mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
1429 commits 23 branches 109 tags 32 MiB
Commit graph

1429 commits

This branch
This branch
All branches
Author SHA1 Message Date
Steve Beattie
c2109f2c3b Cherry picked elements from trunk commit 1437: fix serious compiler 
warnings, silence an error in non-rpm build environs.

Nominated-by: Steve Beattie <sbeattie@ubuntu.com>
Acked-By: Kees Cook <kees@ubuntu.com>
 2010-09-15 10:24:55 -07:00
Steve Beattie
9578c217cb Much pared down version of trunk commit 1497: fix error checking so that 
caching will work without needing kernel_load.

Nominated-by: Kees Cook <kees.cook@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-15 09:33:01 -07:00
Jamie Strandboge
24bf1faaac exported smbd files need to have 'k' to work properly with certain applications 2010-09-14 14:17:53 -05:00
Steve Beattie
604b6b10b1 Fix up one little issue with the repo version bit when building outside 
of the repo tree.
 2010-09-13 01:37:04 -07:00
Steve Beattie
71cda52995 Point the repo target at the correct published tree. 2010-09-12 12:59:05 -07:00
Steve Beattie
2a3967f7f7 Modify the version determining stuff to work with bzr, update the 
toplevel tarball make target to create a release tarball and make a
snapshot target to do the same thing for snapshot releases.
 2010-09-12 12:56:51 -07:00
Steve Beattie
5308974d27 Preparation for 2.5.1 rc1 release. 2010-09-10 15:11:25 -07:00
Steve Beattie
0c754fe701 Merge from trunk rev 1411: network interface enumeration 
Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-10 13:19:38 -07:00
Steve Beattie
eeb523ab16 Merge from trunk rev 1410: update for font/icon/mime locations in 
current gnome.

Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-10 13:18:28 -07:00
Steve Beattie
90e414f0ab Merge from trunk rev 1467: Add gdm files to X abstraction. 
Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-10 13:13:56 -07:00
Jamie Strandboge
6ec327cfb9 tests/regression/subdomain/uservars.inc: apply the uservars.inc change in 
trunk's r1458 too
 2010-09-10 13:30:25 -05:00
Jamie Strandboge
15f61e5e5b profiles/apparmor.d/abstractions/ubuntu-email: add thunderbird 3 
profiles/apparmor.d/abstractions/ubuntu-media-players: add gmplayer
profiles/apparmor.d/abstractions/ubuntu-*: use PUx instead of Ux
 2010-09-10 10:28:28 -05:00
Steve Beattie
d4e0f472e2 Merge from trunk rev 1492: add testcases to support previous merges. 2010-09-10 00:46:03 -07:00
Steve Beattie
e89ef114bf Merge from trunk rev 1490: newer apparmor module uses target instead 
of name2, add log parsing support for this.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-10 00:40:59 -07:00
Steve Beattie
48587d7179 Merge from trunk rev 1489: Status messages have and offset field used 
to debug why and where a policy load failed.  For now just ignore it.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-10 00:39:16 -07:00
Steve Beattie
8e39e3ab86 Merge from trunk rev 1491: Change the second key_capability entry into 
a comment and document why its there and what to do with it once the
old entry types are cleaned up.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-10 00:36:33 -07:00
Steve Beattie
fbd1ab065e Merge from trunk rev 1487: Add support for the added capability and 
capname fields in LSM_AUDIT records;  For now just use capname and
silently drop capability when it is found.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-10 00:33:44 -07:00
Steve Beattie
d41f723645 Merge from trunk rev 1435 (+ creation of empty .err files): 
Update log parser grammar to handle new LSM-audit log messages.
Add testcases for new LSM-audit log messages.

Nominated-by: Steve Beattie <sbeattie@ubuntu.com>
Acked-By: Kees Cook <kees@ubuntu.com>
 2010-09-10 00:18:39 -07:00
Steve Beattie
808bda6792 Merge from trunk rev 1488: handle negative error codes in error= fields. 
Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-09 18:38:18 -07:00
Steve Beattie
914f9f5bad Merge from trunk rev 1486: If encountered the scanner will dump 
unmatched text from <audit_id>.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-09 15:16:36 -07:00
Steve Beattie
cea0cdb4e9 Merge from trunk rev 1485: Fix apparmor_notify memory leak for 
non-reported messages.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-09 11:28:04 -07:00
Steve Beattie
f12a20dcae Merge of trunk rev 1484: change notify.conf to default to enabling 
apparmor_notify.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-09-09 11:25:36 -07:00
Jamie Strandboge
e843ad3457 cherrypick r1483 from trunk: 
allow mmap of font cache files in @{HOME}/.fontconfig/ for sun-java6
 2010-09-08 13:58:37 -05:00
Jamie Strandboge
9333e221bc update fonts abstraction to add '/var/lib/ghostscript/** r,' 2010-09-03 08:42:29 -05:00
Jamie Strandboge
523738348c merge from trunk: abstractions/ubuntu-browsers: add '/usr/bin/sensible-browser 
PUxr'
 2010-08-30 11:11:34 -05:00
Steve Beattie
8b79fb5fea Merge from trunk revs 1476, 1477, and 1478: cope with various elements 
that the upstream 2.6.36 kernel is missing.

All Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-08-26 11:24:41 -07:00
Steve Beattie
8878869a0c Modified version of trunk rev 1473: 
This teaches pam_apparmor about the current errno returned by the
kernel when the hat that was passed does not exist in the profile (but
other hats exist). (LP: #619521)

It differs to the fix in trunk in that, to be more conservative in
the change, it does not remove the EPERM case, even though it should
not be needed anymore.

