mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-10 03:34:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
4262 commits 23 branches 109 tags 33 MiB
Commit graph

1095 commits

Author SHA1 Message Date
Jamie Strandboge
aa6407d07b utils/apparmor/sandbox.py: only save environment variables that exist 2012-08-29 08:56:06 -05:00
Jamie Strandboge
457d19beaf utils/aa-sandbox.pod: note on hotplugging monitors 2012-08-29 08:49:15 -05:00
Jamie Strandboge
a324724cf3 utils/apparmor/sandbox.py: set QT_X11_NO_NATIVE_MENUBAR=1 
utils/aa-sandbox.pod: update KNOWN LIMITATIONS for global menu
 2012-08-29 08:43:48 -05:00
Jamie Strandboge
08d91ef714 utils/apparmor/sandbox.py: update title again 2012-08-28 11:56:18 -05:00
Jamie Strandboge
7eeaa74dd9 utils/apparmor/sandbox.py: fix error warning 2012-08-28 08:39:39 -05:00
Jamie Strandboge
0cd5965fcc utils/aa-sandbox.pod: 
- clean up LIMITATIONS a bit
- mention lack of cursor support
 2012-08-28 08:09:46 -05:00
Jamie Strandboge
06cc33166d utils/aa-sandbox.pod: document limitations 2012-08-28 08:01:15 -05:00
Jamie Strandboge
f2050ec13a utils/aa-sandbox.pod: document --with-clipboard 2012-08-28 07:44:49 -05:00
Jamie Strandboge
c92491621b utils/apparmor/sandbox.py: 
- add --with-clipboard for use with xpra
- check for incompatible options
 2012-08-28 07:41:23 -05:00
Jamie Strandboge
091bcd72fd adjust title to include the display 2012-08-27 20:13:41 -05:00
Jamie Strandboge
981188e17a utils/apparmor/sandbox.py: use a 3840x2560 server size to reduce memory usage 2012-08-27 17:18:21 -05:00
Jamie Strandboge
72995c5bcb utils/easyprof/templates/sandbox-x: add explicit deny rule to deny 
@{HOME}/.Xauthority
utils/apparmor/sandbox.py: verify the above rule is any any dynamic templates
 that use -X
utils/aa-sandbox.pod: update man page to warn about /.Xauthority access
 2012-08-27 16:43:20 -05:00
Jamie Strandboge
cb3d73424b utils/apparmor/sandbox.py: add --read-path=x.xauth to opt 2012-08-27 16:16:04 -05:00
Jamie Strandboge
392b5e07c0 various fixes based on feedback from James Troup. 2012-08-27 16:11:01 -05:00
Jamie Strandboge
ea6b1568b4 utils/apparmor/sandbox.py: 
- use signal.<signal> instead of hardcoding a number
- add --with-xauthority option
- remove '-r' and '--with-geometry' and use --with-xephyr-geometry instead
- allow passing arguments to the application when using aa-exec
- kill with SIGTERM, then try again with SIGKILL
- always use os.execv() in forks. Using cmd() when not specifying '-d' created
  different behaviors between debug and non-debug mode
- better cleanup Xpra when aa-exec command fails
- use the full dummy.xorg.conf, which gives us the correct modelines for large
  displays. This fixes the issue "Server's virtual screen is too small .... You
  may see strange behavior." which should up when the window's size was bigger
  than the 'current server resolution'
 2012-08-27 15:27:30 -05:00
Jamie Strandboge
3ad2820ebd utils/apparmor/sandbox.py: 
- cleanup environment handling
- refactor cleanup code
- verify Xsecurity is setup correctly (ie, interpret output of xhost)
- add generation of .Xauthority-sandbox...
- explitly use SECURITY extension
 2012-08-27 10:54:26 -05:00
Jamie Strandboge
fd4986e726 manpage updates 2012-08-24 12:16:20 -05:00
Jamie Strandboge
bb58f40ae3 add utils/aa-sandbox.pod 2012-08-24 12:07:19 -05:00
Jamie Strandboge
ec5973a3e6 utils/apparmor/sandbox.py: change 'resolution' to 'geometry' 2012-08-24 12:06:54 -05:00
Jamie Strandboge
72dbf597cc utils/apparmor/sandbox.py: use pkexec if '--with-x' is specified 2012-08-24 11:21:21 -05:00
Jamie Strandboge
c062a8a841 utils/apparmor/sandbox.py: 
- fix detection of xdummy driver
- update comments
- add '--no-tray' to 'xpra attach'
 2012-08-24 11:09:35 -05:00
Jamie Strandboge
056e642d2b utils/apparmor/sandbox.py: bail if we don't have xdummy 2012-08-24 10:57:28 -05:00
Jamie Strandboge
3fe45e4a9b utils/apparmor/sandbox.py: sleep for 0.5 seconds initially, then poll every 
second
 2012-08-24 10:52:22 -05:00
Jamie Strandboge
064887dfbd catch exception for x.start() 2012-08-24 10:49:24 -05:00
Jamie Strandboge
a13efcfe0a utils/apparmor/sandbox.py: detect if xpra is running before attach 2012-08-24 10:47:01 -05:00
Jamie Strandboge
cf24f21a77 utils/apparmor/sandbox.py: fix up arg validation for --with-xserver 2012-08-24 10:34:14 -05:00
Jamie Strandboge
5ce539c432 utils/apparmor/sandbox.py: 
- add xpra3d server option which uses Xdummy
- update debugging output
 2012-08-24 10:21:48 -05:00
Jamie Strandboge
7756e48197 utils/apparmor/sandbox.py: 
- add --profile option
- small cleanups
 2012-08-23 21:52:52 -05:00
Jamie Strandboge
ed0f41c650 utils/apparmor/sandbox.py: 
- whitespace cleanups
- move setting DISPLAY into the start() method
- add extra options to xpra attach
 2012-08-23 21:19:37 -05:00
Jamie Strandboge
cafd8c9b3e drop globalmenu support for now 2012-08-23 20:47:58 -05:00
Jamie Strandboge
d7b2cb6a50 small cleanups for prettier output 2012-08-23 20:39:19 -05:00
Jamie Strandboge
c0821032fb remove and add some comments 2012-08-23 20:25:29 -05:00
Jamie Strandboge
51256d8fe7 move X server search code into classes 2012-08-23 19:56:18 -05:00
Jamie Strandboge
1fdc3a5e99 utils/apparmor/sandbox.py: 
- add --xserver option and support both xephyr and xpra
- refactoring
 2012-08-23 19:36:25 -05:00
Jamie Strandboge
7157a62d2b utils/apparmor/sandbox.py: detect next DISPLAY to use 2012-08-23 17:37:31 -05:00
Jamie Strandboge
354486e326 utils/apparmor/sandbox.py: slightly cleanup the gen_policy_name 2012-08-23 17:15:51 -05:00
Jamie Strandboge
f826be087d utils/aa-sandbox: use msq() instead of print 
utils/apparmor/common.py: adjust for python3 (ie, make bi-lingual)
utils/apparmor/sandbox.py:
- set reasonable default template
- gen_policy_name() uses full pathname
- adjust for python3
 2012-08-23 17:12:14 -05:00
Jamie Strandboge
a995c08356 fix up debug handling 
add required binaries
 2012-08-23 16:29:48 -05:00
Jamie Strandboge
1e80b85296 merge from trunk 2012-08-23 15:53:33 -05:00
Jamie Strandboge
bf2eebd54d CAP_EPOLLWAKEUP was renamed to CAP_BLOCK_SUSPEND. Update severity.db for that. 
Acked-By: Jamie Strandboge <jamie@canonical.com>
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
 2012-08-14 13:46:10 -05:00
Jamie Strandboge
e7da3d81d1 use PYTHON in utils/python-tools-setup.py if it is defined 
Acked-By: Jamie Strandboge <jamie@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
 2012-07-01 09:12:29 -05:00
Jamie Strandboge
09ab5e4d65 CAP_EPOLLWAKEUP was added to the 3.5 series in: 
http://thread.gmane.org/gmane.linux.kernel/1289986

