mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity
6,266 Commits 23 Branches 113 Tags
0727da47b3e2ec1e66b7f349bced82c1e6674c94
Commit Graph

387 Commits

Author SHA1 Message Date
John Johansen
073064bdb0 The new apparmor module uses has added a target key that is used to report 
the target of an operation instead of name2 used in previous kernels
 2010-09-09 12:22:02 -07:00
John Johansen
59597775e5 Status messages have and offset field used to debug why and where a policy 
load failed.  For now just ignore it.
 2010-09-09 12:21:19 -07:00
John Johansen
4c666b4d2f The kernel can return negative error codes for error= 2010-09-09 12:20:30 -07:00
John Johansen
1e098b5928 The capability operation picked up the capability and capname fields. 
capability is reported by LSM_AUDIT and is just the capability number.
capname is reported by the apparmor module and is the name the kernel
knows the capability as.

For now just use capname and silently drop capability when it is found.
 2010-09-09 12:19:08 -07:00
John Johansen
4fcd7e94f5 If encountered the scanner will dump unmatched text from <audit_id>. 2010-09-09 12:17:03 -07:00
Steve Beattie
046e1fb215 This is an incomplete fix for bug 
https://bugs.launchpad.net/apparmor/+bug/623467

This patch adds some additional testcases to the log parsing
testsuite, to cover rejections for operations that aren't covered by
other testcase (truncate, rename_src, rename_dest, mkdir) as well
as fixing SubDomain.pm to take those operations into account when
parsing log files.

The operations link, unlink, and possibly setattr still need to be
covered by SubDomain.pm
 2010-08-25 09:53:39 -07:00
Steve Beattie
341877416e Creating lame empty error files that dejagnu needs for its tests. 
Apologies for not getting an ACK on this commit.
 2010-08-23 22:34:51 -07:00
Kees Cook
5f76ba2ae3 Cleanups in libapparmor that should have been part of commit 1437. These 
were part of the ACKed patch on the mailing list.
 2010-07-26 10:58:07 -07:00
Kees Cook
624aee531a Fix many compile-time warnings. 
Start replacing RPM with lsb-release.
Drop old references to CVE.
Remove unused code.
 2010-07-26 09:22:45 -07:00
Kees Cook
a92f9e67b3 Add "comm" string to the parser structure and testsuite runner. Update 
testsuite output to include "comm" report.
 2010-07-26 09:20:02 -07:00
Kees Cook
5649f5237b Add testcases for new LSM-audit log messages. 
Update log parser grammar to handle new LSM-audit log messages.
 2010-07-26 09:16:23 -07:00
Steve Beattie
b403bbdf82 Fix perl swig bindings so that libapparmor can be built when configured 
without perl. Thanks to Arkadiusz Miskiewicz <arekm at maven.pl>.
 2010-03-16 15:00:26 -07:00
John Johansen
6c23d48649 Bump versioning to AppArmor 2.5 2010-03-10 23:07:29 -08:00
John Johansen
7d940743cb Add change_hatv and change_hat_vargs calls to libapparmor. 
These replacement routines allow an application to avoid the probing
behavior of earlier version of change_hat.  Allowing them to be faster
and have better learning characteristics.
 2010-02-11 15:38:24 -08:00
John Johansen
f999b49843 Add change_profile onexec to libapparmor 2010-02-11 15:37:25 -08:00
John Johansen
7592c80db5 Update build version tags to 2.5~pre 2010-02-11 15:36:16 -08:00
Kees Cook
60fb075419 libraries/libapparmor/src/scanner.l: dynamic string handling to avoid stack overflows on log parsing (LP: #519686) 
Bug: https://launchpad.net/bugs/519686
 2010-02-10 15:13:55 -08:00
John Johansen
335b088dd0 Bump version to 2.4 2010-02-04 14:41:36 -08:00
Jamie Strandboge
d4d9dda5cb libraries/libapparmor/swig/perl/examples/example.pl: more fixes 2010-01-12 09:52:00 -06:00
Jamie Strandboge
3fd950e823 libraries/libapparmor/swig/perl/examples/example.pl: fix so it works again 2010-01-11 20:54:54 -06:00
Kees Cook
da6c9246f5 clear remaining $Id$ tags, since bzr does not suppor them 2009-11-11 10:44:26 -08:00
Steve Beattie
4265cecdfa From: Marc Deslauriers <marc.deslauriers@ubuntu.com> 
Acked-By: Steve Beattie <steve@ubuntu.com>
Ref: https://bugs.launchpad.net/bugs/431929

Parse log entries containing an ouid.

