Subject: profiles: Add openssl abstraction
References: bnc#623886
Profiles that use openssl have been adding the openssl files piecemeal.
This patch creates a new openssl abstraction that can be inherited by
all profiles that use it.
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Patch for
- profiles/apparmor.d/abstractions/ssl_certs
- profiles/apparmor/profiles/extras/usr.sbin.httpd2-prefork (second chunk)
updated by Christian Boltz <apparmor@cboltz.de>
(didn't apply to trunk)
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
Copyright header in profiles/apparmor.d/abstractions/openssl added by
Christian Boltz <apparmor@cboltz.de>
Subject: profile: ntpd -N needs sys_nice
References: bnc#657054
ntpd -N allows the administrator to increase or decrease priority of the
ntp server. Since the profile doesn't allow it, the operation is denied.
This patch adds support for that operation.
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
along with a link to the wiki page. This helps users locate profiles
that possibly already exist for the application they are attempting to
confine, and suggests they contribute the profile when they're done.
apparmor_2.6.1~rc1 to apparmor_2.6.1-rc1
apparmor_2.6.0~rc1 to apparmor_2.6.0-rc1
to be consistent with the new format and to enable mirroring to a git
repository
'~' replaced by '-'. This is needed for mirroring to git as git can't
handle '~'s embedded in tag or branch names.
Tested by setting up a separate tag_version target like so:
tag_version:
echo ${TAG_VERSION}
This patch fixes the init scripts helper functions file to
filter out the hat/child process separator as currently used
by the parser, '//' rather than what used to be used, the '^'
symbol. This fixes bugs where profiles that covered regexs (e.g.
'/usr/lib/firefox-4.0.1/firefox{,*[^s][^h]}') and thus were being
improperly filtered away and unloaded when reloading apparmor policy.
binary portions (Hurd). This patch splits up the build targets so this is
possible:
"main" becomes "arch"
"indep" is created and depends on "docs"
po building is moved from "main" to "indep"
"all" has "tests" removed (standard build practices are to "make" then
"make check" so I think "tests"/"check" should stay separate from "all").
redundant chunk is removed (this exists twice in the Makefile):
-.SILENT: check
-check: tests
"install" is split into "install-indep" and "install-arch"
"install-arch" requires "arch" and only installs the binaries
"install-indep" requires "indep" and only install non-binaries
Additionally, update the README to mention the "check" target both for the
parser and the utils.
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
Some non-Linux systems do not define PATH_MAX (Hurd). Since I have no
interest in supporting a fully dynamic PATH_MAX in AppArmor, work around
this by just defining a static value that matches Linux's limits.h value.
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
translations to be built via the LANGS make argument whitelist. For
example:
cd parser; make all install "LANGS=en_US fr"
will build and install the en_US and fr .mo files for the parser.
Allow dumping out which states where dropped during partition minimization
and which state became the partitions representative state.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
The dfa graph dump was broken by previous dfa cleanups so that the graph
transition target is the output of a pointer instead of the dfa state
number.
Signed-off-by: John Johansen <john.johansen@canonical.com>
This is a rather large rearrangement of how a subset of the parser global
variables are defined. Right now, there are unit tests built without
linking against parser_main.c. As a result, none of the globals defined in
parser_main.c could be used in the code that is built for unit tests
(misc, regex, symtab, variable). To get a clean build, either stubs needed
to be added to "#ifdef UNIT_TEST" blocks in each .c file, or we had to
depend on link-time optimizations that would throw out the unused routines.
First, this is a problem because all the compile-time warnings had to be
explicitly silenced, so reviewing the build logs becomes difficult on
failures, and we can potentially (in really unlucky situations) test
something that isn't actually part of the "real" parser.
Second, not all compilers will allow this kind of linking (e.g. mips gcc),
and the missing symbols at link time will fail the entire build even though
they're technically not needed.
To solve all of this, I've moved all of the global variables used in lex,
yacc, and main to parser_common.c, and adjusted the .h files. On top of
this, I made sure to fully link the tst builds so all symbols are resolved
(including aare lib) and removedonly tst build-log silencing (for now,
deferring to another future patchset to consolidate the build silencing).
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Johansen, use 'ix' instead of 'Pix' for dbus-launch since if someone happens to
define a profile for dbus-launch and it is loosely confined, then users of this
abstraction could end up launching a program via dbus-launch in a less confined
manner than intended. This sort of thing should not be possible via an
abstraction (and people are always free to profile using Pix if they prefer).
since things go extremely badly when capabilities disappear. If someone
wants to work on it, I have some initial patch attempts, but it was getting
too time-consuming, so I back-burnered the parser. A very small change was
needed to get the libraries to build, and this is it.
Description: Workaround non-Linux environments to build everything but the
parser.
Author: Kees Cook <kees@debian.org>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
tarball. Let's drop this from future tarball creation.
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
