summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Bump selinux policy versionv1.27-1Nathan Straz2012-06-271-1/+1
|
* Bump version for next release and update changelogNathan Straz2012-06-271-2/+10
|
* Depend on policy.xml directlyNathan Straz2012-06-271-1/+1
|
* Update selinux policy for Fedora 17Nathan Straz2012-06-271-9/+21
|
* Add script to detect and work around some selinux policy issuesNathan Straz2012-06-272-1/+36
|
* Spotted a missing freeNathan Straz2012-04-191-0/+1
|
* Pass hints into getaddrinfoNathan Straz2012-04-191-1/+1
| | | | | Without the hints we could end up creating a non-stream socket which would cause qarsh to hang reading the packet in set_remote_user().
* Move error message and exit from signal handler.Nathan Straz2012-02-201-2/+6
|
* Check return of send_package and exit on errorNathan Straz2012-02-201-1/+6
|
* Fix exit code for connection failures.Nathan Straz2012-01-261-1/+1
|
* Don't limit instances of qarshd in xinetdNathan Straz2011-08-191-0/+1
|
* Merge branch 'ipv6' of ssh://sts-a//home/msp/djansa/src/git/qarsh into ipv6Nathan Straz2010-09-309-97/+207
|\ | | | | | | | | | | Conflicts: qarsh.c sockutil.c
| * First crack at ipv6/ipv4 agnostic qarsh/qacp.Dean Jansa2010-09-285-47/+125
| |
| * Shouldn't need to restrict btimed to IPv4 now.Dean Jansa2010-09-031-1/+0
| |
| * update btime and hbeat libs to understand ipv6 as well as ipv4.Dean Jansa2010-09-033-49/+83
| |
* | Cache last used port in bind_anyNathan Straz2010-09-291-0/+10
| | | | | | | | This way we don't try to bind to ports we already checked
* | Wait up to 30 second to establish a connectionNathan Straz2010-09-281-1/+2
| | | | | | | | | | | | The user specified time for holding a connection only. If the user uses too small a time, like if they are rebooting a node, the initial connection may fail.
* | Fix requires for selinux-policy buildNathan Straz2010-09-151-3/+3
| | | | | | | | | | These files need to be instaled before %post so mark the requirements as such.
* | Turn SELinux BuildRequires to RequiresNathan Straz2010-09-031-1/+1
| | | | | | | | | | We need these on the install system since we're building the SELinux policy at install time.
* | Remove qarshd.pp from rpm file listNathan Straz2010-08-201-2/+1
|/
* Bump version for new releasev1.26-1Nathan Straz2010-08-201-1/+6
|
* Remove pre-build selinux filesNathan Straz2010-08-201-5/+1
| | | | | These are not going to be used at all since the post-install rebuild puts it all in /etc/selinux/...
* Don't build selinux-policy during buildNathan Straz2010-08-201-4/+3
| | | | | | The policy is dynamic so should be built on the system after install since we can't guarantee that the build chroot includes the latest selinux-policy package.
* Remove use of policyhelpNathan Straz2010-08-201-7/+1
| | | | The file is gone is recent RHEL6 trees
* Allow all domains more rights to qarshd_t socketsNathan Straz2010-06-301-2/+4
| | | | | | qarshd_t sockets end up as stdin, stdout, and stderr. Some programs will fstat them to determine what they are or change flags on the file descriptor, this is ok.
* [selinux] Require makeNathan Straz2010-06-171-1/+1
| | | | Make is needed to rebuild the qarshd selinux policy.
* Set child_pid to 0 after child returnsNathan Straz2010-06-031-0/+1
| | | | This is mostly for clarity while debugging qarshd.
* Close file descriptors left open by parent processNathan Straz2010-04-281-0/+4
| | | | | | Running things in parallel with pthreads in perl can lead to file descriptor leaks which may cause hangs in qarsh.
* Only include lvm and logging parts of system policyNathan Straz2009-12-032-17/+11
| | | | | There were a lot of bad things to include in the system layer. Exclude anything with "spec" in the name.
* Add system interfaces to qarshd policyNathan Straz2009-11-302-1/+8
| | | | | This allows qarshd to make any system interface transition. Tested against selinux-policy-3.6.32-41.fc12.noarch.
* Fix warnings from rpmlintNathan Straz2009-11-241-10/+10
| | | | | - Switch to tabs on all fields - Change to valid groups
* Bump version for new releasev1.25-1Nathan Straz2009-11-201-2/+9
|
* Update bad-interfaces for Fedora 12Nathan Straz2009-11-201-17/+11
|
* Pull in all services and apps interfacesNathan Straz2009-11-194-21/+46
| | | | | | | | This isn't completely possible because some interfaces cause syntax or load errors. We need to keep a list of interfaces to filter out to get something that loads. This adds gxpp as a requirement to build qarsh.
* Clean the SELinux directory after installNathan Straz2009-10-221-0/+1
| | | | This will prevent temp files from being packaged
* Add SELinux policy for qarshdNathan Straz2009-10-226-1/+116
| | | | We generate the policy based on which services we want to test.
* Only look up local username if remote not specifiedNathan Straz2009-10-081-4/+4
| | | | | | In rare cases the getpwuid() call will fail because of a YP or LDAP timeout. If we're not using the local username we shouldn't even bother looking it up.
* Add quiet option, document exit statusNathan Straz2009-10-012-7/+16
|
* Handle growing files better in qacpNathan Straz2009-09-141-3/+19
| | | | | | Cache the results from the rstat packet and use that file size during the following sendfile so we don't send more than qacp is expecting. This should allow us to qacp root@host:/var/log/messages
* Check Makefile to make an archive from gitv1.24-2Nathan Straz2009-04-171-11/+7
|
* Fix up spec file to work with proper tarballsNathan Straz2009-04-171-8/+11
|
* Bump version for new buildv1.24-1Nathan Straz2009-04-171-1/+9
|
* [qarsh] Handle a very broken qarshdNathan Straz2009-03-271-1/+5
| | | | | | If qarshd is broken enough that it can't load libxml2.so, it won't return an XML packet which we can parse. set_remote_user() really needs to error out of we didn't get a packet back.
* [btime] Increase time to wait for responseNathan Straz2009-03-271-1/+1
| | | | | A quarter of a second may be too short for some connections. Increasing it to half a second should make it more reliable.
* [btimec] Fail if the host is downNathan Straz2009-03-271-1/+3
| | | | Make btimec return proper exit codes so it is more useful in scripts.
* [qacp] Fix improper free when connect failsNathan Straz2009-02-051-5/+5
| | | | | Freeing from the middle of an allocated string is not right. Keep a pointer to the strdup so we can free it correctly.
* [qarsh] Remove continue which could make qarsh hangNathan Straz2009-01-081-4/+0
| | | | | | | | | I don't know how, but I found one instance of qarsh looping through the pselect loop with a one second timeout. If the command has exited and the output file descriptors are all closed, we fall onto this continue which prevents us from getting to the break at the end of the loop. The only thing the continue skips over is that check which we really should check, so remove the continue.
* [qacp] Check that we have two or more pathsNathan Straz2008-12-011-1/+1
|
* Force btimed to be an IPv4 serviceNathan Straz2008-11-251-0/+1
| | | | | When we tried it out on Fedora 10, it was sending responses to IPv6 addresses and returning ENETUNREACH (Network is unreachable).
* Bump version to include pselect speedup.v1.23-1Nathan Straz2008-11-101-1/+5
|
generated by cgit (git 2.34.1) at 2024-05-03 15:51:58 +0000