* [refpolicy] services_munin.patch
2008-10-09 18:09 ` Christopher J. PeBenito
@ 2008-10-10 20:45 ` Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2008-10-10 20:45 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Add admin functions and initrc handling
needs chown setuid dac_override and sys_rawhio
Talks to itself over a fifo file
Manages its own logfile and directories.
Reads all sysctls and network state
Communicates with http and munin ports
Runs a ps command
calls getpw* functions so needs auth_use_nsswitch
Reads fonts
Executes ping and ifconfig
Starts fstools
Communicates with mysql
sends mail
Add apache scripts policy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkjvvuUACgkQrlYvE4MpobPetACg2mUmok882mqwAOZP7bX6/sX6
FCMAnRDO9ZINe88BuAIOMzZRCDGwVC0X
=qTLK
-----END PGP SIGNATURE-----
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: services_munin.patch
Url: http://oss.tresys.com/pipermail/refpolicy/attachments/20081010/438a34c8/attachment.pl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: services_munin.patch.sig
Type: application/octet-stream
Size: 72 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20081010/438a34c8/attachment.obj
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] services_munin.patch
@ 2008-10-14 20:27 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2008-10-14 20:27 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_munin.patch
Add initrc support
fix labeling on /var/log
Add _admin interface
Needs chown dav_override sys_rawio capabilities
Uses fifo files
Handle log files
Read kernel systctls and network state
Connect and bind to munin ports
dontaudit read all processes
execs ifconfig
Domtrans to ping
Calls getpw so needs auth_use_nsswith
Lists spool
Communicates with fstools and mysql Reads mta logs and sends mail
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkj1AKkACgkQrlYvE4MpobM7VACdGySOBTKcxD1kWqJzJ7WQx1ej
q6YAnAopj3EONgfJMLDxGUlFWtYAnKAY
=/uVO
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] services_munin.patch
@ 2009-03-24 13:49 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2009-03-24 13:49 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_munin.patch
New context for munin
Add munin_admin interface
munin_t needs chown/dac and sys_rawio capabilities
uses fifo, and execs itself
log files can be in a log directory
execs shell
communicates with the munin/apache ports
calls getpw, lists inotify
reads fonts
runs ping and ifconfig
Added http types.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] services_munin.patch
@ 2009-06-09 0:47 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2009-06-09 0:47 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_munin.patch
Label for munin initrc script
Fix label of /var/log/munin.*
Add cgi support
munin needs more capability and uses fifo_files can exec itself.
Add support for log file
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] services_munin.patch
@ 2009-11-12 21:41 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2009-11-12 21:41 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_munin.patch
munin html policy
munin uses rawio
Getattr on spool files.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] services_munin.patch
@ 2010-02-23 20:22 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2010-02-23 20:22 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_munin.patch
munig cgi context
Uses sock_files in /tmp
Prints stuff and looks at postfix spool
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] services_munin.patch
@ 2010-08-26 21:55 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2010-08-26 21:55 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F14/services_munin.patch
Change to use attributes for the plugins
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkx24rwACgkQrlYvE4MpobM1QgCgmYGLb4GSn2Ii0Q7cdu+zU2w/
mgcAnjO3s9OweQIVRytezbqQb9eheMdZ
=kyAC
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2010-08-26 21:55 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-03-24 13:49 [refpolicy] services_munin.patch Daniel J Walsh
-- strict thread matches above, loose matches on Subject: below --
2010-08-26 21:55 Daniel J Walsh
2010-02-23 20:22 Daniel J Walsh
2009-11-12 21:41 Daniel J Walsh
2009-06-09 0:47 Daniel J Walsh
2008-10-14 20:27 Daniel J Walsh
2008-09-24 19:59 [refpolicy] services_snort.patch Daniel J Walsh
2008-10-09 18:09 ` Christopher J. PeBenito
2008-10-10 20:45 ` [refpolicy] services_munin.patch Daniel J Walsh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.