mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-09 02:41:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
4188 commits 23 branches 109 tags 32 MiB
Commit graph

1100 commits

Author SHA1 Message Date
John Johansen
814773b2e1 Update the parse to emit a 0 to seperate pairs in the dfa. 
This was always the intended behavior and fixes a bug where
the dfa will match change profile rules using // seperator.
 2008-03-13 16:46:19 +00:00
John Johansen
486bb79ef7 merge over r1088 - Add descriptiion of append, lock and network rules to the man page 2008-02-19 10:19:28 +00:00
John Johansen
92977daf75 merge over change from 1082 - update parser .spec change log 2008-02-19 10:18:12 +00:00
John Johansen
482b8741b7 fix init script so that it doesn't result in a regex with a null alternation ie. |apparmor 2008-01-03 23:21:07 +00:00
John Johansen
e9fd1d8fc1 update init functions to work with the apparmor module being builtin to the kernel 2008-01-03 22:27:20 +00:00
John Johansen
5b758f9dad fix bug where parser wasn't properly merging link rules, when a link pair was specified 2007-12-20 12:58:59 +00:00
John Johansen
edda8c2604 add owner parser tests 2007-12-20 12:58:16 +00:00
John Johansen
ace86e6d01 fix overlapping x modifiers perm computation 2007-12-20 12:56:50 +00:00
John Johansen
65e2c09be1 remove dead code 2007-12-20 12:55:27 +00:00
John Johansen
97dbaa02cb change from U:G:O syntax to owner syntax and remove group permission 2007-11-29 18:06:53 +00:00
John Johansen
4ce25448af allow specifying link permissions as a pair 2007-11-16 09:37:31 +00:00
John Johansen
398102afa8 old style link compatability 2007-11-16 09:36:42 +00:00
John Johansen
0e5484ce77 fix change profile 2007-11-16 09:36:19 +00:00
John Johansen
638535d650 exec modes per U:G:O 2007-11-16 09:35:57 +00:00
John Johansen
ec639bc82c user:group:any permissions 2007-11-16 09:35:31 +00:00
John Johansen
e601767e03 simple cleanup 2007-11-16 09:34:53 +00:00
John Johansen
40c3686041 remove old netdomain syntax 2007-11-16 09:34:01 +00:00
John Johansen
50284e8aad autogenerate the capability names file 2007-11-16 09:32:38 +00:00
John Johansen
c841a140b3 make the use of flags= optional 2007-11-16 09:31:33 +00:00
John Johansen
999e291acc factor use of id and varid into single token 2007-11-16 09:30:08 +00:00
John Johansen
20d5d20855 tests for pix exec mode 2007-11-16 09:28:30 +00:00
John Johansen
230b04231c add pix transition mode 2007-11-16 09:27:34 +00:00
John Johansen
92a569fdb3 profile namespace tests 2007-11-16 09:22:49 +00:00
John Johansen
a4721bd02d add basic handling of profile namespaces 2007-11-16 09:18:48 +00:00
Steve Beattie
cfef502c54 Basic change_profile testcases, basic network rules testcases, testcases 
around carat symbols and commas in file rules, and basic permission
modes first testcases from jjohansen@suse.de.

Acked-By: Steve Beattie <steve@nxnw.org>
 2007-10-01 06:34:27 +00:00
Steve Beattie
815c103488 lock mode bit tests from jjohansen@suse.de 
Also, make 'check' toplevel target be an alias for 'tests'

Acked-By: Steve Beattie <steve@nxnw.org>
 2007-10-01 06:12:26 +00:00
Steve Beattie
4e0679ecc6 Append testcases from jjohansen@suse.de. 
Acked-By: Steve Beattie <steve@nxnw.org>
 2007-10-01 06:04:18 +00:00
Steve Beattie
fd0ad65eac Only run apparmor initscript at boottime on suse. (novell #286749) 2007-08-31 19:05:54 +00:00
Steve Beattie
7a3ddb5ce7 mark initscripts as stop_on_removal on suse dists. 2007-08-20 03:43:32 +00:00
Steve Beattie
707fda6680 This patch disables the apparmor event reporting daemon service before 
uninstalling the apparmor-parser package. [#301418]
 2007-08-17 18:14:57 +00:00
John Johansen
a92114480c Fix a double free bug in include handling 2007-08-15 20:24:58 +00:00
Steve Beattie
6123467433 skip files suffixed with .dpkg-old, based on a patch from Mathias Gug 
<mathiaz@ubuntu.com> [Message-ID: <20070813201254.GD11381@mathias.mathiaz.net>]
Added comments to both file-skipping locations referencing the other
location that needs to be modified.

