mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
1321 commits 23 branches 109 tags 32 MiB
Commit graph

1321 commits

This branch
This branch
All branches
Author SHA1 Message Date
Steve Beattie
1b069745b3 * fix another small memory leak in #include handling 
* more code formatting changes because I'm a jerk whose mental lexer
   needs whitespace to properly tokenize code.
 2009-07-24 12:18:12 +00:00
Steve Beattie
5a8a692628 Bah, revert in-progress change that accidentally got committed in rev 
1421.
 2009-07-24 12:06:17 +00:00
Steve Beattie
da52731c75 * fix small memory leak in parser_main.c 
* fixup instances of my inability to spell separator
  * minor code formatting cleanup in parser_lex.l
 2009-07-24 11:56:07 +00:00
Steve Beattie
ed86641695 Fixup testcase description. 2009-07-24 11:34:30 +00:00
Steve Beattie
f579d5efe6 Add a couple more situations around include suffix ignoring. 2009-07-24 11:11:39 +00:00
John Johansen
a7a1cb3827 test for ignored suffixes 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:38:10 +00:00
John Johansen
ab3d7edcdc add loading from and writing to cache options 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:36:09 +00:00
John Johansen
33d01a980a allow multiple profiles to be parsed from the command line 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:35:39 +00:00
John Johansen
af902dddf1 during policy load, return errors instead of exiting 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:35:19 +00:00
John Johansen
1fd75ff4f4 actually use -q when loading 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:34:54 +00:00
John Johansen
c4c430dcd0 fix comments to be non-recursive 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:34:30 +00:00
John Johansen
627c044e4d add parser subsystem reset functions 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:34:11 +00:00
John Johansen
0137b992b4 move -D_GNU_SOURCE to Makefile for parser_lex.l to gain it 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:33:39 +00:00
John Johansen
397ead10af add aare_reset_matchflags() to reset match flags 
Signed-Off-By: Kees Cook <kees.cook@canonical.com>
 2009-07-24 07:33:09 +00:00
John Johansen
6afe6185be Fix change_profile so that it works with regular expressions (lpn390810) 
Change_profile was broken so that it couldn't parse expressions that
weren't path based or started with a variable.  Furthermore if the name
held any expressions it was not hanlded correctly, as it was being passed
directly to dfa conversion without going through glob -> pcre conversion.
 2009-07-23 21:18:37 +00:00
Steve Beattie
298b32e82e Fix up another include test that was failing for the wrong reason. 2009-07-23 20:38:59 +00:00
Steve Beattie
f67f92652a Fix up a couple of testcase includes that got broken in the reorg. 2009-07-23 20:27:54 +00:00
John Johansen
8a780d6f6d Rearrange tests into subdirectories, so that it is easier to see what tests 
are currently present.
 2009-07-23 07:42:57 +00:00
John Johansen
a03d354ee5 Enable simple.py to traverse subdirectories. This will allow splitting 
up the simple_tests/ dir into several subdirs, so they are easier
to manage.
 2009-07-22 22:19:23 +00:00
Steve Beattie
a08658b46d Add a couple of testcases around change_profile keyword and different 
types of profile names.
 2009-07-22 15:43:46 +00:00
John Johansen
100d791e84 Update mount test to allow for cability sys_admin, allowing mount and unmount 2009-07-08 21:35:28 +00:00
John Johansen
3850ede5cf Fix aliases so that aliases are applied to the profile name as well as 
the entries

Add rewrite as an alternative alias keyword
 2009-06-10 20:26:31 +00:00
Steve Beattie
5a2b875b81 parser/Makefile: 
* move network families to filter out into a separate variable to
   so that the list doesn't get lost in a complex sed invocation
 * pull out the actual macro definitions from linux/socket.h and use
   them if glibc's sys/socket.h (really bit/socket.h) hasn't caught up
   with the family definitions.
 2009-06-10 19:20:51 +00:00
Steve Beattie
54037862e6 Fix formatting from last commit. 2009-06-10 17:51:09 +00:00
John Johansen
5998357682 Add option to force that read implies exec from user side. 2009-06-10 15:37:27 +00:00
Steve Beattie
b240be37cc Submitted By: Mario Fetka (mario dot fetka at gmail dot com) 
Acked-By: Steve Beattie <steve@nxnw.org>

- correct --as-needed linkflag
- use autotools to check for dbus and libaudit-dev properly
 2009-05-13 04:20:48 +00:00
Steve Beattie
5d38632153 Submitted By: Mario Fetka (mario dot fetka at gmail dot com) 
Acked-By: Steve Beattie <steve@nxnw.org>

