aboutgitcodebugslistschat
path: root/contrib/selinux
Commit message (Expand)AuthorAgeFilesLines
* selinux: Allow read access to /proc/sys/net/ipv4/ip_local_port_rangeStefano Brivio2024-09-062-1/+4
* selinux: Allow access to user_devpts2024_06_07.8a83b53Derek Schrock2024-06-071-0/+1
* selinux: Allow pasta to remount procfs2024_02_16.08344daStefano Brivio2024-02-161-0/+2
* Revert "selinux: Drop user_namespace class rules for Fedora 37"2023_11_07.56d9f6dStefano Brivio2023-11-072-0/+4
* selinux: Allow passt to talk over unconfined_t UNIX domain socket for --fd2023_11_07.74e6f48Stefano Brivio2023-11-071-0/+1
* selinux: Drop user_namespace class rules for Fedora 37Stefano Brivio2023-11-072-4/+0
* selinux: Fix domain transitions for typical commands pasta might run2023_08_18.0af928eStefano Brivio2023-08-181-1/+18
* selinux: Allow pasta_t to read nsfs entriesStefano Brivio2023-08-181-0/+2
* selinux: Add rules for sysctl and /proc/net accessesStefano Brivio2023-08-182-0/+4
* selinux: Update policy to fix user/group settingsStefano Brivio2023-08-182-4/+13
* selinux: Fix user namespace creation after breaking kernel changeStefano Brivio2023-08-182-0/+4
* selinux: Use explicit paths for binaries in file contextStefano Brivio2023-08-182-2/+4
* passt: Relicense to GPL 2.0, or any later versionStefano Brivio2023-04-065-5/+5
* selinux: Drop useless interface file for pastaStefano Brivio2023-03-291-25/+0
* contrib/selinux: Split interfaces into smaller bitsStefano Brivio2023-03-101-10/+61
* contrib/selinux: Drop unused passt_read_data() interfaceStefano Brivio2023-03-101-8/+0
* contrib/selinux: Drop "example" from headers: this is the actual policyStefano Brivio2023-03-106-6/+6
* contrib/selinux: Let interface users set paths for log, PID, socket filesStefano Brivio2023-03-091-1/+25
* contrib/selinux: Allow binding and connecting to all UDP and TCP portsStefano Brivio2023-03-091-12/+15
* contrib/selinux: Let passt write to stdout and stderr when it startsStefano Brivio2023-03-091-0/+1
* contrib/selinux: Drop duplicate init_daemon_domain() ruleStefano Brivio2023-03-091-1/+0
* selinux/passt.te: Allow setting socket option on routing netlink socketStefano Brivio2023-02-211-1/+1
* selinux/passt.te: Allow /etc/resolv.conf symlinks to be followedStefano Brivio2023-02-211-0/+1
* selinux/passt.te: Allow setcap on the process itselfStefano Brivio2023-02-211-0/+1
* selinux: Switch to a more reasonable model for PID and socket filesStefano Brivio2023-02-212-5/+7
* selinux: Define interfaces for libvirt and similar frameworksStefano Brivio2023-02-212-0/+27
* selinux/passt.if: Fix typo in passt_read_data interface definitionStefano Brivio2023-02-211-1/+1
* passt, pasta: Add examples of SELinux policy modulesStefano Brivio2022-03-296-0/+362