Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/config
Commit message (Collapse)AuthorAgeFilesLines
* map systemd private dirsRussell Coker2019-02-101-0/+3
| | | | Signed-off-by: Jason Zaman <jason@perfinion.com>
* appconfig: Add openrc_contexts fileJason Zaman2017-05-183-0/+3
|
* misc daemons from Russell Coker.Chris PeBenito2017-04-301-1/+2
| | | | | | | | | | | Put in libx32 subs entries that refer to directories with fc entries. Allow dpkg_t to transition to dpkg_script_t when it executes bin_t for dpkg-reconfigure. Some dontaudit rules for mta processes spawned by mon for notification. Lots of tiny changes that are obvious.
* Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker.Chris PeBenito2017-02-051-2/+6
|
* transition file contexts to /runcgzones2017-01-021-2/+5
| | | | | | Remove file context aliases and update file context paths to use the /run filesystem path. Add backward compatibility file context alias for /var/run using applications like https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783321 Lock files are still seated at /var/lock
* Remove trailing spaces2.20161023-r2Jason Zaman2016-12-081-1/+1
|
* remove trailing whitespacescgzones2016-12-085-7/+17
|
* Remove unneeded system_u seusers mapping.Chris PeBenito2016-12-063-3/+0
|
* Add lxc_contexts config fileLaurent Bigonville2016-03-123-0/+9
| | | | | | | | | selinux_lxc_contexts_path() function in upstream libselinux points to this config file. It is ATM used by libvirt. The file from Fedora also contains sandbox_lxc_process and sandbox_kvm_process parameters, but I cannot find where they are used, keep them out of the file for the time being.
* On Debian, systemd binaries are installed in / not /usrLaurent Bigonville2016-01-311-0/+1
| | | | | On Debian, systemd binaries are installed in / not /usr, add an equivalence for this.
* Allow the user cronjobs to run in their userdomainLaurent Bigonville2015-12-179-9/+9
| | | | | | | | | | | | | | | | | | When cron_userdomain_transition boolean is set to on, the user cronjobs are supposed to run in their domains. Without this patch the default context is not properly computed: $ /usr/sbin/getdefaultcon user_u system_u:system_r:crond_t:s0 /usr/sbin/getdefaultcon: Invalid argument $ /usr/sbin/getdefaultcon staff_u system_u:system_r:crond_t:s0 staff_u:sysadm_r:sysadm_t:s0 With this patch applied: $ /usr/sbin/getdefaultcon user_u system_u:system_r:crond_t:s0 user_u:user_r:user_t:s0 $ /usr/sbin/getdefaultcon staff_ system_u:system_r:crond_t:s0 staff_u:staff_r:staff_t:s0
* add normal context in addition to cronjob_t, bug 543110Jason Zaman2015-04-146-6/+6
|
* Fix bug #475432 - Add substitution for kerberos directoriesSven Vermeulen2013-08-151-0/+1
| | | | | | In Gentoo, the kerberos location is /var/lib/krb5kdc instead of /var/kerberos/krb5kdc. As there are multiple file contexts underneith, add in a substitution entry for /var/lib/krb5kdc -> /var/kerberos/krb5kdc.
* Adding default context definitions for atd_tSven Vermeulen2012-12-133-0/+3
|
* Use trailing / to ensure no mismatches occurSven Vermeulen2012-08-091-0/+1
|
* Translate /etc/init.d to /etc/rc.d/init.d for context searchesSven Vermeulen2012-08-091-0/+1
| | | | | | Since the content of /etc/init.d and /etc/rc.d/init.d is the same (and same labels), it makes sense to just define them once and put in a translation for this location.
* Use /usr/local/lib* to /usr/libSven Vermeulen2012-08-091-1/+0
| | | | | | The translation of /usr/local to /usr is not supported upstream and might lead to issues later, so undo those changes. Keep the /usr/local/lib* stuff in though.
* Support for /usr/localSven Vermeulen2012-07-281-0/+2
|
* Using subs_dist for simplified file contextsSven Vermeulen2012-04-221-0/+1
| | | | | | | The various modules currently contain references to /usr/lib(64)? or have duplicate entries (one for /usr/lib, another for /usr/lib64). Same for /lib(64)?. Because we now support subs_dist, this differentiation is no longer needed. Fixes bug #410951
* Pushing 2.20120215 (current version)Sven Vermeulen2012-04-2162-0/+739