mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
515 commits 23 branches 109 tags 32 MiB
Commit graph

515 commits

This branch
This branch
All branches
Author SHA1 Message Date
John Johansen
eeb042019e more renaming 2007-02-01 08:23:38 +00:00
John Johansen
c331917752 add patch to undo 2.6.20 mnt_namespace changes, further renaming to better reflect where patches should be applied 2007-02-01 08:13:50 +00:00
John Johansen
cc94d9fb80 move nextgen to current to reflect current module state 2007-02-01 07:28:41 +00:00
John Johansen
f4d0373e82 rename current to deprecated to reflect current module state 2007-02-01 07:27:27 +00:00
Andreas Gruenbacher
d6004bf65e - Update and rediff against latest git (no real actual changes except 
for removing an unused variable that apparmor-percpu_path_cache.diff
  added).
 2007-02-01 06:13:07 +00:00
Andreas Gruenbacher
8b32bddd18 Update the LSM hooks to git-latest (apparmor patches still to be updated). 2007-02-01 05:28:52 +00:00
Andreas Gruenbacher
cbad84b250 Comment fix. 2007-02-01 05:27:07 +00:00
John Johansen
9add6a1b75 Add 2.6.20 for apparmor.h that got dropped from previous 2.6.20 patch 2007-02-01 01:21:06 +00:00
John Johansen
65e483e4aa Allow apparmor to run on 2.6.20 2007-02-01 01:11:07 +00:00
John Johansen
a0025bf32b remove double free that occurs when of entry->extradata bug #240982 2007-02-01 01:09:42 +00:00
Seth Arnold
9b337841b6 Bug 240734 - Applications using nss_ldap need to have access to ldap.secret 2007-02-01 01:00:52 +00:00
John Johansen
d84a0cb8ae dfa module, d_path fixes, chroot hook, path cache 2007-01-31 23:22:10 +00:00
Andreas Gruenbacher
2395fa7d35 - Update notes. 2007-01-30 06:50:37 +00:00
Andreas Gruenbacher
ef69664264 - Keep some notes here lest we forget. 2007-01-29 18:34:22 +00:00
Tony Jones
b1ac8dbc4b Simple test lsm for logging paths. 2007-01-29 16:21:39 +00:00
Andreas Gruenbacher
acba95240d - Initil struct_path patches 2007-01-29 11:15:36 +00:00
Andreas Gruenbacher
826fe6ee17 Remove duplicate copy of the patches for mainline. 2007-01-29 06:48:27 +00:00
Seth Arnold
d7e1af3d5d Bug 190079 - sendmail can't open control socket 2007-01-26 13:56:52 +00:00
Seth Arnold
cefca1ef60 Bug 202095 - useradd / userdel profiles incomplete 2007-01-26 13:28:39 +00:00
Seth Arnold
048d72b72c Bug 181253 - apparmor rejects access for sendmail to /var/lib/sendmail/statistics 2007-01-26 13:13:41 +00:00
Seth Arnold
bc97846544 Bug 143281 - Insuffisient settings in default profiles, at least for man & gaim: 2007-01-26 11:06:01 +00:00
Seth Arnold
8c45f2ef71 Bug 143281 - Insuffisient settings in default profiles, at least for man & gaim: 2007-01-26 10:52:26 +00:00
Seth Arnold
d892a64317 Bug 143281 - Insuffisient settings in default profiles, at least for man & gaim: 2007-01-26 10:50:55 +00:00
Seth Arnold
35ae0848bc Bug 225615 - apparmor rejects glibc AT_PLATFORM directories 2007-01-26 10:14:37 +00:00
Seth Arnold
d0c20aff7f Bug 221998 - No NFS locks available: "kernel: lockd/statd: failed to create /var/lib/nfs/sm/<server>: err=-2" 2007-01-26 09:57:42 +00:00
Seth Arnold
a8b460a0c7 Bug 157400 - default AppArmor profile for gaim too restrictive 2007-01-26 09:46:24 +00:00
Tony Jones
7e2f9c6c42 Still some params wrong way round. 2007-01-23 10:37:51 +00:00
Seth Arnold
f2ef3cb398 how do I overlook svn:keywords on profiles so often? 2007-01-19 13:03:35 +00:00
Seth Arnold
af0d1e5425 My best guess of what was intended in feature requests 300766 and 300767, to add some entries for (currently?) Novell-specific changes to xntpd and named to support W32Time authentication and GSS-TSIG authentication. 2007-01-19 12:05:05 +00:00
Steve Beattie
51d047ba35 Set %distro macro correctly when building against fedora core on 
opensuse's buildservice (http:://build.opensuse.org)
 2007-01-18 07:33:09 +00:00
Steve Beattie
c72cf57b65 Add a %clean stage to remove the buildroot when done building; this was messing up subsequent builds that used the same buildroot. 2007-01-18 06:11:00 +00:00
Steve Beattie
df3bfe2564 Remove long obsolete editing of fstab. Anyone upgrading should already 
have the fstab entry.
 2007-01-18 04:58:37 +00:00
Steve Beattie
1ca1329522 Add an aaeventd initscript for redhat derived distros. 2007-01-18 04:55:53 +00:00
Steve Beattie
9ed26e9f6d Move the start/stop functions into the aa_eventd initscript. 2007-01-18 04:54:49 +00:00
Steve Beattie
ee85cc9f24 Add a chomp statement to prevent blank lines being emitted to 
aa-eventd's logfile. Clean up some trailing spaces in the file.
 2007-01-17 12:32:15 +00:00
Steve Beattie
51a676b3b4 This patch modifies the aa-eventd daemon to use the Date::Parse module 
(TimeDate) package for parsing dates and fall back to using Date::Manip
if Date::Parse isn't available -- Date::Manip is more commonly available,
but is written solely in perl and is more general-purpose and heavyweight
than Date::Parse.

