SELinux - Date Index
[Prev Page][Next Page]
- Re: [PATCH v3 2/7] userns: Simpilify MNT_NODEV handling.
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH v3 5/7] fs: Treat foreign mounts as nosuid
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH v3 6/7] Smack: Add support for unprivileged mounts from user namespaces
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- http process running as initrc_t
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- [PATCH v3 7/7] selinux: Add support for unprivileged mounts from user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v3 6/7] Smack: Add support for unprivileged mounts from user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v3 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v3 5/7] fs: Treat foreign mounts as nosuid
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v3 4/7] fs: Limit file caps to the user namespace of the super block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v3 3/7] fs: Verify access of user towards block device file when mounting
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v3 2/7] userns: Simpilify MNT_NODEV handling.
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v3 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: ftruncate triggering open denial
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: ftruncate triggering open denial
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- ftruncate triggering open denial
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- remove unconfined user
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: Neverallow in http policy
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: Neverallow in http policy
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: Neverallow in http policy
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Neverallow in http policy
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: [PATCH v2] libsepol/cil: improve recursion detection
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [RFC PATCH] libselinux: Add selabel_digest function
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH v2] libsepol/cil: improve recursion detection
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH] libsepol/cil: improve recursion detection
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] libsepol/cil: improve recursion detection
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH] libsepol/cil: improve recursion detection
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Free memory when processing media and x specfiles
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix mmap memory release for file labeling
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: Free memory when processing media and x specfiles
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] libselinux: Fix mmap memory release for file labeling
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] libsepol/cil: improve recursion detection
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: Policy disable error
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Policy disable error
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: secilc: segfault on what should be "Recursive block call found"?
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: segfault on what should be "Recursive block call found"?
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: secilc: segfault on what should be "Recursive block call found"?
- From: Dominick Grift <dac.override@xxxxxxxxx>
- secilc: segfault on what should be "Recursive block call found"?
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Can I change default policy from targeted to minimum
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Can I change default policy from targeted to minimum
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Can I change default policy from targeted to minimum
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Can I change default policy from targeted to minimum
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Can I change default policy from targeted to minimum
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: [PATCH] libsepol/cil: Fix uninitialized false positive in cil_binary
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] libsepol/cil: Provide error if classperms are empty
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] libsepol/cil: Add userattribute{set} functionality
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: Can I change default policy from targeted to minimum
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Can I change default policy from targeted to minimum
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- [PATCH] libsepol/cil: Fix uninitialized false positive in cil_binary
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH] libsepol/cil: Provide error if classperms are empty
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH] libsepol/cil: Add userattribute{set} functionality
- From: Dominick Grift <dac.override@xxxxxxxxx>
- RE: [PATCH] libsepol/cil: Add userattribute{set} functionality
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH] libsepol/cil: Add userattribute{set} functionality
- From: Dominick Grift <dac.override@xxxxxxxxx>
- [PATCH] libsepol/cil: Add userattribute{set} functionality
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH] libsepol/cil: fix blockinherit copying segfault and add macro restrictions
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] libsepol/cil: fix blockinherit copying segfault and add macro restrictions
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: secilc: in segfault
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: in segfault
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] libsepol/cil: fix NULL pointer dereference when copying classpermission/set
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] libsepol/cil: fix NULL pointer dereference when copying classpermission/set
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: secilc: any idea why this commit causes secilc to segfault?
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: No http boolean
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: any idea why this commit causes secilc to segfault?
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- secilc: any idea why this commit causes secilc to segfault?
