mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
919 commits 23 branches 109 tags 32 MiB
Commit graph

87 commits

Author SHA1 Message Date
Steve Beattie
b9342d0963 logparsing library: fix up interpreting the protocol to handle both 
digits and strings returned (though it's entirely possible the kernel
will only ever return the protocol number).

Things should probably be fixed up to convert back to the name of the
protocol.
 2007-09-18 02:01:42 +00:00
Steve Beattie
4d505d643e Add correctly generated testcase for parent=pid_t from Kenny Graunke 
<kgraunke@novell.com>, as well as fixing the code to properly parse
messages containing them.

Alas, this resulted in a change in the returned structure.
 2007-09-17 22:38:22 +00:00
Steve Beattie
7489640b82 Fix the logparsing library to parse correctly the task field passed back 
by apparmor; the new syntax passes back the task as unquoted digits,
whereas the logparser expected a quoted string.
 2007-09-17 21:54:49 +00:00
Steve Beattie
c075a9db45 Add testcase for "task=NNNN" apparmor hint message. 2007-09-17 21:24:35 +00:00
Steve Beattie
cf76182f2c Add a testcase for network protocols that the log parsing library can't 
parse.
 2007-09-17 21:20:24 +00:00
Steve Beattie
9ad53af32b Add testcase for old-style mandatory missing profile exec rejection. 2007-09-17 20:55:05 +00:00
Steve Beattie
cd498230c7 Fix aa logparsing library to parse messages where the strings in the 
name, name2, or profile fields have been safely (hex) encoded.
 2007-09-17 05:22:40 +00:00
Steve Beattie
2640f42273 Add a basic inode_permission testcase. 2007-09-15 06:02:13 +00:00
Steve Beattie
ee5391c6a4 Remove the magic token from the aa_change_profile() interface, as 
change_profile transitions ought to be uni-directional. If you want
bi-directional transitions, use aa_change_hat() instead.
 2007-09-15 05:41:44 +00:00
Steve Beattie
95625c6a39 Bump release version (+date) in specfile, and bump library minor 
version.
 2007-09-15 03:46:56 +00:00
Steve Beattie
793afcd06c Add support for an old style message hint "changing_profile" which 
indicates that the pid referenced is being placed in the null-complain
profile.
 2007-09-14 21:38:46 +00:00
Steve Beattie
fa6dce4c65 This patch fixes up the support for parsing old style messages generated 
on systems where auditd has not been compiled with --with-apparmor (i.e.
events are reported with an unknown type).
 2007-09-14 14:36:01 +00:00
Steve Beattie
6700630539 This patch fixes the parsing of old-style apparmor log messages that 
occur within a hat that's name does not begin with a '/'. New style
message parsing was not affected by this bug.
 2007-09-14 14:33:05 +00:00
Steve Beattie
2228421afd Stop printing "Error: syntax error" to stdout when the library has a 
problem parsing the log message.
 2007-09-14 14:29:07 +00:00
Steve Beattie
7f9a058d9c This patch adds support for parsing apparmor messages that come through 
syslog, along with testcases. This should work for both old and new
style log messages, as well as with dmesg timestamps enabled in the
kernel ("echo 1 > /sys/module/printk/parameters/printk_time").

This patch applies on top of the previous patch sent to support the
type=15xx messages.
 2007-09-14 14:26:21 +00:00
Steve Beattie
a6a88a4dd7 This patch adds support to the logparsing library for the type=15xx 
flags when events come through the audit subsystem. It also fixes the
case where the audit daemon has not been configured with apparmor
support and the events are reported as type=UNKNOWN[15xx].

It also fixes the testsuite dependencies so that they will get relinked
when the library changes.
 2007-09-14 14:00:48 +00:00
Steve Beattie
aa94fc1d08 - Add configure check for the existence of asprint(3). 
- Add -Wall to compilation (is there a way to only define this in the
  toplevel Makefile.am and have it propogate down?)
- fix warnings once -Wall was enabled:
  - no asprintf prototype due to _GNU_SOURCE not being defined
  - possible uninitialezed use in scanner.l
  - printf's that expected ints but were passed longs in the testsuite
 2007-08-21 17:28:34 +00:00
Steve Beattie
e756eec7c1 Ugh, fix broken symlink for the change_hat manpage. 2007-08-17 16:21:11 +00:00
Steve Beattie
156476d738 Rename change_hat.2 to aa_change_hat.2, with backwards compatability 
symlink generated by the rpm specfile.
Don't create libimmunix.so, nothing new should ever link against it.
 2007-08-16 05:15:03 +00:00
Steve Beattie
45b5373b39 Add support for aa_change_profile(2) to both the library and to the swig 
interfaces. A manpage still needs to be added.
 2007-08-16 04:35:56 +00:00
Steve Beattie
adf6076d85 Rename change_hat(2) to aa_change_hat(2) (a backwards compatibility 
macro is in place) and support 64 bit magic tokens.
 2007-08-16 04:26:19 +00:00
Steve Beattie
bda571d643 Fix braindead symbol versioning issue where applications that linked 
against libapparmor::change_hat would be linking against
change_hat@IMMUNIX_1.0 rather than change_hat@APPARMOR_1.0 (the
preferred version).

