apparmor

mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00

Author	SHA1	Message	Date
Dominic Reynolds	2ea2871282	Removed	2006-10-06 20:09:45 +00:00
Dominic Reynolds	1fe7e92955	Added checks for profile syntax and error dialogs in the yastui.	2006-10-05 21:29:22 +00:00
John Johansen	c231a42cf4	add apparmor patches for kernels 2.6.16, 2.6.17, 2.6.18	2006-09-28 20:25:18 +00:00
Steve Beattie	84a0136a88	Add a new testcase for #include statements that are on the same line as file rules.	2006-09-28 16:47:11 +00:00
Steve Beattie	5b3efd982f	Unfortunately, the forge website(s) don't provide information on how to use the change_hat(2) function; point them at the manpage for usage information.	2006-09-28 06:45:55 +00:00
Dominic Reynolds	488f7fcc89	Disabled ar.po language as the po file in suse-i18n contains errors that cause msgfmt and the build to fail.	2006-09-26 19:02:29 +00:00
Dominic Reynolds	9d3ae5ec8a	Added/updated po files from lcn repo: https://forgesvn1.novell.com/svn/suse-i18n	2006-09-26 18:32:52 +00:00
Dominic Reynolds	ce4ae3f281	Updated error message text - feedback from proofreaders.	2006-09-26 18:01:06 +00:00
Dominic Reynolds	6393f224e5	Small text change to celanup spaces. The xgettext claimed the line was not ascii so wouldn't regenerate the pot file.	2006-09-22 16:33:27 +00:00
Steve Beattie	0961fb5a5b	This checkin fixes the environ.sh to work on 64bit systems (with /lib64/ directories). It also disables the longpath test (after locking up another machine from running it), but adds a 'make alltests' target which will run all the tests plus that one (and any others defined in the RISKY_TESTS variable.)	2006-09-15 22:39:59 +00:00
Jesse Michael	4f4a56859e	Thorsten Kukuk (kukuk@suse.de) pointed out a couple problems with pam_apparmor and here's a patch to address most of them-- * header comment was incorrect * use pam_get_user() instead of pam_get_item() * return an error if we're unable to change to the DEFAULT hat In addition, this has a fix to make sure that the magic token we read from /dev/urandom is not null (which would cause the hat probing to fail if we need to fall back to the DEFAULT hat).	2006-09-14 12:44:01 +00:00
Steve Beattie	16ede09541	Fix a tyop and add corresponding profile names for other error conditions.	2006-09-13 20:06:16 +00:00
Steve Beattie	e291f9933e	Add a user tunable setting to add arguments to the parser invocations, if necessary. Currently used to suppress warnings about unsafe/unfiltered environment 'u' exec transitions. [Corresponds to rev 6415 in the old svn repo]	2006-09-13 18:40:52 +00:00
Steve Beattie	c59d7489be	[This commit corresponds to revs 6425 and 6429 in the old svn repo] This commit adds a test that checks to see if exec unconfined --> confined requires any access to the binary being run confined. Current behavior is that it does not.	2006-09-12 22:22:51 +00:00
Steve Beattie	5bc7850467	Convert the struct expected by ptrace.c to be struct user from asm-xxx/user.h rather than struct user_regs_struct, as we had a report that that wasn't available on some arches.	2006-09-12 20:57:29 +00:00
Steve Beattie	76cbeb9892	[This corresponds to commits 6414, 6415, 6417, 6422, 6423, and 6424 in the old svn tree.] This patch adds tests to verify the environment filtering done in the Px and Ux cases. It tests the environment from both an elf executable and from a shell script. Also verifies that with the apparmor module loaded, environment filtering on setuid apps still happens.	2006-09-12 05:55:31 +00:00
Steve Beattie	1cd7fe23d4	[https://bugzilla.novell.com/show_bug.cgi?id=129516 ] Relicense file to GPL (don't know why it wasn't caught originally). Made it look in the right location, but doesn't appear to function -- I don't know if that's due to language changes or if it ever worked. Seth Arnold will need to comment.	2006-09-11 21:46:44 +00:00
Steve Beattie	08651d770b	[https://bugzilla.novell.com/show_bug.cgi?id=203557 ] Add support for python egg archives as well as python 2.5. Perhaps the python version should be seperated into a variable?	2006-09-11 21:17:43 +00:00
