* [refpolicy] roles_sysadm.patch
@ 2009-11-12 21:07 Daniel J Walsh
2010-02-17 14:04 ` Christopher J. PeBenito
0 siblings, 1 reply; 4+ messages in thread
From: Daniel J Walsh @ 2009-11-12 21:07 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F12/roles_sysadm.patch
Lots of fixes for sysadm_t
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] roles_sysadm.patch
2009-11-12 21:07 [refpolicy] roles_sysadm.patch Daniel J Walsh
@ 2010-02-17 14:04 ` Christopher J. PeBenito
0 siblings, 0 replies; 4+ messages in thread
From: Christopher J. PeBenito @ 2010-02-17 14:04 UTC (permalink / raw)
To: refpolicy
On Thu, 2009-11-12 at 16:07 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/roles_sysadm.patch
>
>
> Lots of fixes for sysadm_t
Same thing as for unprivuser module.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] roles_sysadm.patch
@ 2010-06-02 20:32 Daniel J Walsh
2010-07-06 12:44 ` Christopher J. PeBenito
0 siblings, 1 reply; 4+ messages in thread
From: Daniel J Walsh @ 2010-06-02 20:32 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F14/roles_sysadm.patch
sysadm_t needs mls overrides to look at all processes within his range.
Dontaudit domains outside his range, so tools like top will work.
Allow sysadm to exec all applications and scripts
Manage user tmp content
connect to syslog
Eliminate transitions that redhat does not want.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] roles_sysadm.patch
2010-06-02 20:32 Daniel J Walsh
@ 2010-07-06 12:44 ` Christopher J. PeBenito
0 siblings, 0 replies; 4+ messages in thread
From: Christopher J. PeBenito @ 2010-07-06 12:44 UTC (permalink / raw)
To: refpolicy
On 06/02/10 16:32, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F14/roles_sysadm.patch
>
> sysadm_t needs mls overrides to look at all processes within his range.
>
> Dontaudit domains outside his range, so tools like top will work.
>
>
> Allow sysadm to exec all applications and scripts
>
> Manage user tmp content
>
> connect to syslog
>
> Eliminate transitions that redhat does not want.
Similarly to the staff patch, needs style cleanup.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-07-06 12:44 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-11-12 21:07 [refpolicy] roles_sysadm.patch Daniel J Walsh
2010-02-17 14:04 ` Christopher J. PeBenito
-- strict thread matches above, loose matches on Subject: below --
2010-06-02 20:32 Daniel J Walsh
2010-07-06 12:44 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.