[refpolicy] services_dnsmasq.patch

All of lore.kernel.org
 help / color / mirror / Atom feed

* [refpolicy] services_dnsmasq.patch
@ 2010-02-23 20:10 Daniel J Walsh
  2010-04-08 15:32 ` Jeremy Solt
  0 siblings, 1 reply; 13+ messages in thread
From: Daniel J Walsh @ 2010-02-23 20:10 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_dnsmasq.patch

dnsmasq has a log
dnsmasq needs additional perms for dnsmasq_etc_t
dnsmasq_t  needs chown

Uses system buf, reads cobbler files, manage cron_var_run

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
  2010-02-23 20:10 [refpolicy] services_dnsmasq.patch Daniel J Walsh
@ 2010-04-08 15:32 ` Jeremy Solt
  0 siblings, 0 replies; 13+ messages in thread
From: Jeremy Solt @ 2010-04-08 15:32 UTC (permalink / raw)
  To: refpolicy

On Tue, 2010-02-23 at 15:10 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_dnsmasq.patch
> 
> dnsmasq has a log
> dnsmasq needs additional perms for dnsmasq_etc_t
> dnsmasq_t  needs chown
> 
> Uses system buf, reads cobbler files, manage cron_var_run
> 

Why does it need to manage crond_var_run_t files?

-- 
Jeremy J. Solt
Tresys Technology, LLC
410-290-1411 x122

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2010-08-26 21:13 Daniel J Walsh
  0 siblings, 0 replies; 13+ messages in thread
From: Daniel J Walsh @ 2010-08-26 21:13 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F14/services_dnsmasq.patch

dnsmasq manages cron pid files.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkx22P8ACgkQrlYvE4MpobOL1gCfb0xGTlCJrERKYEs7deSxCZEw
fUcAoJrF7k9nwaa0X9yZ9ER9Cz6nI1iT
=X7Np
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2009-11-12 21:26 Daniel J Walsh
  0 siblings, 0 replies; 13+ messages in thread
From: Daniel J Walsh @ 2009-11-12 21:26 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_dnsmasq.patch


dnsmasq reads cobbler files and uses dbus

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
  2009-06-09  0:28 Daniel J Walsh
@ 2009-07-20 19:41 ` Christopher J. PeBenito
  0 siblings, 0 replies; 13+ messages in thread
From: Christopher J. PeBenito @ 2009-07-20 19:41 UTC (permalink / raw)
  To: refpolicy

On Mon, 2009-06-08 at 20:28 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dnsmasq.patch
> 
> Add interface to execute dnsmasq init script
> 
> dnsmasq needs to read system state

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2009-06-09  0:28 Daniel J Walsh
  2009-07-20 19:41 ` Christopher J. PeBenito
  0 siblings, 1 reply; 13+ messages in thread
From: Daniel J Walsh @ 2009-06-09  0:28 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dnsmasq.patch

Add interface to execute dnsmasq init script

dnsmasq needs to read system state

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2009-03-23 18:50 Daniel J Walsh
  0 siblings, 0 replies; 13+ messages in thread
From: Daniel J Walsh @ 2009-03-23 18:50 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dnsmasq.patch

networkmanager does a service dnsmasq start so needs dnsmasq_initrc_domtrans

dnsmasq reads system state

Can be used to share pxe data so needs to read tftp content

Creates cron var_run files.

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
  2009-03-05 16:37 Daniel J Walsh
@ 2009-03-23 15:24 ` Christopher J. PeBenito
  0 siblings, 0 replies; 13+ messages in thread
From: Christopher J. PeBenito @ 2009-03-23 15:24 UTC (permalink / raw)
  To: refpolicy

On Thu, 2009-03-05 at 11:37 -0500, Daniel J Walsh wrote: 
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dnsmasq.patch
> 
> New directory used by libvirt for dnsmasq output
> 
> networkmanager needs lots of dnsmasq interfaces
> 
> 
> dnsmasq reads runtime files
> 
> uses getpw calls
> 
> Needs to read virt_var_run files.

