mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/parser/tst/simple_tests
History
John Johansen 832bb8f417 parser: Add support for a default_allow mode 
Add support for a default_allow mode that facillitates writing profiles
in that allow everything by default. This is not normally recomended
but fascilitates creating basic profiles while working to transition
policy away from unconfined.

This mode is being added specifically to replace the use of the
unconfined flag in these transitional profiles as the use of unconfined
in policy is confusing and does not reflect the semantics of what is
being done.

Generally the goal for policy should be to remove all default_allow
profiles once the policy is fully developed.

Note: this patch only adds parsing of default_allow mode. Currently
it sets the unconfined flag to achieve default allow but this
prevents deny rules from being applied. Once dominance is fixed a
subsequent patch will transition default_allow away from using
the unconfined flag.

Signed-off-by: John Johansen <john.johansen@canonical.com>
2023-11-24 15:38:19 -08:00
..
abi Add some empty and cut-off bad abi rules 2022-04-17 00:38:18 +02:00
all parser: add support for a generic all rule type 2023-09-07 01:30:15 -07:00
bare_include_tests parser tests: add include in preamble tests 2020-05-05 00:30:18 -07:00
capability treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
change_hat as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
change_profile Fix: make sure overlapping safe and unsafe exec rules conflict 2016-06-02 22:24:22 -07:00
conditional treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
dbus Add some simple_tests ("deny dbus name=(SomeService)," and "deny file,") 2016-01-07 23:39:56 +01:00
file treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
include_tests Add a test with recursive include in preamble 2021-04-28 13:32:08 +02:00
includes Add a test with recursive include in preamble 2021-04-28 13:32:08 +02:00
includes-preamble Move preamble inclusions to a different directory since it was breaking 2008-11-25 19:05:40 +00:00
io_uring parser: add io_uring simple tests 2023-05-03 16:03:52 +02:00
mount parser: fix rule flag generation change_mount type rules 2023-06-21 01:18:14 -07:00
mqueue parser: add parser simple tests for mqueue rules 2022-11-22 19:31:15 +00:00
namespaces parser tests: add userns simple tests 2022-10-27 17:54:42 +00:00
network treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
profile parser: Add support for a default_allow mode 2023-11-24 15:38:19 -08:00
ptrace Add tests for various rules outside of a profile 2015-10-19 21:13:48 +02:00
rewrite parse_profile_data(): error out on alias inside profile 2018-05-06 14:27:32 +02:00
rlimits treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
signal Add tests for various rules outside of a profile 2015-10-19 21:13:48 +02:00
unix parser: add support for autobind sockets 2020-09-29 03:34:56 -07:00
vars Remove TODO notes from no-longer-failing tests 2018-08-22 22:24:43 +02:00
xattrs parser: support matching xattr keys but not values 2019-11-26 21:32:08 -08:00
xtrans Remove TODO notes from no-longer-failing tests 2018-08-22 22:24:43 +02:00
readme Add missing files from my last 11 patches as I forgot to do bzr add before 2010-12-20 13:18:36 -08:00

readme 

Directory for auto generated x-transition tests