Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add new data packet type | Nathan Straz | 2013-09-11 | 2 | -1/+98 |
| | |||||
* | Send all server side error messages to stderr | Nathan Straz | 2013-09-11 | 3 | -28/+28 |
| | | | | This should get sent to the journal or syslog | ||||
* | Remove last bits of XML dependencies | Nathan Straz | 2013-09-11 | 3 | -21/+10 |
| | |||||
* | Convert packet parsing | Nathan Straz | 2013-09-11 | 3 | -198/+120 |
| | |||||
* | Rewrite qptostr to store binary bits into an existing buffer | Nathan Straz | 2013-09-11 | 3 | -137/+122 |
| | |||||
* | Start by adding a packet size to the existing protocol | Nathan Straz | 2013-09-11 | 2 | -10/+64 |
| | |||||
* | Move to a new port for the new protocol | Nathan Straz | 2013-09-11 | 7 | -7/+7 |
| | | | | I don't see any way to coexist with the old "protocol" | ||||
* | Catch errors in both make commands | Nathan Straz | 2013-08-27 | 1 | -17/+63 |
| | | | | | Fix more errors as they are found. Takes longer to rebuild the policy, but we can start with no bad interfaces. | ||||
* | Rebuild policy in a temp directory | Nathan Straz | 2013-08-27 | 1 | -4/+16 |
| | | | | | Avoid hitting an AVC from rebuilding in the doc directory. The logs are saved if we find more bad interfaces. | ||||
* | Allow us to transition from init_t to qarshd_t | Nathan Straz | 2013-05-21 | 1 | -0/+1 |
| | |||||
* | Keep SIGPIPE working as expected | Nathan Straz | 2013-05-21 | 1 | -0/+1 |
| | | | | | It turns out the systemd maintainers thought it would be good to ignore SIGPIPE by default. I don't agree. | ||||
* | Convert to systemd socket activated services | Nathan Straz | 2013-05-14 | 8 | -41/+54 |
| | | | | | qarshd and btimed will now start directly from systemd xinetd is no longer needed | ||||
* | Fill in sequence numbers with a real sequence | Nathan Straz | 2012-12-18 | 2 | -5/+9 |
| | |||||
* | Bump version for sigprocmask fixv1.28-1 | Nathan Straz | 2012-07-19 | 1 | -1/+5 |
| | |||||
* | Restore original sigmask before exec'ing child | Nathan Straz | 2012-07-19 | 1 | -1/+3 |
| | |||||
* | The selinux Makefile is needed to build the policy | Nathan Straz | 2012-07-18 | 1 | -0/+1 |
| | |||||
* | Bump selinux policy versionv1.27-1 | Nathan Straz | 2012-06-27 | 1 | -1/+1 |
| | |||||
* | Bump version for next release and update changelog | Nathan Straz | 2012-06-27 | 1 | -2/+10 |
| | |||||
* | Depend on policy.xml directly | Nathan Straz | 2012-06-27 | 1 | -1/+1 |
| | |||||
* | Update selinux policy for Fedora 17 | Nathan Straz | 2012-06-27 | 1 | -9/+21 |
| | |||||
* | Add script to detect and work around some selinux policy issues | Nathan Straz | 2012-06-27 | 2 | -1/+36 |
| | |||||
* | Spotted a missing free | Nathan Straz | 2012-04-19 | 1 | -0/+1 |
| | |||||
* | Pass hints into getaddrinfo | Nathan Straz | 2012-04-19 | 1 | -1/+1 |
| | | | | | Without the hints we could end up creating a non-stream socket which would cause qarsh to hang reading the packet in set_remote_user(). | ||||
* | Move error message and exit from signal handler. | Nathan Straz | 2012-02-20 | 1 | -2/+6 |
| | |||||
* | Check return of send_package and exit on error | Nathan Straz | 2012-02-20 | 1 | -1/+6 |
| | |||||
* | Fix exit code for connection failures. | Nathan Straz | 2012-01-26 | 1 | -1/+1 |
| | |||||
* | Don't limit instances of qarshd in xinetd | Nathan Straz | 2011-08-19 | 1 | -0/+1 |
| | |||||
* | Merge branch 'ipv6' of ssh://sts-a//home/msp/djansa/src/git/qarsh into ipv6 | Nathan Straz | 2010-09-30 | 9 | -97/+207 |
|\ | | | | | | | | | | | Conflicts: qarsh.c sockutil.c | ||||
| * | First crack at ipv6/ipv4 agnostic qarsh/qacp. | Dean Jansa | 2010-09-28 | 5 | -47/+125 |
| | | |||||