(The ideal solution would be for this information to be stored in one
commonly referenced location, configurable by distributors and
administratrors.)
 2007-08-14 19:19:59 +00:00
Dominic Reynolds
cfb52c03f8 Added AF_RXRPC to the list of ignored net families from socket.h that 
are used in the generation of af_names.h.
 2007-08-06 18:48:26 +00:00
Dominic Reynolds
737ffeb3c7 Added updated translations. 2007-08-06 12:48:39 +00:00
Steve Beattie
2e46c37bf2 Patch from S.Çağlar Onur <caglar@pardus.org.tr> 
Turkish has 4 letter "I"s. English has only two, a lowercase dotted i and an 
uppercase dotless I. Turkish has lowercase and uppercase forms of both dotted 
and dotless I. So tolower(I) != i and toupper(i) != I for us.

Althought this situation is not a apparmor bug (sed can't convert these
properly) its directly affected.  But these must locale independent. So
please apply following simple patch to solve this issue.

Acked-By: Steve Beattie <sbeattie@suse.de>
 2007-08-02 15:19:36 +00:00
Steve Beattie
1791756480 Add changelog entry for recent checkins. 2007-07-27 21:51:23 +00:00
Steve Beattie
a83a78ee77 Incorporate part of a patch from Mathias Gug <mathiaz@ubuntu.com>, skips 
one more type of dpkg debris.
 2007-07-27 21:31:10 +00:00
Steve Beattie
6c1d6fdd80 Patch from jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Support placing the permission modes first before the pathname. This
makes things somewhat more consistent with other types of permissions
(capability [specific_cap], network [stuff], etc.).
 2007-07-27 20:55:25 +00:00
Steve Beattie
318df7804a Patch from jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Allow using the keyword "hat" in place of the magic symbol '^'
 2007-07-27 20:48:24 +00:00
Steve Beattie
9c4e50e7ca Patch from jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Use file_mode to remove duplicated code. Prelim for reordering file
permissions.
 2007-07-27 20:47:17 +00:00
Steve Beattie
3216755358 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Use correct terminology; convert unconstrained to unconfined.
 2007-07-27 20:45:45 +00:00
Steve Beattie
9df76dbcda Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Add mediation/keywords for locks.
 2007-07-27 20:38:43 +00:00
Steve Beattie
95d6ab1b1b Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Add support for a distinction between write permission and append-only
permission.
 2007-07-27 20:31:38 +00:00
Steve Beattie
2737f6bc97 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Support for basic network mediation keywords.
 2007-07-27 20:29:47 +00:00
Steve Beattie
b383370856 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Don't allow commas at the end of an ID.
 2007-07-27 20:27:41 +00:00
Steve Beattie
86e5ed3109 Patch from jjohansen@suse.de 
Fix debugging with CHANGE_PROFILE.
 2007-07-27 20:25:59 +00:00
Steve Beattie
a6f387a17e Fix gcc warning about possible uninitialized use of the ms variable; if 
match_string is NULL, the out: cleanup will test ms for !NULL and free
it, even though it hasn't been initialized.
 2007-07-18 14:22:59 +00:00
John Johansen
d5f43d5a4f remove stupid debug fprintf statements that got left in 2007-06-27 01:27:44 +00:00
John Johansen
12f3472c09 basic change_profile support 2007-06-26 21:10:28 +00:00
John Johansen
5655affcda flatten hats for individual profile load 2007-06-26 21:09:46 +00:00