mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
978 commits 23 branches 109 tags 32 MiB
Commit graph

70 commits

Author SHA1 Message Date
John Johansen
fb036e3296 openat.patch 2007-12-23 01:04:12 +00:00
John Johansen
d447b3b4e4 chdir.patch 2007-12-23 01:03:58 +00:00
John Johansen
77dc3a81f6 access.patch 2007-12-23 01:03:39 +00:00
John Johansen
b5d54384f0 more updates to prolog-inc 2007-12-23 01:03:27 +00:00
John Johansen
247a887a95 sysctl.patch 2007-12-23 01:02:50 +00:00
John Johansen
25c06ea4fb change_hat_profile_access.patch 2007-12-23 01:02:35 +00:00
John Johansen
7cb38c90aa basename.patch 2007-12-23 01:02:15 +00:00
John Johansen
355b968257 confined.patch 2007-12-23 01:02:00 +00:00
John Johansen
7be938573e link_perms.patch 2007-12-23 01:01:24 +00:00
John Johansen
5fb7c2cac6 dir-files.patch 2007-12-23 01:00:56 +00:00
John Johansen
93d88ebfd4 ptrace.patch 2007-12-23 01:00:33 +00:00
John Johansen
5b61f80b97 deleted-open-revalidate.patch 2007-12-23 01:00:19 +00:00
John Johansen
c843dbc392 exec_qual.patch 2007-12-23 01:00:00 +00:00
John Johansen
d54462a550 vfs-mnt.patch 2007-12-23 00:59:37 +00:00
John Johansen
98ce614c3b start of 10.3 test update 2007-12-23 00:58:47 +00:00
John Johansen
a0efe08a97 Add patches to update new tests and deal with the new directory behavior 
which doesn't automatically mask of MAY_WRITE in inode_permission.