- From: Dominick Grift <dac.override@xxxxxxxxx>
- No http boolean
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: 答复: got some problems with the type_transition rules
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [RFC PATCH] libselinux: Add selabel_digest function
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: Not able to enter root after enabling selinux
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- Not able to enter root after enabling selinux
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- 答复: got some problems with the type_transition rules
- From: kuangjiou <kuangjiou@xxxxxxxxxx>
- Re: got some problems with the type_transition rules
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: got some problems with the type_transition rules
- From: kuangjiou <kuangjiou@xxxxxxxxxx>
- Re: got some problems with the type_transition rules
- From: Dominick Grift <dac.override@xxxxxxxxx>
- got some problems with the type_transition rules
- From: kuangjiou <kuangjiou@xxxxxxxxxx>
- Re: Enable user_xattr - Selinux failing
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Enable user_xattr - Selinux failing
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: Enable user_xattr - Selinux failing
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Enable user_xattr - Selinux failing
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: Enable user_xattr - Selinux failing
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Enable user_xattr - Selinux failing
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: Enable user_xattr - Selinux failing
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Enable user_xattr - Selinux failing
- From: Divya Vyas <dvyas@xxxxxxxxxx>
- Re: [PATCH] libsemanage: save homedir_template in the policy store for genhomedircon
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH] libsemanage: store users_extra in the policy store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libsemanage: store users_extra in the policy store
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH] libsemanage: save homedir_template in the policy store for genhomedircon
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH] libsemanage: save homedir_template in the policy store for genhomedircon
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libsemanage: save homedir_template in the policy store for genhomedircon
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: in segfault
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: secilc: in segfault
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- bug: homedir fcontexts disappear when flipping a boolean
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- secilc: in segfault
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH v2 2/3] libsepol/cil: add ioctl whitelist support
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [PATCH v2 2/3] libsepol/cil: add ioctl whitelist support
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH v2 2/3] libsepol/cil: add ioctl whitelist support
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH v2 2/3] libsepol/cil: add ioctl whitelist support
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH v2 2/3] libsepol/cil: add ioctl whitelist support
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Austin S Hemmelgarn <ahferroin7@xxxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: Eric Paris <eparis@xxxxxxxxxx>
- Re: Linux Firmware Signing
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: Linux Firmware Signing
- From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- RE: Linux Firmware Signing
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: Linux Firmware Signing
- From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: [PATCH] libselinux: simplify procattr cache
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH] libselinux: simplify procattr cache
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH v2 3/3] secilc: Add documentation/examples for allowx, auditallowx, dontauditx, and permissionx
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- [PATCH v2 0/3] Add CIL extended avrule & ioctl whitelist support
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH] libselinux: simplify procattr cache
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- [PATCH v2 1/3] libsepol: fix memory leak when destroying avtab containing extended avrules
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH] libselinux: simplify procattr cache
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH 2/3] libsepol/cil: add ioctl whitelist support
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 1/3] libsepol: fix memory leak when destroying avtab containing extended avrules
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 2/3] libsepol/cil: add ioctl whitelist support
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH 3/3] secilc: Add documentation for allowx, auditallowx, dontauditx, and permissionx
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH 1/3] libsepol: fix memory leak when destroying avtab containing extended avrules
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH 0/3] Add CIL extended avrule & ioctl whitelist support
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- RE: Linux Firmware Signing
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: Linux Firmware Signing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "David Woodhouse" <dwmw2@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Nick Kralevich <nnk@xxxxxxxxxx>
- Re: My notes on the 2015 Linux Security Summit
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: My notes on the 2015 Linux Security Summit
- From: Dominick Grift <dac.override@xxxxxxxxx>
- My notes on the 2015 Linux Security Summit
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: [PATCH] libsepol: create new keys with copy of 'name' variable
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH] policycoreutils: audit2* - ignore setlocale errors
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: get pywrap depends on selinux.py
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Add policy context validation to sefcontext_compile
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libsepol: create new keys with copy of 'name' variable
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] libsepol: create new keys with copy of 'name' variable
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- [PATCH] policycoreutils: audit2* - ignore setlocale errors
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v2 2/7] userns: Simpilify MNT_NODEV handling.
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: auditing kdbus service names
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
- 答复: selinux mls/mcs rang modify
- From: rowan <rowanPang_selinux@xxxxxxxxxxx>
- question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- [GIT PULL] SELinux patches for 4.3
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: auditing kdbus service names
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- Re: selinux mls/mcs rang modify
- From: Dominick Grift <dac.override@xxxxxxxxx>
- [PATCH] libselinux: get pywrap depends on selinux.py
- From: <wenzong.fan@xxxxxxxxxxxxx>
- selinux mls/mcs rang modify
- From: rowan <rowanPang_selinux@xxxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: auditing kdbus service names
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- [PATCH] libselinux: Add policy context validation to sefcontext_compile
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: auditing kdbus service names
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: [PATCH v2 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: Incorrect check in pam_rootok
- From: Tomas Mraz <tmraz@xxxxxxxxxx>
- Incorrect check in pam_rootok
- From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
- auditing kdbus service names
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- 答复: How do you relabel all SELinux file contexts of an offline system's file system?
