mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
1140 commits 23 branches 109 tags 32 MiB
Commit graph

1140 commits

This branch
This branch
All branches
Author SHA1 Message Date
John Johansen
100ff7cabb Update to allow external hats by specifying the hat keyword in front of 
the profile name.
 2008-06-09 12:00:42 +00:00
John Johansen
d8df8830f1 add hat flag and add it automatically for embedded hats 
remove hat rules
 2008-06-09 11:48:13 +00:00
John Johansen
8420935617 add hat flag to profiles, and test for it in change_hat 2008-06-09 11:47:21 +00:00
John Johansen
5655293cf8 oops, fix the rlimit table size test 2008-06-09 10:15:31 +00:00
John Johansen
303721fca2 - Fix rlimits to work when user space passes in fewer rlimits than the number 
of rlimits supported by the kernel.
- remove hat rules
- add hat flag for each profile
- fix apparmorfs profile listing code.  Used to only return the first
  80 or so profiles, and then refuse to output more
 2008-06-09 10:12:23 +00:00
John Johansen
8f13e0d60d - fix rcapparmor stop. Have it dump the loaded profile list to a file before 
removing profiles, as the list is unstable after additions or removals.
- Add the ability to loaded precompiled policy by specifying the -B
  option, which can be combined with --add or --replace
 2008-06-09 10:00:28 +00:00
John Johansen
0c95606e03 let the parser add the change_hat rule 2008-06-08 09:32:12 +00:00
John Johansen
3b11aa9050 Remove hat rules. In large policies the number of hat rules becomes 
problematic, hat rules can be replaced with simple hat flag on a profile.
 2008-06-08 09:02:27 +00:00
John Johansen
b2f4863231 Fix to stop leaking the dfa ruleset. On large policies containing lots of 
hats this will result in a marked improvement on memory usage.
 2008-06-08 08:56:37 +00:00
John Johansen
aa0b2030c7 add missing for 2008-06-04 11:36:13 +00:00
John Johansen
be495f2125 fix 
- rc.apparmor.functions were not correctly removing profiles on replace and
  reload, also convert to using the module interface directly bypassing the
  parser.
- fix cx ->  named transitions
- fix apparmor_parser -N so that it emits hats as profiles under new kernel
  modules.  This is the correct behavior as hats are promoted to profiles.
 2008-06-04 07:24:38 +00:00
John Johansen
3897c52414 update link_subset test, to include child x 2008-06-04 05:59:11 +00:00
John Johansen
9e8c5e9914 Fix two bugs 
- rpc was failing when passing arrays because the perl is_utf8 string flag
  was set even though its only sending numbers but newer HTTP::Message
  checks for this is_utf8 and if it finds it aborts.
- fix local profiles
  local profiles were failing because
  1.) the parameters to serialize_profile were bad
  2.) the file location was not getting updated so they would get written
      back to the inactive profiles directory
 2008-06-03 21:54:55 +00:00
John Johansen
cb9f84a61e fix repository profile saving, where the name for profiles from the repository got lost on saving 2008-06-03 10:38:19 +00:00
John Johansen
838d22220a bleah finally get the config setting for default owner right 2008-06-02 09:02:09 +00:00
John Johansen
9a1f1a5689 fix not defined owner_toggle to default_owner_prompt as it should be 2008-06-01 04:59:08 +00:00
John Johansen
8d3ff10db1 Update the utils profile restrictions so that cx and named transitions can be 
used on utility programs
 2008-05-30 07:21:15 +00:00
John Johansen
787cb39f81 fix profile unloading, and make it faster by skipping the parser and going 
