* [refpolicy] services_rsync.patch
@ 2010-08-26 22:18 Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-08-26 22:18 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F14/services_rsync.patch
rsync_etc can be a dir
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkx26CYACgkQrlYvE4MpobPRqQCg5wltHCd4gCBWBzq4rQNGZDcE
VBkAoMVHB3Bw4V/P5bLoUEVA8bMwpsb0
=ZAmW
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
@ 2010-02-23 20:47 Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-02-23 20:47 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_rsync.patch
rsync_etc_t can be a directory
Policy to allow rsync to run as a client.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
@ 2009-11-12 21:57 Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2009-11-12 21:57 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_rsync.patch
Allow rsync to run as a client.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
2009-06-12 19:44 ` Christopher J. PeBenito
@ 2009-06-12 20:17 ` Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2009-06-12 20:17 UTC (permalink / raw)
To: refpolicy
On 06/12/2009 03:44 PM, Christopher J. PeBenito wrote:
> On Mon, 2009-06-08 at 21:05 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_rsync.patch
>>
>> Add client capabilities.
This particular client is for a cron job or init script that starts
rsync to copy files from remote sites to the local machine.
Since both start from initrc_t, kind of hard to create another type.
>
> I disagree with this part. This policy is for the server only. Clients
> should run in the calling domain, for example the user's domain.
>
>> Allow export of nfs files over rsync
>
> merged this.
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
2009-06-09 1:05 Daniel J Walsh
@ 2009-06-12 19:44 ` Christopher J. PeBenito
2009-06-12 20:17 ` Daniel J Walsh
0 siblings, 1 reply; 10+ messages in thread
From: Christopher J. PeBenito @ 2009-06-12 19:44 UTC (permalink / raw)
To: refpolicy
On Mon, 2009-06-08 at 21:05 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_rsync.patch
>
> Add client capabilities.
I disagree with this part. This policy is for the server only. Clients
should run in the calling domain, for example the user's domain.
> Allow export of nfs files over rsync
merged this.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
@ 2009-06-09 1:05 Daniel J Walsh
2009-06-12 19:44 ` Christopher J. PeBenito
0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2009-06-09 1:05 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_rsync.patch
Add client capabilities.
Allow export of nfs files over rsync
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
2009-03-05 17:02 Daniel J Walsh
@ 2009-03-23 15:24 ` Christopher J. PeBenito
0 siblings, 0 replies; 10+ messages in thread
From: Christopher J. PeBenito @ 2009-03-23 15:24 UTC (permalink / raw)
To: refpolicy
On Thu, 2009-03-05 at 13:02 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_rsync.patch
>
> rsync needs to be able to copy an entire os if boolean is set.
Merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
@ 2009-03-05 17:02 Daniel J Walsh
2009-03-23 15:24 ` Christopher J. PeBenito
0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2009-03-05 17:02 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_rsync.patch
rsync needs to be able to copy an entire os if boolean is set.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmwBZgACgkQrlYvE4MpobOqBQCfYpmE/uVNcctf1mV78Cnu76RR
BzUAoMNeDUQBWxO/HC1y+npc8ikoIVSf
=MX5x
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
2008-10-14 19:44 Daniel J Walsh
@ 2008-11-06 22:42 ` Christopher J. PeBenito
0 siblings, 0 replies; 10+ messages in thread
From: Christopher J. PeBenito @ 2008-11-06 22:42 UTC (permalink / raw)
To: refpolicy
On Tue, 2008-10-14 at 15:44 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_rsync.patch
>
> Fix label on /var/run/rsyncd.lock
>
> Rsync needs chown and sys_crhoot capabilities
Merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] services_rsync.patch
@ 2008-10-14 19:44 Daniel J Walsh
2008-11-06 22:42 ` Christopher J. PeBenito
0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2008-10-14 19:44 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_rsync.patch
Fix label on /var/run/rsyncd.lock
Rsync needs chown and sys_crhoot capabilities
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkj09qcACgkQrlYvE4MpobMnwgCgpjZr9vt76R/lleAVV1dmgLtR
jjEAoMqa7W/KMmMHDPl9DPEFxSbzzags
=ECY9
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2010-08-26 22:18 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-08-26 22:18 [refpolicy] services_rsync.patch Daniel J Walsh
-- strict thread matches above, loose matches on Subject: below --
2010-02-23 20:47 Daniel J Walsh
2009-11-12 21:57 Daniel J Walsh
2009-06-09 1:05 Daniel J Walsh
2009-06-12 19:44 ` Christopher J. PeBenito
2009-06-12 20:17 ` Daniel J Walsh
2009-03-05 17:02 Daniel J Walsh
2009-03-23 15:24 ` Christopher J. PeBenito
2008-10-14 19:44 Daniel J Walsh
2008-11-06 22:42 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.