The DateTime package (datetime.perl.org) doesn't suffice as it it
either uses Date::Manip internally and DateTime::Format::Strptime also
isn't commonly available. Given that our regex for identifying dates
in syslog is pretty static; POSIX::strptime (implementing strptime(3))
functionality would probably be the best way to go -- except that perl's
POSIX doesn't include strptime and POSIX::strptime is another not commonly
available package. Sigh.
 2007-01-17 12:22:31 +00:00
Steve Beattie
7964feb031 The audit user space daemon has to be configured specially to include 
the apparmor defined event numbers. genprof, logprof, and aa-eventd
should all still function correctly even when the audit daemon is not
configured correctly. This commit addresses that as well as adding the
needed dependency on perl-gettext.
 2007-01-17 12:00:43 +00:00
Tony Jones
138fc035b5 Change parameter order to be dentry/mnt -- as suggested by Jan Blunck. 2007-01-17 07:12:32 +00:00
Steve Beattie
08e94e2969 Finally got the right set of in-place variable replacements that strips 
off trailing slashes on the build directory, which horribly confused
rpm's check for unpackaged files.
 2007-01-11 21:55:08 +00:00
David J Drewelow
eb5dccfa34 usability & bugfixes #158599, i18n changes 2007-01-11 09:40:48 +00:00
Andreas Gruenbacher
6422fe41c4 - Patches we are working on for submitting upstream. 2007-01-10 06:33:09 +00:00
John Johansen
38c621e337 branch of AA module targeted at lkml submission 2007-01-10 04:26:40 +00:00
Steve Beattie
d67b4ca48d Add missing sd_log_warning_msg function to initscripts that were missing it. 
Get rid of dependency on subdomain-master package.
 2007-01-09 07:59:39 +00:00
Steve Beattie
57761032f9 Add a timeout to work around ptrace(PTRACE_SYSCALL) on a parent attached 
ptrace() call never waking the child process on RHEL5 beta 2. Also did
some minor code formatting cleanup.
 2007-01-08 12:08:08 +00:00
John Johansen
9d6ce46f3b fix changehat tests to work with the new ECHILD error code returned by the module when a changehat is attempted against a profile with no hats 2007-01-05 21:14:59 +00:00
Seth Arnold
604b97b271 new passwd profile and sshd changes from Volker Kuhlmann in extras/ 2007-01-05 13:02:25 +00:00
Seth Arnold
749e1cb0aa Fix from Volker Kuhlmann for /tmp symlink to /var/tmp, for ntpd 2007-01-05 12:38:13 +00:00
John Johansen
257e91530d Add caching of capability and syscall reject logging so that only the 
first reject or complain message is logged.  This greatly reduces the
pressure on the auditing subsystem.

The audit log message caching is per task and applies to both complain
and reject mode messages.  The of the active task through profile
replacement, setting, or changehat will cause the cache to clear so a
new message can be emitted.
 2007-01-04 09:02:56 +00:00
John Johansen
f562cc440f make the nextgen branch of the module the new current module 2007-01-04 08:55:37 +00:00
John Johansen
99fcdfa3c8 rename deprecated module code from module to module-deprecated 2007-01-04 08:54:20 +00:00