|
|
|
@240
|
[240]
|
08/15/08 14:28:11 |
slawrence |
Remove space after the 1, it prevents building the rpm |
|
|
|
@239
|
[239]
|
08/15/08 14:15:10 |
slawrence |
Revert back to using cracklib for password control
Fix typo in tallylog3 … |
|
|
|
@238
|
[238]
|
08/14/08 14:52:21 |
slawrence |
Install /var/log/tallylog3 so pam_tally will have something to log … |
|
|
|
@237
|
[237]
|
08/13/08 15:44:14 |
slawrence |
Install the selinux-relabel script to relabel the filesystem after … |
|
|
|
@236
|
[236]
|
08/12/08 15:47:05 |
slawrence |
Update README and INSTALL file
Update selinux toolchain makefile to copy … |
|
|
|
@235
|
[235]
|
08/11/08 14:25:25 |
jtang |
Fixed a typo in (now commented) warning message. |
|
|
|
@234
|
[234]
|
08/08/08 15:52:07 |
slawrence |
Replace rpmify script with a make file for creating selinux policy and … |
|
|
|
@233
|
[233]
|
08/05/08 09:48:35 |
slawrence |
Increase audit buffer size and max log size before rotating.
Watch … |
|
|
|
@232
|
[232]
|
08/05/08 07:44:01 |
slawrence |
Disable the audit dispatcher |
|
|
|
@231
|
[231]
|
08/04/08 13:33:59 |
bwhalen |
Add in the role modules |
|
|
|
@230
|
[230]
|
08/04/08 12:03:46 |
bwhalen |
Initial attempt at porting 20080702merge back into trunk |
|
|
|
@229
|
[229]
|
08/01/08 16:03:27 |
jtang |
Preliminary ovaldi SELinux policy. |
|
|
|
@228
|
[228]
|
08/01/08 12:31:34 |
jtang |
Updated OVAL interpreter to build against official subversion repo; needed … |
|
|
|
@227
|
[227]
|
07/31/08 18:20:29 |
jtang |
Created a package for OVAL definitions. |
|
|
|
@226
|
[226]
|
07/31/08 15:36:00 |
jtang |
Updated to remove CR/LF in ovaldi.sh script. |
|
|
|
@225
|
[225]
|
07/31/08 15:26:25 |
jmowery |
helps to generate types for controlled network interfaces |
|
|
|
@224
|
[224]
|
07/31/08 13:31:51 |
jmowery |
additional fix to get wrapped netif controls working |
|
|
|
@223
|
[223]
|
07/31/08 10:27:18 |
slawrence |
Install vlock and don't install some uneeded services |
|
|
|
@222
|
[222]
|
07/30/08 12:45:48 |
jtang |
Upstream refpolicy allows params to be unused. Otherwise policy RPM does … |
|
|
|
@221
|
[221]
|
07/28/08 15:26:30 |
jmowery |
add macro to generate network interfaces controlled by the network enabled … |
|
|
|
@220
|
[220]
|
07/25/08 13:33:04 |
jtang |
Recompiled ovaldi for RHEL5. |
|
|
|
@219
|
[219]
|
07/24/08 14:29:55 |
jmowery |
adding the patch used to add optional enforcing of cracklib on root |
|
|
|
@218
|
[218]
|
07/24/08 08:53:37 |
slawrence |
Backport 5.2 stig/ks changes to 5.1, including:
- Use different audit … |
|
|
|
@217
|
[217]
|
07/24/08 08:49:56 |
slawrence |
Specify audit dispatcher in auditd.conf
Use different audit rules for … |
|
|
|
@216
|
[216]
|
07/23/08 13:59:39 |
jmowery |
adding back several networking permissions that were covered by all (now … |
|
|
|
@215
|
[215]
|
07/21/08 14:09:54 |
jmowery |
more complete removal of "all" type network access interface calls |
|
|
|
@214
|
[214]
|
07/18/08 15:08:23 |
jmowery |
initial attempt at removing all calls to interfaces with global corenet … |
|
|
|
@213
|
[213]
|
07/18/08 09:26:29 |
jmowery |
adding toolchain update sources to build rpms for updated released stable … |
|
|
|
@212
|
[212]
|
07/11/08 09:05:41 |
jmowery |
update to kickstart to set pam_passwdqc and to call passwd for root and … |
|
|
|
@211
|
[211]
|
07/08/08 14:53:49 |
jmowery |
policy compiles with optional staff (excluded by default in modules.conf) |
|
|
|
@210
|
[210]
|
07/08/08 13:31:50 |
jmowery |
removing staff from rolemap
fixing call to deprecated interface in … |
|
|
|
@209
|
[209]
|
07/08/08 13:29:48 |
jmowery |
adding files copied from new release |
|
|
|
@208
|
[208]
|
07/08/08 12:31:27 |
jmowery |
missed support macros when merging new perms from updated release |
|
|
|
@207
|
[207]
|
07/08/08 11:31:21 |
jmowery |
updated to include new booleans and updated descriptions from new release |
|
|
|
@206
|
[206]
|
07/08/08 11:23:07 |
jmowery |
revised module selection to include knowledge of new modules |
|
|
|
@205
|
[205]
|
07/08/08 11:09:43 |
jmowery |
more changes from update to new version |
|
|
|
@204
|
[204]
|
07/08/08 11:08:00 |
jmowery |
removing generated files from source control |
|
|
|
@203
|
[203]
|
07/08/08 10:27:46 |
jmowery |
This check-in is only to record the changes between the previous release … |
|
|
|
@202
|
[202]
|
07/02/08 13:05:58 |
bwhalen |
Create branch to merge in 20080702 refpolicy |
|
|
|
@201
|
[201]
|
06/25/08 08:17:26 |
slawrence |
Update password minimum length to 14 in pam conf (STIG … |
|
|
|
@200
|
[200]
|
06/24/08 15:53:16 |
slawrence |
Update kickstart to pass GEN2760 SRR test.
