Several log examples result in rules where the 'owner' conditional
should be added. With logparser.py fixed to handle owner-only events, we
need to add the owner conditional to several test_multi/*.profile files.
I verified all log files for the changed profiles and made sure that
- the log line contains fsuid= and ouid=
- fsuid == ouid
I also did a quick check on all log events containing ouid= and for
those with fsuid == ouid, I checked that the profile has the owner
conditional.
Acked-by: Seth Arnold <seth.arnold@canonical.com> for trunk and 2.11
(see mail from 2017-07-31)
logparser.py failed to notice if file events are owner-only in modern
audit.log (using fsuid=... and ouid=...).
This patch adds a comparison of fsuid and ouid and marks file events
as 'owner' if they match.
Note that log events without fsuid=... or ouid=... will have
18446744073709551615 as fsuid / ouid value (that's 2^64 - 1).
'None' would clearly be better ;-)
References: https://bugs.launchpad.net/apparmor/+bug/1538340
handle_children(): automatically add m permissions on ix rules
See merge request apparmor/apparmor!22
Acked-by: John Johansen <john.johansen@canonical.com>
Exit rather than returning from shell snippets in Makefiles. It is
reported that returning causes the following error message with bash:
/bin/sh: line 4: return: can only `return' from a function or sourced script
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Christian Boltz <apparmor@cboltz.de>
The utils have tests that rely on the in-tree parser to be built so it
should be documented that the parser should be built first.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
The test-aa-easyprof.py script relies on the parser to be built so the
check target of the utils/test/Makefile should detect if the parser
exists before running any tests.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Christian Boltz <apparmor@cboltz.de>
Since some kernel versions, inherit (ix) needs mmap permissions. Instead
of annoying the user with an avoidable question after adding an ix rule,
always add m permissions.
Together with the already existing code, this means newly added inherit
rules will now have 'mrix' permissions.
autodep() calls read_inactive_profiles() each time it's called (= for
each binary). The result is a "Conflicting profile" error (showing the
same filename twice) if autodep() runs more than once. This can easily
happen when using "aa-autodep /usr/bin/*".
This patch adds an attribute to read_inactive_profiles() that lets the
function return without doing anything if was called before.
check_po.pl lists lots of false positives saying that
msgstr ""
does not have the (h)otkey translated.
This patch whitelists those untranslated strings.
I also tested (by manually "breaking" a translation) that missing
hotkeys still get noticed.
This bug probably exists since forever, therefore I propose this patch
for 2.9..trunk. (OTOH, nobody noticed it, so maybe trunk is enough ;-)
Note: I still get a few false positives for ru.po (no idea why, similar
texts in the other languages don't cause this) - ideas and fixes welcome.
allow dac_read_search and dac_override for dovecot/auth
See merge request apparmor/apparmor!14
Acked-by: Seth Arnold <seth.arnold@canonical.com> for 2.9, 2.10, 2.11 and trunk
* Alter paths to allow Java version 8 and up.
* Add file rules to fix IcedTea browser plugin.
* Refactor to keep path consistensy against parent and child profile,
reduce repetitive rules.
Allow to read pulseaudio config subdirectories
See merge request apparmor/apparmor!12
Acked-by: Christian Boltz <apparmor@cboltz.de> for 2.9, 2.10, 2.11 and trunk
After using "view changes", the selection got reset to the first changed
profile. This could mislead the user into saving the wrong profile.
This patch ensures the selection is kept.
I propose this patch for trunk and 2.11.
(2.11 will need different indentation again.)
I'm not sure if we should also apply this in 2.10 and 2.9 - they have
the same behaviour, but OTOH I'm not sure if changing behaviour (even if
it's an improvement) in those old releases is a good idea.
Opinions?
The last change in save_profiles() sorted() the order in which the
changed profiles get displayed. However, it did not honor the sorting
when displaying changes or saving the selected profile, leading to the
wrong profile displayed or saved.
This patch fixes picking the selected profile, and at the same time
replaces the duplicated code for doing this with a single instance.
I propose this patch for trunk and 2.11.
Note that the 2.11 branch needs a slightly different patch (different
indentation).
Also note that this regression made it into 2.11.1, so distributions
shipping 2.11.1 should add this patch.
ubuntu-browsers, ubuntu-helpers: add support for Google Chrome unstable (LP: #1730536).
See merge request apparmor/apparmor!9
Acked-by: Christian Boltz <apparmor@cboltz.de>
The RETURN VALUE section contained two typos where "kernel_features" was
used instead of "kernel_interface".
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Callers of aa_features_unref(), aa_kernel_interface_unref(), and
aa_policy_cache_unref() had to store off errno and restore it after
calling those functions in error paths. This patch preserves errno
across those *_unref() functions so that callers don't have to.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
