Hello, $subject.
"Everywhere" means aa-mergeprof and aa-cleanprof. In theory also
aa-logprof, but that needs some code that parses dbus log events ;-)
Also add some dbus rules to the aa-cleanprof test profiles to ensure
superfluous dbus rules get deleted.
[ 59-enable-DbusRule-everywhere.diff ]
--- utils/apparmor/aa.py 2015-12-26 16:24:40.246989550 +0100
+++ utils/apparmor/aa.py 2015-12-26 16:25:29.090656074 +0100
@@ -62,7 +62,7 @@
from apparmor.rule.signal import SignalRuleset, SignalRule
from apparmor.rule import parse_modifiers, quote_if_needed
-ruletypes = ['capability', 'change_profile', 'network', 'ptrace', 'rlimit',
'signal']
+ruletypes = ['capability', 'change_profile', 'dbus', 'network', 'ptrace',
'rlimit', 'signal']
from apparmor.yasti import SendDataToYast, GetDataFromYast, shutdown_yast
=== modified file ./utils/test/cleanprof_test.in
--- utils/test/cleanprof_test.in 2015-12-26 17:39:09.224196858 +0100
+++ utils/test/cleanprof_test.in 2015-12-26 21:16:59.623391061 +0100
@@ -22,6 +22,9 @@
ptrace tracedby,
unix (receive) type=dgram,
+ dbus send bus=session,
+ dbus send bus=session peer=(label=foo),
+
set rlimit nofile <= 256,
set rlimit nofile <= 64,
=== modified file ./utils/test/cleanprof_test.out
--- utils/test/cleanprof_test.out 2015-12-26 17:39:09.224196858 +0100
+++ utils/test/cleanprof_test.out 2015-12-26 18:13:19.051300600 +0100
@@ -12,6 +12,8 @@
network stream,
+ dbus send bus=session,
+
signal set=(abrt alrm bus chld fpe hup ill int kill pipe quit segv stkflt
term trap usr1 usr2),
ptrace tracedby,
Regards,
Christian Boltz
--
[tgz Datei entpacken] tar xzf <Archiv>
Für weitere Informationen lesen Sie bitte die Manpage oder Ihren Admin.
[Torsten Hallmann in suse-linux]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
