mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-05 00:41:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
1358 commits 23 branches 109 tags 32 MiB
Commit graph

1358 commits

This branch
This branch
All branches
Author SHA1 Message Date
Steve Beattie
5c9177fa81 Fixing missing testcase error file 2008-11-03 17:38:08 +00:00
Steve Beattie
6c526f081f Fix compiler warning in the test_multi test program. 2008-11-03 17:17:48 +00:00
Steve Beattie
0ebee05092 Fix a compilation error on ubuntu; wondering if there's older distros 
where glibc doesn't provide /usr/include/dirent.h.
Also fixed a compilation warning around fprintf sizes.
 2008-10-08 19:43:28 +00:00
John Johansen
93f22b7fd6 fix bad parameter merge on apparmor_ptrace 2008-10-03 20:43:43 +00:00
John Johansen
2873f3effd Add apparmor patches for 2.6.27, and related aufs patches. 2008-09-30 16:00:31 +00:00
John Johansen
b3a1923a8f update to 2.3.1 2008-09-12 10:40:04 +00:00
John Johansen
fe07cb1e6c fix miss spell word transtion bnc383310 2008-09-12 06:52:39 +00:00
John Johansen
c149ae6097 Finish adding support to allow the parser to loaded dumped profiles 
generated using
  apparmor_parser profile -S >binary_profile

