aboutsummaryrefslogtreecommitdiff


 
                         
generated by
                             
                                 cgit
                             
                         

                        
 


>services/auditd.scm

/guix/commit/etc/guix-daemon.cil.in?id=f28d792719abb82cc920486e6d6f14eacc44370c'>etc: SELinux: Label guix-daemon executable in profile....* etc/guix-daemon.cil.in: Add file rule for "guix-daemon" in current-guix
profile.

AgeCommit message (Expand)Author


2020-07-27services: auditd: Provide default configuration directory....* gnu/services/auditd.scm (auditd.conf)
(%default-auditd-configuration-directory): New variables.
(<auditd-configuration>): Switch to 'define-record-type*'.
[configuration-directory]: New field.
(auditd-shepherd-service): Honor 'configuration-directory'.  Pass #:pid-file.
(auditd-service-type)[description]: Tweak.
[default-value]: Provide 'configuration-directory'.
* doc/guix.texi (Miscellaneous Services): Update docs to reflect
changes.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Robin Green


2019-06-06services: Add auditd....* gnu/services/auditd.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Miscellaneous Services): Document it.
Danny Milosavljevic
Ricardo Wurmus


2022-01-26etc: Remove redundant SELinux permissions block....* etc/guix-daemon.cil.in (guix_daemon): Consolidate two blocks adding
sock_file permissions on guix_daemon_conf_t.
Marius Bakke


2022-01-24etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit write on guix_daemon_conf_t
sock_file, necessary for garbage collection.
Marius Bakke


2021-05-22etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Add more permissions, necessary for
garbage collection.
Marius Bakke


2020-12-10etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit file write, getattr, link and
unlink for the guix_daemon_exec_t type.
Marius Bakke


2020-11-27etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit more operations required for
various build jobs.
Marius Bakke


2020-11-26etc: Add more SELinux permissions for the daemon....* etc/guix-daemon.cil.in (guix_daemon): Permit file appending, setattr,
read/write UDP sockets, access to tmpfs and hugetlbfs, and connecting to
PostgreSQL.
Marius Bakke


2020-11-25etc: Add more SELinux permissions for the daemon....This is needed for some package test suites.

* etc/guix-daemon.cil.in (guix_daemon): Permit unix_dgram_socket operations.
Marius Bakke


2020-11-15etc: Updates for the guix-daemon SELinux policy....* etc/guix-daemon.cil.in (guix_daemon): Specify more permissions for
guix-daemon to account for daemon updates and newer SELinux.

I can't promise that this is a complete list of everything that guix-daemon
needs, but it's probably most of them. It can search for, install, upgrade,
and remove packages, create virtual machines and containers, update itself,
and so on.

Signed-off-by: Marius Bakke <marius@gnu.org>
Daniel Brooks