- From: rowan <rowanPang_selinux@xxxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH] libselinux: do not treat an empty file_contexts(.local) as an error
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- [PATCH] libselinux: fail hard on invalid property_contexts entries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: fail hard on invalid file_contexts entries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: support context validation on file_contexts.bin
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v2 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH v2 2/3] libsemanage: Fix null pointer dereference in semanage_module_key_destroy
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH v2 1/3] libsemanage: Add ability to extract modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH v2 0/3] Add support for extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libselinux: test for file_contexts.bin format
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: convert cmp functions to key functions
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: Decode output from Popen in Python3
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: add selabel_cmp interface and label_file backend
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] sepolgen: convert cmp functions to key functions
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH] sepolgen: Decode output from Popen in Python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- [PATCH] libselinux: support specifying file_contexts.bin file path
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: support file_contexts.bin without file_contexts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] semanage_migrate_store: add -r <root> option for migrating inside chroots
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libsepol: Replace sscanf in module_to_cil
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: m4 synclines always 1?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- m4 synclines always 1?
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: secilc bug
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH] policycoreutils: Comment constraint rules in audit2allow and sepolgen output
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] checkpolicy: fix double free on name-based type transitions
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Android checkpolicy crash
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Android checkpolicy crash
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v3 04/11] lsm: inode_pre_setxattr hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH v3 05/11] smack: extend capability functions and fix 2 checks
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 04/11] lsm: inode_pre_setxattr hook
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 03/11] lsm: add file opener's cred to a setprocattr arguments
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Does it matter where .cil modules are build.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Colin Walters <walters@xxxxxxxxxx>
- [PATCH] policycoreutils: Comment constraint rules in audit2allow and sepolgen output
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- [PATCH] semanage_migrate_store: add -r <root> option for migrating inside chroots
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Serge Hallyn <serge.hallyn@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Android checkpolicy crash
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH] policycoreutils/semanage: improve compatibility with Python 3 in seobject.py
- From: Michal Srb <msrb@xxxxxxxxxx>
- Re: [PATCH] policycoreutils/semanage: improve compatibility with Python 3 in seobject.py
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- [PATCH] policycoreutils/semanage: improve compatibility with Python 3 in seobject.py
- From: Michal Srb <msrb@xxxxxxxxxx>
- Improve Python 3 support in policycoreutils/semanage/seobject.py
- From: Michal Srb <msrb@xxxxxxxxxx>
- Re: [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v2] libsepol: Replace sscanf in module_to_cil
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 1/3] libsemanage: Add ability to extract modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 0/3] Add support for extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 2/3] libsemanage: Fix null pointer dereference in semanage_module_key_destroy
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- RE: [PATCH 1/2] libselinux: generalize read_spec_entries for any delimiter
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH 1/2] libselinux: generalize read_spec_entries for any delimiter
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 2/2] libsepol: Replace sscanf in module_to_cil
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 1/2] libselinux: generalize read_spec_entries for any delimiter
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 0/2] Generalize tokenizer and remove sscanf calls from libsepol
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH v3 03/11] lsm: add file opener's cred to a setprocattr arguments
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 00/11] Smack namespace
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 10/11] smack: namespace implementation
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 07/11] smack: abstraction layer for 2 common Smack operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 09/11] smack: namespace groundwork
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 08/11] smack: misc cleanups in preparation for a namespace patch
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 05/11] smack: extend capability functions and fix 2 checks
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 04/11] lsm: inode_pre_setxattr hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: Trouble building a .cil policy from scratch.