Update stig scripts to match … |
|
|
|
@199
|
[199]
|
06/24/08 10:55:21 |
slawrence |
Update kickstart to fix some failures in the SRR tests. This fixes … |
|
|
|
@198
|
[198]
|
06/11/08 13:35:44 |
slawrence |
- Remove 'quiet' option from pam_tally. It isn't a valid option.
- Stop … |
|
|
|
@197
|
[197]
|
06/10/08 12:23:51 |
slawrence |
Update stigs/kickstart to meet latest stig update.
Update stigs/kickstart … |
|
|
|
@196
|
[196]
|
06/07/08 08:56:00 |
slawrence |
Update stigs to match pam conf changes. |
|
|
|
@195
|
[195]
|
06/07/08 08:48:19 |
slawrence |
Use sha-512 encryption for storing passwords and update pam conf file. |
|
|
|
@194
|
[194]
|
06/05/08 22:19:13 |
bwhalen |
Create the branch for 5.2 release |
|
|
|
@193
|
[193]
|
05/29/08 13:41:37 |
slawrence |
Fix path to audit.rules in installation script |
|
|
|
@192
|
[192]
|
04/29/08 10:35:18 |
slawrence |
- Combined audit.conf and kickstart audit.rules
- Prevented RHEL4 from … |
|
|
|
@191
|
[191]
|
04/28/08 12:19:08 |
bwhalen |
Initial edits of modules to remove the all_(if|port|node) calls and … |
|
|
|
@190
|
[190]
|
04/28/08 08:17:29 |
bwhalen |
Create a branch to test out locking down the network perms. Basically get … |
|
|
|
@189
|
[189]
|
04/25/08 16:19:43 |
slawrence |
- Fix typos in stig installer
- Update stig makefile to include new cat4 … |
|
|
|
@188
|
[188]
|
04/25/08 12:40:19 |
bwhalen |
Removed calls to sendrecv_all(node|if) from sysnetwork. Modules should be … |
|
|
|
@187
|
[187]
|
04/24/08 15:46:25 |
slawrence |
Updated stigs to match recent kickstart changes (RHEL5 was very behind in … |
|
|
|
@186
|
[186]
|
04/24/08 13:49:21 |
slawrence |
-F success does not work on audit file watches. Remove them from the … |
|
|
|
@185
|
[185]
|
04/24/08 09:25:28 |
slawrence |
Fix audit rules to be more efficient and to not watch the audit log dir. … |
|
|
|
@184
|
[184]
|
04/23/08 13:53:00 |
bwhalen |
Turn on compat_net by default |
|
|
|
@183
|
[183]
|
04/11/08 09:30:06 |
slawrence |
- Add packages needed to build policy to the kickstart file
- Modify … |
|
|
|
@182
|
[182]
|
04/10/08 21:43:50 |
bwhalen |
Update the Makefile for the new version released on the site. |
|
|
|
@181
|
[181]
|
04/10/08 21:40:21 |
bwhalen |
Update the seusers file used for mls and standard builds to include the … |
|
|
|
@180
|
[180]
|
04/03/08 09:23:09 |
slawrence |
Allow policy to build on RHEL5.1 |
|
|
|
@179
|
[179]
|
04/02/08 09:11:17 |
slawrence |
Backport RHEL5.1 STIG's and kickstart to RHEL4 |
|
|
|
@178
|
[178]
|
03/17/08 10:19:59 |
jjarrett |
Added a readme file |
|
|
|
@177
|
[177]
|
03/17/08 10:19:21 |
jjarrett |
Added a readme file |
|
|
|
@176
|
[176]
|
03/17/08 10:09:43 |
bwhalen |
Update the clip policy with edits taken from downstream bedrock … |
|
|
|
@175
|
[175]
|
03/17/08 08:09:49 |
jjarrett |
Corrected Makefile Logic |
|
|
|
@174
|
[174]
|
03/17/08 08:08:06 |
jjarrett |
Corrected Makefile Logic |
|
|
|
@173
|
[173]
|
02/22/08 11:47:06 |
bwhalen |
Put xar package back in as we distribute it with clip.