Fix a typo in the header.
 2009-05-12 22:03:13 +00:00
Steve Beattie
719bfd2011 Fix aclocal warning. 2009-05-12 21:58:54 +00:00
Steve Beattie
c3f9d75abe Submitted By: Mario Fetka (mario dot fetka at gmail dot com) 
Acked-By: Steve Beattie <steve@nxnw.org>

This patch allows libapparmor to be built out of tree.
 2009-05-12 21:56:56 +00:00
Steve Beattie
b02e3ff0cd Fix up a couple of grotty bits around the debugging code. 2009-03-19 17:36:40 +00:00
Steve Beattie
be5ddfa59b utils/SubDomain.pm: 
- Update matching regex for reordered kernel audit messages (when they
  come through syslog). Ideally, rather than use a regex, the utils would
  just use the log parsing library to determine whether it's a log even
  of interest.
- fix debugging code write a logfile in /var/log/apparmor and not a
  predictable location in /tmp; File::Temp would be the right solution
  except that the log file is created in a BEGIN clause, and
  File::Temp.new() ends up returning an unopened filehandle in that
  situation, so logging fails. Someone with more perl-fu may know how to
  fix that.
 2009-03-19 15:32:02 +00:00
Steve Beattie
b1fab26057 Don't overwrite $STATUS if we've already hit a profile that failed 
to parse.
 2009-03-19 02:50:53 +00:00
Steve Beattie
19ddb3bfa4 Testcases that are vaguely related to 
https://bugs.launchpad.net/bugs/340183
 2009-03-13 06:39:05 +00:00
Steve Beattie
0208c5b5d6 whitespace bah. 2009-03-13 06:38:16 +00:00
Steve Beattie
62372fe628 Tentative fix for https://bugs.launchpad.net/bugs/340183 2009-03-13 06:37:39 +00:00
Steve Beattie
a9ff89cd5d Testcase reorg: rename all the ones that pertain to the old logging 
style for clarity. Support for these should be dropped in the future,
because it just introduces bugs.
 2009-03-13 05:48:06 +00:00
Steve Beattie
1acfd92d8a * set yydebug when YYDEBUG is set, this will cause mucho bison debuginfo 
to be emitted.
* whitespace fixup
 2009-03-13 05:19:39 +00:00
Steve Beattie
947a77bcde Add a case to the interface error reporting for -EACCES return, which 
likely means that the admin attempted to load a policy while confined by
apparmor.
 2009-03-13 03:44:26 +00:00
Steve Beattie
24ddc6f081 Debugging fixups: 
- report applied modes (enforce, complain, audit)
- if local profile, report name of profile it is local to
 2009-03-12 19:23:27 +00:00
Steve Beattie
27b8275d5a Add parsing testcases: 
- basic local (interior) profile support testcase
- basic deny rules test
 2009-03-12 19:22:08 +00:00
Steve Beattie
ff1dc201b1 Fix a bug where passing --Complain on the command line would override an 
audit flag set in the profile(s).
 2009-03-12 19:19:35 +00:00
Steve Beattie
13f73b626b Mild cruft cleanup (woo!) 
- fix "Namespcae" tyop
- get rid of sub_name and default_deny from the main profile struct as
  they haven't been used for a long time; also eliminates their output
  from the debugging output.
- emit dumped parsing structure with only one -d, users were confuzzled
  and it was not documented that you needed to use -dd to get it to
  output anything if DEBUG wasn't set when compiling.
 2009-03-12 16:05:19 +00:00
Steve Beattie
087182be9a Blarg, we actually documented --complain as --Complain, which of course 
doesn't work. Making the parser match the documentation, though either
form should still work.

(Based on a secondary element of https://bugs.launchpad.net/bugs/341205)
 2009-03-12 15:21:46 +00:00
John Johansen
01519b3ae0 Fix leak when AppArmor encounters a deleted file 2009-02-15 02:38:53 +00:00
John Johansen
59f0d08417 Update translation files 2009-02-07 12:16:03 +00:00
John Johansen
4fc0bd5881 Update translation files 2009-02-07 12:14:40 +00:00
John Johansen
262075ca80 Update translation files 2009-02-07 12:09:50 +00:00
John Johansen
1def78f1c4 Add missing gettext for "Repository" prompt 2009-02-06 11:09:54 +00:00
John Johansen
9574478aaa Fix compile bug reported by Mario Fetka, 2009-01-04 09:42:46 +00:00
John Johansen
458a6c0418 Apply patch from mario.fetka@gmail.com which fixes the config file for 
the module being builtin in 2.6.27, 2.6.28
 2008-12-13 10:16:05 +00:00