Home Explore Help
Sign In
Hoshpak
/
debian-selinux-policies
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 066007f4ef
Branches Tags
debian-selinux-...
/
policy
/
modules
Helmut Pozimski 066007f4ef atop: allow management of log files 7 years ago
..
acme-updater.fc 0d1c510e34 acme-updater: add json configuration file and file context 7 years ago
acme-updater.te 12ec32fceb acme-updater: fix type transition for ejabberd 7 years ago
acmetool.fc d8929817dc add skeleton module for acmetool 8 years ago
acmetool.te eb9c7bdd35 acmetool: allow kernel_read_vm_overcommit_sysctl 7 years ago
amavis.fc a787d913d6 add amavis policy module 9 years ago
amavis.if a787d913d6 add amavis policy module 9 years ago
amavis.te add769bacb amavis: allow management of links of type amavis_var_lib_t 7 years ago
apache.fc fbc3b9ae56 remove /var/lib/php from apache, conflicting with php-fpm 7 years ago
apache.if d9368b3c96 apache: merge policy from Debian stretch selinux-policy-src 7 years ago
apache.te 0b7aeae0f7 allow apache to read phpfpm temp files to work around wrong contexts created by php file upload 7 years ago
apm.fc c0a06e2f2e add the apm policy module to fork it 8 years ago
apm.if c0a06e2f2e add the apm policy module to fork it 8 years ago
apm.te fa9a408f5a allow apmd_t to init_read_utmp 8 years ago
apticron.fc 82f3c528af add apticron policy module 9 years ago
apticron.te b41a5ec364 add missing permissions for apticron, this only works when you manually set heirloom-mailx to use smtp though 9 years ago
atop.fc ee1bc1d3bd atop: extend policy to also cover atopacct 7 years ago
atop.te 066007f4ef atop: allow management of log files 7 years ago
bind.fc 359d65589f update bind policy to cover unbound on Debian 8.x 7 years ago
bind.if 0388bd041a add a fork of the bind policy to allow it to connect to udev via udp 9 years ago
bind.te 359d65589f update bind policy to cover unbound on Debian 8.x 7 years ago
bootloader.fc dd00707aa6 add bootloader policy module to fork it 9 years ago
bootloader.if dd00707aa6 add bootloader policy module to fork it 9 years ago
bootloader.te 9d931d48b9 add permissions to read file contexts and getattr for xconsole to bootloader_t 9 years ago
clamav.fc 0a19f1fd5d add clamav policy module from the reference policy 9 years ago
clamav.if 0a19f1fd5d add clamav policy module from the reference policy 9 years ago
clamav.te a8e0582b58 allow clamd to read vm sysctls 9 years ago
dnsping.fc 56cf3c1593 add selinux policy for my custom dnsping IP update script 9 years ago
dnsping.te 85d0b97d56 dnsping: add missing permissions for Debian stretch 7 years ago
dovecot.fc 7ec11d0bd5 add dovecot managesieve-login to dovecot file contexts 9 years ago
dovecot.if d60008cf7d add dovecot policy module to fork it 9 years ago
dovecot.te eeea104868 dovecot: merge with 1.18.0 and bump minor version 7 years ago
fail2ban.fc a52dc2cfa5 add the fail2ban module to modify it 9 years ago
fail2ban.if a52dc2cfa5 add the fail2ban module to modify it 9 years ago
fail2ban.te 4af5a03991 add the missing domain transition for fail2ban_var_run_t and correct the permissions for fail2ban_client_t 9 years ago
git.fc 179384777d label all git binaries and allow gogs to execute generic bin files, *sigh* 8 years ago
git.if cd654dbd8c add policy module for git to give the binary a file context 8 years ago
git.te 179384777d label all git binaries and allow gogs to execute generic bin files, *sigh* 8 years ago
gogs.fc 578a6a21c7 extend the gogs policy with all permissions necessary for the program to run 8 years ago
gogs.te db7665a8de allow gogs kernel_read_vm_sysctls 7 years ago
hostname.fc f7b8f792b2 add hostname policy module 9 years ago
hostname.if f7b8f792b2 add hostname policy module 9 years ago
hostname.te 9c19a6582d allow hostname to read urandom 9 years ago
ipsec.fc ac160709f3 add remaining domain transistions to make strongswan work 9 years ago
ipsec.if 4762bce146 add a copy of the ipsec module of the reference policy 9 years ago
ipsec.te 7cec747609 allow ipsec_t to kill the charon process 8 years ago
iptables.fc 64324c83c3 add for of the iptables policy module and allow access to urandom 9 years ago
iptables.if 64324c83c3 add for of the iptables policy module and allow access to urandom 9 years ago
iptables.te 64324c83c3 add for of the iptables policy module and allow access to urandom 9 years ago
jabber.fc c5f59a0683 jabber: allow kernel_read_vm_overcommit_sysctl and extend policy to use a cache directory for httpupload 7 years ago
jabber.if e90545059e add jabber_domtrans interface to the jabber module 9 years ago
jabber.te c5f59a0683 jabber: allow kernel_read_vm_overcommit_sysctl and extend policy to use a cache directory for httpupload 7 years ago
logrotate.fc 1632ea18a5 logrotate: update to the version from stretch and merge with my own changes 7 years ago
logrotate.if e54a282860 add a fork of the logrotate policy and allow capability sys_ptrace 9 years ago