openat.patch - comment of o_creat bug, remove exit before last test
chdir.patch - add trailing /, give profile read permission to the directory
access.patch - give profile dir read permissions, update test rwx (r) to
              fail since w - perm is no longer masked off.
 2007-05-02 22:35:33 +00:00
Steve Beattie
53c97e6696 Add a testcase for fchdir, and test steps to verify we didn't break 
normal chdir/fchdir. Minor formatting changes to chdir.c.
 2007-04-30 18:40:42 +00:00
Steve Beattie
edda52258e Fix up a few of the testcase patches to take into account other changes that have happened, and disable some patches that have already been applied. 2007-04-19 11:40:54 +00:00
John Johansen
789c323bfe Update patches for mainline branch of AppArmor 
- includes patches to handle access to change_hat /proc/<pid>/attr/current
  being a parser rule
- the working updated ptrace patches
- update for the change in sysctl behavior from cap_sys_admin to profile
  entries
 2007-04-18 21:00:11 +00:00
John Johansen
a425d5e150 fix genrunscript so that the generated run script produced when using -r will correctly handle more than a single argument 2007-04-18 20:53:46 +00:00
Matt Barringer
6c06fbe63c 2007-04-08 07:54:29 +00:00
Matt Barringer
51805b5c25 Getting the netdomain tests working on the actual netdomain machine 2007-04-08 07:52:49 +00:00
Jesse Michael
0d2e46088b need these fixes for the regression tests to run on ubuntu 2007-03-24 00:59:27 +00:00
Steve Beattie
a63b132ea2 Add a testcase for a writeonly link (wl -> w) 2007-03-23 19:10:45 +00:00
John Johansen
ee3f92d459 add test for the renaming of a directory over and existing directory. Remove the patch that does the same from for-mainline since it is no longer necessary 2007-03-23 17:33:25 +00:00
John Johansen
e981282bd4 add tests for mediate of the creation of the symlink link file. Remove the patch from for-mainline since it is no longer necessary 2007-03-23 17:31:32 +00:00
Matt Barringer
19efd07a71 Fixed formatting. 2007-03-22 20:42:36 +00:00
Matt Barringer
371f984e09 Initial checkin of the netdomain test suite. It requires 
dejagnu (which, in turn, requires tcl).
 2007-03-21 22:27:37 +00:00
Steve Beattie
a39a3b0410 Add tests to openat to test what names apparmor sees when a rename 
occurs between the open(dir) and openat(file) calls.
 2007-03-14 19:53:10 +00:00
Steve Beattie
94d4ac649e Fixup the openat.sh test as well. 2007-03-13 22:10:45 +00:00
Steve Beattie
063bb1b26e Fix up some of the patches after I messed them up by incorporating some of their changes. 2007-03-13 18:27:21 +00:00
Steve Beattie
30a2252adf Add some basic tests for openat(). Need to add tests that delete the 
opened directory before the openat() call occurs.
 2007-03-13 11:57:36 +00:00
Steve Beattie
3f32351793 Misc cleanups. 2007-03-13 11:32:04 +00:00
Steve Beattie
7b391f3d5c Add a testcase to verify when clone() is allowed. 2007-03-08 23:40:10 +00:00
Steve Beattie
b0733fb3a4 Based on a patch from jjohansen@suse.de, does s/constrained/confined/ in 
comments and descriptions. A later patch will fix it for the few
testcases that actually check the value in /proc/pid/attr/current.
 2007-03-08 21:23:17 +00:00
Steve Beattie
19235e440a Patch by jjohansen@suse.de: fix the syscall_chroot test to work even 
when chroot pathnames are reported against the namespace root instead of
the chroot root.
 2007-03-08 21:00:12 +00:00
John Johansen
b787d8ac21 Patches against test suite to match the for-mainline branch 2007-03-08 17:15:12 +00:00
Steve Beattie
23f05801f6 Add testcases for fchmod/fchown and clean up some formatting in the 
original chmod/chown tests.
 2007-03-08 00:09:47 +00:00
Steve Beattie
ad542aba23 Add a test for cap net_bind_service w/tcp. Alas, this test is still 
disabled.
 2007-03-07 18:54:28 +00:00
Steve Beattie
beac286a5c Run fork.c through lindent. 2007-03-06 20:13:31 +00:00
Steve Beattie
065b7bf660 Add a couple of testcases to the hardlink test. 2007-02-28 17:39:53 +00:00
Steve Beattie
57761032f9 Add a timeout to work around ptrace(PTRACE_SYSCALL) on a parent attached 
ptrace() call never waking the child process on RHEL5 beta 2. Also did
some minor code formatting cleanup.
 2007-01-08 12:08:08 +00:00
John Johansen
9d6ce46f3b fix changehat tests to work with the new ECHILD error code returned by the module when a changehat is attempted against a profile with no hats 2007-01-05 21:14:59 +00:00
Steve Beattie
eddd069354 jjohanen pointed out that our regression tests were not compiling on 
the openSUSE 10.2 RC candidates. This is because the _syscallN macros
are (apparently) no longer user visible. This patch replaces uses of
_syscallN() in the regression test source with invocations of syscall(2),
the preferred linux kernel way of doing things. With this patch, our
regression tests compile on the openSUSE 10.2 candidates as well as older
distributions (tested as far back as slackware 10.0, which includes a
2.4.x kernel).

(A missing license header got added as well as some minor coding style
cleanups leaked into the patch as well.)
 2006-12-04 06:43:42 +00:00
John Johansen
508d8e1da7 add audit_write and audit_control to the list of capabilities tested against, for current regression tests. This does not extend the regression suite to test the audit_write and audit_control capabilities 2006-11-08 10:46:49 +00:00
John Johansen
d2c636b859 regression tests for changehat returning eperm when an application is unconfined and tries to do a changehat 2006-10-24 22:15:32 +00:00
John Johansen
e813acfd50 fix a small race condition where is_done is set before the thread is actually done. 2006-10-18 21:12:30 +00:00
Steve Beattie
0961fb5a5b This checkin fixes the environ.sh to work on 64bit systems (with /lib64/ 
directories). It also disables the longpath test (after locking up
another machine from running it), but adds a 'make alltests' target
which will run all the tests plus that one (and any others defined in
the RISKY_TESTS variable.)
 2006-09-15 22:39:59 +00:00
Steve Beattie
16ede09541 Fix a tyop and add corresponding profile names for other error 
conditions.
 2006-09-13 20:06:16 +00:00
Steve Beattie
e291f9933e Add a user tunable setting to add arguments to the parser invocations, 
if necessary.  Currently used to suppress warnings about unsafe/unfiltered
environment 'u' exec transitions. 

[Corresponds to rev 6415 in the old svn repo]
 2006-09-13 18:40:52 +00:00