mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
7350 commits 23 branches 109 tags 32 MiB
Commit graph

7350 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Arnold
3ce2e3610c Bug 168035 - apparmor-profiles: lib.ld-2.2.so takes no care of x86_64 /lib/ld-2.4 -- s390x, ppc, ppc64 2006-05-05 17:48:20 +00:00
Seth Arnold
1270a03421 Bug 172670 - postfix doesn't deliver mails anymore after update from SLES9 2006-05-05 15:31:29 +00:00
Seth Arnold
ec3b80ca6a Bug 165170 - apparmor.d(5): missing documentation 2006-05-03 22:55:14 +00:00
Seth Arnold
daa4c2b1cb also document the post* profiles in the extras/README 2006-05-03 21:45:43 +00:00
Seth Arnold
0b7811057f oops, forgot to disable some of the other postfix helpers; postalias, postdrop, postmap, postqueue 2006-05-03 21:38:44 +00:00
Seth Arnold
feaeb486ec clean up the extras/README so that people can more easily see the point of the directory 2006-05-03 21:22:02 +00:00
Seth Arnold
ecb3d24bde remove all the complain mode flags from the postfix profiles (now in extras) 2006-05-03 20:41:27 +00:00
Seth Arnold
e5c47dfd15 eagle-eye darix spotted broken alternations in smtpd profile; the rules used to expand to /var/spool/postfixpublic/cleanup //public/cleanup now they expand to /var/spool/postfix/public/cleanup /public/cleanup 2006-05-03 20:33:59 +00:00
Seth Arnold
e2b220a59a force procmail to 'px' rather than 'ux' in the (now disabled) postfix profiles 2006-05-03 19:51:11 +00:00
Seth Arnold
a5bf394cc1 move squid from enabled to disabled; we've decided to turn it off too 2006-05-03 19:49:15 +00:00
Seth Arnold
d94da33747 move all the postfix programs to extras; we've decided to not turn them on by default 2006-05-03 19:48:45 +00:00
Seth Arnold
426a491f54 darix noticed I had forgotten the svn:keywords property on all my new files and cut-n-waste was blaming steve for all these files 2006-05-02 21:41:28 +00:00
Seth Arnold
437b53a557 Bug 170154 - squid dies when setting auth_param basic program /usr/sbin/pam_auth 2006-05-02 17:48:04 +00:00
Steve Beattie
84ff459a53 Default to using the parser in the parent directory, and build it if it 
doesn't exist.
 2006-05-02 17:19:50 +00:00
Steve Beattie
1b56f269dd This change does a few things: 
- adds a distinct includes/ subdirectory, populated with a couple of
    files that test profiles can include. We purposefully choose to use
    a different directory structure than the shipped profile set so that
    changes to it will not break our tests.
  - modifies the existing test profiles to take advantage of the
    includes/ directory.
  - modifies tst/Makefile with pushd/popd to get around some pwd
    limitations in the parser (that need to be fixed).
 2006-05-02 16:15:41 +00:00
Seth Arnold
9636ab4669 Bug 167798 - misc profile modifications from darix -- mlmmj, lighttpd, oidentd profiles in extras/, new postfix helpers in complain mode (enabled), split apart nameservice a little (non destructively), add new abstractions for python, ruby, and php5, add web-data and svn-repositories data-centric abstractions 2006-05-02 00:25:47 +00:00
Seth Arnold
c0ffe84f43 Bug 168581 - readaccess to /proc/meminfo not granted to nscd -- add sysconf(3) files to abstractions/base 2006-05-01 17:34:59 +00:00
Seth Arnold
1be9dfacbc Bug 165191 - named can't write slave zones 2006-05-01 17:32:36 +00:00
Seth Arnold
8a767bce13 Add a dummy pipe profile in complain mode. Pipe is pretty flexible, so sysadmins should turn on AppArmor for pipe themselves. 2006-04-29 00:11:54 +00:00
Seth Arnold
f0d6ffa33a mdnsd writes to the console, thanks darix 2006-04-28 22:48:28 +00:00
Steve Beattie
0508ea0128 https://bugzilla.novell.com/show_bug.cgi?id=160330 
This patch prevents the parser from segv'ing if neither of the expected
default profile directories exist (/etc/subdomain.d, /etc/apparmor.d).
A profile passed on the command line or via stdin will still load, so
long as -I/path/to/includes is passed for any relevant includes files.