can now be loaded using
  apparmor_parser -B binary_profile
 2008-09-10 08:44:53 +00:00
John Johansen
ac88f71c63 Allow the parser to load opensuse 11.0 style hats and newer 2.3 style hats 2008-09-10 08:42:49 +00:00
John Johansen
f2dec0e337 fix for bnc408846, where network rules are repeatedly prompted for even when 
a matching rule is in the profile.
 2008-09-10 08:38:44 +00:00
John Johansen
4fb77c6f5d fix 3 bugs currently convered by bnc408877 
- flags being dropped from hats
- rules can be poorly split on writing the profile
- identical rules with different permissions are not properly combined, so
  that only permissions of the last rule are kept
 2008-09-10 08:36:59 +00:00
John Johansen
ddfb6fb978 update for missing comma 2008-07-03 02:30:56 +00:00
John Johansen
6a3e6c68be update patches to 2.6.26 2008-07-02 20:24:33 +00:00
John Johansen
748e398c21 - various patches and cleanups from kees@ubuntu.com 2008-06-11 20:19:36 +00:00
John Johansen
e663e7c0b0 Zbyniu Krzystolik <zbyniu@pld-linux.org> 
Added missing capabilities names.
Simple rlimits support.  It doesn't care about range of individual limit, 
you can add ie -100G stack size or 100M nice. But maybe sufficient?
 2008-06-09 23:30:35 +00:00
John Johansen
2781d88abc update help message 2008-06-09 22:15:28 +00:00
John Johansen
58b8a58e86 Patch from zbyniu to allow parser to build on glibc (<2.4) 2008-06-09 21:17:41 +00:00
John Johansen
f670eaf464 output the names only list before post processing the policy 2008-06-09 21:15:17 +00:00
John Johansen
100ff7cabb Update to allow external hats by specifying the hat keyword in front of 
the profile name.
 2008-06-09 12:00:42 +00:00
John Johansen
d8df8830f1 add hat flag and add it automatically for embedded hats 
remove hat rules
 2008-06-09 11:48:13 +00:00
John Johansen
8420935617 add hat flag to profiles, and test for it in change_hat 2008-06-09 11:47:21 +00:00
John Johansen
5655293cf8 oops, fix the rlimit table size test 2008-06-09 10:15:31 +00:00
John Johansen
303721fca2 - Fix rlimits to work when user space passes in fewer rlimits than the number 
of rlimits supported by the kernel.
- remove hat rules
- add hat flag for each profile
- fix apparmorfs profile listing code.  Used to only return the first
  80 or so profiles, and then refuse to output more
 2008-06-09 10:12:23 +00:00
John Johansen
8f13e0d60d - fix rcapparmor stop. Have it dump the loaded profile list to a file before 
removing profiles, as the list is unstable after additions or removals.
- Add the ability to loaded precompiled policy by specifying the -B
  option, which can be combined with --add or --replace
 2008-06-09 10:00:28 +00:00
John Johansen
0c95606e03 let the parser add the change_hat rule 2008-06-08 09:32:12 +00:00
John Johansen
3b11aa9050 Remove hat rules. In large policies the number of hat rules becomes 
problematic, hat rules can be replaced with simple hat flag on a profile.
 2008-06-08 09:02:27 +00:00
John Johansen
b2f4863231 Fix to stop leaking the dfa ruleset. On large policies containing lots of 
hats this will result in a marked improvement on memory usage.
 2008-06-08 08:56:37 +00:00
John Johansen
aa0b2030c7 add missing for 2008-06-04 11:36:13 +00:00
John Johansen
be495f2125 fix 
- rc.apparmor.functions were not correctly removing profiles on replace and
  reload, also convert to using the module interface directly bypassing the
  parser.
- fix cx ->  named transitions
- fix apparmor_parser -N so that it emits hats as profiles under new kernel
  modules.  This is the correct behavior as hats are promoted to profiles.
 2008-06-04 07:24:38 +00:00
John Johansen
3897c52414 update link_subset test, to include child x 2008-06-04 05:59:11 +00:00
John Johansen
9e8c5e9914 Fix two bugs 
- rpc was failing when passing arrays because the perl is_utf8 string flag
  was set even though its only sending numbers but newer HTTP::Message
  checks for this is_utf8 and if it finds it aborts.
- fix local profiles
  local profiles were failing because
  1.) the parameters to serialize_profile were bad
  2.) the file location was not getting updated so they would get written
      back to the inactive profiles directory
 2008-06-03 21:54:55 +00:00
John Johansen
cb9f84a61e fix repository profile saving, where the name for profiles from the repository got lost on saving 2008-06-03 10:38:19 +00:00
John Johansen
838d22220a bleah finally get the config setting for default owner right 2008-06-02 09:02:09 +00:00
John Johansen
9a1f1a5689 fix not defined owner_toggle to default_owner_prompt as it should be 2008-06-01 04:59:08 +00:00
John Johansen
8d3ff10db1 Update the utils profile restrictions so that cx and named transitions can be 
used on utility programs
 2008-05-30 07:21:15 +00:00
John Johansen
787cb39f81 fix profile unloading, and make it faster by skipping the parser and going 
directly to the unload interface.  This means that the init script will no
longer run on very old versions of AppArmor (pre 2.0)
 2008-05-29 23:10:27 +00:00
John Johansen
934e00a1de commit patch provided by arekm 
- remove bashism from initscript
- fix segfault in apparmor_parser on x86-64
 2008-05-29 18:58:18 +00:00
John Johansen
8c47189e19 update names output so that profile reload works correctly with hats and local profiles 2008-05-29 06:09:34 +00:00
John Johansen
c82947b8b7 clean up kernel patch directory 2008-05-27 12:01:30 +00:00
John Johansen
b4edea623b add 2.6.24 branch 2008-05-27 11:55:58 +00:00
John Johansen
1b60c9bf8e update __d_path-keep-connected.diff to not use MS_NOUSER. add comments to head of some other patches 2008-05-27 11:44:19 +00:00
John Johansen
613471f84c fold in fix-named-transitions, update d_path-keep connected to not use MS_NOUSER 2008-05-27 11:35:44 +00:00
John Johansen
4be9cf08e7 update __d_path-keep-connected.diff 2008-05-27 11:32:19 +00:00
John Johansen
84cd045d53 exclude AF_CAN for now 2008-05-26 10:22:56 +00:00
John Johansen
516fb55d1d update translation files 2008-05-26 09:52:11 +00:00
John Johansen
4dd8db05b8 fix previous patch to allow for white space seperating profile keyword and profile name 2008-05-22 20:11:03 +00:00
John Johansen
0bd0e19f05 add desktop dir 2008-05-22 10:01:56 +00:00
John Johansen
62888cfec7 add translation files 2008-05-22 09:28:18 +00:00
John Johansen
44e22c56f9 update translations 2008-05-22 09:26:15 +00:00
John Johansen
c207df96bb allow profile name following profile keyword to be any valid name. NOTE: this breaks namespaces currently 2008-05-22 09:16:46 +00:00