mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 01:57:43 +00:00
Code Issues Releases Wiki Activity
apparmor/parser
History
John Johansen 197d00d21a parser: add support for a generic all rule type 
Extend the policy syntax to have a rule that allows specifying all
permissions for all rule types.

  allow all,

This is useful for making blacklist based policy, but can also be
useful when combined with other rule prefixes, eg. to add audit
to all rules.

  audit access all,

Signed-off-by: John Johansen <john.johansen@canonical.com>
2023-09-07 01:30:15 -07:00
..
libapparmor_re
Merge parser: improve dfa generation
2023-07-11 02:26:10 +00:00
po
translations: update generated pot files
2020-10-14 03:56:38 -07:00
tst
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
aa-teardown
aa-teardown: Replace /bin/bash with /bin/sh
2018-05-05 17:46:19 -07:00
aa-teardown.pod
docs: update documentation to point bug reporting to gitlab
2020-05-05 00:10:53 -07:00
af_rule.cc
parser: consolidate rule class handling into aa_class
2023-03-31 02:21:19 -07:00
af_rule.h
parser: rework perms rule merging
2023-07-10 20:04:53 -07:00
af_unix.cc
parser: refactor network to use rule class as its base.
2023-09-07 00:12:51 -07:00
af_unix.h
parser: refactor network to use rule class as its base.
2023-09-07 00:12:51 -07:00
all_rule.cc
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
all_rule.h
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
apparmor_parser.pod
parser: fix --jobs so job scaling is applied correctly
2021-02-10 19:06:26 -08:00
apparmor_xattrs.pod
apparmor_xattrs.7: fix whatis entry
2020-10-25 11:54:47 +00:00
apparmor.d.pod
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
apparmor.pod
man: apparmor.7 add info about complain mode and kernel parameters
2021-03-15 15:24:43 -07:00
apparmor.service
Adjust cache paths in apparmor.service
2018-06-16 23:14:19 +02:00
apparmor.systemd
Make the systemd unit a no-op in containers with no internal policy
2022-02-12 10:23:39 +00:00
base_af_names.h
Add 'mctp' network domain keyword
2022-02-08 19:09:24 +01:00
base_cap_names.h
parser: Add support for CAP_CHECKPOINT_RESTORE
2020-10-13 21:30:19 -07:00
bignum.h
parser: track leading zeros required for ipv6 range regex generator
2023-09-07 00:13:52 -07:00
capability.h
parser/capability.h: add missing <cstdint> include
2022-05-23 23:13:14 +01:00
common_flags.h
parser: Cleanup parser control flags, so they display as expected to user
2023-07-08 19:58:59 -07:00
common_optarg.c
parser: Cleanup parser control flags, so they display as expected to user
2023-07-08 19:58:59 -07:00
common_optarg.h
parser: Cleanup parser control flags, so they display as expected to user
2023-07-08 19:58:59 -07:00
COPYING.GPL
rpmlint complains about an outdated FSF address in parser/COPYING.GPL.
2011-11-27 13:52:06 +01:00
dbus.cc
parser: cleanup and rework optimization and dump flag handling
2023-07-07 17:47:41 -07:00
dbus.h
parser: rework perms rule merging
2023-07-10 20:04:53 -07:00
default_features.c
parser: Move to a pre-generated cap_names.h
2020-07-07 09:43:48 -07:00
file_cache.h
Fix comment wording in file_cache.h
2021-05-02 11:29:41 +02:00
frob_slack_rc
as ACKed on IRC, drop the unused $Id$ tags everywhere
2010-12-20 12:29:10 -08:00
immunix.h
parser: int mode to perms
2023-03-29 10:45:44 -07:00
io_uring.cc
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
io_uring.h
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
lib.c
Fix comment typo in parser/lib.c
2021-12-05 18:16:53 +01:00
lib.h
libapparmor: Use directory file descriptor in _aa_dirat_for_each()
2015-06-15 15:11:51 -05:00
Makefile
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
mount.cc
parser: rework perms rule merging
2023-07-10 20:04:53 -07:00
mount.h
parser: add rule dedup of mount rules