(I added a testcase to Marc's fix.)
 2009-09-18 21:13:04 +00:00
Steve Beattie
719bfd2011 Fix aclocal warning. 2009-05-12 21:58:54 +00:00
Steve Beattie
c3f9d75abe Submitted By: Mario Fetka (mario dot fetka at gmail dot com) 
Acked-By: Steve Beattie <steve@nxnw.org>

This patch allows libapparmor to be built out of tree.
 2009-05-12 21:56:56 +00:00
Steve Beattie
19ddb3bfa4 Testcases that are vaguely related to 
https://bugs.launchpad.net/bugs/340183
 2009-03-13 06:39:05 +00:00
Steve Beattie
0208c5b5d6 whitespace bah. 2009-03-13 06:38:16 +00:00
Steve Beattie
62372fe628 Tentative fix for https://bugs.launchpad.net/bugs/340183 2009-03-13 06:37:39 +00:00
Steve Beattie
a9ff89cd5d Testcase reorg: rename all the ones that pertain to the old logging 
style for clarity. Support for these should be dropped in the future,
because it just introduces bugs.
 2009-03-13 05:48:06 +00:00
Steve Beattie
1acfd92d8a * set yydebug when YYDEBUG is set, this will cause mucho bison debuginfo 
to be emitted.
* whitespace fixup
 2009-03-13 05:19:39 +00:00
Steve Beattie
e56ed9a68a From: Jesse Michael <jesse.michael@comcast.net> 
Acked-By: Steve Beattie <sbeattie@ubuntu.com>

The format of audit messages that are redirected to syslog because
auditd isn't running changed between Hardy and Intrepid and now have
the type=NNNN field before the audit tag like--

Nov 1 22:24:43 box kernel: [ 158.113592] type=1503
audit(1225603483.635:5): operation="inode_permission" requested_mask="r::"
denied_mask="r::" fsuid=7 name="/proc/7034/net/" pid=7034
profile="/usr/sbin/cupsd"

I believe this patch will address the moved type=NNNN field as well as
capturing non-matching logfile input instead of printing it to stdout.

Patch modified by Steve Beattie <sbeattie@ubuntu.com> to take into
account a couple of different situations.

https://bugs.launchpad.net/bugs/271252
https://bugzilla.novell.com/show_bug.cgi?id=441381
 2008-11-04 20:19:59 +00:00
Steve Beattie
e6e3447c19 More testcases around syslog parsing. 2008-11-04 17:42:25 +00:00
Steve Beattie
023fe19c6d Add a testcase for the passthrough of unparsed input to stdout as 
reported in https://bugs.launchpad.net/bugs/271252
 2008-11-03 19:39:34 +00:00
Steve Beattie
449abea6b5 Add a testcase for the syslog format change documented in LP#271252 2008-11-03 19:34:29 +00:00
Steve Beattie
f1de0575d1 Removing old-style log message testcase; sadly, it's unlikely that will 
ever support this message type in the log parsing library, given that
there shouldn't be much out there generating old style audit messages
anymore.
 2008-11-03 17:48:43 +00:00
Steve Beattie
5c9177fa81 Fixing missing testcase error file 2008-11-03 17:38:08 +00:00
Steve Beattie
6c526f081f Fix compiler warning in the test_multi test program. 2008-11-03 17:17:48 +00:00
John Johansen
7d30be5087 move libapparmor into the libraries directory 2008-05-19 22:48:31 +00:00