mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-05 00:41:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
561 commits 23 branches 109 tags 32 MiB
Commit graph

561 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andreas Gruenbacher
b185eb6739 Special case the mqueue kernel-internal mount. 2007-04-16 00:31:34 +00:00
Andreas Gruenbacher
c814631218 A minor update to nameidata-never-NULL.diff. Add split-up-nameidata.diff (which passes down a stripped nameidata to some fs functions). Needs testing. 2007-04-15 22:16:50 +00:00
Andreas Gruenbacher
875dbfb65e Add a minimal fix that no longer passes NULL nameidata to vfs_create. May not actually work yet, and it's quite an ugly hack. 2007-04-14 17:24:30 +00:00
Andreas Gruenbacher
0aaaab25e3 Minor parameter passing cleanup in fs/nfsd/vfs.c 2007-04-14 17:22:24 +00:00
Andreas Gruenbacher
6dc1c8e7e2 (Join two lines) 2007-04-14 05:45:26 +00:00
John Johansen
9182e53486 fix the depth check for hat expansion 2007-04-14 05:24:10 +00:00
Steve Beattie
4e2bf5ab74 Resurrect apparmor-docs package, this time as a subpackage of 
apparmor-parser. The html version of the parser manpages as well as pdf,
html, and text versions of the techdoc are included in the -docs
package.

Disabled a regression stress test that is a bit problematic on 64bit
arches; the stress test itself is a bit absurd given how many rules it
generates.
 2007-04-14 04:48:56 +00:00
John Johansen
58305e50b5 remove a couple more extraneous functions 2007-04-14 03:04:18 +00:00
John Johansen
104a654461 add patches for: ptracing process in different namespace, removing redundant fn's in lsm.c, using beX_to_cpu instead of ntohX routines, fixing interface bounds checking against overflow, limiting hat interface recursion to 1 level 2007-04-13 23:53:07 +00:00
Steve Beattie
1304aac673 Removing the docs/ directory from the tree; the manpages and the techdoc 
have been moved to their respective packages. The papers are all old
enough to be out of date; interesting from a historical perspective but
not really necessary for a trunk checkout.
 2007-04-13 16:54:32 +00:00
Andreas Gruenbacher
083e8e575b Actually, enable apparmor-main-2.diff: I think we shouldn't actually have to change anything except the profiles using hats (two only ...) 2007-04-13 04:03:26 +00:00
Andreas Gruenbacher
bd3cc5667c Add patch to get rid of aa_taskattr_access (disabled in series). 2007-04-13 01:01:34 +00:00
Andreas Gruenbacher
2029a5e4cb Cosmetic change & typo 2007-04-13 00:18:23 +00:00
Steve Beattie
4d88ec41cc Add a toplevel makefile, to ease making a single tarball. 2007-04-12 20:07:50 +00:00
Steve Beattie
c8eb1e4c42 Move the techdoc to the apparmor-parser package. 2007-04-12 06:01:40 +00:00
Andreas Gruenbacher
b278ad03de Incorporate feedback from Steve. 2007-04-12 04:28:45 +00:00
Seth Arnold
a48588ef80 clean up the BNF-ish language description; indicate the trailing-slash requirement for directories; add a few new change_hat applications 2007-04-11 23:47:58 +00:00
John Johansen
cd79c1ac77 update copyright dates 2007-04-11 08:12:51 +00:00
Andreas Gruenbacher
ef709ac4d3 Fold together recent patches. Split up apparmor.diff (too big in one piece for LKML). Add some patch header documentation. 2007-04-11 00:15:58 +00:00
Steve Beattie
693e769a77 A couple of directory fixups for sshd. 2007-04-10 23:34:06 +00:00
John Johansen
cf00a2d8b3 add module_param-2.diff, refresh apparmor-messages.diff to remove \n from AA_INFO messages 2007-04-10 23:07:50 +00:00
Steve Beattie
f4fd2f17b6 Add an alternate location for XKeysymDB 2007-04-10 22:31:50 +00:00
Andreas Gruenbacher
793161458b Adapt abstractions and some profiles in active/ to the new syntax. 2007-04-10 22:08:09 +00:00
Andreas Gruenbacher
17353f25b4 Adapt abstractions and some profiles in active/ to the new syntax. 2007-04-10 22:05:33 +00:00
John Johansen
d13ef600d8 update patches with feed back, refresh with -p ab 2007-04-10 20:54:28 +00:00
Andreas Gruenbacher
d6414e35dd Some further bugfixes 2007-04-10 20:34:11 +00:00
Andreas Gruenbacher
461273d456 Add -i option for in-place editing. 2007-04-10 19:32:10 +00:00
Andreas Gruenbacher
ea1ae48724 Get patch order right. 2007-04-10 18:35:13 +00:00
Andreas Gruenbacher
f55c928fbe Recognize quoted pathnames as well. 2007-04-10 18:16:03 +00:00
Andreas Gruenbacher
e3e5528dbc Add sketchy profile conversion script. 2007-04-10 14:45:09 +00:00
Andreas Gruenbacher
c97205bfeb Add makefile rule to generate HTML techdoc. 2007-04-10 01:38:56 +00:00
Andreas Gruenbacher
b9caf8ef1a Capitalization fixes. 2007-04-10 00:59:25 +00:00
Andreas Gruenbacher
220454063f Add technical documentation. 2007-04-10 00:52:43 +00:00
Andreas Gruenbacher
9b46fbca97 Add locking-comment.txt. 2007-04-08 17:58:53 +00:00
Andreas Gruenbacher
9597b4192f Add missing patches; new mostly-cosmetic one 2007-04-08 17:50:13 +00:00
Matt Barringer
6c06fbe63c 2007-04-08 07:54:29 +00:00
Matt Barringer
51805b5c25 Getting the netdomain tests working on the actual netdomain machine 2007-04-08 07:52:49 +00:00
Andreas Gruenbacher
dfdffc0e39 Update the ptrace patch. 2007-04-05 14:29:00 +00:00
Andreas Gruenbacher
4ff695d5a3 Add patch header comments 2007-04-05 10:04:00 +00:00
Steve Beattie
77cc03023e Subject: initscript: subdomain -> apparmor 
This patch converts some of the internal references from subdomain to
apparmor (and s/sd/aa/ as well). Variables referenced in
/etc/apparmor/subdomain.conf (which also needs to be renamed) are not
renamed.
 2007-04-04 21:56:08 +00:00
Steve Beattie
1696851ec4 Subject: initscript: kill debug option 
The apparmor module no longer supports being loaded with the
subdomain_debug module argument. Kill the option that tried to do this.
 2007-04-04 21:36:10 +00:00
Steve Beattie
f309bbd8e7 Subject: initscript: kill rebuild option 
[This is a slight update to a patch originally by jjohansen@suse.de]

