mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
7734 commits 23 branches 109 tags 32 MiB
Commit graph

7734 commits

This branch
This branch
All branches
Author SHA1 Message Date
John Johansen
c231a42cf4 add apparmor patches for kernels 2.6.16, 2.6.17, 2.6.18 2006-09-28 20:25:18 +00:00
Steve Beattie
84a0136a88 Add a new testcase for #include statements that are on the same line as 
file rules.
 2006-09-28 16:47:11 +00:00
Steve Beattie
5b3efd982f Unfortunately, the forge website(s) don't provide information on how to 
use the change_hat(2) function; point them at the manpage for usage
information.
 2006-09-28 06:45:55 +00:00
Dominic Reynolds
488f7fcc89 Disabled ar.po language as the po file in suse-i18n contains errors that 
cause msgfmt and the build to fail.
 2006-09-26 19:02:29 +00:00
Dominic Reynolds
9d3ae5ec8a Added/updated po files from lcn repo: 
https://forgesvn1.novell.com/svn/suse-i18n
 2006-09-26 18:32:52 +00:00
Dominic Reynolds
ce4ae3f281 Updated error message text - feedback from proofreaders. 2006-09-26 18:01:06 +00:00
Dominic Reynolds
6393f224e5 Small text change to celanup spaces. The xgettext claimed the line was 
not ascii so wouldn't regenerate the pot file.
 2006-09-22 16:33:27 +00:00
Steve Beattie
0961fb5a5b This checkin fixes the environ.sh to work on 64bit systems (with /lib64/ 
directories). It also disables the longpath test (after locking up
another machine from running it), but adds a 'make alltests' target
which will run all the tests plus that one (and any others defined in
the RISKY_TESTS variable.)
 2006-09-15 22:39:59 +00:00
Jesse Michael
4f4a56859e Thorsten Kukuk (kukuk@suse.de) pointed out a couple problems with 
pam_apparmor and here's a patch to address most of them--

 * header comment was incorrect
 * use pam_get_user() instead of pam_get_item()
 * return an error if we're unable to change to the DEFAULT hat

In addition, this has a fix to make sure that the magic token we read
from /dev/urandom is not null (which would cause the hat probing to fail 
if we need to fall back to the DEFAULT hat).
 2006-09-14 12:44:01 +00:00
Steve Beattie
16ede09541 Fix a tyop and add corresponding profile names for other error 
conditions.
 2006-09-13 20:06:16 +00:00
Steve Beattie
e291f9933e Add a user tunable setting to add arguments to the parser invocations, 
if necessary.  Currently used to suppress warnings about unsafe/unfiltered
environment 'u' exec transitions. 

[Corresponds to rev 6415 in the old svn repo]
 2006-09-13 18:40:52 +00:00
Steve Beattie
c59d7489be [This commit corresponds to revs 6425 and 6429 in the old svn repo] 
This commit adds a test that checks to see if exec unconfined -->
confined requires any access to the binary being run confined. Current
behavior is that it does not.
 2006-09-12 22:22:51 +00:00
Steve Beattie
5bc7850467 Convert the struct expected by ptrace.c to be struct user from 
asm-xxx/user.h rather than struct user_regs_struct, as we had a report
that that wasn't available on some arches.
 2006-09-12 20:57:29 +00:00
Steve Beattie
76cbeb9892 [This corresponds to commits 6414, 6415, 6417, 6422, 6423, and 6424 in 
the old svn tree.]