Take in policy … |
|
|
|
@172
|
[172]
|
02/18/08 09:04:11 |
bwhalen |
Login programs do need ability to set loginuid, uncomment out the … |
|
|
|
@171
|
[171]
|
02/15/08 14:36:20 |
bwhalen |
Turn off autofs by default |
|
|
|
@170
|
[170]
|
02/15/08 12:08:58 |
bwhalen |
Further update ks to remove extra packages |
|
|
|
@169
|
[169]
|
02/13/08 14:01:07 |
bwhalen |
Update ks to remove bluetooth files and change password for grub |
|
|
|
@168
|
[168]
|
02/06/08 13:46:25 |
bwhalen |
On newer systems (f8+) a check is performed when building rpms to ensure … |
|
|
|
@167
|
[167]
|
01/15/08 09:46:05 |
bwhalen |
Update policy to tagged 20071214 release |
|
|
|
@166
|
[166]
|
01/10/08 21:34:44 |
bwhalen |
Update the spec file so we use the correct path to setfiles in RHEL … |
|
|
|
@165
|
[165]
|
01/10/08 14:22:15 |
bwhalen |
For now make the clipuser have selinux user "root". This should be … |
|
|
|
@164
|
[164]
|
01/09/08 16:25:51 |
bwilliams |
merging branch back into trunk |
|
|
|
@163
|
[163]
|
01/09/08 16:23:34 |
bwilliams |
removing old policy |
|
|
|
@162
|
[162]
|
01/09/08 16:20:39 |
bwilliams |
oops, that needs to be off |
|
|
|
@161
|
[161]
|
01/09/08 15:33:02 |
bwilliams |
moved stuff for move back into trunk |
|
|
|
@160
|
[160]
|
01/09/08 15:23:42 |
bwilliams |
fixed su |
|
|
|
@159
|
[159]
|
01/09/08 14:53:39 |
bwilliams |
fix bug in xml |
|
|
|
@158
|
[158]
|
01/08/08 13:10:15 |
bwilliams |
added cool boolean and auditallow |
|
|
|
@157
|
[157]
|
01/08/08 12:50:13 |
bwilliams |
changed secure mode to be more useful |
|
|
|
@156
|
[156]
|
01/08/08 12:26:34 |
bwilliams |
fixed bug with booleans |
|
|
|
@155
|
[155]
|
01/08/08 10:35:40 |
bwhalen |
Remove the rsh package since we don't like doing things on remote shells. |
|
|
|
@154
|
[154]
|
01/08/08 08:08:26 |
slawrence |
Fix rpm/kickstart pam differences |
|
|
|
@153
|
[153]
|
01/07/08 10:56:13 |
bwhalen |
Update this to have the baseline build structure and to actually compile … |
|
|
|
@152
|
[152]
|
01/04/08 10:01:40 |
slawrence |
Lower case CLIP user |
|
|
|
@151
|
[151]
|
01/04/08 09:39:47 |
slawrence |
More descriptive kickstart comments and additions |
|
|
|
@150
|
[150]
|
01/03/08 10:42:15 |
slawrence |
Moved STIGS into their own group |
|
|
|
@149
|
[149]
|
12/31/07 14:45:31 |
slawrence |
Changed parsing order of audio udev rules |
|
|
|
@148
|
[148]
|
12/31/07 11:07:37 |
slawrence |
Fixed audio permission stigs |
|
|
|
@147
|
[147]
|
12/31/07 11:06:54 |
slawrence |
Fixed audio permission stigs |
|
|
|
@146
|
[146]
|
12/27/07 16:10:50 |
slawrence |
STIG fixes |
|
|
|
@145
|
[145]
|
12/27/07 16:10:25 |
slawrence |
Minor kickstart fixes/comment addtions |
|
|
|
@144
|
[144]
|
12/20/07 15:02:06 |
slawrence |
Update STIGs to match those in the kickstart |
|
|
|
@143
|
[143]
|
12/20/07 14:45:14 |
slawrence |
Fixed kickstart errors |
|
|
|
@142
|
[142]
|
12/18/07 15:54:02 |
slawrence |
Fixed kickstart errors |
|
|
|
@141
|
[141]
|
12/17/07 15:27:35 |
slawrence |
Added stigs to kickstart |