The ability of the rcapparmor initscript to rebuild the apparmor module
if attmepts to load the module failed had been broken for a while; this
patch rips out the option altogether. The ability to drop to runlevel
1 if the apparmor module can't be loaded is still available, if not
recently tested.
 2007-04-04 21:28:43 +00:00
Steve Beattie
5cc6094944 Subject: initscript: support builtin apparmor 
This patch, based on prior versions by jjohansen@suse.de, reworks the
rcapparmor initscript to support apparmor as a kernel builtin, instead
of just a module.
 2007-04-04 21:23:42 +00:00
Steve Beattie
67a12028f2 Subject: initscript: ignore more dpkg 
In the recent fixups for Ubuntu/Debian, .dpkg-new files got added to the
set of profile names that get ignored. Alas, that only got added in one
of two locations in the initscript; this patch fixes that by making a
common test function that both locations use.
 2007-04-04 20:42:26 +00:00
Andreas Gruenbacher
87e2544d6f Fold together patches again. 2007-04-04 20:30:36 +00:00
Steve Beattie
feb167c51a Move some common manpage cleanup to common/Make.rules (and clean up 
pod2html tmpfiles). Also mark manpages to be ignored by svn.
 2007-04-03 20:12:16 +00:00
Steve Beattie
83eee1b4c6 Subject: Add mod_apparmor(8) to apache2-mod_apparmor package 
Move the mod_apparmor(8) manpage to the apache2-mod_apparmor package.
 2007-04-03 19:17:20 +00:00
Steve Beattie
60f2312372 Subject: Add manpages to utils package. 
Move the autodep(8), complain(8), enforce(8), logprof(8), genprof(8),
unconfined(8), logprof.conf(5), and apparmor_status(8) manpages, along
with their aa- form symlinks, to the utils package.
 2007-04-03 19:13:35 +00:00
Steve Beattie
38f4817876 Subject: Add change_hat(2) to libapparmor package 
Move change_hat(2) manpage to libapparmor package.
 2007-04-03 19:08:50 +00:00
Steve Beattie
24606ec70b Subject: Add manpages to the parser package 
Move the apparmor.d(5), apparmor(7), apparmor_parser(8),
subdomain.conf(5) and apparmor.vim(5) (for lack of a better location)
into the apparmor-parser package.
 2007-04-03 19:04:10 +00:00