apparmor

5296 commits 23 branches 109 tags 32 MiB

Author	SHA1	Message	Date
John Johansen	a0706d3a46	And the related patch to fix globbing for af_unix abstract names Abstract af_unix socket names can contain a null character, however the aare to pcre conversion explicitly disallows null characters because they are not valid characters for pathnames. Fix this so that they type of globbing is selectable. this is a partial fix for Bug: http://bugs.launchpad.net/bugs/1413410 Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Steve Beattie <steve@nxnw.org>	2015-02-12 10:19:16 -08:00
John Johansen	c2b8a72317	disable downgrade and not enforced rule messages by default Currently the apparmor parser warns about rules that are not enforced or downgraded. This is a problem for distros that are not carrying the out of tree kernel patches, as most profile loads result in warnings. Change the behavior to not output a message unless a warn flag is passed. This patch adds 2 different warn flags --warn rule-downgraded # warn if a rule is downgraded --warn rule-not-enforced # warn if a rule is not enforced at all If the warnings are desired by default the flags can be set in the parser.conf file. v2 of patch - update man page - add --warn to usage statement - make --quiet clear warn flags Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Steve Beattie <steve@nxnw.org>	2014-10-08 13:20:20 -07:00
John Johansen	fdc55ff203	Move C++ files from .c suffix to .cc suffix mount.c -> mount.cc dbus.c -> dbus.cc rule.c -> rule.cc signal.c -> signal.cc ptrace.c -> ptrace.cc Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Steve Beattie <steve@nxnw.org>	2014-05-09 15:34:34 -07:00

Author

SHA1

Message

Date

John Johansen

a0706d3a46

And the related patch to fix globbing for af_unix abstract names

Abstract af_unix socket names can contain a null character, however the
aare to pcre conversion explicitly disallows null characters because they
are not valid characters for pathnames. Fix this so that they type of
globbing is selectable.

this is a partial fix for

Bug: http://bugs.launchpad.net/bugs/1413410

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>

2015-02-12 10:19:16 -08:00

John Johansen

c2b8a72317

disable downgrade and not enforced rule messages by default

Currently the apparmor parser warns about rules that are not enforced or
downgraded. This is a problem for distros that are not carrying the out of
tree kernel patches, as most profile loads result in warnings.

Change the behavior to not output a message unless a warn flag is passed.
This patch adds 2 different warn flags
  --warn rule-downgraded    	 # warn if a rule is downgraded
  --warn rule-not-enforced	   # warn if a rule is not enforced at all

If the warnings are desired by default the flags can be set in the
parser.conf file.

v2 of patch
- update man page
- add --warn to usage statement
- make --quiet clear warn flags

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>

2014-10-08 13:20:20 -07:00

John Johansen

fdc55ff203

Move C++ files from .c suffix to .cc suffix

mount.c  -> mount.cc
  dbus.c   -> dbus.cc
  rule.c   -> rule.cc
  signal.c -> signal.cc
  ptrace.c -> ptrace.cc

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>

2014-05-09 15:34:34 -07:00

Renamed from parser/ptrace.c (Browse further)

3 commits