logrotate.te 1632ea18a5 logrotate: update to the version from stretch and merge with my own changes 7 years ago
mapcrafter.fc 1b9f39292c add mapcrafter policy module 8 years ago
mapcrafter.te 1b9f39292c add mapcrafter policy module 8 years ago
minecraft.fc 28d593b3e8 add initial version of the minecraft selinux policy module 8 years ago
minecraft.te 0eb708dd3b minecraft: update permissions to work with Java 8 7 years ago
mta.fc 148a9e44ff add fork of the mta policy module and extend it to be able to write to cron temporary files 9 years ago
mta.if 148a9e44ff add fork of the mta policy module and extend it to be able to write to cron temporary files 9 years ago
mta.te 6df2dbed12 mta: merge policy with the current version from Debian stretch and bump version number 7 years ago
murmur.fc 26636d0339 murmur: correct path to run directory 7 years ago
murmur.te 26636d0339 murmur: correct path to run directory 7 years ago
mysql.fc d647a1f6a6 add mysql policy module 9 years ago
mysql.if d647a1f6a6 add mysql policy module 9 years ago
mysql.te 1e1b0ad700 allow mysqld_safe_t sys_tty_config 9 years ago
mysqldump.fc 870acd4d2f add mysqldump.fc, allow php logrotation 9 years ago
mysqldump.te 2ca3e25aca mysqldump: add missing permissions for Debian stretch 7 years ago
ntp.fc e2fdfebaac ntp: add policy from Debian stretch selinux-policy-src 7 years ago
ntp.if e2fdfebaac ntp: add policy from Debian stretch selinux-policy-src 7 years ago
ntp.te a3f0da9a7d ntp: grant files_manage_generic_locks to write the ntpdate lock file 7 years ago
php-fpm.fc 2ae226e802 php-fpm: correct PID directory 7 years ago
php-fpm.if 4e2eda6757 add dontaudit interfaces to phpfpm and set them in the mta policy 9 years ago
php-fpm.te 2ae226e802 php-fpm: correct PID directory 7 years ago
postfix.fc c0f0bf03d9 postfix: update policy and merge with local changes 7 years ago
postfix.if c0f0bf03d9 postfix: update policy and merge with local changes 7 years ago
postfix.te c0f0bf03d9 postfix: update policy and merge with local changes 7 years ago
shutdown.fc a37c120ba6 add the shutdown policy module from the reference policy 8 years ago
shutdown.if a37c120ba6 add the shutdown policy module from the reference policy 8 years ago
shutdown.te 0f8a9e1440 allow shutdown to send syslog messages 8 years ago
spamassassin.fc d56ad60eff update to 2.9.0 and merge my own changes 7 years ago
spamassassin.if d56ad60eff update to 2.9.0 and merge my own changes 7 years ago
spamassassin.te d56ad60eff update to 2.9.0 and merge my own changes 7 years ago
spreed-webrtc.fc 07770361b7 add policy module for spreed-webrtc 8 years ago
spreed-webrtc.te 07770361b7 add policy module for spreed-webrtc 8 years ago
ssh.fc 3431ba1bfd ssh: update policy to the one from selinux-policy-src in Debian stretch 7 years ago
ssh.if 3431ba1bfd ssh: update policy to the one from selinux-policy-src in Debian stretch 7 years ago
ssh.te 0c561aea8a ssh: allow sshd to write motd.dynamic 7 years ago
sshguard.fc b6036eeb17 sshguard: update policy to work with the version in Debian stretch 7 years ago
sshguard.te b6036eeb17 sshguard: update policy to work with the version in Debian stretch 7 years ago
starbound.fc a9fb529e0f include the 32 bit binary in the starbound policy 8 years ago
starbound.te a9fb529e0f include the 32 bit binary in the starbound policy 8 years ago
supervisor.fc 8e134f1b54 add supervisor policy, initial implementation 8 years ago
supervisor.if 682e09be03 complement supervisor and starbound policies, add terraria policy module 8 years ago
supervisor.te 682e09be03 complement supervisor and starbound policies, add terraria policy module 8 years ago
terraria.fc 682e09be03 complement supervisor and starbound policies, add terraria policy module 8 years ago
terraria.te 682e09be03 complement supervisor and starbound policies, add terraria policy module 8 years ago
turnserver.fc 9fc1d1141f turnserver: update policy for the new version in Debian stretch 7 years ago
turnserver.te 9fc1d1141f turnserver: update policy for the new version in Debian stretch 7 years ago
udev.fc ffa99ee15f add a fork of the udev module, allow udev to transistion to rndc_t and manage postfix to satisfy script dependencies in /etc/network/if-up.d 9 years ago
udev.if ffa99ee15f add a fork of the udev module, allow udev to transistion to rndc_t and manage postfix to satisfy script dependencies in /etc/network/if-up.d 9 years ago
udev.te af4827644c allow udev_t to read the sshd pid file as needed by the script in if-up.d 9 years ago
unconfined.fc ce285de609 add unconfined policy for forking 9 years ago
unconfined.if ce285de609 add unconfined policy for forking 9 years ago
unconfined.te 674fcdace0 allow unconfined to execute git 8 years ago
xonotic.fc ec1428fd7a add policy for a custom installed xonotic game server 9 years ago
xonotic.te 04403d1b99 xonotic: allow kernel_read_crypto_sysctls 7 years ago