Remove -module to prevent linking portability warning when building
mod_apparmor.

Use RPM_OPT_FLAGS for CFLAGS when building rpms.
 2007-08-16 04:19:54 +00:00
Matt Barringer
7d3a95c797 - Added the timestamp from the audit ID ('epoch') 
to aa_log_record.
- Added the integer that follows the colon in the 
  audit ID ('audit_sub_id') to aa_log_record.
- Modified the testsuite to deal with the two new
  numbers.
 2007-08-15 20:07:48 +00:00
Seth Arnold
64ea5e3944 patch from Mathias Gug to correct change_hat manpage section 2007-08-15 00:14:39 +00:00
Steve Beattie
b608f2643b This patch is from Mathias Gug <mathiaz@ubuntu.com> of Ubuntu 
[Message-ID: <20070813195328.GB11381@mathias.mathiaz.net>]

Ubuntu installs apxs, the apache module building binary in /usr/bin
rather than /usr/sbin, so search there as well.
 2007-08-14 19:09:03 +00:00
Steve Beattie
cd73259db4 Patch from Mathias Gug <mathiaz@ubuntu.com> of Ubuntu [Message-ID: 
<20070813195328.GB11381@mathias.mathiaz.net>].

This fixes the make install target of pam_apparmor so that it depends on
the library already being built.
 2007-08-14 19:06:19 +00:00
Matt Barringer
ad4685c196 - Patched to remove annoying build error when the python module 
is not enabled.
 2007-08-08 22:56:16 +00:00
Steve Beattie
6de4ff8971 Make pam_apparmor dependencies correct for opensuse 10.2 and earlier. 2007-08-08 19:09:01 +00:00
Steve Beattie
99b510da88 Now that config.h.in has been deleted, remove the dependency on it in 
configure.in.
 2007-08-08 16:57:34 +00:00
Steve Beattie
b8b12a6a6c Sigh, it actually did work, but the opensuse buildservice is somewhat 
deceiving. Re-enabling.
 2007-08-08 15:26:01 +00:00
Steve Beattie
47cef58f48 Back out change to use libimmunix on 10.0. It didn't appear to work. 2007-08-08 15:05:10 +00:00
Steve Beattie
5dc2a8a487 Use libimmunix on suse 10.0 (and earlier) 2007-08-08 06:28:22 +00:00
Matt Barringer
d1640ad894 - Removing config.h.in 2007-08-07 19:09:48 +00:00
Matt Barringer
e04d4a309f - Added "protocol", "family" and "sock_type" to the parser to 
support the initial network support.
 2007-08-06 02:38:30 +00:00
Matt Barringer
ab87fbfb94 - Was previously under the belief that pid="1234" and 
magic_token="1245353" were correct syntax from the kernel.
  It turns out this is not the case.
 2007-08-05 22:54:41 +00:00
Steve Beattie
e654adf876 Fix up a couple of issues that were preventing things from building. 2007-07-31 05:35:07 +00:00
Matt Barringer
5ee0d57d60 - Updated extconf.rb to reflect the library merging 2007-07-31 03:20:12 +00:00
Steve Beattie
9eb8b7459f Fixup dependency on libapparmor-devel for non-suse dists. 2007-07-30 19:05:21 +00:00
Steve Beattie
bf0d391818 Fix dependencies for older versions of opensuse. 2007-07-30 18:48:00 +00:00
Steve Beattie
68c51fa152 From aj@suse.de: Fix permissions of README file. 2007-07-30 07:30:24 +00:00
Steve Beattie
09e0b627fa Convert builddep on libapparmor to libapparmor-devel 2007-07-30 07:18:07 +00:00
Steve Beattie
4150a569a7 Get rid of crufty crap that causes autobuild to fail. 2007-07-30 05:36:23 +00:00
Steve Beattie
01be9c93e3 Convert libapparmor build dependency to libapparmor-devel. 2007-07-30 05:18:39 +00:00
Steve Beattie
84db5d71e3 Convert build dependency on libapparmor to libapapparmor-devel 2007-07-30 05:05:42 +00:00
Matt Barringer
1b80dff02d - Using asprintf instead of snprintf 2007-07-29 06:05:41 +00:00
Matt Barringer
85eecb0dae - I'm not sure why scanner.l thought it should be generating 
lex.yy.c instead of scanner.c, but that just isn't right.
- There was an unpleasant bug in the audit id recreation 
  part of grammar.y that was causing memory corruption.
  It is now fixed.
 2007-07-29 04:37:22 +00:00
Matt Barringer
4bea1da54c - Merged the library previously known as "libaalogparse" with 
libapparmor.
- Moved the old libapparmor library to libapparmor-deprecated.
 2007-07-28 15:41:04 +00:00
Matt Barringer
65f4025e15 2007-07-28 15:38:27 +00:00
Dominic Reynolds
c7fbd14641 Changes to work with tomcat5.5: changed apis to the logging framework 
and request pipeline.
 2007-05-21 20:39:41 +00:00
Dominic Reynolds
74b2bfae95 Add directory for tomcat_5_5 plugin (used in openSUSE 10.3) 2007-05-21 19:58:58 +00:00