723 commits

This branch

This branch

All branches

Author	SHA1	Message	Date
John Johansen	2b59d6f9ac	change_profile refactored and mostly working	2007-06-15 18:44:09 +00:00
Steve Beattie	a2423f3371	Patch from Mathias Gug <mathiaz@ubuntu.com>, I added the same ... modification to the audit command. This fix scans apparmor.d directory to find profiles that matches the profile passed on the command line. Currently if the binary doesn't exist on the system, complain/enforce fails even if a profile is defined.	2007-06-15 15:11:09 +00:00
Seth Arnold	d0cfcfa004	add a bunch of rules for dhcpcd -- including two Ux rules. Ugh. Should fix that, but they look like big black holes.	2007-06-11 22:14:18 +00:00
Seth Arnold	b7110070f2	fix up postfix's directories with the new / suffix	2007-06-11 21:55:56 +00:00
Seth Arnold	131355ec7a	move xfs away from X11R6	2007-06-11 17:56:00 +00:00
Seth Arnold	7509f7aae2	move xfs away from X11R6	2007-06-11 17:55:50 +00:00
Seth Arnold	6aad212284	move acroread	2007-06-11 17:53:45 +00:00
Seth Arnold	f0d8ce3159	a few dhcpcd and resmgrd fixes	2007-06-11 17:23:17 +00:00
Andreas Gruenbacher	807c9147d2	Proposed revert / cleanup for logging permission masks	2007-06-11 11:48:05 +00:00
Seth Arnold	1f3cc4e008	gconfd-2 rmix to itself, 64bit version too	2007-06-11 04:17:30 +00:00
Seth Arnold	a998abbd3e	make a 64bit copy of gconfd-2	2007-06-11 04:15:55 +00:00
Seth Arnold	677c9feb2b	rename gconfd-2	2007-06-11 04:15:34 +00:00
Seth Arnold	334761bdbe	rename ethereal -> wireshark	2007-06-11 04:14:29 +00:00
Seth Arnold	daa4e31b27	rename gaim	2007-06-11 04:13:53 +00:00
Seth Arnold	41215a97f8	fix up bonobo-activation-server with rmix access to itself	2007-06-11 04:13:19 +00:00
Seth Arnold	e7b4565f49	rename bonobo-activation-server	2007-06-11 04:12:29 +00:00
Seth Arnold	0ffba14641	rename evolution-data-server	2007-06-11 04:10:48 +00:00
Seth Arnold	b504df44e0	rename evolution	2007-06-11 04:10:13 +00:00
Seth Arnold	0b888a5203	removing /opt/gnome, /opt/OpenOffice.org, /usr/X11R6/, /opt/mozilla	2007-06-11 04:09:23 +00:00
Seth Arnold	e435b8f706	first step in replacing /opt/gnome with more sensible paths -- next step, renaming	2007-06-11 04:07:41 +00:00
John Johansen	7e3aacdda5	bleah fix typos that slipped into previous commit, and change AUDIT_REJECT to AUDIT_DENIED and AUDIT_COMPLAIN to AUDIT_ALLOWED	2007-06-09 00:35:37 +00:00
John Johansen	4d14203e90	Add auditing of x modifiers and split mask into requested and denied masks	2007-06-08 21:48:30 +00:00
Andreas Gruenbacher	ece35dc8fe	Add missing spaces and do not quote numbers	2007-06-06 09:09:37 +00:00
Andreas Gruenbacher	7c961abd52	Make this message more consistent with the rest.	2007-06-06 08:06:20 +00:00
Andreas Gruenbacher	205235e738	More cosmetic stuff.	2007-06-06 08:00:58 +00:00
Andreas Gruenbacher	b04e55469f	More cosmetic stuff.	2007-06-06 07:29:58 +00:00
Andreas Gruenbacher	c2eb05298d	Cosmetic change.	2007-06-06 07:23:59 +00:00
Seth Arnold	4e9c17ab6e	Updates from Mathias Gug for ntpd	2007-06-05 19:47:53 +00:00
John Johansen	171dab27dc	remove buffer and buffer2 from struct aa_audit	2007-06-05 17:58:16 +00:00
John Johansen	3f3c5ce968	have link report the permissions denied/granted	2007-06-05 17:57:47 +00:00
John Johansen	44c5f872da	change audit messages to use name=<value> pairs	2007-06-05 17:56:50 +00:00
John Johansen	a89eed0360	remove name mangling	2007-06-05 17:56:14 +00:00
John Johansen	e1e05ccf97	fix logging of link target name	2007-06-05 17:55:41 +00:00
John Johansen	2ebbddaf4c	use audit defines for reject, complain, audit, hint, status	2007-06-05 17:55:06 +00:00
John Johansen	1ded76679b	Add patch to check perms/exec modifiers on profile load instead of checking them at run time	2007-06-05 17:54:11 +00:00
John Johansen	3669525062	refresh patches against latest kernel	2007-06-05 17:52:35 +00:00
Seth Arnold	d988a78f22	fixes to klogd from Mathias Gug	2007-06-01 21:18:50 +00:00
Seth Arnold	18d356e23d	fixes to ntpd from Mathias Gug	2007-06-01 21:17:42 +00:00
Steve Beattie	9ee7d1041f	Fix up some of the directories that should have been converted.	2007-05-31 05:58:22 +00:00
Steve Beattie	2493d03f93	This change was contributed by Mathias Gug <mathias.gug@ubuntu.com> ... This patch improves the information reported by then apparmor_status script. It gives more detailed information about loaded profiles and their mode, running processes and profiles applied to them. (I slightly modified the code to refer to the term unconfined instead of unstrained as well fixing some minor formatting issues.)	2007-05-31 05:43:16 +00:00
Seth Arnold	42ec04076f	Patch from Marius Tomaschewski for syslog-ng, which now uses pipe instead of file for writing to the console	2007-05-29 17:28:38 +00:00
Steve Beattie	a97558b1f7	fix formatting of description field in initscripts	2007-05-28 03:42:26 +00:00
Steve Beattie	65d3b94589	Bah, forgot to svn add the tunables file for /proc.	2007-05-25 20:24:11 +00:00
John Johansen	dac75a66bd	refresh patches against latest git kernel	2007-05-25 17:04:33 +00:00
John Johansen	9f508f8c86	remove patches from series that shouldn't be there	2007-05-25 14:50:55 +00:00
Andreas Gruenbacher	4465abb29a	Typo.	2007-05-25 12:47:34 +00:00
Andreas Gruenbacher	c77be398f7	Add first steps to cleaning up audit.	2007-05-25 12:35:47 +00:00
Steve Beattie	7e6e37953f	This patch adds a variable definition for the location of /proc in ... tunables/proc and modifies all users of /proc to use the variable instead. I also converted some uses of /proc/*/ to /proc/[0-9]*/ to be a little more restrictive, as well as removing some references to proc files that are already covered by abstractions/base (the removals in abstractions/bash seem justified as all uses of abstractions/bash are immediately preceded by abstractions/base).	2007-05-25 02:09:30 +00:00
Steve Beattie	f442a50a4d	convert a malloc/strcpy to just a straight strdup().	2007-05-24 22:07:39 +00:00
Steve Beattie	c2d927e710	Fix return code propogation in the initscripts, and return the ... correct return code in the try-restart case properly when apparmor is not loaded.	2007-05-24 05:00:34 +00:00