mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/parser
History
John Johansen ab9e6311f3 Merge parser: add network inet mediation documentation to apparmor.d 
This updates the man page for the recent inet mediation patch.

This is an extension of MR 1202, it adds a patch that changes the anonymous ip address anon to be ip address none which is a better fit.

This patch adds documentation of the recent network changes which extended all network rules to support access permissions, and added address and port matching for inet and inet6 families.

Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1213
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
2024-04-12 03:46:23 +00:00
..
libapparmor_re parser: fix regex parser leak on parsing failure 2023-11-23 17:37:46 -03:00
po translations: update generated pot files 2020-10-14 03:56:38 -07:00
tst Merge parser: add network inet mediation documentation to apparmor.d 2024-04-12 03:46:23 +00:00
aa-teardown aa-teardown: Replace /bin/bash with /bin/sh 2018-05-05 17:46:19 -07:00
aa-teardown.pod docs: update documentation to point bug reporting to gitlab 2020-05-05 00:10:53 -07:00
af_rule.cc parser: consolidate rule class handling into aa_class 2023-03-31 02:21:19 -07:00
af_rule.h parser: rework perms rule merging 2023-07-10 20:04:53 -07:00
af_unix.cc parser: add ability to specify permission in network rules 2024-02-28 21:42:18 -03:00
af_unix.h parser: refactor network to use rule class as its base. 2023-09-07 00:12:51 -07:00
all_rule.cc parser: add fine grained conditionals to network rule 2024-02-29 16:25:59 -03:00
all_rule.h parser: fix issues appointed by coverity 2024-03-18 10:36:56 -03:00
apparmor.d.pod switch inet mediation from using anon to none 2024-04-11 19:03:43 -07:00
apparmor.pod fix typo: globally 2024-03-29 10:57:33 +01:00
apparmor.service Add Documentation=... to apparmor.service 2023-10-29 10:49:33 +01:00
apparmor.systemd Make the systemd unit a no-op in containers with no internal policy 2022-02-12 10:23:39 +00:00
apparmor_parser.pod fix typo: aggressive 2024-03-29 10:52:25 +01:00
apparmor_xattrs.pod apparmor_xattrs.7: fix whatis entry 2020-10-25 11:54:47 +00:00
base_af_names.h Add 'mctp' network domain keyword 2022-02-08 19:09:24 +01:00
base_cap_names.h parser: Add support for CAP_CHECKPOINT_RESTORE 2020-10-13 21:30:19 -07:00
bignum.h parser: fix coverity issues found in snapshot 70858 2024-02-28 10:24:08 -03:00
capability.h parser/capability.h: add missing <cstdint> include 2022-05-23 23:13:14 +01:00
common_flags.h parser: Cleanup parser control flags, so they display as expected to user 2023-07-08 19:58:59 -07:00
common_optarg.c parser: Cleanup parser control flags, so they display as expected to user 2023-07-08 19:58:59 -07:00
common_optarg.h parser: Cleanup parser control flags, so they display as expected to user 2023-07-08 19:58:59 -07:00
COPYING.GPL rpmlint complains about an outdated FSF address in parser/COPYING.GPL. 2011-11-27 13:52:06 +01:00
dbus.cc parser: cleanup and rework optimization and dump flag handling 2023-07-07 17:47:41 -07:00
dbus.h parser: rework perms rule merging 2023-07-10 20:04:53 -07:00
default_features.c parser: Move to a pre-generated cap_names.h 2020-07-07 09:43:48 -07:00
file_cache.h Fix comment wording in file_cache.h 2021-05-02 11:29:41 +02:00
frob_slack_rc as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
immunix.h parser: int mode to perms 2023-03-29 10:45:44 -07:00
io_uring.cc parser: add support for a generic all rule type 2023-09-07 01:30:15 -07:00
io_uring.h parser: add support for a generic all rule type 2023-09-07 01:30:15 -07:00
lib.c Fix comment typo in parser/lib.c 2021-12-05 18:16:53 +01:00
lib.h libapparmor: Use directory file descriptor in _aa_dirat_for_each() 2015-06-15 15:11:51 -05:00
Makefile parser(Makefile): dont install /var/lib/apparmor 2024-03-08 10:18:16 +01:00
mount.cc MountRule: sync flags_keywords with parser code 2024-03-03 15:37:59 +01:00