This allows for drivers that support poll to prevent suspend. Adjust
utils/severity.db for this.

Acked-By: Jamie Strandboge <jamie@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
 2012-06-29 13:48:28 -05:00
Dmitrijs Ledkovs
18ea588e5c typo 2012-06-12 14:30:57 +01:00
Dmitrijs Ledkovs
3418d895f2 Remaining typos 2012-06-12 14:28:41 +01:00
Dmitrijs Ledkovs
9f19fb7b53 * Use with open('file') as f, to prevent leaking file descriptors 
* More print -> sys.stdXXX.write() conversions
* Use `except Error as ex` & no sys.version checks
* add with_statement import for py2.5 compat
* remove unused import
 2012-06-12 11:37:36 +01:00
Dmitrijs Ledkovs
00505ab2dc newline parity with print statement vs sys.stdout.write 2012-06-11 18:31:31 +01:00
Dmitrijs Ledkovs
dac3c00862 Initial port to python3 for utilities. 2012-06-11 17:56:21 +01:00
John Johansen
5b6b2bbc01 Original Author: mancha@mancha.user.oftc.net 
create-apparmor.vim.py was failing on systems with python 2.5, fix that

Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <sbeattie@ubuntu.com>
 2012-06-08 14:30:22 -07:00
Christian Boltz
79aa2d1138 move generation of file rules to create-apparmor.vim 
This patch moves the generation of file rules from apparmor.vim.in to
create-apparmor.vim.py. It also adds support for
- filenames in quotes
- reverse syntax (permissions first)

The patch also removes an outdated $Id header in apparmor.vim.in and
updates the copyright year.


Acked-By: John Johansen <john.johansen@canonical.com>
 2012-06-05 21:18:30 +02:00
Jamie Strandboge
cc1c57727d utils/apparmor/sandbox.py: 
- print what template we are using on stdout
- don't default to a specific template (may change in future)
- add username to profile name
 2012-05-10 06:43:52 -07:00