of EACCESS when an unconfined process calls changehat. This enables
applications using the changehat api to detect that the application
is not confined so probing for a matching hat can be aborted.
Also add some history to the changelog in the specfile, clean up some
whitespace issues, eliminate no longer needed bogus LC_MESSAGES dir to
work around SUSE autobuild, seems to have been addressed.
by naming the directory (e.g. #include </etc/apparmor.d/abstractions>).
It will skip over dotfiles and as well as subdirectories. It is intended
to make scripting and packaging easier, as the including profile will
not need to know explicitly all of the names to include.
Long term, rather than hardcode that dotfiles will be skipped, it should
be configurable via /etc/apparmor.d/subdomain what patterns of files
should be skipped; genprof/logprof should also honor this setting. The
code could be reused as I'd like to make the parser just take a directory
on the command line rather than being fed profiles one at a time; again
it would skip files based on these same patterns.
This patch also eliminates some dead code in the include processing, as
well as replaces a couple of undersized fixed-size buffer (PATH_MAX is
4095 on linux, buffer is not overflowable due to use of strncpy/snprintf)
with dynamically allocated ones.
directories). It also disables the longpath test (after locking up
another machine from running it), but adds a 'make alltests' target
which will run all the tests plus that one (and any others defined in
the RISKY_TESTS variable.)
pam_apparmor and here's a patch to address most of them--
* header comment was incorrect
* use pam_get_user() instead of pam_get_item()
* return an error if we're unable to change to the DEFAULT hat
In addition, this has a fix to make sure that the magic token we read
from /dev/urandom is not null (which would cause the hat probing to fail
if we need to fall back to the DEFAULT hat).
if necessary. Currently used to suppress warnings about unsafe/unfiltered
environment 'u' exec transitions.
[Corresponds to rev 6415 in the old svn repo]
This commit adds a test that checks to see if exec unconfined -->
confined requires any access to the binary being run confined. Current
behavior is that it does not.
the old svn tree.]
This patch adds tests to verify the environment filtering done in the Px
and Ux cases. It tests the environment from both an elf executable and
from a shell script. Also verifies that with the apparmor module loaded,
environment filtering on setuid apps still happens.
Relicense file to GPL (don't know why it wasn't caught originally). Made
it look in the right location, but doesn't appear to function -- I don't
know if that's due to language changes or if it ever worked. Seth Arnold
will need to comment.