| * | Shouldn't need to restrict btimed to IPv4 now. | Dean Jansa | 2010-09-03 | 1 | -1/+0 |
| | | |||||
| * | update btime and hbeat libs to understand ipv6 as well as ipv4. | Dean Jansa | 2010-09-03 | 3 | -49/+83 |
| | | |||||
* | | Cache last used port in bind_any | Nathan Straz | 2010-09-29 | 1 | -0/+10 |
| | | | | | | | | This way we don't try to bind to ports we already checked | ||||
* | | Wait up to 30 second to establish a connection | Nathan Straz | 2010-09-28 | 1 | -1/+2 |
| | | | | | | | | | | | | The user specified time for holding a connection only. If the user uses too small a time, like if they are rebooting a node, the initial connection may fail. | ||||
* | | Fix requires for selinux-policy build | Nathan Straz | 2010-09-15 | 1 | -3/+3 |
| | | | | | | | | | | These files need to be instaled before %post so mark the requirements as such. | ||||
* | | Turn SELinux BuildRequires to Requires | Nathan Straz | 2010-09-03 | 1 | -1/+1 |
| | | | | | | | | | | We need these on the install system since we're building the SELinux policy at install time. | ||||
* | | Remove qarshd.pp from rpm file list | Nathan Straz | 2010-08-20 | 1 | -2/+1 |
|/ | |||||
* | Bump version for new releasev1.26-1 | Nathan Straz | 2010-08-20 | 1 | -1/+6 |
| | |||||
* | Remove pre-build selinux files | Nathan Straz | 2010-08-20 | 1 | -5/+1 |
| | | | | | These are not going to be used at all since the post-install rebuild puts it all in /etc/selinux/... | ||||
* | Don't build selinux-policy during build | Nathan Straz | 2010-08-20 | 1 | -4/+3 |
| | | | | | | The policy is dynamic so should be built on the system after install since we can't guarantee that the build chroot includes the latest selinux-policy package. | ||||
* | Remove use of policyhelp | Nathan Straz | 2010-08-20 | 1 | -7/+1 |
| | | | | The file is gone is recent RHEL6 trees | ||||
* | Allow all domains more rights to qarshd_t sockets | Nathan Straz | 2010-06-30 | 1 | -2/+4 |
| | | | | | | qarshd_t sockets end up as stdin, stdout, and stderr. Some programs will fstat them to determine what they are or change flags on the file descriptor, this is ok. | ||||
* | [selinux] Require make | Nathan Straz | 2010-06-17 | 1 | -1/+1 |
| | | | | Make is needed to rebuild the qarshd selinux policy. | ||||
* | Set child_pid to 0 after child returns | Nathan Straz | 2010-06-03 | 1 | -0/+1 |
| | | | | This is mostly for clarity while debugging qarshd. | ||||
* | Close file descriptors left open by parent process | Nathan Straz | 2010-04-28 | 1 | -0/+4 |
| | | | | | | Running things in parallel with pthreads in perl can lead to file descriptor leaks which may cause hangs in qarsh. | ||||
* | Only include lvm and logging parts of system policy | Nathan Straz | 2009-12-03 | 2 | -17/+11 |
| | | | | | There were a lot of bad things to include in the system layer. Exclude anything with "spec" in the name. | ||||
* | Add system interfaces to qarshd policy | Nathan Straz | 2009-11-30 | 2 | -1/+8 |
| | | | | | This allows qarshd to make any system interface transition. Tested against selinux-policy-3.6.32-41.fc12.noarch. | ||||
* | Fix warnings from rpmlint | Nathan Straz | 2009-11-24 | 1 | -10/+10 |
| | | | | | - Switch to tabs on all fields - Change to valid groups | ||||
* | Bump version for new releasev1.25-1 | Nathan Straz | 2009-11-20 | 1 | -2/+9 |
| | |||||
* | Update bad-interfaces for Fedora 12 | Nathan Straz | 2009-11-20 | 1 | -17/+11 |
| | |||||
* | Pull in all services and apps interfaces | Nathan Straz | 2009-11-19 | 4 | -21/+46 |
| | | | | | | | | This isn't completely possible because some interfaces cause syntax or load errors. We need to keep a list of interfaces to filter out to get something that loads. This adds gxpp as a requirement to build qarsh. |