2023-07-07 17:38:47 -07:00
mqueue.cc
parser: cleanup and rework optimization and dump flag handling
2023-07-07 17:47:41 -07:00
mqueue.h
parser: rework perms rule merging
2023-07-10 20:04:53 -07:00
network.cc
parser: add opt_cond in preparation to finer grained network mediation
2023-09-07 00:13:15 -07:00
network.h
parser: add opt_cond in preparation to finer grained network mediation
2023-09-07 00:13:15 -07:00
parser_alias.c
parser: make alias_ignore a bool
2023-03-31 02:17:28 -07:00
parser_common.c
parser: add kill.signal=XXX flag support
2023-08-25 10:16:51 -07:00
parser_include.c
parser: fix definitely and possibly lost memory leaks
2023-03-16 18:03:57 -03:00
parser_include.h
parser: add include dedup cache to handle include loops
2021-04-27 20:26:57 -07:00
parser_interface.c
parser: add kill.signal=XXX flag support
2023-08-25 10:16:51 -07:00
parser_lex.l
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
parser_main.c
parser: add kill.signal=XXX flag support
2023-08-25 10:16:51 -07:00
parser_merge.c
parser: Cleanup parser control flags, so they display as expected to user
2023-07-08 19:58:59 -07:00
parser_misc.c
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
parser_policy.c
parser: refactor network to use rule class as its base.
2023-09-07 00:12:51 -07:00
parser_regex.c
parser: track leading zeros required for ipv6 range regex generator
2023-09-07 00:13:52 -07:00
parser_symtab.c
treewide: spelling/typo fixes in code strings
2020-12-01 12:47:18 -08:00
parser_variable.c
parser: add support for attach_disconnected.path
2023-08-14 01:42:28 -07:00
parser_yacc.y
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
parser.conf
Revert "policy: pin policy to 4.0 abi for dev"
2023-07-19 17:37:24 -03:00
parser.h
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
policy_cache.c
Fix wording of some warnings
2020-10-11 12:22:23 +02:00
policy_cache.h
drop unused extern int debug_cache
2021-02-07 16:02:20 +01:00
policydb.h
parser: consolidate rule class handling into aa_class
2023-03-31 02:21:19 -07:00
profile-load
profile-load: use less ambiguous if/then construct
2022-02-15 07:34:17 +00:00
profile.cc
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
profile.h
parser: refactor network to use rule class as its base.
2023-09-07 00:12:51 -07:00
ptrace.cc
parser: cleanup and rework optimization and dump flag handling
2023-07-07 17:47:41 -07:00
ptrace.h
parser: rework perms rule merging
2023-07-10 20:04:53 -07:00
rc.apparmor.functions
rc.apparmor.functions: only use systemd-detect-virt if it's present
2022-07-06 06:41:35 +00:00
rc.apparmor.slackware
added missing functions to slackware init script
2019-11-08 13:49:48 +01:00
README
README: Move project contact info into the main README
2018-09-13 16:54:09 +00:00
README.devel
parser: add some developer documentation
2013-12-10 14:15:02 -08:00
rule.cc
parser: consolidate rule class handling into aa_class
2023-03-31 02:21:19 -07:00
rule.h
parser: add support for a generic all rule type
2023-09-07 01:30:15 -07:00
signal.cc
parser: add kill.signal=XXX flag support
2023-08-25 10:16:51 -07:00
signal.h
parser: add kill.signal=XXX flag support
2023-08-25 10:16:51 -07:00
techdoc.tex
treewide: spelling/typo fixes in comments and docs
2020-12-01 12:47:11 -08:00
unit_test.h
Convert codomain to a class
2013-09-27 16:16:37 -07:00
userns.cc
parser: cleanup and rework optimization and dump flag handling
2023-07-07 17:47:41 -07:00
userns.h
parser: add permission merging
2023-07-10 18:01:32 -03:00

README 

The apparmor_parser allows you to add, replace, and remove AppArmor
policy through the use of command line options. The default is to add.
`apparmor_parser --help` shows what the command line options are.

You can also find more information at https://wiki.apparmor.net

-- The AppArmor development team