aboutgitcodebugslistschat
path: root/contrib
Commit message (Expand)AuthorAgeFilesLines
* apparmor: Allow read access to /proc/sys/net/ipv4/ip_local_port_range2024_09_06.6b38f07Stefano Brivio2024-09-061-0/+2
* selinux: Allow read access to /proc/sys/net/ipv4/ip_local_port_rangeStefano Brivio2024-09-062-1/+4
* fedora/rpkg: List myself as author for changelog entriesStefano Brivio2024-07-261-1/+5
* selinux: Allow access to user_devpts2024_06_07.8a83b53Derek Schrock2024-06-071-0/+1
* apparmor: Fix comments after PID file and AF_UNIX socket creation refactoring2024_05_23.765eb0bStefano Brivio2024-05-233-7/+13
* apparmor: Fix passt abstractionMaxime Bélair2024-05-221-1/+1
* apparmor: allow netns paths on /tmpPaul Holzinger2024-05-131-1/+1
* apparmor: allow read access on /tmp for pasta2024_05_10.7288448Paul Holzinger2024-05-101-2/+3
* apparmor: Fix access to procfs namespace entries in pasta's abstractionDanish Prakash2024-04-051-0/+3
* apparmor: Expand scope of @{run}/user access, allow writing PID files tooStefano Brivio2024-04-051-1/+1
* apparmor: Add mount rule with explicit, empty source in passt abstractionStefano Brivio2024-04-051-0/+1
* fedora: Switch license identifier to SPDX2024_03_18.615d370Dan Čermák2024-03-181-1/+1
* selinux: Allow pasta to remount procfs2024_02_16.08344daStefano Brivio2024-02-161-0/+2
* Revert "selinux: Drop user_namespace class rules for Fedora 37"2023_11_07.56d9f6dStefano Brivio2023-11-072-0/+4
* selinux: Allow passt to talk over unconfined_t UNIX domain socket for --fd2023_11_07.74e6f48Stefano Brivio2023-11-071-0/+1
* selinux: Drop user_namespace class rules for Fedora 37Stefano Brivio2023-11-072-4/+0
* fedora: Replace pasta hard links by separate buildsStefano Brivio2023-09-071-6/+16
* apparmor: Add pasta's own profileStefano Brivio2023-09-073-10/+31
* apparmor: Allow pasta to remount /proc, access entries under its own copyStefano Brivio2023-09-071-0/+7
* apparmor: Allow read-only access to uid_mapStefano Brivio2023-09-071-0/+2
* apparmor: Explicitly pass options we use while remounting root filesystemStefano Brivio2023-09-071-1/+1
* apparmor: Use abstractions/nameservice to deal with symlinked resolv.confStefano Brivio2023-09-061-2/+1
* selinux: Fix domain transitions for typical commands pasta might run2023_08_18.0af928eStefano Brivio2023-08-181-1/+18
* selinux: Allow pasta_t to read nsfs entriesStefano Brivio2023-08-181-0/+2
* selinux: Add rules for sysctl and /proc/net accessesStefano Brivio2023-08-182-0/+4
* selinux: Update policy to fix user/group settingsStefano Brivio2023-08-182-4/+13
* selinux: Fix user namespace creation after breaking kernel changeStefano Brivio2023-08-182-0/+4
* selinux: Use explicit paths for binaries in file contextStefano Brivio2023-08-182-2/+4
* fedora: Install pasta as hard link to ensure SELinux file context matchStefano Brivio2023-08-181-0/+7
* passt: Relicense to GPL 2.0, or any later versionStefano Brivio2023-04-0611-12/+12
* fedora: Adjust path for SELinux policy and interface file to latest guidelines2023_03_29.b10b983Stefano Brivio2023-03-291-9/+8
* fedora: Don't install useless SELinux interface file for pastaStefano Brivio2023-03-291-2/+0
* selinux: Drop useless interface file for pastaStefano Brivio2023-03-291-25/+0
* fedora: Refresh SELinux labels in scriptlets, require -selinux package2023_03_17.dd23496Stefano Brivio2023-03-171-5/+15
* fedora: Install SELinux interface files to shared include directory2023_03_10.70c0765Stefano Brivio2023-03-101-0/+4
* contrib/selinux: Split interfaces into smaller bitsStefano Brivio2023-03-101-10/+61
* contrib/selinux: Drop unused passt_read_data() interfaceStefano Brivio2023-03-101-8/+0
* contrib/selinux: Drop "example" from headers: this is the actual policyStefano Brivio2023-03-106-6/+6
* contrib: Drop libvirt out-of-tree patch, integration mostly works in 9.1.0Stefano Brivio2023-03-091-427/+0
* contrib: Drop QEMU out-of-tree patchesStefano Brivio2023-03-092-208/+0
* contrib: Drop Podman out-of-tree patch, integration is upstream nowStefano Brivio2023-03-091-605/+0
* contrib/selinux: Let interface users set paths for log, PID, socket filesStefano Brivio2023-03-091-1/+25
* contrib/selinux: Allow binding and connecting to all UDP and TCP portsStefano Brivio2023-03-091-12/+15
* contrib/selinux: Let passt write to stdout and stderr when it startsStefano Brivio2023-03-091-0/+1
* contrib/selinux: Drop duplicate init_daemon_domain() ruleStefano Brivio2023-03-091-1/+0
* contrib/apparmor: Split profile into abstractions, use themStefano Brivio2023-02-273-60/+89
* selinux/passt.te: Allow setting socket option on routing netlink socketStefano Brivio2023-02-211-1/+1
* selinux/passt.te: Allow /etc/resolv.conf symlinks to be followedStefano Brivio2023-02-211-0/+1
* selinux/passt.te: Allow setcap on the process itselfStefano Brivio2023-02-211-0/+1
* selinux: Switch to a more reasonable model for PID and socket filesStefano Brivio2023-02-212-5/+7