This patch adds tests to verify the environment filtering done in the Px
and Ux cases. It tests the environment from both an elf executable and
from a shell script. Also verifies that with the apparmor module loaded,
environment filtering on setuid apps still happens.
 2006-09-12 05:55:31 +00:00
Steve Beattie
1cd7fe23d4 [https://bugzilla.novell.com/show_bug.cgi?id=129516] 
Relicense file to GPL (don't know why it wasn't caught originally). Made
it look in the right location, but doesn't appear to function -- I don't
know if that's due to language changes or if it ever worked. Seth Arnold
will need to comment.
 2006-09-11 21:46:44 +00:00
Steve Beattie
08651d770b [https://bugzilla.novell.com/show_bug.cgi?id=203557] 
Add support for python egg archives as well as python 2.5. Perhaps the
python version should be seperated into a variable?
 2006-09-11 21:17:43 +00:00
Steve Beattie
2803303d19 Have svn ignore autogenerated .mo files 2006-09-11 20:20:54 +00:00
Steve Beattie
aa470621a4 Check in an internationalization change that got missed in the 'm' mode 
update.
 2006-09-11 20:12:47 +00:00
John Johansen
c235cfb8aa Add the Kbuild files that got add in the Makefile patch but weren't added to svn 2006-08-30 00:55:04 +00:00
John Johansen
0e8b2acd9a change module init type so that the module will work when compiled as a builtin 2006-08-30 00:44:01 +00:00
John Johansen
f5645aca78 change from use of unsigned long to gfp_t for memory allocation flags 2006-08-30 00:43:12 +00:00
John Johansen
acb8945d38 Add the unsafe exec flag and change exec to handle both safe (environment scrubbed by loader) and unsafe execs. 2006-08-30 00:42:09 +00:00
John Johansen
802ba1fad1 Add the m permission bit and change the way exec permissions for mmap are handled 2006-08-30 00:40:36 +00:00
John Johansen
a9e9d7fe1d remove dead code 2006-08-30 00:39:49 +00:00
John Johansen
912cb42ccb fix allocations for the audit subsystem that must be GFP_ATOMIC 2006-08-30 00:39:07 +00:00
John Johansen
b1a492d2fe fix error where a confined parent could take control of an unconfined child by getting the unconfined child to ptrace it 2006-08-30 00:38:15 +00:00
John Johansen
f5c23403a7 fix error that could cause oops when an error occured in dentry translation with no inode 2006-08-30 00:36:48 +00:00
John Johansen
ea7c6f7e8b fix error where name lookup was not properly propogating failure (errors) 2006-08-30 00:34:38 +00:00
John Johansen
b6430e3f83 properly set return code for changehat interface 2006-08-30 00:33:36 +00:00
John Johansen
7b15ddcef5 revert to using auditsd tag instead of auditaa because this is what is in suse kernels 2006-08-30 00:31:36 +00:00
John Johansen
e53c2f9db3 revert back to using d_path instead of d_path_flags 2006-08-30 00:30:46 +00:00
John Johansen
f2f5d972e4 Replace some minor uses of subdomain with apparmor 2006-08-30 00:29:49 +00:00
John Johansen
a9bd7afd94 bring Makefile up to latest version 2006-08-30 00:29:10 +00:00
John Johansen
1d152eecb8 Import nextgen branch of AppArmor 2006-08-30 00:27:59 +00:00
John Johansen
145432c805 fork apparmor module to checkin next gen code base 2006-08-30 00:19:50 +00:00
Seth Arnold
770d7d521e crispin noticed that this profile includes a pointless Px domain transition 2006-08-21 22:11:47 +00:00
Dominic Reynolds
704e1e4d36 Initial checkin 2006-08-16 16:32:49 +00:00
Seth Arnold
f9df421131 Ralf Spenneberg fixup for make install target 2006-08-09 22:39:20 +00:00
Matt Barringer
be64d6bed4 Turned the uid=0 check back on. 2006-08-05 21:05:25 +00:00
John Johansen
39adc91bbb fix xattr regression test. variable perm was being modified as a side affect of called functions so it was passing the wrong perm to the tests. 2006-08-04 22:39:16 +00:00
John Johansen
97ef545dc3 revert interface version to v2 2006-08-04 21:30:34 +00:00
John Johansen
5c2fe819d8 fix prologue.inc previous patch was broken in porting so that profiles could not be generated 2006-08-04 21:27:38 +00:00
Tony Jones
5b0e1a3dd5 Initial checkin of kernel module. 
Makefile will invoke Kbuild for external (out of tree) builds.
 2006-08-04 19:07:32 +00:00
Seth Arnold
dfa966cbdc r3528@dhcp-81: root | 2006-08-02 16:39:14 -0700 
fix 0-0 typo
 2006-08-04 18:14:15 +00:00
Seth Arnold
087c48b35e r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 
Fix up the m, U, and P stuff, and other misc fixes
 2006-08-04 18:13:59 +00:00
John Johansen
c13b341fef add parser test files that I failed to add when the parser m and P patches where committed 2006-08-04 17:24:51 +00:00
John Johansen
c611d4cbf0 increase interface version for loading policy, due to the m and unsafe exec flags breaking compatabity with v2 policy 2006-08-04 17:22:19 +00:00
John Johansen
5a84323302 update boot prereq for suse 2006-08-04 17:20:46 +00:00
John Johansen
b96bd2cd3b update parser to use HAS_X macros 2006-08-04 17:20:16 +00:00
John Johansen
7f1df42d3e update regresssion test prologue.inc for m flag 2006-08-04 17:19:41 +00:00