 2006-04-28 03:26:57 +00:00
Seth Arnold
543b642d1f Bug 159667 - Postfix SASL authentication fails with "no mechanism available" 2006-04-27 22:40:08 +00:00
Seth Arnold
71b487ad97 Bug 168581 - readaccess to /proc/meminfo not granted to nscd 2006-04-27 12:55:15 +00:00
Seth Arnold
8fc3074343 address the capabilities half of https://bugzilla.novell.com/show_bug.cgi?id=165170 -- remaining in this bug report is variables descriptions 2006-04-24 21:59:20 +00:00
Seth Arnold
2a2010c839 https://bugzilla.novell.com/show_bug.cgi?id=165116 2006-04-24 21:25:24 +00:00
Seth Arnold
eb6ca6797b A quick hack that will test if the running kernel supports PCRE or not, and bail out with a more informative error message if the policy being loaded requires additional kernel support 2006-04-18 17:15:05 +00:00
Steve Beattie
b04af48255 Update svn:ignore attributes on the utils/ directory. 2006-04-14 18:35:48 +00:00
Steve Beattie
16ce411178 [https://bugzilla.novell.com/show_bug.cgi?id=165177] 
XFS appears to be more strict than the Linux vfs layer wrt whether a
process can chgrp a file when it's not the owner but still in the same
group -- XFS doesn't allow it and requires CAP_FOWNER instead.

This fix rorders the tests so that the chgrp operations occur before the
chown operations happen, avoiding the difference in requirements between
XFS and linux's vfs.
 2006-04-14 18:11:55 +00:00
Seth Arnold
20830f842e SL10.1 has the 2.4 version of glibc, so there's a new loader name. Thanks darix for pointing it out. 2006-04-14 18:00:15 +00:00
Seth Arnold
600ed017bf add a README that describes why the profiles in /etc/apparmor/ aren't enabled 2006-04-14 17:48:11 +00:00
Steve Beattie
e3a5c27679 Remove some archaic cvsignore files. 2006-04-13 21:16:09 +00:00
Steve Beattie
bc9d0ee80b MOve the parser regression tests to the parser package itself. 2006-04-13 20:38:37 +00:00
Seth Arnold
06f3ea1313 fix BNF-ish description of apparmor policy language to reflect new-style hat syntax 2006-04-13 00:01:59 +00:00
Seth Arnold
7526f795b9 add more descriptions of abstractions, remove netdomain comments, remove comment about 'ix' being infrequently used, add short comment about tunables and variables, and an erroneous symlink reference 2006-04-12 23:59:14 +00:00
Steve Beattie
2332be980b Fix svn properties. 2006-04-12 21:59:34 +00:00
Steve Beattie
ad8a5a9c2d Fix %changelog typo. 2006-04-12 21:53:27 +00:00
Steve Beattie
2f1aa5374f Fix Makefile to find new common/ dir. 
add svn:keywords and svn:ignore properties
 2006-04-12 21:12:39 +00:00
Steve Beattie
e8b349bf47 Update svn:keywords and svn:ignore properties for libapparmor 2006-04-12 20:43:34 +00:00
Steve Beattie
7a1a415557 Update svn:keywords properties. 
Fix makefile to find new common/ location.
 2006-04-12 20:35:41 +00:00
Steve Beattie
13e1f836b0 Set svn:keywords on the common make rules. 2006-04-12 20:19:42 +00:00
Steve Beattie
09f7264743 Set svn:keywords attributes on files, modify makefiles to point at new 
common/ location after converting to novell forge svn repo.
 2006-04-12 19:31:08 +00:00
Steve Beattie
36d643eea9 Remove obsolete parser testcases. The parser regression tests should 
instead be placed here.
 2006-04-12 16:49:58 +00:00
Steve Beattie
6b0de8f6bc Update keywords attribute, svn:ignore attribute, update Makefile to 
point to the new location of the common/ dir.
 2006-04-12 03:09:10 +00:00
Steve Beattie
ac53d2c30e Set keyword expansion on files. Removed no longer necessary license 
files (they should be included with the relavent individual packages).
Made package build in new novell forge environment.
 2006-04-12 02:21:58 +00:00
Seth Arnold
3c3c085d1a correct (by removing) the number of permissions bits in the language; 
remove references to 'l' being required for unlink(); remove vim syntax
file; remove reference to program-chunks/apache-default-uri
 2006-04-11 22:50:01 +00:00
Dominic Reynolds
93addb5b04 Rename changes subdomain -> apparmor in error messages 2006-04-11 22:26:05 +00:00
Steve Beattie
608a7460c1 Remove pdfs and frame documents maintained and distributed elsewhere. 2006-04-11 22:11:53 +00:00
Steve Beattie
6d3e74907d Import the rest of the core functionality of the internal apparmor 
development tree (trunk branch). From svn repo version 6381.
 2006-04-11 21:52:54 +00:00
Steve Beattie
8fbbf6c9af Test import of the common/ subtree. Internal svn repo version 6381. 2006-04-11 21:19:46 +00:00
Kees Cook
603a1fb95e Initial import 2006-04-04 15:11:23 +00:00