Nominated-by: Steve Beattie <sbeattie@ubuntu.com>
Acked-By: Kees Cook <kees@ubuntu.com>
 2010-08-19 08:45:19 -07:00
Steve Beattie
5fe2fc0c3f Merge from trunk r1462: remove kde4-config from the kde abstraction 
Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-08-11 12:06:38 -07:00
Steve Beattie
25f5cc50b3 Merge from trunk r1466: add ca-certificates to ssl_certs abstraction 
(LP: #605835)

Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-08-11 12:02:36 -07:00
Steve Beattie
72141e5a6e Merge r1457 from trunk: 'owner' match in commit 1406 too strict for 
/tmp/ and /var/tmp/ (LP: #615177)

Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-08-10 09:12:34 -07:00
Steve Beattie
d323db562a Merge revs 1403, 1417, 1447 from trunk: 
* add dbus-session abstraction (and use Pix rather than Uix)
 * fix gnome abstraction for gdk pixbuf loaders (LP: #611248)

Nominated by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-08-05 10:44:08 -07:00
Steve Beattie
030d97e3f1 Merge from r1430: fix for LP: #599450 
Changes the table resizing so that there is always sufficient high
entries in the table, preventing bounds violations from occurring.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-07-24 16:16:14 +02:00
Steve Beattie
0eb5d7c050 Merge from r1429: combine the two separate table resize code segments 
into a single functionally equivalent segment.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-07-24 16:09:25 +02:00
Steve Beattie
1c1de08f11 Partial merge r1419: add the -p flag to support the output of 
flattened profiles.

Submitted-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-07-17 18:39:37 -07:00
Steve Beattie
6dad83c212 Merge r1387: Fix perl swig bindings so that libapparmor can be built 
when configured without perl.

Nominated-by: Steve Beattie <sbeattie@ubuntu.com>
Acked-By: Marc Deslauriers <marc.deslauriers@canonical.com>
 2010-07-13 16:38:39 -07:00
Steve Beattie
1ad455c6da Merge r1385: Fix memory leak during dfa minimization. 
Nominated-by: Steve Beattie <sbeattie@ubuntu.com>
Acked-By: Marc Deslauriers <marc.deslauriers@canonical.com>
 2010-07-13 16:36:47 -07:00
Steve Beattie
b5c8c2bdaf Merge r1379: Fix leaking file descriptors on included files. 
Nominated-by: Steve Beattie <sbeattie@ubuntu.com>
Acked-By: Marc Deslauriers <marc.deslauriers@canonical.com>
 2010-07-13 16:31:57 -07:00
Steve Beattie
ac1a585bbe Merge from trunk rev 1424: Move expression tree node labeling into expr 
node themselves to reduce memory usage and make node labeling per dfa
rather than global.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-07-12 15:53:51 -07:00
Steve Beattie
8187d02864 Merge in rev 1422 from trunk: Cleaning up the sets firstpos, lastpos, 
and followpos early reduces peak memory usage.

Nominated-by: John Johansen <john.johansen@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-07-12 15:28:26 -07:00
Steve Beattie
8525087270 Merge in r1413 and r1418: report correct filename/line number on errors 
in the parser.

r1413 Nominated-by: Kees Cook <kees@ubuntu.com>
r1413 Acked-By: Steve Beattie <sbeattie@ubuntu.com>
r1418 Nominated-by: Steve Beattie <sbeattie@ubuntu.com>
r1418 Acked-By: Kees Cook <kees@ubuntu.com>
r1418 Acked-By: John Johansen <john.johansen@canonical.com>
 2010-06-25 12:58:17 -07:00
Steve Beattie
26624648f8 apparmor_notify merges: r1391-r1396,r1401-r1402,r1405,r1407-r1408: 
These commits should bring apparmor_notify and apparmor_notify.pod
up to what is in trunk. In short:
- add long options
- cleanup output
- better handle auditd
- handle logfile rotation
- use seteuid() to drop privileges so we can raise/drop after log
  file rotation. Add -u USER option for dropping privileges when not
  using sudo
- man page updates
- group like entries together when using -v with -s (and later cleanups
  including LP: #582075)
Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-06-21 15:36:21 -07:00
Steve Beattie
6f7dad8790 Merge: r1389: add 'k' to /var/lib/samba/**.tdb in the samba abstraction 
Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-06-21 15:26:22 -07:00
Steve Beattie
f0d5b09b9f Merge: r1397-r1398: adjust cgi path for php5 abstraction (LP: #538661) 
Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-06-21 15:24:35 -07:00
Steve Beattie
ab10eafaaf Merge r1406: abstractions/user-tmp: require 'owner' matching 
Nominated-by: Jamie-Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-06-21 15:22:54 -07:00
Steve Beattie
aa106808fd Merge: r1409: statvfs allowed by default 
Nominated-by: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2010-06-21 15:21:10 -07:00
Steve Beattie
21875a520d Fix leaking file descriptors on included files. 2010-03-12 01:50:26 -08:00
John Johansen
6c23d48649 Bump versioning to AppArmor 2.5 2010-03-10 23:07:29 -08:00
Steve Beattie
4094043011 Fix up some testcase description fields 2010-03-10 21:38:10 -08:00
Steve Beattie
970807f01a Merge in stress test changes before ext4 eats them. 2010-03-10 21:09:15 -08:00
Steve Beattie
66286494a2 Resurrect another of the stress tests; it kinda works, though it requires 
killall-ing a few things in order to make it stop. And alas, it does seem
to eventually cause kernel hangs with 2.6.32-16. (Committing now before ext4
eats my changes and brain.)
 2010-03-10 20:56:47 -08:00