All of lore.kernel.org
 help / color / mirror / Atom feed
* [refpolicy] apps_podsleuth.patch
@ 2009-03-05 16:17 Daniel J Walsh
  0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2009-03-05 16:17 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch

Additonal file  contexts

podsleauth wants to send a signal to who ever runs the app

Add run interface

Uses tmp and cache files.  additional capabilities and processe

Connects to http port

uses dos, nfs

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmv+wUACgkQrlYvE4MpobMAKACgtsMWxEGYw49I7LkllTmoOWyR
cloAnRIu1/FhcyzA67NkDApNpMQEvRH5
=NErQ
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2010-08-26 22:40 Daniel J Walsh
  0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-08-26 22:40 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_podsleuth.patch

Podsleuth sends signull to users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkx27U0ACgkQrlYvE4MpobOOggCfeGn1tXGMqxNvB1fOhG67e01y
Ml8AnRMD6ISRLCAduvb1WaIAVMSv+q/5
=jTq6
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
  2010-06-02 20:09 Daniel J Walsh
@ 2010-06-22 13:02 ` Christopher J. PeBenito
  0 siblings, 0 replies; 10+ messages in thread
From: Christopher J. PeBenito @ 2010-06-22 13:02 UTC (permalink / raw)
  To: refpolicy

On Wed, 2010-06-02 at 16:09 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_podsleuth.patch
> 
> podsleuth asks the kernel to load modules
> Reads/write removable blk device.
> 
> Reads user_tmpfs

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2010-06-02 20:09 Daniel J Walsh
  2010-06-22 13:02 ` Christopher J. PeBenito
  0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2010-06-02 20:09 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_podsleuth.patch

podsleuth asks the kernel to load modules
Reads/write removable blk device.

Reads user_tmpfs

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2010-02-23 19:30 Daniel J Walsh
  0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-02-23 19:30 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F13/apps_podsleuth.patch

podsleuth asks the kernel to load modules
Reads writes removable_t (ipods)
Reads tmpfs files created by the user.

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
  2009-11-12 20:48 Daniel J Walsh
@ 2009-12-01 15:32 ` Christopher J. PeBenito
  0 siblings, 0 replies; 10+ messages in thread
From: Christopher J. PeBenito @ 2009-12-01 15:32 UTC (permalink / raw)
  To: refpolicy

On Thu, 2009-11-12 at 15:48 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_podsleuth.patch
> 
> podsleauth sends a signal to the userdomain.

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2009-11-12 20:48 Daniel J Walsh
  2009-12-01 15:32 ` Christopher J. PeBenito
  0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2009-11-12 20:48 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_podsleuth.patch

podsleauth sends a signal to the userdomain.

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
  2009-07-21 14:11 ` Christopher J. PeBenito
@ 2009-07-21 14:50   ` Daniel J Walsh
  0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2009-07-21 14:50 UTC (permalink / raw)
  To: refpolicy

On 07/21/2009 10:11 AM, Christopher J. PeBenito wrote:
> On Thu, 2009-05-21 at 11:03 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch
>>
>> Lots of policy fixes for podsleuth.
>>
>> Add interface to run podsleuth within a role
>>
>> podsleuth uses tmpfs, tmp and cache
>>
>> Needs to deal with nfs and dos file systems
>>
>> Can be started by dbus, runs as a mono app
> 
> Merged except for the nfs and raw disk access, for which I need
> additional explanation.
> 
I agree remove the raw disk, I will also.

In RHEL5 and probably older versions of Fedora, we labeled

genfscon hfs / gen_context(system_u:object_r:nfs_t,s0)
genfscon hfsplus / gen_context(system_u:object_r:nfs_t,s0)

These have been changed to dosfs_t, so I think you can ignore both and I will remove them.

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
  2009-05-21 15:03 Daniel J Walsh
@ 2009-07-21 14:11 ` Christopher J. PeBenito
  2009-07-21 14:50   ` Daniel J Walsh
  0 siblings, 1 reply; 10+ messages in thread
From: Christopher J. PeBenito @ 2009-07-21 14:11 UTC (permalink / raw)
  To: refpolicy

On Thu, 2009-05-21 at 11:03 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch
> 
> Lots of policy fixes for podsleuth.
> 
> Add interface to run podsleuth within a role
> 
> podsleuth uses tmpfs, tmp and cache
> 
> Needs to deal with nfs and dos file systems
> 
> Can be started by dbus, runs as a mono app

Merged except for the nfs and raw disk access, for which I need
additional explanation.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

^ permalink raw reply	[flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2009-05-21 15:03 Daniel J Walsh
  2009-07-21 14:11 ` Christopher J. PeBenito
  0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2009-05-21 15:03 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch

Lots of policy fixes for podsleuth.

Add interface to run podsleuth within a role

podsleuth uses tmpfs, tmp and cache

Needs to deal with nfs and dos file systems

Can be started by dbus, runs as a mono app

^ permalink raw reply	[flat|nested] 10+ messages in thread
end of thread, other threads:[~2010-08-26 22:40 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-03-05 16:17 [refpolicy] apps_podsleuth.patch Daniel J Walsh
2009-05-21 15:03 Daniel J Walsh
2009-07-21 14:11 ` Christopher J. PeBenito
2009-07-21 14:50   ` Daniel J Walsh
2009-11-12 20:48 Daniel J Walsh
2009-12-01 15:32 ` Christopher J. PeBenito
2010-02-23 19:30 Daniel J Walsh
2010-06-02 20:09 Daniel J Walsh
2010-06-22 13:02 ` Christopher J. PeBenito
2010-08-26 22:40 Daniel J Walsh

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.