summaryrefslogtreecommitdiff
path: root/etc/guix-daemon.cil.in
AgeCommit message (Expand)Author
2023-05-25etc: SELinux: Update policy file....Tested on Rocky Linux 9, as discussed at <https://issues.guix.gnu.org/62487>. * etc/guix-daemon.cil.in: Add rules for /gnu/store remount and file creation in /tmp. Ludovic Courtès
2022-12-23etc: SELinux: Allow init process to setattr on profile directories....* etc/guix-daemon.cil.in: Add rule. Ricardo Wurmus
2022-12-23etc: SELinux: Allow daemon to search run state directories....* etc/guix-daemon.cil.in: Import types init_var_run_t and system_dbusd_var_run_t; add rules. Ricardo Wurmus
2022-12-23etc: SELinux: Label guix-daemon executable in profile....* etc/guix-daemon.cil.in: Add file rule for "guix-daemon" in current-guix profile. Ricardo Wurmus
2022-01-26etc: Remove redundant SELinux permissions block....* etc/guix-daemon.cil.in (guix_daemon): Consolidate two blocks adding sock_file permissions on guix_daemon_conf_t. Marius Bakke
2022-01-24etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit write on guix_daemon_conf_t sock_file, necessary for garbage collection. Marius Bakke
2021-05-22etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Add more permissions, necessary for garbage collection. Marius Bakke
2020-12-10etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit file write, getattr, link and unlink for the guix_daemon_exec_t type. Marius Bakke
2020-11-27etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit more operations required for various build jobs. Marius Bakke
2020-11-26etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit file appending, setattr, read/write UDP sockets, access to tmpfs and hugetlbfs, and connecting to PostgreSQL. Marius Bakke
2020-11-25etc: Add more SELinux permissions for the daemon....This is needed for some package test suites. * etc/guix-daemon.cil.in (guix_daemon): Permit unix_dgram_socket operations. Marius Bakke
2020-11-15etc: Updates for the guix-daemon SELinux policy....* etc/guix-daemon.cil.in (guix_daemon): Specify more permissions for guix-daemon to account for daemon updates and newer SELinux. I can't promise that this is a complete list of everything that guix-daemon needs, but it's probably most of them. It can search for, install, upgrade, and remove packages, create virtual machines and containers, update itself, and so on. Signed-off-by: Marius Bakke <marius@gnu.org> Daniel Brooks
2019-09-08etc: Remove references to libexec/guix* from SELinux policy....* etc/guix-daemon.cil.in: Remove references to libexec/guix*. Ludovic Courtès
2018-02-07etc: Add SELinux policy for the daemon....* etc/guix-daemon.cil.in: New file. * Makefile.am (dist_selinux_policy_DATA): Define it. * configure.ac: Handle --with-selinux-policy-dir. * doc/guix.texi (SELinux Support): New section. Ricardo Wurmus
generated by cgit v1.2.3 (git 2.46.2) at 2024-11-09 23:42:44 +0000