mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
872 commits 23 branches 109 tags 32 MiB
Commit graph

91 commits

Author SHA1 Message Date
David J Drewelow
99fc25eb37 Updated requirements for changes to libapparmor. 2007-08-20 15:07:43 +00:00
David J Drewelow
fd1c72183b Updated sqlite db and related functions to support new parser and 
libapparmor.
 2007-08-20 15:07:13 +00:00
Dominic Reynolds
de7ec1e261 Missing shortcut fixes for german. 2007-08-17 21:41:37 +00:00
Dominic Reynolds
87cde25a44 Minor changes to ensure that removal of the repository section in 
logprof.conf disables repository integration.
 2007-08-17 21:05:28 +00:00
Dominic Reynolds
5c373ea077 Remove default/required hats for ssh in logprof.conf 2007-08-17 19:54:57 +00:00
Dominic Reynolds
9c0820d5ed Fixes for "mandatory profile not found" profiling bug, empty configs in 
logprof.conf generating undefined value errors, repository code
prompting user even if no configuration is present that specifies a
default repository.
 2007-08-16 21:51:08 +00:00
Dominic Reynolds
0e60123f22 Updated translations for missing shortcuts in msgstr fields. 2007-08-16 21:38:34 +00:00
Seth Arnold
0c9d1c44ed new audit manpage from Mathias Gug 2007-08-15 21:43:40 +00:00
Dominic Reynolds
ea8ed8f665 utitlity to look for problems in the po files. 2007-08-15 19:24:49 +00:00
Dominic Reynolds
4b7a720d8a Fix problems with missing hotkey for "(S)can for SubDomain Events" in 
genprof. Replace occurances of SubDomain in msgstr with AppArmor.
 2007-08-15 16:24:26 +00:00
Dominic Reynolds
1c56662fe7 Added support for capablities and network toggles in #includes. 2007-08-15 16:17:50 +00:00
Steve Beattie
4c1effc3a2 Make the location of logger configurable via /etc/apparmor/logprof.conf 2007-08-14 22:07:40 +00:00
Steve Beattie
6123467433 skip files suffixed with .dpkg-old, based on a patch from Mathias Gug 
<mathiaz@ubuntu.com> [Message-ID: <20070813201254.GD11381@mathias.mathiaz.net>]
Added comments to both file-skipping locations referencing the other
location that needs to be modified.

(The ideal solution would be for this information to be stored in one
commonly referenced location, configurable by distributors and
administratrors.)
 2007-08-14 19:19:59 +00:00
Steve Beattie
7e8fe42967 Fix for #298840, "apparmor-utils misses perl-TermReadKey dep" 2007-08-10 21:51:20 +00:00
Dominic Reynolds
073854651f Added updated translations. 2007-08-06 12:49:47 +00:00
Dominic Reynolds
bc8b8d742a Fix bug in saving of local profiles in the yast UI. Front end wasn't 
returning the selected list correctly and the backend wasn't processing
the returned list correctly.
 2007-07-30 01:56:21 +00:00
Dominic Reynolds
ecf9f5b5bf Fix bug in changehat handling code where profiles read in from were set 
as changed even though they may not be active profiles.
 2007-07-30 01:54:25 +00:00
Dominic Reynolds
95769acf38 Patch from jmichael@suse.de to factor out validate_mode into 
validate_log_mode() and validate_profile_mode()
 2007-07-30 01:53:25 +00:00
Dominic Reynolds
82b86abc58 Fix bug where events from the log were dropped for profiles in the 
null-complain-profile.
 2007-07-29 02:30:39 +00:00
Dominic Reynolds
371860fb03 Handle "mandatory profile missing" messages and autodep a new profile if 
P|px is chosen.
 2007-07-29 02:25:25 +00:00
Dominic Reynolds
b210319daa Fixes for regex handling in the tools to match the newer directory 
handling syntax.
 2007-07-29 02:23:31 +00:00
Dominic Reynolds
1a8ae64cfb Add handling for lock and append in logs and profiles. 2007-07-29 02:20:24 +00:00
Dominic Reynolds
3f2ed86bef Don't process events for profiles that no longer exist. 2007-07-29 02:18:29 +00:00
Dominic Reynolds
6f5bc70ae1 Updated usage of SubDomain::readprofile() (which changed in r620) in 
yast apparmor profile agent and syntax checking function in subdomain.pm
 2007-07-29 02:17:17 +00:00
Dominic Reynolds
0bd08b78c8 Strip trailing comments from individual rule lines in the profiles when 
they are parsed.
 2007-07-29 02:06:41 +00:00
Dominic Reynolds
d3d92196f9 Add support to the tools for basic network access mediation - by 
family/socket type.
 2007-07-29 02:06:00 +00:00
Dominic Reynolds
62eb92567d Add handling for clone operation from audit logs - which caused the 
tracking of process forking to not work correctly in the tools.
 2007-07-29 02:05:06 +00:00
Dominic Reynolds
74b0f0b5ad Read and write new change hat profile syntax 
Read in the new audit message format used by the module
Updated the tools to handle the newer directory mediation in apparmor
 2007-07-16 13:19:02 +00:00
Dominic Reynolds
c8c8ca442c Repository fixes for tools. 
- Ask Me Later option for enabling the repository not working  
 - Cleanup the syncronization code with the repository - ensure that 
   mofications are presented correctly as adds/changes to the users profile
   set
 - Correct bug in marking profiles as NEVERSUBMIT  
 - Fix bug in serlializing profiles with hats (was adding the globals
   #include above each hat - ick)
 - Added dialog and config handling code to enable user to choose the mode of
   usage of the profile repository: download only or upload new/changed
   profiles - so that they user isn't repeatedly prompted to sign in to the
   repository
 - Set default configuration for the repository to apparmor.test.opensuse.org
 2007-07-13 17:53:12 +00:00
Steve Beattie
a2423f3371 Patch from Mathias Gug <mathiaz@ubuntu.com>, I added the same 
modification to the audit command.