mount.h parser: add rule dedup of mount rules 2023-07-07 17:38:47 -07:00
mqueue.cc parser: fix getattr and setattr perm mapping on mqueue rules 2024-03-27 18:33:23 -03:00
mqueue.h parser: fix getattr and setattr perm mapping on mqueue rules 2024-03-27 18:33:23 -03:00
network.cc Merge parser: add network inet mediation documentation to apparmor.d 2024-04-12 03:46:23 +00:00
network.h switch inet mediation from using anon to none 2024-04-11 19:03:43 -07:00
parser.conf Revert "policy: pin policy to 4.0 abi for dev" 2023-07-19 17:37:24 -03:00
parser.h parser: maintain compatibility for fine grained inet network mediation 2024-02-29 18:27:20 -03:00
parser_alias.c parser: make alias_ignore a bool 2023-03-31 02:17:28 -07:00
parser_common.c parser: maintain compatibility for fine grained inet network mediation 2024-02-29 18:27:20 -03:00
parser_include.c parser: fix definitely and possibly lost memory leaks 2023-03-16 18:03:57 -03:00
parser_include.h parser: add include dedup cache to handle include loops 2021-04-27 20:26:57 -07:00
parser_interface.c parser: fix subprofile name in profile serialization 2023-12-01 16:14:19 -03:00
parser_lex.l parser: change network conditionals to allow unquoted ids 2024-02-29 16:25:59 -03:00
parser_main.c parser: fix af_inet feature from network to network_v8 2024-03-15 16:38:10 -03:00
parser_merge.c parser: Cleanup parser control flags, so they display as expected to user 2023-07-08 19:58:59 -07:00
parser_misc.c parser: add support for a generic all rule type 2023-09-07 01:30:15 -07:00
parser_policy.c parser: refactor network to use rule class as its base. 2023-09-07 00:12:51 -07:00
parser_regex.c parser: fix coverity issues found in snapshot 70858 2024-02-28 10:24:08 -03:00
parser_symtab.c treewide: spelling/typo fixes in code strings 2020-12-01 12:47:18 -08:00
parser_variable.c parser: add support for attach_disconnected.path 2023-08-14 01:42:28 -07:00
parser_yacc.y parser: add fine grained conditionals to network rule 2024-02-29 16:25:59 -03:00
policy_cache.c Fix wording of some warnings 2020-10-11 12:22:23 +02:00
policy_cache.h drop unused extern int debug_cache 2021-02-07 16:02:20 +01:00
policydb.h parser: consolidate rule class handling into aa_class 2023-03-31 02:21:19 -07:00
profile-load profile-load: use less ambiguous if/then construct 2022-02-15 07:34:17 +00:00
profile.cc parser: Add support for a default_allow mode 2023-11-24 15:38:19 -08:00
profile.h parser: Add support for a default_allow mode 2023-11-24 15:38:19 -08:00
ptrace.cc parser: cleanup and rework optimization and dump flag handling 2023-07-07 17:47:41 -07:00
ptrace.h parser: rework perms rule merging 2023-07-10 20:04:53 -07:00
rc.apparmor.functions parser/rc.apparmor: Handle Incus 2023-10-12 00:55:03 -04:00
rc.apparmor.slackware added missing functions to slackware init script 2019-11-08 13:49:48 +01:00
README README: Move project contact info into the main README 2018-09-13 16:54:09 +00:00
README.devel parser: add some developer documentation 2013-12-10 14:15:02 -08:00
rule.cc parser: consolidate rule class handling into aa_class 2023-03-31 02:21:19 -07:00
rule.h parser: add support for a generic all rule type 2023-09-07 01:30:15 -07:00
signal.cc parser: add kill.signal=XXX flag support 2023-08-25 10:16:51 -07:00
signal.h parser: add kill.signal=XXX flag support 2023-08-25 10:16:51 -07:00
techdoc.tex treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
unit_test.h Convert codomain to a class 2013-09-27 16:16:37 -07:00
userns.cc parser: cleanup and rework optimization and dump flag handling 2023-07-07 17:47:41 -07:00
userns.h parser: add permission merging 2023-07-10 18:01:32 -03:00

README 

The apparmor_parser allows you to add, replace, and remove AppArmor
policy through the use of command line options. The default is to add.
`apparmor_parser --help` shows what the command line options are.

You can also find more information at https://wiki.apparmor.net

-- The AppArmor development team