summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add new data packet typeNathan Straz2013-09-112-1/+98
|
* Send all server side error messages to stderrNathan Straz2013-09-113-28/+28
| | | | This should get sent to the journal or syslog
* Remove last bits of XML dependenciesNathan Straz2013-09-113-21/+10
|
* Convert packet parsingNathan Straz2013-09-113-198/+120
|
* Rewrite qptostr to store binary bits into an existing bufferNathan Straz2013-09-113-137/+122
|
* Start by adding a packet size to the existing protocolNathan Straz2013-09-112-10/+64
|
* Move to a new port for the new protocolNathan Straz2013-09-117-7/+7
| | | | I don't see any way to coexist with the old "protocol"
* Catch errors in both make commandsNathan Straz2013-08-271-17/+63
| | | | | Fix more errors as they are found. Takes longer to rebuild the policy, but we can start with no bad interfaces.
* Rebuild policy in a temp directoryNathan Straz2013-08-271-4/+16
| | | | | Avoid hitting an AVC from rebuilding in the doc directory. The logs are saved if we find more bad interfaces.
* Allow us to transition from init_t to qarshd_tNathan Straz2013-05-211-0/+1
|
* Keep SIGPIPE working as expectedNathan Straz2013-05-211-0/+1
| | | | | It turns out the systemd maintainers thought it would be good to ignore SIGPIPE by default. I don't agree.
* Convert to systemd socket activated servicesNathan Straz2013-05-148-41/+54
| | | | | qarshd and btimed will now start directly from systemd xinetd is no longer needed
* Fill in sequence numbers with a real sequenceNathan Straz2012-12-182-5/+9
|
* Bump version for sigprocmask fixv1.28-1Nathan Straz2012-07-191-1/+5
|
* Restore original sigmask before exec'ing childNathan Straz2012-07-191-1/+3
|
* The selinux Makefile is needed to build the policyNathan Straz2012-07-181-0/+1
|
* Bump selinux policy versionv1.27-1Nathan Straz2012-06-271-1/+1
|
* Bump version for next release and update changelogNathan Straz2012-06-271-2/+10
|
* Depend on policy.xml directlyNathan Straz2012-06-271-1/+1
|
* Update selinux policy for Fedora 17Nathan Straz2012-06-271-9/+21
|
* Add script to detect and work around some selinux policy issuesNathan Straz2012-06-272-1/+36
|
* Spotted a missing freeNathan Straz2012-04-191-0/+1
|
* Pass hints into getaddrinfoNathan Straz2012-04-191-1/+1
| | | | | Without the hints we could end up creating a non-stream socket which would cause qarsh to hang reading the packet in set_remote_user().
* Move error message and exit from signal handler.Nathan Straz2012-02-201-2/+6
|
* Check return of send_package and exit on errorNathan Straz2012-02-201-1/+6
|
* Fix exit code for connection failures.Nathan Straz2012-01-261-1/+1
|
* Don't limit instances of qarshd in xinetdNathan Straz2011-08-191-0/+1
|
* Merge branch 'ipv6' of ssh://sts-a//home/msp/djansa/src/git/qarsh into ipv6Nathan Straz2010-09-309-97/+207
|\ | | | | | | | | | | Conflicts: qarsh.c sockutil.c
| * First crack at ipv6/ipv4 agnostic qarsh/qacp.Dean Jansa2010-09-285-47/+125
| |
| * Shouldn't need to restrict btimed to IPv4 now.Dean Jansa2010-09-031-1/+0
| |
| * update btime and hbeat libs to understand ipv6 as well as ipv4.Dean Jansa2010-09-033-49/+83
| |
* | Cache last used port in bind_anyNathan Straz2010-09-291-0/+10
| | | | | | | | This way we don't try to bind to ports we already checked
* | Wait up to 30 second to establish a connectionNathan Straz2010-09-281-1/+2
| | | | | | | | | | | | The user specified time for holding a connection only. If the user uses too small a time, like if they are rebooting a node, the initial connection may fail.
* | Fix requires for selinux-policy buildNathan Straz2010-09-151-3/+3
| | | | | | | | | | These files need to be instaled before %post so mark the requirements as such.
* | Turn SELinux BuildRequires to RequiresNathan Straz2010-09-031-1/+1
| | | | | | | | | | We need these on the install system since we're building the SELinux policy at install time.
* | Remove qarshd.pp from rpm file listNathan Straz2010-08-201-2/+1
|/
* Bump version for new releasev1.26-1Nathan Straz2010-08-201-1/+6
|
* Remove pre-build selinux filesNathan Straz2010-08-201-5/+1
| | | | | These are not going to be used at all since the post-install rebuild puts it all in /etc/selinux/...
* Don't build selinux-policy during buildNathan Straz2010-08-201-4/+3
| | | | | | The policy is dynamic so should be built on the system after install since we can't guarantee that the build chroot includes the latest selinux-policy package.
* Remove use of policyhelpNathan Straz2010-08-201-7/+1
| | | | The file is gone is recent RHEL6 trees
* Allow all domains more rights to qarshd_t socketsNathan Straz2010-06-301-2/+4
| | | | | | qarshd_t sockets end up as stdin, stdout, and stderr. Some programs will fstat them to determine what they are or change flags on the file descriptor, this is ok.
* [selinux] Require makeNathan Straz2010-06-171-1/+1
| | | | Make is needed to rebuild the qarshd selinux policy.
* Set child_pid to 0 after child returnsNathan Straz2010-06-031-0/+1
| | | | This is mostly for clarity while debugging qarshd.
* Close file descriptors left open by parent processNathan Straz2010-04-281-0/+4
| | | | | | Running things in parallel with pthreads in perl can lead to file descriptor leaks which may cause hangs in qarsh.
* Only include lvm and logging parts of system policyNathan Straz2009-12-032-17/+11
| | | | | There were a lot of bad things to include in the system layer. Exclude anything with "spec" in the name.
* Add system interfaces to qarshd policyNathan Straz2009-11-302-1/+8
| | | | | This allows qarshd to make any system interface transition. Tested against selinux-policy-3.6.32-41.fc12.noarch.
* Fix warnings from rpmlintNathan Straz2009-11-241-10/+10
| | | | | - Switch to tabs on all fields - Change to valid groups
* Bump version for new releasev1.25-1Nathan Straz2009-11-201-2/+9
|
* Update bad-interfaces for Fedora 12Nathan Straz2009-11-201-17/+11
|
* Pull in all services and apps interfacesNathan Straz2009-11-194-21/+46
| | | | | | | | This isn't completely possible because some interfaces cause syntax or load errors. We need to keep a list of interfaces to filter out to get something that loads. This adds gxpp as a requirement to build qarsh.
generated by cgit (git 2.34.1) at 2024-09-20 21:28:59 +0000