mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-06 17:31:01 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
790 commits 23 branches 109 tags 32 MiB
Commit graph

790 commits

This branch
This branch
All branches
Author SHA1 Message Date
Matt Barringer
85eecb0dae - I'm not sure why scanner.l thought it should be generating 
lex.yy.c instead of scanner.c, but that just isn't right.
- There was an unpleasant bug in the audit id recreation 
  part of grammar.y that was causing memory corruption.
  It is now fixed.
 2007-07-29 04:37:22 +00:00
Dominic Reynolds
82b86abc58 Fix bug where events from the log were dropped for profiles in the 
null-complain-profile.
 2007-07-29 02:30:39 +00:00
Dominic Reynolds
371860fb03 Handle "mandatory profile missing" messages and autodep a new profile if 
P|px is chosen.
 2007-07-29 02:25:25 +00:00
Dominic Reynolds
b210319daa Fixes for regex handling in the tools to match the newer directory 
handling syntax.
 2007-07-29 02:23:31 +00:00
Dominic Reynolds
1a8ae64cfb Add handling for lock and append in logs and profiles. 2007-07-29 02:20:24 +00:00
Dominic Reynolds
c575edf759 Fix handshake bug between yast frontend/backend that caused the UI to 
hang (was returning result to the wrong backend agent).
 2007-07-29 02:19:35 +00:00
Dominic Reynolds
3f2ed86bef Don't process events for profiles that no longer exist. 2007-07-29 02:18:29 +00:00
Dominic Reynolds
6f5bc70ae1 Updated usage of SubDomain::readprofile() (which changed in r620) in 
yast apparmor profile agent and syntax checking function in subdomain.pm
 2007-07-29 02:17:17 +00:00
Dominic Reynolds
9e35713fa6 Added missing CMD_ values to apparmor_ycp_utils that were added to SubDomain.pm in r771 2007-07-29 02:09:59 +00:00
Dominic Reynolds
0bd08b78c8 Strip trailing comments from individual rule lines in the profiles when 
they are parsed.
 2007-07-29 02:06:41 +00:00
Dominic Reynolds
d3d92196f9 Add support to the tools for basic network access mediation - by 
family/socket type.
 2007-07-29 02:06:00 +00:00
Dominic Reynolds
62eb92567d Add handling for clone operation from audit logs - which caused the 
tracking of process forking to not work correctly in the tools.
 2007-07-29 02:05:06 +00:00
Matt Barringer
f5dcd65275 - Adding a note regarding libaalogparse no longer being maintained. 2007-07-28 15:43:09 +00:00
Matt Barringer
4bea1da54c - Merged the library previously known as "libaalogparse" with 
libapparmor.
- Moved the old libapparmor library to libapparmor-deprecated.
 2007-07-28 15:41:04 +00:00
Matt Barringer
65f4025e15 2007-07-28 15:38:27 +00:00
Steve Beattie
1791756480 Add changelog entry for recent checkins. 2007-07-27 21:51:23 +00:00
Steve Beattie
a83a78ee77 Incorporate part of a patch from Mathias Gug <mathiaz@ubuntu.com>, skips 
one more type of dpkg debris.
 2007-07-27 21:31:10 +00:00
Steve Beattie
6c1d6fdd80 Patch from jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Support placing the permission modes first before the pathname. This
makes things somewhat more consistent with other types of permissions
(capability [specific_cap], network [stuff], etc.).
 2007-07-27 20:55:25 +00:00
Steve Beattie
318df7804a Patch from jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Allow using the keyword "hat" in place of the magic symbol '^'
 2007-07-27 20:48:24 +00:00
Steve Beattie
9c4e50e7ca Patch from jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Use file_mode to remove duplicated code. Prelim for reordering file
permissions.
 2007-07-27 20:47:17 +00:00
Steve Beattie
3216755358 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Use correct terminology; convert unconstrained to unconfined.
 2007-07-27 20:45:45 +00:00
Steve Beattie
9df76dbcda Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Add mediation/keywords for locks.
 2007-07-27 20:38:43 +00:00
Steve Beattie
95d6ab1b1b Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Add support for a distinction between write permission and append-only
permission.
 2007-07-27 20:31:38 +00:00
Steve Beattie
2737f6bc97 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Support for basic network mediation keywords.
 2007-07-27 20:29:47 +00:00
Steve Beattie
b383370856 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Don't allow commas at the end of an ID.
 2007-07-27 20:27:41 +00:00
Steve Beattie
86e5ed3109 Patch from jjohansen@suse.de 
Fix debugging with CHANGE_PROFILE.
