Jason Zaman
2015-11-18
1
-0
/
+4
*
ntp: add perms for socket /run/ntpd.sock for openntpd
Jason Zaman
2015-11-18
2
-1
/
+3
*
system/logging: Remove duplicate filetrans on news logs
Jason Zaman
2015-10-26
1
-0
/
+2
*
system/logging: Remove duplicate filetrans on cron.log
Jason Zaman
2015-10-26
1
-0
/
+2
*
Module version bump for systemd additions.
Chris PeBenito
2015-10-26
24
-24
/
+24
*
Add systemd socket activations.
Chris PeBenito
2015-10-26
5
-0
/
+5
*
Add systemd unit types.
Chris PeBenito
2015-10-26
38
-0
/
+135
*
Module version bump for systemd additions.
Chris PeBenito
2015-10-26
23
-23
/
+23
*
Add refpolicy core socket-activated services.
Chris PeBenito
2015-10-26
3
-0
/
+3
*
Add sysfs_types attribute.
Chris PeBenito
2015-10-26
3
-2
/
+24
*
Add systemd units for core refpolicy services.
Chris PeBenito
2015-10-26
18
-13
/
+86
*
Add rules for sysadm_r to manage the services.
Chris PeBenito
2015-10-26
1
-0
/
+9
*
Add supporting rules for domains tightly-coupled with systemd.
Chris PeBenito
2015-10-26
11
-5
/
+135
*
Implement core systemd policy.
Chris PeBenito
2015-10-26
17
-24
/
+1711
*
Add systemd access vectors.
Chris PeBenito
2015-10-26
2
-0
/
+23
*
contrib/portage: Fix portage_ro_role interface
Luis Ressel
2015-10-22
1
-7
/
+7
*
portage: Add new interfaces to portage_ro_role
Luis Ressel
2015-10-18
1
-0
/
+2
*
portage: New read-only interfaces for srcrepo and logs
Luis Ressel
2015-10-18
1
-0
/
+40
*
portage: Fix the gen_require of the portage_compile_domain interface
Luis Ressel
2015-10-18
1
-2
/
+2
*
portage: Dontaudit setattr in portage_dontaudit_write_cache
Luis Ressel
2015-10-18
1
-1
/
+1
*
ipsec: Allow ipsec to run resolvconf
Jason Zaman
2015-10-15
1
-0
/
+9
*
Module version bump for patches from Jason Zaman/Matthias Dahl.
Chris PeBenito
2015-10-13
2
-2
/
+2
*
Rearrange lines in ipsec.te.
Chris PeBenito
2015-10-13
1
-22
/
+21
*
system/ipsec: Add policy for StrongSwan
Jason Zaman
2015-10-13
2
-3
/
+75
*
Add overlayfs as an XATTR capable fs
Jason Zaman
2015-10-13
1
-0
/
+1
*
services/postgresql.fc: Drop obsolete distro_gentoo block
Luis Ressel
2015-10-11
1
-5
/
+0
*
Module version bump for vfio support for libvirt from Alexander Wetzel.
Chris PeBenito
2015-09-20
1
-1
/
+1
*
Comment/whitespace fix in virt.te.
Chris PeBenito
2015-09-20
1
-5
/
+5
*
add vfio support for libvirt
Alexander Wetzel
2015-09-20
1
-0
/
+19
*
Module version bump for vfio device from Alexander Wetzel.
Chris PeBenito
2015-09-20
1
-1
/
+1
*
adds vfio device support to base policy
Alexander Wetzel
2015-09-20
3
-0
/
+40
*
Module version bump for changes to the virt module by Jason Zaman
Dominick Grift
2015-09-06
1
-1
/
+1
*
virt: Add policy for virtlockd the Virtual machine lock manager
Jason Zaman
2015-09-06
2
-0
/
+60
*
virt: Allow creating qemu guest agent socket
Jason Zaman
2015-09-06
1
-1
/
+1
*
chromium: v45 needs setcap perms
Jason Zaman
2015-09-06
1
-1
/
+1
*
vnstat: fix context on /usr/bin/vnstatd
Niklas Haas
2015-09-02
1
-1
/
+1
*
cgmanager: add fcontexts for /run and cgroupfs sock
Jason Zaman
2015-09-02
1
-3
/
+9
*
apache: remove gentoo-specific fcontext
Jason Zaman
2015-08-28
1
-4
/
+0
*
Changes to the git, hadoop and rsync modules by Jason Zaman.
Dominick Grift
2015-08-28
3
-3
/
+3
*
hadoop: init_startstop_service() can not take attributes
Jason Zaman
2015-08-28
1
-2
/
+11
*
git: allow git_system_t to listen on tcp_sockets
Jason Zaman
2015-08-28
1
-2
/
+1
*
rsync: remove rsync_run from admin interface
Jason Zaman
2015-08-28
1
-2
/
+0
*
Module version bump for changes to the pulseaudio module by Niklas Haas.
Dominick Grift
2015-08-28
1
-1
/
+1
*
pulse: don't give pulseaudio_client full access to user_home_t
Niklas Haas
2015-08-28
1
-3
/
+0
*
Module version bump for APR build script labeling from Luis Ressel.
Chris PeBenito
2015-08-28
1
-1
/
+1
*
Mark APR build scripts as bin_t
Luis Ressel
2015-08-28
1
-0
/
+2
*
Add cgmanager client domains
Jason Zaman
2015-08-28
4
-5
/
+26
*
Add policy for cgmanager
Jason Zaman
2015-08-28
3
-0
/
+91
*
introduce fs_cgroup_filetrans() interface
Jason Zaman
2015-08-26
1
-0
/
+37
*
android: dontaudit the /proc dir accesses
Jason Zaman
2015-08-25
1
-0
/
+1
[next]