directly to the unload interface.  This means that the init script will no
longer run on very old versions of AppArmor (pre 2.0)
 2008-05-29 23:10:27 +00:00
John Johansen
934e00a1de commit patch provided by arekm 
- remove bashism from initscript
- fix segfault in apparmor_parser on x86-64
 2008-05-29 18:58:18 +00:00
John Johansen
8c47189e19 update names output so that profile reload works correctly with hats and local profiles 2008-05-29 06:09:34 +00:00
John Johansen
c82947b8b7 clean up kernel patch directory 2008-05-27 12:01:30 +00:00
John Johansen
b4edea623b add 2.6.24 branch 2008-05-27 11:55:58 +00:00
John Johansen
1b60c9bf8e update __d_path-keep-connected.diff to not use MS_NOUSER. add comments to head of some other patches 2008-05-27 11:44:19 +00:00
John Johansen
613471f84c fold in fix-named-transitions, update d_path-keep connected to not use MS_NOUSER 2008-05-27 11:35:44 +00:00
John Johansen
4be9cf08e7 update __d_path-keep-connected.diff 2008-05-27 11:32:19 +00:00
John Johansen
84cd045d53 exclude AF_CAN for now 2008-05-26 10:22:56 +00:00
John Johansen
516fb55d1d update translation files 2008-05-26 09:52:11 +00:00
John Johansen
4dd8db05b8 fix previous patch to allow for white space seperating profile keyword and profile name 2008-05-22 20:11:03 +00:00
John Johansen
0bd0e19f05 add desktop dir 2008-05-22 10:01:56 +00:00
John Johansen
62888cfec7 add translation files 2008-05-22 09:28:18 +00:00
John Johansen
44e22c56f9 update translations 2008-05-22 09:26:15 +00:00
John Johansen
c207df96bb allow profile name following profile keyword to be any valid name. NOTE: this breaks namespaces currently 2008-05-22 09:16:46 +00:00
John Johansen
39f20fd3b1 move old profile parsing library into deprecated 2008-05-19 22:54:06 +00:00
John Johansen
02235cc3cb move old log parsing library into deprecated 2008-05-19 22:53:08 +00:00
John Johansen
7d30be5087 move libapparmor into the libraries directory 2008-05-19 22:48:31 +00:00
John Johansen
332c5f908a make a libraries dir 2008-05-19 22:47:36 +00:00
John Johansen
4c3f1268aa move yastui to deprecated as the YaST ui is now being maintained and developed in the YaST svn 2008-05-19 22:46:34 +00:00
John Johansen
ddf2704a42 default owner_toggle to off it is not in the config file 2008-05-19 22:43:24 +00:00
John Johansen
f6824704c5 fix profile variables with no value to have empty string, as the parser doesn't support having no value yet 2008-05-07 18:38:53 +00:00
John Johansen
5eb6218708 add missing tunables file 2008-05-07 12:07:28 +00:00
John Johansen
10a2b621f4 fix initscript removal of profiles without attachment specification 2008-04-24 18:34:21 +00:00
John Johansen
51558b0b19 add missing ; to complain and enforce. copy fix over to audit 2008-04-24 18:24:02 +00:00
John Johansen
fe9ae3968b - d_path path fix 
-  remove use of fgetattr
-  fix named transitions
 2008-04-24 17:31:08 +00:00
John Johansen
cbdea9c7c2 Add new exec modes and many bug fixes 2008-04-24 16:05:33 +00:00
John Johansen
d4856f9680 latest version of the patches, updated off of 2.6.25 dev 2008-04-19 23:08:39 +00:00
John Johansen
8c5f77c4bd Add AppArmor 2.3 kernel patches for 2.6.25 2008-04-19 17:49:10 +00:00
John Johansen
d85344df63 add support for user rules 2008-04-18 21:16:15 +00:00
John Johansen
3db6bd6c54 more audit support. file rules this time 2008-04-18 21:10:25 +00:00
John Johansen
fe5a2b35ee remap includes to do {}{} link the profiles use {profile}{profile} 2008-04-18 21:09:53 +00:00
John Johansen
e06d1bf84b add support for audit keyword 2008-04-18 21:09:05 +00:00