- From: Dan <dtdevore64@xxxxxxxxx>
- [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: Trouble building a .cil policy from scratch.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Trouble building a .cil policy from scratch.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Austin S Hemmelgarn <ahferroin7@xxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libsepol/cil: Improve resolution error messages
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
- Re: [PATCH 3/4] policycoreutils/semanage: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH] policycoreutils: semanage: fix moduleRecords deleteall method
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libsemanage: Add file_contexts and seusers to the store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 3/4] policycoreutils/semanage: improve compatibility with Python 3
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libsemanage: Add file_contexts and seusers to the store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Improve Python 3 support in policycoreutils
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libsemanage: Add file_contexts and seusers to the store
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: bfields@xxxxxxxxxxxx (J. Bruce Fields)
- [PATCH 4/4] policycoreutils/scripts: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH 3/4] policycoreutils/semanage: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH 2/4] policycoreutils/sandbox: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH 1/4] policycoreutils/audit2allow: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- Improve Python 3 support in policycoreutils
- From: Michal Srb <msrb@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Colin Walters <walters@xxxxxxxxxx>
- [PATCH] libselinux: simplify procattr cache
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Michal Srb <msrb@xxxxxxxxxx>
- [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- RE: Restricting samba to only talk to one network interface?
- From: Colin Powers <Colin.Powers@xxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 4/7] fs: Treat foreign mounts as nosuid
- From: Nikolay Borisov <n.borisov@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Restricting samba to only talk to one network interface?
- From: Colin Powers <Colin.Powers@xxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH 06/11] sepolgen: Replace usage of __cmp__ with rich comparison.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 06/11] sepolgen: Replace usage of __cmp__ with rich comparison.
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] Set self.sename to sename after calling semanage_seuser_set_sename()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libsepol: fix policydb_read for policy versions < 24
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Trouble building secilc compiler
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Trouble building secilc compiler
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 7/7] smack: Don't use security labels for user namespace mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH 7/7] smack: Don't use security labels for user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 4/7] fs: Treat foreign mounts as nosuid
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 5/7] security: Restrict security attribute updates for userns mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 2/7] userns: Simpilify MNT_NODEV handling.
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 11/11] sepolgen: Edit tests so they pass even on Python3 where hash is random.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 09/11] sepolgen: Apply fixes discovered by 2to3 where needed.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 10/11] sepolgen: Close files after reading/writing in tests.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 08/11] sepolgen: Replace usage of xrange inside of tests.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 07/11] sepolgen: Replace usage of attributes of types module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 06/11] sepolgen: Replace usage of __cmp__ with rich comparison.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 05/11] sepolgen: Unicode-objects must be encoded before hashing.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 04/11] sepolgen: Use sort function with key parameter.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 02/11] sepolgen: Use relative imports for modules within sepolgen.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 03/11] sepolgen: Replace func_code calls with __code__.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 01/11] sepolgen: Replace deprecated *Equals functions in tests
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [no subject]
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [PATCH v2] Currently, jobs run by at are run in the crond_t domain and not transitioned outside of it.
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: executing off of a fusefs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- [PATCH] Set self.sename to sename after calling semanage_seuser_set_sename()
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- [PATCH] selinux-testsuite: ipsec-load: Derive state context from current context.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: enable running new tests on RHEL6/7
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: Clean up prerequisites/dependencies.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Eric Paris <eparis@xxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: move unix_socket and mmmap tests out of SUBDIRS_COMMON
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: semanage: TypeError: cannot concatenate 'str' and 'NoneType' objects
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: semanage: TypeError: cannot concatenate 'str' and 'NoneType' objects
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] sepolgen: add support for python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Eric Paris <eparis@xxxxxxxxxx>
- [PATCH v2] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- Re: [PATCH] Explicitly declare the role "base_r"
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- SELinux tree updates
- From: Paul Moore <pmoore@xxxxxxxxxx>
- [PATCH] selinux-testsuite: update for mprotect PROT_EXEC regression fix
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [GIT PULL] SELinux fixes for 4.2 (#2)
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Add const to selinux_opt for label backends.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: executing off of a fusefs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: Add const to selinux_opt for label backends.