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2009-03-05 16:37 Daniel J Walsh
  2009-03-23 15:24 ` Christopher J. PeBenito
  0 siblings, 1 reply; 13+ messages in thread
From: Daniel J Walsh @ 2009-03-05 16:37 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dnsmasq.patch

New directory used by libvirt for dnsmasq output

networkmanager needs lots of dnsmasq interfaces


dnsmasq reads runtime files

uses getpw calls

Needs to read virt_var_run files.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmv/+YACgkQrlYvE4MpobMTXACgsHW4dfw5Whwzp5g4jzMfCi7C
jYcAni95ZgPNBWnuVgZPFcnhN5CXYsNR
=9um8
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2008-11-20 15:29 Daniel J Walsh
  0 siblings, 0 replies; 13+ messages in thread
From: Daniel J Walsh @ 2008-11-20 15:29 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dnsmasq.patch

Add dnsmasq_initrc_domtrans and dnsmasq_signull  both called from
networkmanager

Add +auth_use_nsswitch(dnsmasq_t), since it calls getpw*

Used filed in cron.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkklgkEACgkQrlYvE4MpobN9WACfUF4/SWookVzbDEt7KnQAQu5P
TRUAoOGVe6R9oaWtmtESXefexKJvpIPY
=QLyf
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
  2008-10-14 20:43 Daniel J Walsh
@ 2008-11-18 20:04 ` Christopher J. PeBenito
  0 siblings, 0 replies; 13+ messages in thread
From: Christopher J. PeBenito @ 2008-11-18 20:04 UTC (permalink / raw)
  To: refpolicy

On Tue, 2008-10-14 at 16:43 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_dnsmasq.patch
> 
> 
> initrc support
> 
> Add /var/lib/dnsmasq labeling
> 
> Lots of interfaces to be used by libvirt/qemu and networkmanager
> 
> Add _admin domain
> 
> needs getcap
> 
> maange lease files
> 
> 
> Binds to all udp ports
> 
> Manages virt image files

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2008-10-14 20:43 Daniel J Walsh
  2008-11-18 20:04 ` Christopher J. PeBenito
  0 siblings, 1 reply; 13+ messages in thread
From: Daniel J Walsh @ 2008-10-14 20:43 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_dnsmasq.patch


initrc support

Add /var/lib/dnsmasq labeling

Lots of interfaces to be used by libvirt/qemu and networkmanager

Add _admin domain

needs getcap

maange lease files


Binds to all udp ports

Manages virt image files
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkj1BH0ACgkQrlYvE4MpobP7KQCgh452FexkhwAZGsi/WuVpMrNy
VjQAoME2hiGoEbf1XcdP9Eua9WRzT5ud
=yUx6
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [refpolicy] services_dnsmasq.patch
@ 2008-09-24 20:40 Daniel J Walsh
  0 siblings, 0 replies; 13+ messages in thread
From: Daniel J Walsh @ 2008-09-24 20:40 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_dnsmasq.patch

Add initrc script support

allow admin to start/stop service

Admin needs admin_pattern on all file types

add dnsmasq interfaces for use by virtd


needs getgap

needs to create new dnsmasq_lease_t files

Can bind to all udp ports

Manage virt image files.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjapdUACgkQrlYvE4MpobMU7wCgtsmnG1tcoKP3AW3LSzGS2ilu
ptQAnipFzZMH6/LluVxaHZ8/JjA4UCF9
=NfyC
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 13+ messages in thread

end of thread, other threads:[~2010-08-26 21:13 UTC | newest]

Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-02-23 20:10 [refpolicy] services_dnsmasq.patch Daniel J Walsh
2010-04-08 15:32 ` Jeremy Solt
  -- strict thread matches above, loose matches on Subject: below --
2010-08-26 21:13 Daniel J Walsh
2009-11-12 21:26 Daniel J Walsh
2009-06-09  0:28 Daniel J Walsh
2009-07-20 19:41 ` Christopher J. PeBenito
2009-03-23 18:50 Daniel J Walsh
2009-03-05 16:37 Daniel J Walsh
2009-03-23 15:24 ` Christopher J. PeBenito
2008-11-20 15:29 Daniel J Walsh
2008-10-14 20:43 Daniel J Walsh
2008-11-18 20:04 ` Christopher J. PeBenito
2008-09-24 20:40 Daniel J Walsh

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.