Steve Beattie	2803303d19	Have svn ignore autogenerated .mo files	2006-09-11 20:20:54 +00:00
Steve Beattie	aa470621a4	Check in an internationalization change that got missed in the 'm' mode update.	2006-09-11 20:12:47 +00:00
John Johansen	c235cfb8aa	Add the Kbuild files that got add in the Makefile patch but weren't added to svn	2006-08-30 00:55:04 +00:00
John Johansen	0e8b2acd9a	change module init type so that the module will work when compiled as a builtin	2006-08-30 00:44:01 +00:00
John Johansen	f5645aca78	change from use of unsigned long to gfp_t for memory allocation flags	2006-08-30 00:43:12 +00:00
John Johansen	acb8945d38	Add the unsafe exec flag and change exec to handle both safe (environment scrubbed by loader) and unsafe execs.	2006-08-30 00:42:09 +00:00
John Johansen	802ba1fad1	Add the m permission bit and change the way exec permissions for mmap are handled	2006-08-30 00:40:36 +00:00
John Johansen	a9e9d7fe1d	remove dead code	2006-08-30 00:39:49 +00:00
John Johansen	912cb42ccb	fix allocations for the audit subsystem that must be GFP_ATOMIC	2006-08-30 00:39:07 +00:00
John Johansen	b1a492d2fe	fix error where a confined parent could take control of an unconfined child by getting the unconfined child to ptrace it	2006-08-30 00:38:15 +00:00
John Johansen	f5c23403a7	fix error that could cause oops when an error occured in dentry translation with no inode	2006-08-30 00:36:48 +00:00
John Johansen	ea7c6f7e8b	fix error where name lookup was not properly propogating failure (errors)	2006-08-30 00:34:38 +00:00
John Johansen	b6430e3f83	properly set return code for changehat interface	2006-08-30 00:33:36 +00:00
John Johansen	7b15ddcef5	revert to using auditsd tag instead of auditaa because this is what is in suse kernels	2006-08-30 00:31:36 +00:00
John Johansen	e53c2f9db3	revert back to using d_path instead of d_path_flags	2006-08-30 00:30:46 +00:00
John Johansen	f2f5d972e4	Replace some minor uses of subdomain with apparmor	2006-08-30 00:29:49 +00:00
John Johansen	a9bd7afd94	bring Makefile up to latest version	2006-08-30 00:29:10 +00:00
John Johansen	1d152eecb8	Import nextgen branch of AppArmor	2006-08-30 00:27:59 +00:00
John Johansen	145432c805	fork apparmor module to checkin next gen code base	2006-08-30 00:19:50 +00:00
Seth Arnold	770d7d521e	crispin noticed that this profile includes a pointless Px domain transition	2006-08-21 22:11:47 +00:00
Dominic Reynolds	704e1e4d36	Initial checkin	2006-08-16 16:32:49 +00:00
Seth Arnold	f9df421131	Ralf Spenneberg fixup for make install target	2006-08-09 22:39:20 +00:00
Matt Barringer	be64d6bed4	Turned the uid=0 check back on.	2006-08-05 21:05:25 +00:00
John Johansen	39adc91bbb	fix xattr regression test. variable perm was being modified as a side affect of called functions so it was passing the wrong perm to the tests.	2006-08-04 22:39:16 +00:00
John Johansen	97ef545dc3	revert interface version to v2	2006-08-04 21:30:34 +00:00
John Johansen	5c2fe819d8	fix prologue.inc previous patch was broken in porting so that profiles could not be generated	2006-08-04 21:27:38 +00:00
Tony Jones	5b0e1a3dd5	Initial checkin of kernel module. Makefile will invoke Kbuild for external (out of tree) builds.	2006-08-04 19:07:32 +00:00
Seth Arnold	dfa966cbdc	r3528@dhcp-81: root \| 2006-08-02 16:39:14 -0700 fix 0-0 typo	2006-08-04 18:14:15 +00:00
Seth Arnold	087c48b35e	r3527@dhcp-81: root \| 2006-08-02 15:33:07 -0700 Fix up the m, U, and P stuff, and other misc fixes	2006-08-04 18:13:59 +00:00
John Johansen	c13b341fef	add parser test files that I failed to add when the parser m and P patches where committed	2006-08-04 17:24:51 +00:00
John Johansen	c611d4cbf0	increase interface version for loading policy, due to the m and unsafe exec flags breaking compatabity with v2 policy	2006-08-04 17:22:19 +00:00
John Johansen	5a84323302	update boot prereq for suse	2006-08-04 17:20:46 +00:00

1 2 3

136 commits