 2007-07-27 20:25:59 +00:00
John Johansen
17ff3b0f58 - append 
- lock
- null-complain-profile on missing mandatory profile bug
- parameter cleanup
- network mediation patch
 2007-07-27 20:20:50 +00:00
John Johansen
b2c6ec5b57 refresh patches for offsets against latest git pull 2007-07-27 18:36:31 +00:00
Matt Barringer
37cf7f900b - Working towards having this applet in OpenSUSE 10.3 2007-07-25 23:51:15 +00:00
Matt Barringer
f246dded28 -Typo in Makefile.am corrected. 2007-07-24 19:32:25 +00:00
Matt Barringer
2e9cdff31c - 10.3 uses ylwrap by default, which was throwing the 
scanner generation off.  Fixed.
 2007-07-24 19:29:02 +00:00
Matt Barringer
35257c4ff4 Trying to get this library to build on 10.3 2007-07-24 18:24:48 +00:00
Matt Barringer
a013140fce 2007-07-24 18:17:50 +00:00
Matt Barringer
748d811e03 2007-07-24 18:16:19 +00:00
Seth Arnold
87647fe7a7 add svn:keywords to tunables/proc 2007-07-23 16:31:39 +00:00
Andreas Gruenbacher
6d15b4eba7 - Rediff against 2.6.23-rc1. 2007-07-23 12:36:24 +00:00
Seth Arnold
5bd8083759 write to drift 2007-07-19 16:00:39 +00:00
Seth Arnold
f601f8c9ce services access 2007-07-19 15:59:58 +00:00
Steve Beattie
a6f387a17e Fix gcc warning about possible uninitialized use of the ms variable; if 
match_string is NULL, the out: cleanup will test ms for !NULL and free
it, even though it hasn't been initialized.
 2007-07-18 14:22:59 +00:00
Dominic Reynolds
74b0f0b5ad Read and write new change hat profile syntax 
Read in the new audit message format used by the module
Updated the tools to handle the newer directory mediation in apparmor
 2007-07-16 13:19:02 +00:00
John Johansen
dc3c7e0b20 refresh patches against latest git tree 2007-07-15 21:33:35 +00:00
John Johansen
4bd10c3aec fold patches into main apparmor patches 2007-07-15 15:42:43 +00:00
John Johansen
1ee0a2c2d3 - early bailout of change_hat/change_profile when the new_profile 
doesn't exist
- in do_change_profile rename profile to new_profile
- fix bug in early bail out
- don't audit change_hat/change_profile token
- remove unused AA_AUDITTYPE defines
 2007-07-15 15:27:08 +00:00
Dominic Reynolds
c8c8ca442c Repository fixes for tools. 
- Ask Me Later option for enabling the repository not working  
 - Cleanup the syncronization code with the repository - ensure that 
   mofications are presented correctly as adds/changes to the users profile
   set
 - Correct bug in marking profiles as NEVERSUBMIT  
 - Fix bug in serlializing profiles with hats (was adding the globals
   #include above each hat - ick)
 - Added dialog and config handling code to enable user to choose the mode of
   usage of the profile repository: download only or upload new/changed
   profiles - so that they user isn't repeatedly prompted to sign in to the
   repository
 - Set default configuration for the repository to apparmor.test.opensuse.org
 2007-07-13 17:53:12 +00:00
Matt Barringer
5a4a53563c - Cleaning up warnings from RPMLINT 2007-07-12 21:25:14 +00:00
Matt Barringer
7d54e6a856 - autogen.sh will make it easier for SVN users to build the library. 2007-07-12 20:18:27 +00:00
Matt Barringer
d8bc255e45 - Initial checkin of the RPM specfile 2007-07-12 18:40:39 +00:00
Matt Barringer
1fa3516397 - Modified configure to require --with-perl/python/ruby/etc 
to enable the compilation of those SWIG wrappers.
- Put together a perl usage example
 2007-07-11 01:08:06 +00:00
Matt Barringer
c6d5ebc7b6 - Modified src/Makefile.am, grammar.y & scanner.l to support autotools 
generating the bison & flex output.  Removing generated files from
  SVN.
- It doesn't make sense to remove those generated files but leave
  autotools generated files, so I'm removing those.
- Removing SWIG generated files as well.
 2007-07-10 16:38:23 +00:00
Matt Barringer
06faae5ec6 Added an audit_id field to the aa_log_record struct. 2007-07-09 19:08:02 +00:00