This fix scans apparmor.d directory to find profiles that matches the
profile passed on the command line. Currently if the binary doesn't
exist on the system, complain/enforce fails even if a profile is defined.
 2007-06-15 15:11:09 +00:00
Steve Beattie
2493d03f93 This change was contributed by Mathias Gug <mathias.gug@ubuntu.com> 
This patch improves the information reported by then apparmor_status
script. It gives more detailed information about loaded profiles and
their mode, running processes and profiles applied to them.

(I slightly modified the code to refer to the term unconfined instead of
unstrained as well fixing some minor formatting issues.)
 2007-05-31 05:43:16 +00:00
Steve Beattie
703cad6072 Fix apparmor_status to report unconfined processes properly on the new 
lkml submission code and document possible return codes in the
apparmor_status manpage.
 2007-05-24 04:59:06 +00:00
Dominic Reynolds
e0e441ac72 - Minor formatting 
- use ENV{PAGER}
- chmod use changes to prevent races writing config files
- add preferred user (NOVELL) as config option in logprof.conf and sort
  profiles from repo so that preferred user is the default and first in
  the list
 2007-05-22 20:49:51 +00:00
Dominic Reynolds
8934b04b11 Correct localization problems identified in code review. 2007-04-26 16:31:08 +00:00
Dominic Reynolds
9161f2f09d Formatting/indentation corrections. 2007-04-26 14:42:56 +00:00
Dominic Reynolds
58820fc7e2 Fixed some indentation/formatting problems from the previous checkins. 2007-04-26 03:00:22 +00:00
Dominic Reynolds
08a4da1016 Add support to make the profiles in /etc/apparmor/profiles/extras 
usable directly from genprof/logprof when new profiles are needed.
 2007-04-26 02:59:17 +00:00
Dominic Reynolds
b002b50ba6 Changes to support marking profiles as local only and subsequently 
don't prompt the user to upload changes to the repository.
 2007-04-26 02:58:10 +00:00
Dominic Reynolds
3d16e4e6d6 Add support in YaST UI wizards for the AppArmor profile repository. 2007-04-26 02:56:54 +00:00
Dominic Reynolds
73c22acbdf Make repo user creation explicit choice in console UI during 
logprof/genprof run.
 2007-04-26 02:55:58 +00:00
Dominic Reynolds
54645b9e6b Remove debug statement and wrap call to do_logprof_pass in eval block 
for ag_genprof for error handling
 2007-04-26 02:54:11 +00:00
Dominic Reynolds
d27ff99e31 Changes to add support for the AppArmor profile repository to the 
console UI tools. (jmichael)
 2007-04-26 02:48:24 +00:00
Dominic Reynolds
4419185c4d Cleanup for the profile tools UI. 2007-04-26 02:46:23 +00:00
Dominic Reynolds
7fb70b4b22 Refactor/cleanup reading/writing and handling of configuration options 
in logprof.conf (jmichael)
 2007-04-25 21:06:52 +00:00
Dominic Reynolds
7114db645f refactor autodep to make it easier to add remote repository support 
(jmichael)
 2007-04-25 21:05:07 +00:00
Dominic Reynolds
43aa5f00f0 Reworks the profile loading code to be able to parse profile from a 
string we might have gotten from the network instead of requiring to
read it from a file and clean up the error handling (jmichael)
 2007-04-25 21:04:28 +00:00
Dominic Reynolds
dc4e5485f1 fix a bug in Add Hat dialog related to CMD_ABORT/CMD_FINISHED handling 
(jmichael)
 2007-04-25 20:48:51 +00:00
Dominic Reynolds
94c9775dde Refactoring cleanup for CMD_ABORT/CMD_FINISHED handling (jmichael) 2007-04-25 20:47:13 +00:00
Andreas Gruenbacher
d6414e35dd Some further bugfixes 2007-04-10 20:34:11 +00:00
Andreas Gruenbacher
461273d456 Add -i option for in-place editing. 2007-04-10 19:32:10 +00:00