mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

README: Fix markup for Preformatted text

Browse source 
Fix concatenated-multiple-lines due to lacking Markdown's linebreak markup
by wrapping it with <pre>.

Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com>
This commit is contained in:
林博仁(Buo-ren, Lin) 2018-08-26 10:47:17 +00:00
parent 657495fa55
commit f9582a1cff
1 changed files with 54 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
README.md
View file

@ -33,6 +33,7 @@ Source Layout
AppArmor consists of several different parts: AppArmor consists of several different parts:
```
binutils/ source for basic utilities written in compiled languages binutils/ source for basic utilities written in compiled languages
changehat/ source for using changehat with Apache, PAM and Tomcat changehat/ source for using changehat with Apache, PAM and Tomcat
common/ common makefile rules common/ common makefile rules
@ -43,6 +44,7 @@ parser/ source for parser/loader and corresponding documentation
profiles/ configuration files, reference profiles and abstractions profiles/ configuration files, reference profiles and abstractions
tests/ regression and stress testsuites tests/ regression and stress testsuites
utils/ high-level utilities for working with AppArmor utils/ high-level utilities for working with AppArmor
```
-------------------------------------- --------------------------------------
Important note on AppArmor kernel code Important note on AppArmor kernel code
@ -67,63 +69,82 @@ the following order. Some systems may need to export various python-related
environment variables to complete the build. For example, before building environment variables to complete the build. For example, before building
anything on these systems, use something along the lines of: anything on these systems, use something along the lines of:
```
$ export PYTHONPATH=$(realpath libraries/libapparmor/swig/python) $ export PYTHONPATH=$(realpath libraries/libapparmor/swig/python)
$ export PYTHON=/usr/bin/python3 $ export PYTHON=/usr/bin/python3
$ export PYTHON_VERSION=3 $ export PYTHON_VERSION=3
$ export PYTHON_VERSIONS=python3 $ export PYTHON_VERSIONS=python3
```
libapparmor: libapparmor:
```
$ cd ./libraries/libapparmor $ cd ./libraries/libapparmor
$ sh ./autogen.sh $ sh ./autogen.sh
$ sh ./configure --prefix=/usr --with-perl --with-python # see below $ sh ./configure --prefix=/usr --with-perl --with-python # see below
$ make $ make
$ make check $ make check
$ make install $ make install
```
[an additional optional argument to libapparmor's configure is --with-ruby, to [an additional optional argument to libapparmor's configure is --with-ruby, to
generate Ruby bindings to libapparmor.] generate Ruby bindings to libapparmor.]
Binary Utilities: Binary Utilities:
```
$ cd binutils $ cd binutils
$ make $ make
$ make check $ make check
$ make install $ make install
```
parser: parser:
```
$ cd parser $ cd parser
$ make # depends on libapparmor having been built first $ make # depends on libapparmor having been built first
$ make check $ make check
$ make install $ make install
```
Utilities: Utilities:
```
$ cd utils $ cd utils
$ make $ make
$ make check $ make check
$ make install $ make install
```
Apache mod_apparmor: Apache mod_apparmor:
```
$ cd changehat/mod_apparmor $ cd changehat/mod_apparmor
$ make # depends on libapparmor having been built first $ make # depends on libapparmor having been built first
$ make install $ make install
```
PAM AppArmor: PAM AppArmor:
```
$ cd changehat/pam_apparmor $ cd changehat/pam_apparmor
$ make # depends on libapparmor having been built first $ make # depends on libapparmor having been built first
$ make install $ make install
```
Profiles: Profiles:
```
$ cd profiles $ cd profiles
$ make $ make
$ make check # depends on the parser having been built first $ make check # depends on the parser having been built first
$ make install $ make install
```
[Note that for the parser, binutils, and utils, if you only wish to build/use [Note that for the parser, binutils, and utils, if you only wish to build/use
some of the locale languages, you can override the default by passing some of the locale languages, you can override the default by passing
@ -144,21 +165,25 @@ For details on structure and adding tests, see
tests/regression/apparmor/README. tests/regression/apparmor/README.
To run: To run:
```
$ cd tests/regression/apparmor (requires root) $ cd tests/regression/apparmor (requires root)
$ make $ make
$ sudo make tests $ sudo make tests
$ sudo bash open.sh -r # runs and saves the last testcase from open.sh $ sudo bash open.sh -r # runs and saves the last testcase from open.sh
```
Parser tests Parser tests
------------ ------------
For details on structure and adding tests, see parser/tst/README. For details on structure and adding tests, see parser/tst/README.
To run: To run:
```
$ cd parser/tst $ cd parser/tst
$ make $ make
$ make tests $ make tests
```
Libapparmor Libapparmor
----------- -----------
@ -169,13 +194,18 @@ $ make check
Utils Utils
----- -----
Tests for the Python utilities exist in the test/ subdirectory. Tests for the Python utilities exist in the test/ subdirectory.
```
$ cd utils $ cd utils
$ make check $ make check
```
The aa-decode utility to be tested can be overridden by The aa-decode utility to be tested can be overridden by
setting up environment variable APPARMOR_DECODE; e.g.: setting up environment variable APPARMOR_DECODE; e.g.:
```
$ APPARMOR_DECODE=/usr/bin/aa-decode make check $ APPARMOR_DECODE=/usr/bin/aa-decode make check
```
Profile checks Profile checks
-------------- --------------
@ -183,29 +213,44 @@ A basic consistency check to ensure that the parser and aa-logprof parse
successfully the current set of shipped profiles. The system or other successfully the current set of shipped profiles. The system or other
parser and logprof can be passed in by overriding the PARSER and LOGPROF parser and logprof can be passed in by overriding the PARSER and LOGPROF
variables. variables.
```
$ cd profiles $ cd profiles
$ make && make check $ make && make check
```
Stress Tests Stress Tests
------------ ------------
To run AppArmor stress tests: To run AppArmor stress tests:
```
$ make all $ make all
```
Use these: Use these:
```
$ ./change_hat $ ./change_hat
$ ./child $ ./child
$ ./kill.sh $ ./kill.sh
$ ./open $ ./open
$ ./s.sh $ ./s.sh
```
Or run all at once: Or run all at once:
```
$ ./stress.sh $ ./stress.sh
```
Please note that the above will stress the system so much it may end up Please note that the above will stress the system so much it may end up
invoking the OOM killer. invoking the OOM killer.
To run parser stress tests (requires /usr/bin/ruby): To run parser stress tests (requires /usr/bin/ruby):
```
$ ./stress.sh $ ./stress.sh
```
(see stress.sh -h for options) (see stress.sh -h for options)
@ -220,7 +265,10 @@ https://scan.coverity.com/download?tab=cxx to obtain a pre-built copy of
cov-build. cov-build.
To generate a compressed tarball of an intermediate Coverity directory: To generate a compressed tarball of an intermediate Coverity directory:
```
$ make coverity $ make coverity
```
The compressed tarball is written to The compressed tarball is written to
apparmor-<SNAPSHOT_VERSION>-cov-int.tar.gz, where <SNAPSHOT_VERSION> apparmor-<SNAPSHOT_VERSION>-cov-int.tar.gz, where <SNAPSHOT_VERSION>