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- RE: executing off of a fusefs
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: executing off of a fusefs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: executing off of a fusefs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- [GIT PULL] SELinux fixes for 4.2
- From: Paul Moore <pmoore@xxxxxxxxxx>
- executing off of a fusefs
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: [PATCH] Add SELinux support to run jobs in the proper domain
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- Re: [PATCH] Fix typo in semanage args for minimum policy store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] Add SELinux support to run jobs in the proper domain
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: [PATCH] Fix typo in semanage args for minimum policy store
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH] Fix typo in semanage args for minimum policy store
- From: Dominick Grift <dac.override@xxxxxxxxx>
- [PATCH] Fix typo in semanage args for minimum policy store
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: unix_socket: Add tests for file namespace.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <stephen.smalley@xxxxxxxxx>
- Re: [PATCH] Explicitly declare the role "base_r"
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] Explicitly declare the role "base_r"
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- [PATCH] selinux-testsuite: Add tests for mmap/mprotect
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH v2] libsemanage: Add policy binary and file_contexts.local to the store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH v2] libsemanage: Add policy binary and file_contexts.local to the store
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH] libsemanage: Add policy binary and file_contexts.local to the store
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH] libsemanage: Add policy binary and file_contexts.local to the store
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH] libselinux: Fix file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] libselinux: Fix file labels for regexes with metachars
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH] selinux: don't waste ebitmap space when importing NetLabel categories
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: type inheritance in CIL
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: type inheritance in CIL
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: type inheritance in CIL
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: type inheritance in CIL
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: type inheritance in CIL
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: type inheritance in CIL
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: type inheritance in CIL
- From: Dominick Grift <dac.override@xxxxxxxxx>
- type inheritance in CIL
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: [PATCH V2] libselinux: Fix if file_contexts not '\n' terminated
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH V2] libselinux: Fix if file_contexts not '\n' terminated
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: Add a ToDo list.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: add secmark tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix if file_contexts not '\n' terminated
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: Fix if file_contexts not '\n' terminated
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: add labeled ipsec tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: Add tests for name_bind/node_bind/name_connect.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] Allow to use compressed modules without a compression extension
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH] Allow to use compressed modules without a compression extension
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- [PATCH v3] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: Add tests for name_bind/node_bind/name_connect.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH v2] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: [PATCH] libselinux: Correctly handle an empty file_contexts file.
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: [PATCH 00/10 v3] Improve libsepol and CIL neverallow and bounds checking
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] libselinux: Correctly handle an empty file_contexts file.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: libselinux equivalent of restorecon -F
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 10/10 v3] secilc: Add a CIL policy file to test bounds checking.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 09/10 v3] secilc: Add a CIL policy file to test neverallow checking.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 08/10 v3] libsepol/cil: Add CIL bounds checking and reporting.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 07/10 v3] libsepol/cil: Track number of classes and number of types and attributes.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 06/10 v3] libsepol/cil: Refactored CIL neverallow checking and reporting.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 05/10 v3] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- libselinux equivalent of restorecon -F
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: NFS
- From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
- Re: NFS
- From: Andrew Holway <andrew.holway@xxxxxxxxxxxxxxxx>
- Re: [PATCH 04/10 v3] libsepol: Refactored bounds (hierarchy) checking code
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: NFS
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 03/10 v3] libsepol: Refactored neverallow checking.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- NFS
- From: Andrew Holway <andrew.holway@xxxxxxxxxxxxxxxx>
- Re: [PATCH 02/10 v3] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 01/10 v3] libsepol: Add new ebitmap function named ebitmap_match_any()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 10/10 v3] secilc: Add a CIL policy file to test bounds checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 08/10 v3] libsepol/cil: Add CIL bounds checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 09/10 v3] secilc: Add a CIL policy file to test neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 06/10 v3] libsepol/cil: Refactored CIL neverallow checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 04/10 v3] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 05/10 v3] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 07/10 v3] libsepol/cil: Track number of classes and number of types and attributes.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 03/10 v3] libsepol: Refactored neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 02/10 v3] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 01/10 v3] libsepol: Add new ebitmap function named ebitmap_match_any()
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 00/10 v3] Improve libsepol and CIL neverallow and bounds checking
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] selinux: Augment BUG_ON assertion for secclass_map.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: initialize sock security class to default value
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3] selinux: reduce locking overhead in inode_free_security()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/8] SELinux: Stub in copy-up handling
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 6/8] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Linux Kernel Development]
